siakapkeli.my Open in urlscan Pro
2a06:98c1:3120::3 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://siakapkeli.my/2022/09/01/bersalah-kes-rasuah-projek-solar-rosmah-dipenjara-30-tahun-denda-rm970-juta/
Submission: On September 01 via api (September 1st 2022, 8:52:29 am UTC) from US — Scanned from NL

Summary HTTP 290 Redirects Links 4 Behaviour Indicators

Summary

This website contacted 96 IPs in 11 countries across 79 domains to perform 290 HTTP transactions. The main IP is 2a06:98c1:3120::3, located in United States and belongs to CLOUDFLARENET, US. The main domain is siakapkeli.my. The Cisco Umbrella rank of the primary domain is 642726.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on June 6th 2022. Valid for: a year.

This is the only time siakapkeli.my was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
27	2a06:98c1:312... 2a06:98c1:3120::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2a00:1450:400... 2a00:1450:400e:800::200a	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6811:180e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a00:1450:400... 2a00:1450:4001:800::2008	15169 (GOOGLE) (GOOGLE)
18	2a00:1450:400... 2a00:1450:4001:830::2002	15169 (GOOGLE) (GOOGLE)
2	205.185.216.42 205.185.216.42	20446 (STACKPATH...) (STACKPATH-CDN)
1	103.253.144.208 103.253.144.208	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
2	2a04:4e42:400... 2a04:4e42:400::645	54113 (FASTLY) (FASTLY)
2	192.0.76.3 192.0.76.3	2635 (AUTOMATTIC) (AUTOMATTIC)
2	13.214.237.179 13.214.237.179	16509 (AMAZON-02) (AMAZON-02)
6	2a00:1450:400... 2a00:1450:4001:80e::2003	15169 (GOOGLE) (GOOGLE)
1	2a03:2880:f11... 2a03:2880:f11c:8183:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
2	2a04:fa87:fff... 2a04:fa87:fffe::c000:4902	2635 (AUTOMATTIC) (AUTOMATTIC)
2	2.21.184.200 2.21.184.200	16625 (AKAMAI-AS) (AKAMAI-AS)
1	95.101.27.38 95.101.27.38	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	2a00:1450:400... 2a00:1450:4001:80f::200e	15169 (GOOGLE) (GOOGLE)
1	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
2	23.106.127.48 23.106.127.48	59253 (LEASEWEB-...) (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd.)
1	2a00:1450:400... 2a00:1450:400c:c06::9a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80e::2002	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:810::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:828::2001	15169 (GOOGLE) (GOOGLE)
1	2a03:2880:f01... 2a03:2880:f01c:8012:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	2a04:4e42::485 2a04:4e42::485	54113 (FASTLY) (FASTLY)
2 4	37.252.172.37 37.252.172.37	29990 (ASN-APPNEX) (ASN-APPNEX)
1	34.107.148.139 34.107.148.139	15169 (GOOGLE) (GOOGLE)
5	54.220.224.183 54.220.224.183	16509 (AMAZON-02) (AMAZON-02)
1	54.93.35.187 54.93.35.187	16509 (AMAZON-02) (AMAZON-02)
1	2602:803:c004... 2602:803:c004:200::141	26667 (RUBICONPR...) (RUBICONPROJECT)
1	104.18.19.126 104.18.19.126	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	3.123.244.81 3.123.244.81	16509 (AMAZON-02) (AMAZON-02)
7	185.86.137.114 185.86.137.114	201081 (SMARTADSE...) (SMARTADSERVER)
3	35.244.159.8 35.244.159.8	15169 (GOOGLE) (GOOGLE)
1	178.250.2.131 178.250.2.131	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
8	3.68.178.222 3.68.178.222	16509 (AMAZON-02) (AMAZON-02)
1	185.64.189.112 185.64.189.112	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1 3	2606:4700:10:... 2606:4700:10::ac43:2682	13335 (CLOUDFLAR...) (CLOUDFLARENET)
12	2a00:1450:400... 2a00:1450:4001:801::2002	15169 (GOOGLE) (GOOGLE)
1	34.102.146.192 34.102.146.192	15169 (GOOGLE) (GOOGLE)
2	2406:2600:4::1 2406:2600:4::1	55569 (CRITEO-AS...) (CRITEO-AS-AP Criteo APAC)
1	34.209.30.241 34.209.30.241	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700:10:... 2606:4700:10::6816:3556	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	65.9.66.97 65.9.66.97	16509 (AMAZON-02) (AMAZON-02)
1	3.141.155.221 3.141.155.221	16509 (AMAZON-02) (AMAZON-02)
18	2a00:1450:400... 2a00:1450:4001:82f::2002	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:82b::2002	15169 (GOOGLE) (GOOGLE)
1 2	34.120.107.143 34.120.107.143	15169 (GOOGLE) (GOOGLE)
1	52.30.246.43 52.30.246.43	16509 (AMAZON-02) (AMAZON-02)
1	141.95.98.67 141.95.98.67	16276 (OVH) (OVH)
2	2600:9000:211... 2600:9000:211e:e400:3:bc0d:3a40:21	16509 (AMAZON-02) (AMAZON-02)
1	185.170.61.169 185.170.61.169	27381 (CASALE-MEDIA) (CASALE-MEDIA)
30	2a00:1450:400... 2a00:1450:4001:80e::2001	15169 (GOOGLE) (GOOGLE)
1 6	2a00:1450:400... 2a00:1450:4001:802::2004	15169 (GOOGLE) (GOOGLE)
4	34.95.69.49 34.95.69.49	15169 (GOOGLE) (GOOGLE)
2 16	104.18.18.126 104.18.18.126	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 3	2a02:fa8:8806... 2a02:fa8:8806:16::1370	41041 (VCLK-EU-SE) (VCLK-EU-SE)
3 3	103.229.206.241 103.229.206.241	30419 (MEDIAMATH...) (MEDIAMATH-INC)
2 15	142.250.185.162 142.250.185.162	15169 (GOOGLE) (GOOGLE)
1 1	169.50.137.184 169.50.137.184	36351 (SOFTLAYER) (SOFTLAYER)
1 1	85.114.159.118 85.114.159.118	24961 (MYLOC-AS ...) (MYLOC-AS IP Backbone of myLoc managed IT AG)
5 5	35.158.200.182 35.158.200.182	16509 (AMAZON-02) (AMAZON-02)
2 2	18.158.57.249 18.158.57.249	16509 (AMAZON-02) (AMAZON-02)
2	185.64.190.78 185.64.190.78	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1	185.86.139.104 185.86.139.104	201081 (SMARTADSE...) (SMARTADSERVER)
1	65.9.66.43 65.9.66.43	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:801::2003	15169 (GOOGLE) (GOOGLE)
3	52.223.40.198 52.223.40.198	16509 (AMAZON-02) (AMAZON-02)
3 5	52.46.128.147 52.46.128.147	16509 (AMAZON-02) (AMAZON-02)
1 1	23.23.202.74 23.23.202.74	14618 (AMAZON-AES) (AMAZON-AES)
1 1	54.247.81.92 54.247.81.92	16509 (AMAZON-02) (AMAZON-02)
1 1	185.183.112.155 185.183.112.155	60350 (VP) (VP)
2 3	23.75.246.168 23.75.246.168	16625 (AKAMAI-AS) (AKAMAI-AS)
3	2.21.184.247 2.21.184.247	16625 (AKAMAI-AS) (AKAMAI-AS)
1	85.91.44.123 85.91.44.123	27381 (CASALE-MEDIA) (CASALE-MEDIA)
1	2620:116:800d... 2620:116:800d:21:7eb1:3826:be7e:d981	16509 (AMAZON-02) (AMAZON-02)
2 2	3.121.84.223 3.121.84.223	16509 (AMAZON-02) (AMAZON-02)
1	35.227.252.103 35.227.252.103	15169 (GOOGLE) (GOOGLE)
2 3	69.173.144.139 69.173.144.139	26667 (RUBICONPR...) (RUBICONPROJECT)
1 1	2600:9000:205... 2600:9000:2057:2c00:1b:5138:8a40:93a1	16509 (AMAZON-02) (AMAZON-02)
2 4	2a02:2638::1c 2a02:2638::1c	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	37.252.172.123 37.252.172.123	29990 (ASN-APPNEX) (ASN-APPNEX)
1	2a05:d018:d29... 2a05:d018:d29:3602:364b:13fe:3893:404c	16509 (AMAZON-02) (AMAZON-02)
2 2	151.101.130.49 151.101.130.49	54113 (FASTLY) (FASTLY)
1	52.50.170.21 52.50.170.21	16509 (AMAZON-02) (AMAZON-02)
1 1	193.0.160.129 193.0.160.129	54312 (ROCKETFUEL) (ROCKETFUEL)
1 1	64.74.236.159 64.74.236.159	19024 (INTERNAP-...) (INTERNAP-BLK5)
1	63.251.232.165 63.251.232.165	32475 (SINGLEHOP...) (SINGLEHOP-LLC)
1	192.132.33.46 192.132.33.46	18568 (BIDTELLECT) (BIDTELLECT)
3	178.250.0.157 178.250.0.157	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	2a00:1450:400... 2a00:1450:4001:810::2006	15169 (GOOGLE) (GOOGLE)
1	143.204.215.42 143.204.215.42	16509 (AMAZON-02) (AMAZON-02)
1	143.204.215.89 143.204.215.89	16509 (AMAZON-02) (AMAZON-02)
1	13.32.99.110 13.32.99.110	16509 (AMAZON-02) (AMAZON-02)
1	130.211.115.4 130.211.115.4	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	2.18.235.93 2.18.235.93	() ()
1	151.101.129.108 151.101.129.108	() ()
1	104.17.120.107 104.17.120.107	() ()
2	92.123.9.160 92.123.9.160	() ()
1	13.248.245.213 13.248.245.213	() ()
1	66.155.71.149 66.155.71.149	() ()
1 2	3.126.56.137 3.126.56.137	() ()
1	37.157.3.28 37.157.3.28	() ()
2 2	188.42.191.196 188.42.191.196	() ()
1 1	2001:678:cb4:... 2001:678:cb4:bbbb::11	() ()
1 1	34.95.81.168 34.95.81.168	() ()
1	2606:4700:20:... 2606:4700:20::681a:ad1	() ()
1	54.77.35.16 54.77.35.16	() ()
1	2606:4700::68... 2606:4700::6812:d4c	() ()
4 4	69.173.144.138 69.173.144.138	() ()
1	2620:1ec:21::14 2620:1ec:21::14	() ()
1	2a00:1288:f03... 2a00:1288:f03d:1fa::4000	() ()
1	35.244.174.68 35.244.174.68	() ()
290	96

27 2a06:98c1:3120::3 (United States)

ASN13335 (CLOUDFLARENET, US)

siakapkeli.my	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:400e:800::200a (Ireland)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:800::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 205.185.216.42 (United States)

ASN20446 (STACKPATH-CDN, US)
PTR: map2.hwcdn.net

sk-bucket.sgp1.cdn.digitaloceanspaces.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 103.253.144.208 (Singapore)

ASN14061 (DIGITALOCEAN-ASN, US)
PTR: sgp1.digitaloceanspaces.com

sk-bucket.sgp1.digitaloceanspaces.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a04:4e42:400::645 (United States)

ASN54113 (FASTLY, US)

anymind360.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 192.0.76.3 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)

stats.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.214.237.179 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-214-237-179.ap-southeast-1.compute.amazonaws.com

xhr.invl.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:80e::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f11c:8183:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a04:fa87:fffe::c000:4902 (Ireland)

ASN2635 (AUTOMATTIC, US)

secure.gravatar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2.21.184.200 (Vienna, Austria)

ASN16625 (AKAMAI-AS, US)
PTR: a2-21-184-200.deploy.static.akamaitechnologies.com

ads.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 95.101.27.38 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a95-101-27-38.deploy.static.akamaitechnologies.com

ced.sascdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.106.127.48 (Singapore, Singapore)

ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG)

adnetwork.adasiaholdings.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c06::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.nl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:828::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

f4f5f5dd83b6f4fca4ebb5cce3cd0739.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f01c:8012:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

static.xx.fbcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42::485 (United States)

ASN54113 (FASTLY, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 37.252.172.37 (Frankfurt am Main, Germany) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 691.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.107.148.139 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 139.148.107.34.bc.googleusercontent.com

prebid.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 54.220.224.183 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-220-224-183.eu-west-1.compute.amazonaws.com

prebid.ad.smaato.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.93.35.187 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-93-35-187.eu-central-1.compute.amazonaws.com

hb.emxdgt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2602:803:c004:200::141 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

fastlane.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.18.19.126 (None, )

ASN13335 (CLOUDFLARENET, US)

htlb.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.123.244.81 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-123-244-81.eu-central-1.compute.amazonaws.com

tlx.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 185.86.137.114 (France)

ASN201081 (SMARTADSERVER, FR)

prg-apac.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.244.159.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com

adasia-d.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
google-bidout-d.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.2.131 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
PTR: bidder.am5.vip.prod.criteo.com

bidder.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 3.68.178.222 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-68-178-222.eu-central-1.compute.amazonaws.com

d.vidoomy.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
a-prebid.vidoomy.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
a.vidoomy.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.189.112 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

hbopenbid.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:10::ac43:2682 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

tag.adbro.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.adbro.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2a00:1450:4001:801::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.nl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.102.146.192 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 192.146.102.34.bc.googleusercontent.com

oa.openxcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2406:2600:4::1 (Japan)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.209.30.241 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-209-30-241.us-west-2.compute.amazonaws.com

id.sharedid.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::6816:3556 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.9.66.97 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-66-97.fra56.r.cloudfront.net

tags.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.141.155.221 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-141-155-221.us-east-2.compute.amazonaws.com

prod.uidapi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.120.107.143 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 143.107.120.34.bc.googleusercontent.com

oajs.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.30.246.43 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-30-246-43.eu-west-1.compute.amazonaws.com

bcp.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 141.95.98.67 (France)

ASN16276 (OVH, FR)
PTR: ns3216533.ip-141-95-98.eu

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:211e:e400:3:bc0d:3a40:21 (United States)

ASN16509 (AMAZON-02, US)

d2q8xv8xf7whrd.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.170.61.169 (Canada)

ASN27381 (CASALE-MEDIA, CA)

a3268.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

30 2a00:1450:4001:80e::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:802::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 34.95.69.49 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 49.69.95.34.bc.googleusercontent.com

i.clean.gg	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 104.18.18.126 (None, ) 2 redirects

ASN13335 (CLOUDFLARENET, US)

ssum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
r.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
dsum.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a02:fa8:8806:16::1370 (Singapore) 1 redirects

ASN41041 (VCLK-EU-SE, US)

dclk-match.dotomi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
casale-match.dotomi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 103.229.206.241 (Singapore) 3 redirects

ASN30419 (MEDIAMATH-INC, US)

sync.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 142.250.185.162 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 169.50.137.184 (United States) 1 redirects

ASN36351 (SOFTLAYER, US)
PTR: b8.89.32a9.ip4.static.sl-reverse.com

um.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 85.114.159.118 (Waldshut-Tiengen, Germany) 1 redirects

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: dsp.adfarm1.adition.com

dsp.adfarm1.adition.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 35.158.200.182 (Frankfurt am Main, Germany) 5 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-35-158-200-182.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.158.57.249 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-158-57-249.eu-central-1.compute.amazonaws.com

a.sportradarserving.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.64.190.78 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.86.139.104 (France)

ASN201081 (SMARTADSERVER, FR)

ssbsync.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.9.66.43 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-66-43.fra56.r.cloudfront.net

cnt.trvdp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:801::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.223.40.198 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 52.46.128.147 (Ashburn, United States) 3 redirects

ASN16509 (AMAZON-02, US)

s.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.23.202.74 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-23-23-202-74.compute-1.amazonaws.com

nep.advangelists.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.247.81.92 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-247-81-92.eu-west-1.compute.amazonaws.com

d.adroll.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.183.112.155 (Paris, France) 1 redirects

ASN60350 (VP, FR)

sync.adotmob.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 23.75.246.168 (Frankfurt am Main, Germany) 2 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a23-75-246-168.deploy.static.akamaitechnologies.com

px.owneriq.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2.21.184.247 (Vienna, Austria)

ASN16625 (AKAMAI-AS, US)
PTR: a2-21-184-247.deploy.static.akamaitechnologies.com

js-sec.indexww.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 85.91.44.123 (Canada)

ASN27381 (CASALE-MEDIA, CA)

a3281.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:116:800d:21:7eb1:3826:be7e:d981 (United States)

ASN16509 (AMAZON-02, US)

cms.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.121.84.223 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-121-84-223.eu-central-1.compute.amazonaws.com

pm.w55c.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.227.252.103 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 103.252.227.35.bc.googleusercontent.com

rtb.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 69.173.144.139 (Frankfurt am Main, Germany) 2 redirects

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2057:2c00:1b:5138:8a40:93a1 (United States) 1 redirects

ASN16509 (AMAZON-02, US)

s.ad.smaato.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a02:2638::1c (France) 2 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.252.172.123 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a05:d018:d29:3602:364b:13fe:3893:404c (Dublin, Ireland)

ASN16509 (AMAZON-02, US)

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.130.49 (United States) 2 redirects

ASN54113 (FASTLY, US)

sync-tm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.50.170.21 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-50-170-21.eu-west-1.compute.amazonaws.com

match.prod.bidr.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 193.0.160.129 (United States) 1 redirects

ASN54312 (ROCKETFUEL, US)

p.rfihub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 64.74.236.159 (United States) 1 redirects

ASN19024 (INTERNAP-BLK5, US)
PTR: chi.outbrain.com

b1sync.zemanta.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 63.251.232.165 (United States)

ASN32475 (SINGLEHOP-LLC, US)

cm.adgrx.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.132.33.46 (United States)

ASN18568 (BIDTELLECT, US)
PTR: 46.bidtellect.com

bttrack.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 178.250.0.157 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

mug.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.215.42 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-215-42.fra53.r.cloudfront.net

go.trvdp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.215.89 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-215-89.fra53.r.cloudfront.net

stg.truvidplayer.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.32.99.110 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-99-110.fra60.r.cloudfront.net

s.trvdp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 130.211.115.4 (Council Bluffs, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 4.115.211.130.bc.googleusercontent.com

data.ad-score.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.18.235.93 (None, )

ASN- ()

contextual.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.129.108 (None, )

ASN- ()

acdn.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.17.120.107 (None, )

ASN- ()

biddr.brealtime.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 92.123.9.160 (None, )

ASN- ()

eus.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.248.245.213 (None, )

ASN- ()

eb2.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 66.155.71.149 (None, )

ASN- ()

pixel-sync.sitescout.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.126.56.137 (None, ) 1 redirects

ASN- ()

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 37.157.3.28 (None, )

ASN- ()

cm.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 188.42.191.196 (None, ) 2 redirects

ASN- ()

ads.betweendigital.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:678:cb4:bbbb::11 (None, ) 1 redirects

ASN- ()

ad.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.95.81.168 (None, ) 1 redirects

ASN- ()

euexchangesync.digitaleast.mobi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::681a:ad1 (None, )

ASN- ()

ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.77.35.16 (None, )

ASN- ()

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:d4c (None, )

ASN- ()

cdn.indexww.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 69.173.144.138 (None, ) 4 redirects

ASN- ()

token.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:21::14 (None, )

ASN- ()

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1288:f03d:1fa::4000 (None, )

ASN- ()

ads.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.244.174.68 (None, )

ASN- ()

id.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
51	googlesyndication.com f4f5f5dd83b6f4fca4ebb5cce3cd0739.safeframe.googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 112 tpc.googlesyndication.com — Cisco Umbrella Rank: 145	532 KB
44	doubleclick.net 2 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 184 stats.g.doubleclick.net — Cisco Umbrella Rank: 85 googleads.g.doubleclick.net — Cisco Umbrella Rank: 44 cm.g.doubleclick.net — Cisco Umbrella Rank: 210	311 KB
27	siakapkeli.my siakapkeli.my — Cisco Umbrella Rank: 642726	285 KB
19	casalemedia.com 2 redirects htlb.casalemedia.com — Cisco Umbrella Rank: 500 a3268.casalemedia.com — Cisco Umbrella Rank: 590317 ssum-sec.casalemedia.com — Cisco Umbrella Rank: 430 r.casalemedia.com — Cisco Umbrella Rank: 813 dsum-sec.casalemedia.com — Cisco Umbrella Rank: 515 a3281.casalemedia.com — Cisco Umbrella Rank: 719482 dsum.casalemedia.com	17 KB
10	rubiconproject.com 6 redirects fastlane.rubiconproject.com — Cisco Umbrella Rank: 476 pixel.rubiconproject.com — Cisco Umbrella Rank: 319 eus.rubiconproject.com token.rubiconproject.com	16 KB
9	google.com 1 redirects adservice.google.com — Cisco Umbrella Rank: 78 www.google.com — Cisco Umbrella Rank: 2	2 KB
8	vidoomy.com d.vidoomy.com — Cisco Umbrella Rank: 10224 a-prebid.vidoomy.com a.vidoomy.com	2 KB
8	criteo.com 2 redirects bidder.criteo.com — Cisco Umbrella Rank: 742 gum.criteo.com — Cisco Umbrella Rank: 387 mug.criteo.com — Cisco Umbrella Rank: 2794	9 KB
8	smartadserver.com prg-apac.smartadserver.com — Cisco Umbrella Rank: 14289 ssbsync.smartadserver.com — Cisco Umbrella Rank: 875	4 KB
7	adnxs.com 2 redirects ib.adnxs.com — Cisco Umbrella Rank: 225 secure.adnxs.com — Cisco Umbrella Rank: 435 acdn.adnxs.com	21 KB
7	gstatic.com fonts.gstatic.com www.gstatic.com	135 KB
6	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 192	263 KB
6	openx.net 1 redirects adasia-d.openx.net — Cisco Umbrella Rank: 33080 oajs.openx.net — Cisco Umbrella Rank: 2886 google-bidout-d.openx.net — Cisco Umbrella Rank: 2797 rtb.openx.net — Cisco Umbrella Rank: 1493 u.openx.net	1 KB
6	smaato.net 1 redirects prebid.ad.smaato.net — Cisco Umbrella Rank: 3420 s.ad.smaato.net — Cisco Umbrella Rank: 690	2 KB
5	amazon-adsystem.com 3 redirects s.amazon-adsystem.com — Cisco Umbrella Rank: 269	4 KB
5	bidswitch.net 5 redirects x.bidswitch.net — Cisco Umbrella Rank: 288	3 KB
5	pubmatic.com ads.pubmatic.com — Cisco Umbrella Rank: 448 hbopenbid.pubmatic.com — Cisco Umbrella Rank: 442 image6.pubmatic.com — Cisco Umbrella Rank: 606	82 KB
4	yahoo.com 1 redirects pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 468 ups.analytics.yahoo.com ads.yahoo.com	2 KB
4	indexww.com js-sec.indexww.com — Cisco Umbrella Rank: 605 cdn.indexww.com	3 KB
4	clean.gg i.clean.gg — Cisco Umbrella Rank: 1380	30 B
4	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 43	3 KB
3	owneriq.net 2 redirects px.owneriq.net — Cisco Umbrella Rank: 949	1 KB
3	adsrvr.org match.adsrvr.org — Cisco Umbrella Rank: 336	917 B
3	trvdp.com cnt.trvdp.com — Cisco Umbrella Rank: 47883 go.trvdp.com — Cisco Umbrella Rank: 42532 s.trvdp.com — Cisco Umbrella Rank: 42181	204 KB
3	mathtag.com 3 redirects sync.mathtag.com — Cisco Umbrella Rank: 452	2 KB
3	dotomi.com 1 redirects dclk-match.dotomi.com — Cisco Umbrella Rank: 2704 casale-match.dotomi.com	393 B
3	adbro.me 1 redirects tag.adbro.me — Cisco Umbrella Rank: 26904 cdn.adbro.me — Cisco Umbrella Rank: 29266	32 KB
3	google.nl adservice.google.nl — Cisco Umbrella Rank: 14442	1 KB
3	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 37 region1.google-analytics.com — Cisco Umbrella Rank: 3463	20 KB
3	digitaloceanspaces.com sk-bucket.sgp1.cdn.digitaloceanspaces.com — Cisco Umbrella Rank: 854033 sk-bucket.sgp1.digitaloceanspaces.com	79 KB
3	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 66	185 KB
2	betweendigital.com 2 redirects ads.betweendigital.com	1 KB
2	everesttech.net 2 redirects sync-tm.everesttech.net — Cisco Umbrella Rank: 566	645 B
2	w55c.net 2 redirects pm.w55c.net — Cisco Umbrella Rank: 736	2 KB
2	sportradarserving.com 2 redirects a.sportradarserving.com — Cisco Umbrella Rank: 2329	1 KB
2	cloudfront.net d2q8xv8xf7whrd.cloudfront.net	83 KB
2	crwdcntrl.net tags.crwdcntrl.net — Cisco Umbrella Rank: 1206 bcp.crwdcntrl.net — Cisco Umbrella Rank: 805	10 KB
2	id5-sync.com cdn.id5-sync.com — Cisco Umbrella Rank: 1167 id5-sync.com — Cisco Umbrella Rank: 471	14 KB
2	criteo.net static.criteo.net — Cisco Umbrella Rank: 658	41 KB
2	3lift.com tlx.3lift.com — Cisco Umbrella Rank: 552 eb2.3lift.com	646 B
2	media.net prebid.media.net — Cisco Umbrella Rank: 1082 contextual.media.net	9 KB
2	adasiaholdings.com adnetwork.adasiaholdings.com — Cisco Umbrella Rank: 67490	657 B
2	gravatar.com secure.gravatar.com — Cisco Umbrella Rank: 1621	21 KB
2	invl.co xhr.invl.co — Cisco Umbrella Rank: 123759	5 KB
2	wp.com stats.wp.com — Cisco Umbrella Rank: 2517 pixel.wp.com — Cisco Umbrella Rank: 2428	3 KB
2	anymind360.com anymind360.com — Cisco Umbrella Rank: 19551	159 KB
1	rlcdn.com id.rlcdn.com	98 B
1	linkedin.com px.ads.linkedin.com	707 B
1	demdex.net dpm.demdex.net
1	ad4m.at ad4m.at
1	digitaleast.mobi 1 redirects euexchangesync.digitaleast.mobi	270 B
1	turn.com 1 redirects ad.turn.com	425 B
1	adform.net cm.adform.net	106 B
1	sitescout.com pixel-sync.sitescout.com	191 B
1	brealtime.com biddr.brealtime.com	1 KB
1	ad-score.com data.ad-score.com — Cisco Umbrella Rank: 3793	722 B
1	truvidplayer.com stg.truvidplayer.com — Cisco Umbrella Rank: 37156	2 KB
1	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 264	63 KB
1	bttrack.com bttrack.com — Cisco Umbrella Rank: 717	263 B
1	adgrx.com cm.adgrx.com — Cisco Umbrella Rank: 1425	408 B
1	zemanta.com 1 redirects b1sync.zemanta.com — Cisco Umbrella Rank: 558	317 B
1	rfihub.com 1 redirects p.rfihub.com — Cisco Umbrella Rank: 699	759 B
1	bidr.io match.prod.bidr.io — Cisco Umbrella Rank: 501	430 B
1	quantserve.com cms.quantserve.com — Cisco Umbrella Rank: 1015	463 B
1	adotmob.com 1 redirects sync.adotmob.com — Cisco Umbrella Rank: 1348	307 B
1	adroll.com 1 redirects d.adroll.com — Cisco Umbrella Rank: 1428	112 B
1	advangelists.com 1 redirects nep.advangelists.com — Cisco Umbrella Rank: 2306	232 B
1	adition.com 1 redirects dsp.adfarm1.adition.com — Cisco Umbrella Rank: 1574	586 B
1	simpli.fi 1 redirects um.simpli.fi — Cisco Umbrella Rank: 849	710 B
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 872	647 B
1	uidapi.com prod.uidapi.com — Cisco Umbrella Rank: 3102	5 KB
1	sharedid.org id.sharedid.org — Cisco Umbrella Rank: 3410	904 B
1	openxcdn.net oa.openxcdn.net — Cisco Umbrella Rank: 3058	8 KB
1	emxdgt.com hb.emxdgt.com — Cisco Umbrella Rank: 2390	158 B
1	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 384	1 KB
1	fbcdn.net static.xx.fbcdn.net — Cisco Umbrella Rank: 707	5 KB
1	sascdn.com ced.sascdn.com — Cisco Umbrella Rank: 10660	32 KB
1	facebook.com www.facebook.com — Cisco Umbrella Rank: 113	9 KB
1	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 212	1 KB
290	79

	Domain	Requested by
30	tpc.googlesyndication.com	f4f5f5dd83b6f4fca4ebb5cce3cd0739.safeframe.googlesyndication.com pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com siakapkeli.my securepubads.g.doubleclick.net
27	siakapkeli.my	siakapkeli.my
18	pagead2.googlesyndication.com	securepubads.g.doubleclick.net pagead2.googlesyndication.com f4f5f5dd83b6f4fca4ebb5cce3cd0739.safeframe.googlesyndication.com tpc.googlesyndication.com siakapkeli.my googleads.g.doubleclick.net www.googletagservices.com
18	securepubads.g.doubleclick.net	siakapkeli.my securepubads.g.doubleclick.net www.googletagservices.com
15	cm.g.doubleclick.net	2 redirects siakapkeli.my f4f5f5dd83b6f4fca4ebb5cce3cd0739.safeframe.googlesyndication.com r.casalemedia.com
11	dsum-sec.casalemedia.com	1 redirects r.casalemedia.com ssum-sec.casalemedia.com
10	googleads.g.doubleclick.net	pagead2.googlesyndication.com f4f5f5dd83b6f4fca4ebb5cce3cd0739.safeframe.googlesyndication.com d2q8xv8xf7whrd.cloudfront.net googleads.g.doubleclick.net
7	prg-apac.smartadserver.com	anymind360.com
6	www.google.com	1 redirects f4f5f5dd83b6f4fca4ebb5cce3cd0739.safeframe.googlesyndication.com tpc.googlesyndication.com googleads.g.doubleclick.net
6	www.googletagservices.com	securepubads.g.doubleclick.net f4f5f5dd83b6f4fca4ebb5cce3cd0739.safeframe.googlesyndication.com googleads.g.doubleclick.net
6	fonts.gstatic.com	fonts.googleapis.com
5	s.amazon-adsystem.com	3 redirects r.casalemedia.com
5	x.bidswitch.net	5 redirects
5	d.vidoomy.com	anymind360.com
5	prebid.ad.smaato.net	anymind360.com
4	token.rubiconproject.com	4 redirects
4	gum.criteo.com	2 redirects static.criteo.net
4	i.clean.gg	d2q8xv8xf7whrd.cloudfront.net
4	ib.adnxs.com	2 redirects anymind360.com acdn.adnxs.com
4	fonts.googleapis.com	siakapkeli.my googleads.g.doubleclick.net
3	mug.criteo.com	siakapkeli.my
3	pixel.rubiconproject.com	2 redirects
3	js-sec.indexww.com	r.casalemedia.com ssum-sec.casalemedia.com anymind360.com
3	px.owneriq.net	2 redirects r.casalemedia.com
3	match.adsrvr.org	r.casalemedia.com ads.pubmatic.com
3	sync.mathtag.com	3 redirects
3	ssum-sec.casalemedia.com	1 redirects f4f5f5dd83b6f4fca4ebb5cce3cd0739.safeframe.googlesyndication.com js-sec.indexww.com
3	f4f5f5dd83b6f4fca4ebb5cce3cd0739.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
3	adservice.google.com	securepubads.g.doubleclick.net pagead2.googlesyndication.com
3	adservice.google.nl	securepubads.g.doubleclick.net pagead2.googlesyndication.com
3	www.googletagmanager.com	siakapkeli.my www.googletagmanager.com
2	ads.betweendigital.com	2 redirects
2	a-prebid.vidoomy.com
2	ups.analytics.yahoo.com	1 redirects ssum-sec.casalemedia.com
2	eus.rubiconproject.com	anymind360.com eus.rubiconproject.com
2	sync-tm.everesttech.net	2 redirects
2	secure.adnxs.com	ssum-sec.casalemedia.com
2	pm.w55c.net	2 redirects
2	image6.pubmatic.com	f4f5f5dd83b6f4fca4ebb5cce3cd0739.safeframe.googlesyndication.com ads.pubmatic.com
2	a.sportradarserving.com	2 redirects
2	dclk-match.dotomi.com	f4f5f5dd83b6f4fca4ebb5cce3cd0739.safeframe.googlesyndication.com
2	d2q8xv8xf7whrd.cloudfront.net	f4f5f5dd83b6f4fca4ebb5cce3cd0739.safeframe.googlesyndication.com
2	oajs.openx.net	1 redirects siakapkeli.my
2	static.criteo.net	securepubads.g.doubleclick.net anymind360.com
2	tag.adbro.me	1 redirects siakapkeli.my
2	adnetwork.adasiaholdings.com	ced.sascdn.com
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	ads.pubmatic.com	anymind360.com
2	secure.gravatar.com	siakapkeli.my
2	xhr.invl.co	siakapkeli.my
2	anymind360.com	siakapkeli.my anymind360.com
2	sk-bucket.sgp1.cdn.digitaloceanspaces.com	siakapkeli.my
1	id.rlcdn.com
1	ads.yahoo.com
1	px.ads.linkedin.com
1	cdn.indexww.com	ssum-sec.casalemedia.com
1	dpm.demdex.net	ssum-sec.casalemedia.com
1	ad4m.at	ssum-sec.casalemedia.com
1	euexchangesync.digitaleast.mobi	1 redirects
1	dsum.casalemedia.com	ssum-sec.casalemedia.com
1	casale-match.dotomi.com	1 redirects
1	ad.turn.com	1 redirects
1	a.vidoomy.com
1	cm.adform.net
1	pixel-sync.sitescout.com
1	u.openx.net	anymind360.com
1	eb2.3lift.com	anymind360.com
1	biddr.brealtime.com	anymind360.com
1	acdn.adnxs.com	anymind360.com
1	contextual.media.net	anymind360.com
1	data.ad-score.com	s.trvdp.com
1	s.trvdp.com	go.trvdp.com
1	stg.truvidplayer.com	go.trvdp.com
1	go.trvdp.com	cnt.trvdp.com
1	s0.2mdn.net	tpc.googlesyndication.com
1	bttrack.com	ssum-sec.casalemedia.com
1	cm.adgrx.com	ssum-sec.casalemedia.com
1	b1sync.zemanta.com	1 redirects
1	p.rfihub.com	1 redirects
1	match.prod.bidr.io	ssum-sec.casalemedia.com
1	pr-bh.ybp.yahoo.com	ssum-sec.casalemedia.com
1	s.ad.smaato.net	1 redirects
1	rtb.openx.net	f4f5f5dd83b6f4fca4ebb5cce3cd0739.safeframe.googlesyndication.com
1	cms.quantserve.com	f4f5f5dd83b6f4fca4ebb5cce3cd0739.safeframe.googlesyndication.com
1	a3281.casalemedia.com	f4f5f5dd83b6f4fca4ebb5cce3cd0739.safeframe.googlesyndication.com
1	sync.adotmob.com	1 redirects
1	d.adroll.com	1 redirects
1	nep.advangelists.com	1 redirects
1	www.gstatic.com	googleads.g.doubleclick.net
1	cnt.trvdp.com	securepubads.g.doubleclick.net
1	ssbsync.smartadserver.com	f4f5f5dd83b6f4fca4ebb5cce3cd0739.safeframe.googlesyndication.com
1	dsp.adfarm1.adition.com	1 redirects
1	um.simpli.fi	1 redirects
1	r.casalemedia.com	f4f5f5dd83b6f4fca4ebb5cce3cd0739.safeframe.googlesyndication.com
1	a3268.casalemedia.com	f4f5f5dd83b6f4fca4ebb5cce3cd0739.safeframe.googlesyndication.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	google-bidout-d.openx.net	oa.openxcdn.net
1	id5-sync.com	cdn.id5-sync.com
1	bcp.crwdcntrl.net	tags.crwdcntrl.net
1	prod.uidapi.com	securepubads.g.doubleclick.net
1	tags.crwdcntrl.net	securepubads.g.doubleclick.net
1	cdn.id5-sync.com	securepubads.g.doubleclick.net
1	id.sharedid.org	securepubads.g.doubleclick.net
1	oa.openxcdn.net	securepubads.g.doubleclick.net
1	cdn.adbro.me	siakapkeli.my
1	pixel.wp.com	siakapkeli.my
1	hbopenbid.pubmatic.com	anymind360.com
1	bidder.criteo.com	anymind360.com
1	adasia-d.openx.net	anymind360.com
1	tlx.3lift.com	anymind360.com
1	htlb.casalemedia.com	anymind360.com
1	fastlane.rubiconproject.com	anymind360.com
1	hb.emxdgt.com	anymind360.com
1	prebid.media.net	anymind360.com
1	cdn.jsdelivr.net	anymind360.com
1	static.xx.fbcdn.net	www.facebook.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	region1.google-analytics.com	www.googletagmanager.com
1	ced.sascdn.com	siakapkeli.my
1	www.facebook.com	siakapkeli.my
1	stats.wp.com	siakapkeli.my
1	sk-bucket.sgp1.digitaloceanspaces.com	siakapkeli.my
1	cdnjs.cloudflare.com	siakapkeli.my
290	123

This site contains links to these domains. Also see Links.

Domain
en.siakapkeli.my
www.youtube.com
maharsuri.com

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-06-06` - `2023-06-05`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2022-08-15` - `2022-11-07`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-08-15` - `2022-11-07`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-08-15` - `2022-11-07`	3 months	crt.sh
*.sgp1.cdn.digitaloceanspaces.com DigiCert TLS RSA SHA256 2020 CA1	`2022-04-15` - `2023-05-02`	a year	crt.sh
*.sgp1.digitaloceanspaces.com DigiCert TLS RSA SHA256 2020 CA1	`2021-11-23` - `2022-12-16`	a year	crt.sh
anymind360.com R3	`2022-08-31` - `2022-11-29`	3 months	crt.sh
*.wp.com Sectigo RSA Domain Validation Secure Server CA	`2022-06-11` - `2023-07-12`	a year	crt.sh
*.invl.co Amazon	`2022-05-01` - `2023-05-30`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2022-08-15` - `2022-11-07`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2022-06-10` - `2022-09-08`	3 months	crt.sh
*.gravatar.com Sectigo RSA Domain Validation Secure Server CA	`2020-08-14` - `2022-11-16`	2 years	crt.sh
*.pubmatic.com DigiCert SHA2 Secure Server CA	`2022-02-04` - `2023-02-03`	a year	crt.sh
*.sascdn.com DigiCert SHA2 Secure Server CA	`2021-09-13` - `2022-09-13`	a year	crt.sh
*.adasiaholdings.com Go Daddy Secure Certificate Authority - G2	`2022-05-15` - `2023-05-13`	a year	crt.sh
*.google.nl GTS CA 1C3	`2022-08-15` - `2022-11-07`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-08-08` - `2022-10-31`	3 months	crt.sh
jsdelivr.net GlobalSign Atlas R3 DV TLS CA 2022 Q1	`2022-03-21` - `2023-04-22`	a year	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2022-02-11` - `2023-03-14`	a year	crt.sh
*.media.net Sectigo RSA Domain Validation Secure Server CA	`2022-04-06` - `2023-05-04`	a year	crt.sh
smaato.net Sectigo ECC Organization Validation Secure Server CA	`2020-07-28` - `2022-10-04`	2 years	crt.sh
*.emxdgt.com Amazon	`2022-06-02` - `2023-07-01`	a year	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2022-03-08` - `2023-04-04`	a year	crt.sh
*.3lift.com Amazon	`2022-05-13` - `2023-06-11`	a year	crt.sh
*.smartadserver.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-01-25` - `2023-01-25`	a year	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2022-07-21` - `2023-08-21`	a year	crt.sh
*.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-08-27` - `2022-11-22`	3 months	crt.sh
*.vidoomy.com Sectigo RSA Domain Validation Secure Server CA	`2021-08-06` - `2022-09-05`	a year	crt.sh
oa.openxcdn.net GTS CA 1D4	`2022-08-09` - `2022-11-07`	3 months	crt.sh
*.criteo.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-09-01` - `2022-11-30`	3 months	crt.sh
id.sharedid.org Amazon	`2021-12-09` - `2023-01-06`	a year	crt.sh
*.crwdcntrl.net Go Daddy Secure Certificate Authority - G2	`2022-05-01` - `2023-06-02`	a year	crt.sh
*.uidapi.com Amazon	`2022-02-10` - `2023-03-11`	a year	crt.sh
*.id5-sync.com R3	`2022-08-18` - `2022-11-16`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2022-08-08` - `2022-10-31`	3 months	crt.sh
*.cloudfront.net Amazon	`2022-02-01` - `2023-01-31`	a year	crt.sh
casalemedia.com Go Daddy Secure Certificate Authority - G2	`2022-01-15` - `2023-01-13`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-08-15` - `2022-11-07`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-08-08` - `2022-10-31`	3 months	crt.sh
i.clean.gg GTS CA 1D4	`2022-08-07` - `2022-11-05`	3 months	crt.sh
*.dotomi.com GlobalSign RSA OV SSL CA 2018	`2022-08-09` - `2023-09-10`	a year	crt.sh
*.trvdp.com Amazon	`2022-08-25` - `2023-09-23`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2022-03-31` - `2023-05-02`	a year	crt.sh
san.casalemedia.com GeoTrust RSA CA 2018	`2021-12-12` - `2022-12-13`	a year	crt.sh
*.quantserve.com DigiCert TLS RSA SHA256 2020 CA1	`2021-09-22` - `2022-09-21`	a year	crt.sh
*.ybp.yahoo.com DigiCert SHA2 High Assurance Server CA	`2022-06-14` - `2022-12-07`	6 months	crt.sh
*.match.prod.bidr.io Amazon	`2022-01-27` - `2023-02-25`	a year	crt.sh
public1.adgear.com Sectigo RSA Domain Validation Secure Server CA	`2022-03-01` - `2023-03-28`	a year	crt.sh
*.bttrack.com Sectigo RSA Domain Validation Secure Server CA	`2022-03-21` - `2023-04-20`	a year	crt.sh
*.doubleclick.net GTS CA 1C3	`2022-08-08` - `2022-10-31`	3 months	crt.sh
*.truvidplayer.com Amazon	`2022-02-07` - `2023-03-07`	a year	crt.sh
*.ad-score.com Go Daddy Secure Certificate Authority - G2	`2021-09-02` - `2022-10-04`	a year	crt.sh
cdn.adnxs.com GeoTrust TLS RSA CA G1	`2022-03-11` - `2023-04-11`	a year	crt.sh
*.brealtime.com Go Daddy Secure Certificate Authority - G2	`2022-01-21` - `2023-02-22`	a year	crt.sh
*.sitescout.com GeoTrust TLS DV RSA Mixed SHA256 2020 CA-1	`2021-12-15` - `2023-01-15`	a year	crt.sh
*.adform.net DigiCert TLS RSA SHA256 2020 CA1	`2022-05-18` - `2023-06-16`	a year	crt.sh
ups.analytics.yahoo.com DigiCert SHA2 High Assurance Server CA	`2022-08-24` - `2023-02-15`	6 months	crt.sh
*.demdex.net DigiCert TLS RSA SHA256 2020 CA1	`2021-10-19` - `2022-11-19`	a year	crt.sh
*.rlcdn.com Sectigo RSA Domain Validation Secure Server CA	`2022-02-03` - `2023-02-25`	a year	crt.sh

This page contains 34 frames:

Primary Page: https://siakapkeli.my/2022/09/01/bersalah-kes-rasuah-projek-solar-rosmah-dipenjara-30-tahun-denda-rm970-juta/
Frame ID: 592EE086FA310BEA4D5F890DF8E34E60
Requests: 123 HTTP requests in this frame

Frame: https://www.facebook.com/plugins/post.php?href=https%3A%2F%2Fwww.facebook.com%2Fsiakapkelipress%2Fposts%2Fpfbid024vjxTLxnsuzKTnDgub637qVNDuC658dM2RS36mhK2LbvmgYq78vJ5M3q7uBjLEpl&show_text=true&width=500
Frame ID: 3EEF8053ED5387E4D3E9509F9624F985
Requests: 2 HTTP requests in this frame

Frame: https://f4f5f5dd83b6f4fca4ebb5cce3cd0739.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 4F4FBFBF3E996779415A49D0D804BFE8
Requests: 1 HTTP requests in this frame

Frame: https://siakapkeli.my/cdn-cgi/challenge-platform/h/b/scripts/alpha/invisible.js?ts=1662019200
Frame ID: B4E648A26619EA760A92EEA0FA7A32D9
Requests: 3 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstGgPQuTb495d-7rNCLoseohzEMopk5GmsU55zonyeVwiFFSe7_1qnfCh-bL8ZDh77vtWVo6p86lmd9rguh6RPUO0XGZ_jVSjHFGY4BoxQHouYjTNZ_N9_BAAsfdaPq9zrAJoeo_TCi3i7VB0vin-yWuyfAeVdzcIDyIx3sMh2LjvdMABAeRveVdmuq44D_0QmwQwDwZwoH6tY8HL315_KsFCh1CF3pl1lSAKrS_zzRBH4A65t8Fgbp-xGbIbeMjnTvwOyQo53ARuuA0aZ-AP7IyzO1VXOdU15rijmAIJGXAksByYJIXXj3qYrdWmsrDV7NrfDVhmsOh-IQqqF8rg36c4ahROFEOul_es9DJjj7UJBj2qV3y2qp5_B6lOwJ48AJdlvaAQ82XErheyum02vErNKnc3P6jhyN&sai=AMfl-YTdPVd3yKJeK7_JTBG3-EezTuFpclZitmyDchyiTqbgNnVl0T2voSPRyzVy-mKZjIO9rwhhBn8-_uCgCXacPMO0CJKjS_gLFZ5xFLdXHlGGB0VGW81bKp42uZs2RH4&sig=Cg0ArKJSzEl6LS-E9XKNEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: 9DF82BE676FF85154067A22E3BB38720
Requests: 13 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220829/r20190131/zrt_lookup.html
Frame ID: 8E73B3F69F749E4E20F1A0609FCAE70E
Requests: 1 HTTP requests in this frame

Frame: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Frame ID: A87B71001C8886E1E4F201D2696EF754
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6998313219273257&output=html&h=200&slotname=8351444450&adk=3785225855&adf=3173046729&pi=t.ma~as.8351444450&w=300&fwrn=3&fwrnh=100&lmt=1662022342&rafmt=1&psa=0&format=300x200&url=https%3A%2F%2Fsiakapkeli.my%2F2022%2F09%2F01%2Fbersalah-kes-rasuah-projek-solar-rosmah-dipenjara-30-tahun-denda-rm970-juta%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&sfro=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1662022342520&bpp=4&bdt=219&idt=219&shv=r20220829&mjsv=m202208250101&ptt=9&saldr=aa&cookie=ID%3Dc108e6c32e8016f8%3AT%3D1662022341%3AS%3DALNI_MbvA96QnRpp3aWnQj571EL-axQ2Rw&correlator=8218108688256&frm=23&ife=4&pv=2&ga_vid=802209565.1662022341&ga_sid=1662022343&ga_hid=1161719102&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1035&ady=566&biw=1600&bih=1200&isw=300&ish=280&ifk=2770593745&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31062931&oid=2&pvsid=2055423113641017&tmod=459292127&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C280&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=132&bc=31&ifi=1&uci=1.qh76yku8f89&fsb=1&dtd=239
Frame ID: 751B00A7EB1D383D624201FE4D16C2F5
Requests: 1 HTTP requests in this frame

Frame: https://f4f5f5dd83b6f4fca4ebb5cce3cd0739.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 9DEBE102540BB2C8A90E2BD4BC2FFD58
Requests: 13 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/adfetch?adk=274594334&adsafe=medium&client=ca-pub-5722610347565274&format=300x250_as&ip=2001:1af8:4700::&output=html&unviewed_position_start=1&url=https://siakapkeli.my/2022/09/01/bersalah-kes-rasuah-projek-solar-rosmah-dipenjara-30-tahun-denda-rm970-juta&sub_client=bidder-341462&aceid=MJXtagCuG7QARVs0AQ9oNAGbeDQBqns0Abx7NAFOfDQBWXw0Abl8NAHjfDQBGH00AR99NAFLfTQBTX00AWl9NAGAfTQBh300AYh9NAGNfTQBln00AZ99NAGhfTQBuH00Abx9NAHDfTQBxH00Acp9NAG3bEEBS3NBAVNzQQF2ENoBSej1AcAdXAJYHlwCW_mIAh_6iAIm-4gCR_uIAnhAqgInQqoCKEKqAitCqgIcRKoC_EaqAhlNqgJxj6oCgJuqAoGbqgKCm6oCoqiqAnmxqgLFtaoCuruqAi28qgLDvaoCLMGqAobNqgJP0KoCaNaqAqbaqgJV3qoCi9-qAkfgqgLI4qoCauSqAqDlqgLg5qoCW_CqAqDxqgLY8aoCT_KqArbzqgI-9aoC9PWqAlj4qgIm-6oCQvuqAqQBqwKyBasC9gWrAmwJqwKjC6sCSAyrAlAMqwKxEqsCuBOrAgkUqwKBFasChBerAk0ZqwKEGqsCYhyrAsUcqwIhHqsCXB6rArIeqwIOIKsCRiCrAsIgqwLgIasCDCOrAlQjqwKsI6sCJSSrAuMkqwKIJqsC-CarAk4nqwKiJ6sCVCirAmAoqwKWKKsCGimrAjwpqwJoKasC8ymrApkqqwLhKqsCeiurAvsrqwJHLqsCJOEYDG5dRg-zofsSsav7EiHF-xLM0fsSCej7EoHt-xKp7_sSm_L7Ekb7-xJi_vsSAf_7Epj_-xI1AvwSYwL8EuUC_BJfA_wSxFzQE2ii6hRAQKMY91ZrGtTwWSgrIvpC_9Hrbg&awbid_c=AKAmf-Dwn_0ACxIbMie5eeNem2kpiCIr4iILinjWhKfUfejARWeoG4MsEiAYZwkIs8j_kh30IrxkyuzPOjH5avVT1XifCfmYx_SmNaxKJfQpxRarH5dx4NJXlvjDBOOLjhJTNOkPNJOP8RPx-1fSUHLg_lEZbsLMbFBfKGPNMNl1FaUuFG7wB5ieLRZthZ2HIp2oJxd1XUuaCh8RgmrVXFEzBLlQ2_nTZLPALSJZPn--o-lpCQ6m6J_nVGPAQcFAbM9gVezXbWBqJNE0_DyVzTojR4GqS5O0qyJe-yOdf3B7PUwTxKJG-KYRyCLx15V8dzVBbmNMASAOtmQh4ZBOeVYmYncecRpSXcoPD4BjWSD9tV_a3rypVn18zztNqlCnMYZsw0WQlkoOxDJli2qV1RPIjk7R1HvXuQLM9ETPlu1m9yLcwPaovLG8MZj02XsQAghvvl3kcGoviqICDaIg-S4yUWchIiD26GuH1y2H4Wf_zFnepLXWUhEu96c5NuxvLAkL-cEqKDQUnmFtylwOFas8oKJ7tDU7vVcGYTGIHMX_rL6Bozr2kfRWzxcJcIa36-ZBaTNUDrJN9r2NNnBnoHtBrWZ76BdgMBFcQJAyeW8593SW9bHVm9FtEEIx-Aj0IzY3sMhIV3GB&awbid_d=AKAmf-CRRa0gi_LSxBniDbvgtIVZulg_9zBSK2wUhN5kYQoshyXnHXwUMSU6tLidu0n33-bzw-Ltcuzalk5DZyfsSANDgwvkgDww1mLwh7GvCxErxCUKJ3ycW35lYakpuNYGDoyMRSLsvNh4dl_eOi1mVJYAf0hd3EhVKdKCE94Imn-hL8dYd_HdAuN1jFOb8BnIcqeuTIYbulVTpzlkIbAPdV49-JkaHmfvXkzWwfd8SYNdnGmToqaHKcKdlX1mLrKWPlCbjCr2874-g8h4MppnLWaw5WnxXgEOp5DhrZNZ6LxN2KZph2nHfUAGr5Qe7Ca4skS1QhioY8mzIXZKZWRZTUS_Di_m5R42QzwYWJXzODLy_DWZtJEu5S1HNixMqaGCM8Hz8BsmWwDkcZ9oGyKlUB8nGq46yTmfLI7NWmeH-aggMuc6lucd9bZ36uVvOpEk9Kfr6LH-iPjmibYJIFCi-E0Qjs5dJt0UBN3ljfXHDFa-V_yK1tfJuYmUN_zEQiN8qMyI6juyboMsinCLpN_fDG78APtDEYJyKeylYSrKGQxOGkYSHZbJcoVd2QlkglLkz5wgHw4fSYvd_3WluZ4ixatgsp-Fxe4L60QfM7QXfDkDI_SqxVGJUVu6RiKdnTPtPxdw-9P8R5bfCyxjDiUW0bCC5B8Q0aLNw5l7Z8f2zlrl6sCk7krSu05P5-5LabmyRgg25_B2PaQX3qFYlH_sdB3yYwGctFbyKjc2aG2RwWcT8U8mpEoMSoIzQ-Uh9HpnN9bSc5wBOw7jDkjt9u-txQmo0Zkw3uyP3hipD0fzcbPl7i5-cU9LMVPXelFV6r604_LzA01fr__Yl8QST3tvc6WL7_T5h6Xqd_S4UWBfMvnuq7sew2dQhcjlTOhtF39J4OpvSleNl9gYIiGGJbAxsp3PQrQj7pD0mpKnYx4CYfclb0Y1aVoZ4p58vAcMTDmEE0jvO5Q-6CJgMckHIDfA80AKNJiFJDm16y1RIjhpme5yEJfKNvidT-UHy8F1RaTEt6DU-OefmAEycnkaLYW00zneeBj3wm5aEmawN7mcWbhlSPXPh7Ja5yUFKUiWekuCdd_AjuOkK-FZfaIwj1RkYRcpeeGw6yXhpjyc5mSEMAZj86T9w4pzXycLS_rhtuh8XeP8MFLWZgPSajUia7OEkWkEZ_ieP5rcI1rnHPQW6UVVF04Q2wSejRhBPCXJ8WY-OmbpMFz6PYYHc7WqqrU_imnFPSUIfww6-NqZjghfkQZFjDDdjrQpbDlud1K4-NAQrz80AyA9mQiO5DcCHbL4yz6ZGDYLjg&cid=CAASBORoGis&exk=1175156717&rfl=https%3A%2F%2Fsiakapkeli.my%2F&a_pr=13:YxByxgAAAAAmYnF5E1Mfu0u8Zb7g6W81qzA0jw
Frame ID: B78FD18520FAA4905806CE36F6AF99D0
Requests: 16 HTTP requests in this frame

Frame: https://r.casalemedia.com/usermatch?ix_um=1&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&s=189149&us_privacy=&gdpr_consent=&gdpr=1&C=1
Frame ID: 46C7D1BA23D7A5B40C086BE5ED5F2D10
Requests: 10 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 20E8E51C3DD416E39B777728B4BD7141
Requests: 9 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuozPWXooIpbNi4UuuIAOAcvSUfUZ1rgmE20iFaA_QUO_Q1C5aExHXIoWqIP7StbMUhnnXBII-KxY1-Dl7Mkf-ft-2SbHCvtotWP-Sm6O_3yx7YWnU-dW2wvHUt0QQlTh19Mzwuw5JkX5duuBK2yUDNXplnCa4j1URXfehAh2lLhRMFnifyLtvJDCcbN3RBXLXOJgu3fVENa_v6_DuEKPTGbKzcegnycegA4rOHkyfstBz3SVdrHJ9Wk21HL9jtaTWq9kkSwmkdlvZRCYDuMdwRwmfSIHB7DityLe_aNFH-B8_Atf04TWL1gFJNjX0wvU8vX7nILVcBG2ltcU-JyN8NYuJOotUzeo8&sai=AMfl-YSUxsPLM6d7YqZYxztWe3iUZqhLNepVb8FIf9LWlmkLAtYePQOs_l6V8odMyMbtK7wsKGUaa5KwdLm4MX1fG08O_RUe1DgA_z9a-I5pohuPS9S3sgE2udtWiHTH4Gg&sig=Cg0ArKJSzKsl9mu5zms4EAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: E5CC6F99BA4276F1ED9E16A4C783DDB0
Requests: 6 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 69418DB051C94FDEF9E5550DBD685B82
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 052C53515FFB5C6C317CE4656BB0445C
Requests: 2 HTTP requests in this frame

Frame: https://f4f5f5dd83b6f4fca4ebb5cce3cd0739.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: A1DFFFF245313115F4A9E64AE047F2D5
Requests: 13 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/adfetch?adk=274594334&adsafe=medium&client=ca-pub-5722610347565274&format=300x250_as&ip=2001:1af8:4700::&output=html&unviewed_position_start=1&url=https://siakapkeli.my/2022/09/01/bersalah-kes-rasuah-projek-solar-rosmah-dipenjara-30-tahun-denda-rm970-juta&sub_client=bidder-341462&aceid=MKoDHwBQF7QAkWA0AbFrNAGbeDQBOXo0AWV6NAG8ezQBD3w0AU18NAGzfDQBGH00AR99NAFLfTQBaX00AYB9NAGHfTQBiH00AY19NAGWfTQBn300AaF9NAG4fTQBvH00AcN9NAHEfTQByn00AUtzQQFQc0EBRPUeAukdXAJYHlwC2x5cAt8eXAJi-4gCn0CqAidCqgI7WqoCX1uqAkx9qgLZjqoCgJuqAoGbqgKCm6oCoqiqAjC3qgK3vaoCGMWqAobNqgJ12qoCVd6qAqDlqgLX8aoCn_SqAj31qgLz9aoCafiqAib7qgJB-6oCv_-qAqYEqwL2BasCbAarAsQJqwILDasC2g2rAtoRqwIPFKsCaBarAoQXqwIDGasCTRmrAoQaqwLiGqsCgRurAoQbqwILHKsCLhyrAmIcqwLhHKsC6xyrAoAdqwJdHqsCgh6rAqAeqwLUHqsCBB-rAqAgqwLBIKsC4CCrAgoiqwJ5IqsCjCKrApIiqwKkIqsCDSOrAssjqwIiJKsCoCSrAs8kqwKdJasCqiarAhknqwJMJ6sCVCirAnAoqwLmKKsC6iirAhIpqwJpKasCfimrAo8pqwI7KqsC-yurAkgsqwJULqsCZi6rAiHtBQNUssUFj4qfDs-T-xJZtfsSzNH7EjPi-xLv7fsS7PP7Epn1-xJr-PsS2_r7Elf--xJmAPwSSgH8Ek8B_BK5AfwS7gH8EgYC_BKZAvwSwLByFFuf6hQNXDcXbRb3F_dWaxqJI8U5ANLrbg&awbid_c=AKAmf-A85k_qXGhs7JPfzYWZLzJxQ_MYuRdoyPFb4eUwIjeFyaExgdZ3TzMSEgL6n0Q6nygtFO1SOwcGi8A_PYMEX6cqCIz2FUo7rGi2UYs_co3BP9oqe6SiZzdjYYD0JUG8MtxsE8AauAZ5n40EMGslpNqV-Nepw0k0y2nsdNm6rljSEzT8RXc&awbid_d=AKAmf-Dajv9A6s8QQ0SMjl6wlrnbypDlnayMa5aYRDMMs5cMhrWTPiKrH-XOhFwEAzY1-hCUbg-S2-g-qFgsXvAjs2P_Fs7ZfEn-6WOS32xuoCFlHzgWOJdwmXRDMzMKii5MeI_AW5WWgXZKHEpJwPld7wis6HAAaGXtTqwC6rC0T1cA3Rt6TeIUxFHhlkj6Pgzu0B5ihdwr-Psy6FK4OpDcBx_rGEihrLdy996SBaFdgfqo5V4SUtHDmoY7-SbddjnvXmtf5Lf4liKfzcW46XwAH0JVWXeLLLop__MaDEDak2e98kSde7orOs0uH-ITr7vTt6HSGoKtAZgScOtBFVJeP4GwkczJ3BbsBmrX9hACZ0w-CvbuiwSab0K0XMIwTxjc5esmOgilYN_TGqQ_YH429a4QRM7wjuxMQWH5ROkao0Co25g7mY13E4F8OA5RYtigCJU4LUF5-pV6KBUnlaP0zmD6rn_EqOqH12efTMojl6Y7I0iTyNczcK-dJSXdKbIPOezLRJRH5FIXDfWf-F5eacYlZDLShr6PcHRXPqH8I48ZPkqpL8zfRuyp7LtNxnfbfSvO4BOyqEdPZyT1xQFFeO7o9iLOc5579ak7NkD6e65w9QisP8MW8dABTDlUEio81zWnN2oahyb9WLYQD9wrbwEI2CZ6zjra6eXet4DNBjzyo5OtEGDwCs8SrNQpMxbjcssBvffxdKOvPweWZQajWcjEJN_MauhLltEyzM9NX05Elh_uLJYzHwe06PpEywouVNf3f5qpK43wvdpyHI0ELI2iofgdQyfx0U98DYwPe7rOoBHZ0b4&cid=CAASBORo-Zs&exk=1227658683&rfl=https%3A%2F%2Fsiakapkeli.my%2F&a_pr=13:YxByxwAAAAADL2M6Fnv_y1PdjmXtmB_3P8x2CQ
Frame ID: 618EE6F8011E67D62B65A0666596126F
Requests: 8 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?ix_um=1&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&s=189149&us_privacy=&gdpr_consent=&gdpr=1
Frame ID: 105A7D94BA8156646B9A9C900CD259C5
Requests: 10 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: E27632D7F3CEDFEB5F67B325C24D1E4F
Requests: 9 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=siakapkeli.my
Frame ID: EC486EFA70BAAACDF1E8BBBBE88D3253
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4017250493934934444/300x250.html
Frame ID: 23863E4F4CD9AAE173B9ECBBD7EF2709
Requests: 11 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/X5Wcp9Ugq7sZToVDu26YRTjm5OYazRuFrO0o8wz5lEo.js
Frame ID: 2C9FDB2D50471AC4597073A7B2C7F444
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: F9004584E954F53937FFC4DC896A9CEA
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: EAC64BE8B151E889D67AC8B738F80787
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 972DDB458436BCE8F7B498C97CEF6931
Requests: 2 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: A7BAD2B6F0BFA02D2EDC585724EAC0F8
Requests: 1 HTTP requests in this frame

Frame: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU3VM41V&prvid=2034%2C2033%2C2030%2C233%2C2028%2C2027%2C159%2C2025%2C237%2C117%2C359%2C97%2C55%2C99%2C3012%2C3010%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C326%2C9%2C208%2C2055%2C3020%2C173%2C251%2C175%2C178%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C77%2C182%2C141%2C222%2C10000%2C228%2C80%2C108%2C229%2C109%2C307&itype=PREBID&purpose1=1&gdprconsent=0&gdpr=1&coppa=0&usp_status=0&usp_consent=1
Frame ID: 1666F509A10B1339827B7F6878738A4B
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 71444913D039C1792104853308E6085A
Requests: 2 HTTP requests in this frame

Frame: https://biddr.brealtime.com/check.html
Frame ID: E0F43BC35BCBCD7D37D025DB0D768668
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: E074813C41A4ED912CD2C48325BB0E44
Requests: 10 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync
Frame ID: 245D82CC304B89788A77FC30BFD270A8
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158497
Frame ID: 0CCDECE4BB2FB2E67D1FFD334D9746D0
Requests: 2 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/pd
Frame ID: 290FA3BA31F4BE9DF733EFA969A94806
Requests: 1 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fsiakapkeli.my%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Frame ID: D829DEB8BAF35E7B71F826074E2B1033
Requests: 10 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Bersalah Kes Rasuah Projek Solar: Rosmah Dipenjara 30 Tahun, Denda RM970 Juta

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick Ad Exchange (AdX) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

tpc\.googlesyndication\.com/safeframe

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

Prebid (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.com/[^"]*(?:prebid|/pb\.js)

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

290
Requests

88 %
HTTPS

35 %
IPv6

79
Domains

123
Subdomains

96
IPs

11
Countries

2684 kB
Transfer

7346 kB
Size

47
Cookies

4 Outgoing links

These are links going to different origins than the main page.

URL: https://en.siakapkeli.my/
Title: English

Search URL Search Domain Scan URL

URL: https://www.youtube.com/channel/UCo5TWROsmkTHVhzmFUW94oA/videos
Title: Youtube

Search URL Search Domain Scan URL

URL: https://www.youtube.com/channel/UCo5TWROsmkTHVhzmFUW94oA?utm_source=website&utm_medium=siakapkeli.my&utm_campaign=youtube

Search URL Search Domain Scan URL

URL: https://maharsuri.com/
Title: Siakap Keli Sdn Bhd

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 86

https://tag.adbro.me/tags/ptag.js HTTP 302
https://cdn.adbro.me/ptag.js

Request Chain 112

https://oajs.openx.net/esp?url=https%3A%2F%2Fsiakapkeli.my%2F2022%2F09%2F01%2Fbersalah-kes-rasuah-projek-solar-rosmah-dipenjara-30-tahun-denda-rm970-juta%2F&rid=esp HTTP 302
https://oajs.openx.net/esp?url=https%3A%2F%2Fsiakapkeli.my%2F2022%2F09%2F01%2Fbersalah-kes-rasuah-projek-solar-rosmah-dipenjara-30-tahun-denda-rm970-juta%2F&rid=esp&cc=1

Request Chain 139

https://ssum-sec.casalemedia.com/usermatch?ix_um=1&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&s=189149&us_privacy=&gdpr_consent=&gdpr=1 HTTP 302
https://r.casalemedia.com/usermatch?ix_um=1&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&s=189149&us_privacy=&gdpr_consent=&gdpr=1&C=1

Request Chain 142

https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEFsRpX3bqNTa09BQn7ECAKE&google_cver=1&google_push=AehlK4CBZOw6qZBjF6Qx335TNF_8meZYo9HI5FwVPt5z35sM_b_jnNjYtLZt34K7B1p8-Yu2rv6QUppqNpSYg4KPqAQ7ZOidbPPd5Q HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AehlK4CBZOw6qZBjF6Qx335TNF_8meZYo9HI5FwVPt5z35sM_b_jnNjYtLZt34K7B1p8-Yu2rv6QUppqNpSYg4KPqAQ7ZOidbPPd5Q

Request Chain 143

https://um.simpli.fi/gp_match?google_gid=CAESEDKR39BzA2DZzb1IilFMKDk&google_cver=1&google_push=AehlK4D9iHHqkJwegCWVZY-LNZpG76VwHz0cKHySfHqIOzraj7_-GhutMxnWFnM_7eXOReztukPLWUzc4ZTwta6gbvYaN-oV5vQh HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=64342DA3D38D434C8677AD4BD0B0B9A2&google_push=AehlK4D9iHHqkJwegCWVZY-LNZpG76VwHz0cKHySfHqIOzraj7_-GhutMxnWFnM_7eXOReztukPLWUzc4ZTwta6gbvYaN-oV5vQh

Request Chain 144

https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEC9wkrBrEQMQLB0CdBIKfm8&google_cver=1&google_push=AehlK4CaeaGtp3xgS6s-3tnOnSCfMwu1ItRLgGTCBi9qNebjg-bCZLx5BDGK7xcaGszy1wW0bsIukq8rZKx3_DZqtsyk5-FZr7WO5g HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzEzODMzMTYwODQwOTE3NjIxOA%3D%3D&google_push=AehlK4CaeaGtp3xgS6s-3tnOnSCfMwu1ItRLgGTCBi9qNebjg-bCZLx5BDGK7xcaGszy1wW0bsIukq8rZKx3_DZqtsyk5-FZr7WO5g

Request Chain 145

https://x.bidswitch.net/sync?ssp=google&google_gid=CAESECEOwzaPutOKdYJnvtKN_v0&google_cver=1&google_push=AehlK4CC6ZHSD1P8BZOpwtxcItgDW6RcARsBkwJRB1hRjH7SfwafoH7bRAs0s5xocfu3NNRBt47spw3JlMAvU3hpTcdgDh6b_ZSvzA HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=google&google_gid=CAESECEOwzaPutOKdYJnvtKN_v0&google_cver=1&google_push=AehlK4CC6ZHSD1P8BZOpwtxcItgDW6RcARsBkwJRB1hRjH7SfwafoH7bRAs0s5xocfu3NNRBt47spw3JlMAvU3hpTcdgDh6b_ZSvzA HTTP 302
https://a.sportradarserving.com/sync?ssp=bidswitch&bidswitch_ssp_id=google HTTP 302
https://a.sportradarserving.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=google HTTP 302
https://x.bidswitch.net/sync?dsp_id=409&expires=14&user_group=1&user_id=e69840d1-1323-4893-87bb-45b05989e19f&ssp=google HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AehlK4CC6ZHSD1P8BZOpwtxcItgDW6RcARsBkwJRB1hRjH7SfwafoH7bRAs0s5xocfu3NNRBt47spw3JlMAvU3hpTcdgDh6b_ZSvzA&google_hm=TpWqR84VSFyLuG4kxhpP4g==

Request Chain 166

https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1 HTTP 302
https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YxByx5XL2mcMcYgGF8NJTAAA HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEExsIPodXmcI9sPh7G-4d6c&google_cver=1&gdpr=1

Request Chain 168

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YxByx5XL2mcMcYgGF8NJTAAABIwAAAAB HTTP 302
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YxByx5XL2mcMcYgGF8NJTAAABIwAAAAB&dcc=t

Request Chain 170

https://nep.advangelists.com/xp/user-sync?acctid=405&redirect=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D195%26external_user_id%3D%7BPARTNER_VISITOR_ID%7D%0A HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=195&external_user_id=av-e81098f2-ff60-40e3-911f-108d4e2968d3

Request Chain 171

https://d.adroll.com/cm/index/ssp?gdpr=1 HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=105&external_user_id=0

Request Chain 172

https://sync.adotmob.com/cookie/indexexchange?r=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D13%26external_user_id%3D%7bamob_user_id%7d%26expiration%3D%5bEXPIRATION%5d&gdpr=1 HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&external_user_id=%7Bamob_user_id%7D&expiration=[EXPIRATION]&gdpr=1

Request Chain 173

https://px.owneriq.net/eucm/p/cc?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D31%26external_user_id%3D(OIQ_UUID) HTTP 302
https://px.owneriq.net/ecc?redir=https%3a%2f%2fdsum-sec.casalemedia.com%2fcrum%3fcm_dsp_id%3d31%26external_user_id%3dQ7153087431397151257&uid=Q7153087431397151257&ref=%2Feucm%2Fp%2Fcc HTTP 302
https://px.owneriq.net/noop?ct=image%2Fgif

Request Chain 198

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEFD9heEp846h3culDZw-p6U&google_cver=1&google_push=AehlK4BB_iC4kUAu0kfwF774vcKQbe_imAZ2QXUXdrznGNapt-HVfoTDzAPHqYPTHMwhJtmmUsfcguA02UnJBzg_sRFARiW_Ir4G HTTP 302
https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEFD9heEp846h3culDZw-p6U&google_cver=1&google_push=AehlK4BB_iC4kUAu0kfwF774vcKQbe_imAZ2QXUXdrznGNapt-HVfoTDzAPHqYPTHMwhJtmmUsfcguA02UnJBzg_sRFARiW_Ir4G HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=Z25OZEs5SGYxT3RGVlo1&google_gid=CAESEFD9heEp846h3culDZw-p6U&google_cver=1&google_push=AehlK4BB_iC4kUAu0kfwF774vcKQbe_imAZ2QXUXdrznGNapt-HVfoTDzAPHqYPTHMwhJtmmUsfcguA02UnJBzg_sRFARiW_Ir4G

Request Chain 199

https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEO1KwDDObxRf9SkFMTU29tw&google_cver=1&google_push=AehlK4C-WA_7FBN6IeTBRDXgCEvvGIf6s9I34Y_Dk5ZEvUpnRsstANrfl_GBnlGsMcvTUuKP2tVC2ctyzZwsj0Rnl8DTwPCi9e8 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AehlK4C-WA_7FBN6IeTBRDXgCEvvGIf6s9I34Y_Dk5ZEvUpnRsstANrfl_GBnlGsMcvTUuKP2tVC2ctyzZwsj0Rnl8DTwPCi9e8

Request Chain 201

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEDjenajcyCF_2Ws-wYyJVO0&google_cver=1&google_push=AehlK4CmICZK0FQg4GfUCsr8ssRKP6QA1qIGwPed_TTWnPm02aArHS0Ssh1CVszWCbRPFkGrYpn8Hc6CkXcosPIch63dYa75Xszf HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDdJVDZVQVYtMVotNDRKNA==&google_push=AehlK4CmICZK0FQg4GfUCsr8ssRKP6QA1qIGwPed_TTWnPm02aArHS0Ssh1CVszWCbRPFkGrYpn8Hc6CkXcosPIch63dYa75Xszf

Request Chain 202

https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESED3oiYnS6jTEsIegUguLU1U&google_cver=1&google_push=AehlK4AnWTlR6NkmMRazlmohB6VOIgs9-HUe-IDDgHTrpNWukd5fyIr3DSOK1DhMF8jVoKQcNo7bffUdoY2bu2LS33huI75wtFfx HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AehlK4AnWTlR6NkmMRazlmohB6VOIgs9-HUe-IDDgHTrpNWukd5fyIr3DSOK1DhMF8jVoKQcNo7bffUdoY2bu2LS33huI75wtFfx

Request Chain 210

https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D&gdpr=1 HTTP 302
https://sync-tm.everesttech.net/ct/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D&gdpr=1&_test=YxByxwAD7I00kgBN HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=YxByxwAD7I00kgBN&gdpr=1&_test=YxByxwAD7I00kgBN

Request Chain 212

https://p.rfihub.com/cm?in=1&pub=2079&gdpr=1 HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=5107433824399306303

Request Chain 213

https://b1sync.zemanta.com/usersync/index/?us_privacy=&gdpr=1&gdpr_consent= HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=17&external_user_id=&gdpr=1

Request Chain 225

https://gum.criteo.com/sid/json?origin=publishertagids&domain=siakapkeli.my&sn=ChromeSyncframe&so=0&topUrl=siakapkeli.my&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
https://mug.criteo.com/sid?cpp=oami5nw0VC83UmVMSnZRcWFVdnl3WW9rVkN6WDRSZzJYb1hBUVdMb0lBZTN1V2pKcnlLZExzRUdrN2FEL2RvaDg0OXErUXZUMlpucnRyV3ZhMjA2cjk4aWtjcHdSMEtGRVlhcEluTi9wdVMxRWpjS2NpQitmQXlUQlFkYW1wVnBvQVVJVEs2ZXJiekR1bFVsZTFwaXFlOUUxZVpzMFZTNmgyRG5kKzM2NmhkbktCcjRXczZxbmFJZDU5ZDNxUE15cTQ1TmxFVWV6bFIzZk1GU05SRGM4eWxBOGMwbkhyVTYyMWNFSEV1K2w0akdEeUhQSXIycmhuTEUvanhiV3VKMlQrQ1ZBaDFBTVoyOEk2djVKTWdvRjlLbi8yUEo3NHc1U0dPOWRIV1lVdy8rbEtxOD18&cppv=2

Request Chain 234

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 260

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fsiakapkeli.my%2F&domain=siakapkeli.my&cw=1&pbt=1&lsw=1 HTTP 302
https://mug.criteo.com/sid?cpp=ft5fnHw1U09mYUV3Y2pLakhHZDhRT3BnbXZhcUV4T0tZSGUxeUk3RlRzUEwrdXJ2UHIzRHBMd0RCNVFOMXBRR2ZPamgrNjhLNDVMalFabjVSZzkrMDVYeDh6czQzeHM0dUdDMkFJUUs3VzU3VE9TOTdxSjNRcFQ4SVNuSm14dUR0dHM5YkhxTysxeVNlU05CUG1kdkhWRHZadE9YUzB1dloydGdYVkNRR3UyREZ0WDZLTmNFSkgzKzlGNlVPYmQ0OERLTlovdWhvQko2MzVHZlhRWFVQYjRUZSt4RHFIRloxVmZSN1lLczBtcDdEVmwySlJ6dUZvbXRwL1FMN3h4RGJZUUkxcDBnOXlyelR1dUtYbTNSODBaT1EyZz09fA&cppv=2

Request Chain 270

https://ups.analytics.yahoo.com/ups/58531/occ?gdpr=0&gdpr_consent= HTTP 302
https://a-prebid.vidoomy.com/setuid?bidder=verizonmedia&uid=y-.zDuPA9E2uEKD0_Lhev2UUlEBPcCvyrMCE1AY7s-~A&gdpr=0&gdpr_consent=

Request Chain 272

https://ib.adnxs.com/getuid?https%3A%2F%2Fa-prebid.vidoomy.com%2Fsetuid%3Fbidder%3Dadnxs%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%24UID HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fa-prebid.vidoomy.com%252Fsetuid%253Fbidder%253Dadnxs%2526gdpr%253D0%2526gdpr_consent%253D%2526uid%253D%2524UID HTTP 302
https://a-prebid.vidoomy.com/setuid?bidder=adnxs&gdpr=0&gdpr_consent=&uid=5666057463092414965

Request Chain 273

https://x.bidswitch.net/sync?ssp=vidoomy HTTP 302
https://ads.betweendigital.com/match?bidder_id=43092&gdpr=&consent=&callback_url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D429%26user_id%3D%24%7BUSER_ID%7D%26ssp%3Dvidoomy%26expires%3D30%26user_group%3D%24%7BUSER_GROUP%7D%26gdpr%3D%26gdpr_consent%3D HTTP 302
https://ads.betweendigital.com/match?bidder_id=43092&gdpr=&consent=&callback_url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D429%26user_id%3D%24%7BUSER_ID%7D%26ssp%3Dvidoomy%26expires%3D30%26user_group%3D%24%7BUSER_GROUP%7D%26gdpr%3D%26gdpr_consent%3D&crf=1 HTTP 302
https://x.bidswitch.net/sync?dsp_id=429&user_id=acd962df-4f23-52f4-a6ac-352bc5bc47e7&ssp=vidoomy&expires=30&user_group=1&gdpr=&gdpr_consent= HTTP 302
https://a.vidoomy.com/api/rtbserver/cookie?i=BS&uid=4e95aa47-ce15-485c-8bb8-6e24c61a4fe2

Request Chain 278

https://ad.turn.com/r/cs?pid=21&gdpr=1 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=7347147593828597803

Request Chain 279

https://sync.mathtag.com/sync/img?mt_exid=15&redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D3%26external_user_id%3D%5BMM_UUID%5D&gdpr=1 HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=61bd6310-72c7-4e00-bb71-3720587fcbba&gdpr=1&gdpr_consent=

Request Chain 281

https://casale-match.dotomi.com/match/bounce/current?networkId=19998&version=1&gdpr=1 HTTP 302
https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1662108748&gdpr=1

Request Chain 282

https://euexchangesync.digitaleast.mobi/usersync/index.gif?us_privacy=&gdpr=1&gdpr_consent= HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=11&external_user_id=bb59b381-cb1b-4d7c-9ff4-7cf41f9b07c5

Request Chain 289

https://token.rubiconproject.com/token?pid=36584 HTTP 302
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=L7IT6UAV-1Z-44J4

Request Chain 290

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc HTTP 302
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEKnfuJF9c936HsrR8_Xc648&google_cver=1

Request Chain 291

https://token.rubiconproject.com/token?pid=2249&pt=n HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=Y2IzYTJkNWM3YzdmODUwODQ4N2Y4OGRlNDU4MTRhYjM3NmQwY2Y5OQ

Request Chain 293

https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id= HTTP 302
https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&dcc=t HTTP 302
https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=XuAW8FjmQFuV4970zHWasA&rk=usync-na HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=XuAW8FjmQFuV4970zHWasA

Request Chain 294

https://token.rubiconproject.com/token?pid=25470 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDdJVDZVQVYtMVotNDRKNA==

Request Chain 295

https://token.rubiconproject.com/token?pid=26594 HTTP 302
https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=L7IT6UAV-1Z-44J4&sigv=1&esig=2~7b482eb8afb99c3736911520fd5e481724c9ddb9

290 HTTP transactions
8 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
siakapkeli.my/2022/09/01/bersalah-kes-rasuah-projek-solar-rosmah-dipenjara-30-tahun-denda-rm970-juta/ 115 KB
30 KB 258ms
190ms Document
text/html 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://siakapkeli.my/2022/09/01/bersalah-kes-rasuah-projek-solar-rosmah-dipenjara-30-tahun-denda-rm970-juta/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e9f42f63ba258eb1f829e80baa68b9f5afaa63c0ea3b85af3c3ed3a27fcf28a8

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

age: 74
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: public, max-age=180, stale-while-revalidate=360, stale-if-error=43200
cf-cache-status: DYNAMIC
cf-ray: 743cc4ec9a8e9bf8-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Thu, 01 Sep 2022 08:52:20 GMT
link: <https://siakapkeli.my/wp-json/>; rel="https://api.w.org/" <https://siakapkeli.my/wp-json/wp/v2/posts/482793>; rel="alternate"; type="application/json" <https://siakapkeli.my/?p=482793>; rel=shortlink
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=q%2FPmy%2Bc0H%2FKvYaNi5I6OkUVDH2ql8pg7UwqL19%2By89rudvveg0g0dGi3lp6W39yfwrb1UG1%2FbauK4SMlfY%2FcKqXVq8ltESPpAnYOIGqxtcUJzh2Y7KKkLnesRyNiHqbKDeOe%2F%2BuSLLJJ3MF0"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
via: 1.1 varnish (Varnish/5.2)
x-cache: HIT
x-cache-hits: 19
x-ua-compatible: IE=edge,chrome=1
x-varnish: 42893977 41832809

GET
H2 200 style.min.css
siakapkeli.my/wp-includes/css/dist/block-library/ 87 KB
12 KB 222ms
220ms Stylesheet
text/css 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://siakapkeli.my/wp-includes/css/dist/block-library/style.min.css?ver=6.0.1
Requested by: Host: siakapkeli.my
URL: https://siakapkeli.my/2022/09/01/bersalah-kes-rasuah-projek-solar-rosmah-dipenjara-30-tahun-denda-rm970-juta/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d7705700d24d5919255576642ad2c28bfc790390b7183a369038ff5c1e814d51

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://siakapkeli.my/2022/09/01/bersalah-kes-rasuah-projek-solar-rosmah-dipenjara-30-tahun-denda-rm970-juta/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Thu, 01 Sep 2022 08:52:20 GMT
via: 1.1 varnish (Varnish/5.2)
cf-cache-status: HIT
last-modified: Tue, 16 Aug 2022 01:50:05 GMT
server: cloudflare
vary: Accept-Encoding
x-cache: MISS
x-varnish: 458829
content-type: text/css
content-encoding: br
cache-control: public, max-age=180, stale-while-revalidate=360, stale-if-error=43200
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KrJBcP3aY8mHfvXUPnMHodXP5INFNNIyGkis8EhOtZdj4Ldc3XUdUqB5ADzoLHNRXnRtDuxJr9Y5dV8V%2FLkPHCYEQPm4%2FmHZ3zLD2RlpYtrgszJ%2BIDXywPt4Lhl3n3U3sNNPL53GGEYOEL1y"}],"group":"cf-nel","max_age":604800}
cf-ray: 743cc4eddc079bf8-FRA
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 mediaelementplayer-legacy.min.css
siakapkeli.my/wp-includes/js/mediaelement/ 11 KB
3 KB 220ms
218ms Stylesheet
text/css 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://siakapkeli.my/wp-includes/js/mediaelement/mediaelementplayer-legacy.min.css?ver=4.2.16
Requested by: Host: siakapkeli.my
URL: https://siakapkeli.my/2022/09/01/bersalah-kes-rasuah-projek-solar-rosmah-dipenjara-30-tahun-denda-rm970-juta/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b7908a015a567ec2363011df2475368dbff34360e9da3fdff50604d6395fb646

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://siakapkeli.my/2022/09/01/bersalah-kes-rasuah-projek-solar-rosmah-dipenjara-30-tahun-denda-rm970-juta/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Thu, 01 Sep 2022 08:52:20 GMT
via: 1.1 varnish (Varnish/5.2)
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-cache: HIT
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-varnish: 64501533 65674022
last-modified: Fri, 18 Feb 2022 05:52:20 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=a7ZGJCtiahXD%2BzwJntajvnJcL2zFf4gwOHi%2BDH7%2FyHXx17CxZ75ze3udyn8EP3%2FLcSZLKkgJwLU0w44OLGtDb825k%2B4LWCu5zCKMDpjqUAibIfW6GsH7BknPp1FTN2hAcBvEVchtr2ud5Jpi"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=180, stale-while-revalidate=360, stale-if-error=43200
cf-ray: 743cc4eddc0a9bf8-FRA
x-cache-hits: 2

GET
H2 200 wp-mediaelement.min.css
siakapkeli.my/wp-includes/js/mediaelement/ 4 KB
2 KB 228ms
226ms Stylesheet
text/css 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://siakapkeli.my/wp-includes/js/mediaelement/wp-mediaelement.min.css?ver=6.0.1
Requested by: Host: siakapkeli.my
URL: https://siakapkeli.my/2022/09/01/bersalah-kes-rasuah-projek-solar-rosmah-dipenjara-30-tahun-denda-rm970-juta/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2e10d353ff038c2cad3492fc17801af3e6ef2669c9e9713bdb78b1dcb104c4fe

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://siakapkeli.my/2022/09/01/bersalah-kes-rasuah-projek-solar-rosmah-dipenjara-30-tahun-denda-rm970-juta/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Thu, 01 Sep 2022 08:52:20 GMT
via: 1.1 varnish (Varnish/5.2)
cf-cache-status: HIT
last-modified: Fri, 17 Jul 2020 12:10:04 GMT
server: cloudflare
vary: Accept-Encoding
x-cache: MISS
x-varnish: 472062
content-type: text/css
content-encoding: br
cache-control: public, max-age=180, stale-while-revalidate=360, stale-if-error=43200
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uE9OtQbrOFnw637%2FHtuGTm9Y0EcCi56rqwnNoQaPcqKiYm1Kyf3b2l3MjXPQsA2mDxvTLh8RQc%2Fj4nsHdGcxBL1WOQiCVPQLH12QtCsYZcT9DinvrJc6QpBliSlhQbS%2FolulHmV69sNwdpRT"}],"group":"cf-nel","max_age":604800}
cf-ray: 743cc4eddc0c9bf8-FRA
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 simple-line-icons.css
siakapkeli.my/wp-content/plugins/meks-flexible-shortcodes/css/simple-line/ 9 KB
2 KB 212ms
210ms Stylesheet
text/css 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://siakapkeli.my/wp-content/plugins/meks-flexible-shortcodes/css/simple-line/simple-line-icons.css?ver=1.3.1
Requested by: Host: siakapkeli.my
URL: https://siakapkeli.my/2022/09/01/bersalah-kes-rasuah-projek-solar-rosmah-dipenjara-30-tahun-denda-rm970-juta/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ddb5f37e49e5bb129115dc56bf737c89b3a27770107d3c24abe60b2cec84460e

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://siakapkeli.my/2022/09/01/bersalah-kes-rasuah-projek-solar-rosmah-dipenjara-30-tahun-denda-rm970-juta/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Thu, 01 Sep 2022 08:52:20 GMT
via: 1.1 varnish (Varnish/5.2)
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished: origSize=11557
cf-ray: 743cc4eddc0e9bf8-FRA
x-cache: HIT
last-modified: Fri, 17 Jul 2020 12:10:03 GMT
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hTZZk9PMeS3%2B3N2SByrsSS%2B08tG6oC2Qn67nP7pHyfd%2BsqJ38rKKP2f%2BqLZ1ExxXWD9HbbY%2B89muKndhy%2BqvUBXZHLgUfisBHuOi095MoVJV9H4jKJDx1gjV7KQqP1YtBClfcchpTWjHfB3e"}],"group":"cf-nel","max_age":604800}
x-varnish: 90262695 113613820
cache-control: public, max-age=180, stale-while-revalidate=360, stale-if-error=43200
content-type: text/css
x-cache-hits: 1

GET
H2 200 style.css
siakapkeli.my/wp-content/plugins/meks-flexible-shortcodes/css/ 11 KB
3 KB 189ms
187ms Stylesheet
text/css 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://siakapkeli.my/wp-content/plugins/meks-flexible-shortcodes/css/style.css?ver=1.3.1
Requested by: Host: siakapkeli.my
URL: https://siakapkeli.my/2022/09/01/bersalah-kes-rasuah-projek-solar-rosmah-dipenjara-30-tahun-denda-rm970-juta/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8ee6a829478761f158d239ceb4dd636ae4e703dc1970057c71628549d1de6d14

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://siakapkeli.my/2022/09/01/bersalah-kes-rasuah-projek-solar-rosmah-dipenjara-30-tahun-denda-rm970-juta/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Thu, 01 Sep 2022 08:52:20 GMT
via: 1.1 varnish (Varnish/5.2)
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished: origSize=15381
cf-ray: 743cc4eddc0f9bf8-FRA
x-cache: HIT
last-modified: Fri, 17 Jul 2020 12:10:03 GMT
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5s6xM5ZtkETEVhn5y%2FjWy92juNUF5%2B7DseWiPPMOxNflAMtYIaYvdOsXwlo94A%2FJAcrivZCsWDug4084a0snhuaKcs9wrUCIh15YMGHVxEB9JbPnt2tB%2F86s%2F8p8jJhh8xZcQk87Tm3NAc7y"}],"group":"cf-nel","max_age":604800}
x-varnish: 80481592 114526598
cache-control: public, max-age=180, stale-while-revalidate=360, stale-if-error=43200
content-type: text/css
x-cache-hits: 1

GET
H2 200 style.css
siakapkeli.my/wp-content/plugins/search-filter/ 411 B
545 B 240ms
238ms Stylesheet
text/css 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://siakapkeli.my/wp-content/plugins/search-filter/style.css?ver=1
Requested by: Host: siakapkeli.my
URL: https://siakapkeli.my/2022/09/01/bersalah-kes-rasuah-projek-solar-rosmah-dipenjara-30-tahun-denda-rm970-juta/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d261205cf1f286a5d6255461ac2332f0c24327323aa37cbabc04886411b2f9d2

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://siakapkeli.my/2022/09/01/bersalah-kes-rasuah-projek-solar-rosmah-dipenjara-30-tahun-denda-rm970-juta/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Thu, 01 Sep 2022 08:52:20 GMT
via: 1.1 varnish (Varnish/5.2)
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished: origSize=577
cf-ray: 743cc4eddc109bf8-FRA
x-cache: HIT
last-modified: Thu, 10 Mar 2022 08:05:08 GMT
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=R2J%2B6VZBwOrqer8dbvS1mWb4W1WI%2Fl6NCXdHgN1lwhWFmRay9%2Fp247FC9Jw9ONb0AUSyRohGe%2F%2BjsilmEDR%2Bkr5N%2F0NWe1wYZvmkeDJTCNBCbcYdgL2jbFOXOHkFK2Fu7WTxyugXH27WGQxS"}],"group":"cf-nel","max_age":604800}
x-varnish: 76136480 90262564
cache-control: public, max-age=180, stale-while-revalidate=360, stale-if-error=43200
content-type: text/css
x-cache-hits: 1

GET
H2 200 widget-options.css
siakapkeli.my/wp-content/plugins/widget-options/assets/css/ 1 KB
589 B 210ms
209ms Stylesheet
text/css 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://siakapkeli.my/wp-content/plugins/widget-options/assets/css/widget-options.css
Requested by: Host: siakapkeli.my
URL: https://siakapkeli.my/2022/09/01/bersalah-kes-rasuah-projek-solar-rosmah-dipenjara-30-tahun-denda-rm970-juta/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8704f607741a4e0a4d82cf024d026c9e7c1d65241250c2223f31dca29a07dc15

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://siakapkeli.my/2022/09/01/bersalah-kes-rasuah-projek-solar-rosmah-dipenjara-30-tahun-denda-rm970-juta/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Thu, 01 Sep 2022 08:52:20 GMT
via: 1.1 varnish (Varnish/5.2)
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished: origSize=1046
cf-ray: 743cc4eddc129bf8-FRA
x-cache: HIT
last-modified: Fri, 18 Feb 2022 06:03:15 GMT
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ev6jrBebDzTJl%2BQEzPvcPx8wHYhVA67ZpOPFRF9n%2BTPH1BVh92hLK36e0B4uZ%2FByWOtiasf6VLPDV0xGt7o%2B6U7W%2F9Y17vnWRkoqETTgBPug6ZF7SKbhTkYLU3lcehpuAL9%2BJL9NEgnRwpWC"}],"group":"cf-nel","max_age":604800}
x-varnish: 114000330 113191892
cache-control: public, max-age=180, stale-while-revalidate=360, stale-if-error=43200
content-type: text/css
x-cache-hits: 1

GET
H2 200 css
fonts.googleapis.com/ 3 KB
1 KB 49ms
19ms Stylesheet
text/css 2a00:1450:400e:800::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Cabin%3A400%2C700%7CLato%3A400%2C700&subset=latin%2Clatin-ext&ver=1.6

Requested by

Host: siakapkeli.my
URL: https://siakapkeli.my/2022/09/01/bersalah-kes-rasuah-projek-solar-rosmah-dipenjara-30-tahun-denda-rm970-juta/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400e:800::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

b115cccf8f40a47e153fbd79f4cb18488f4cc952ccb40881f120e5f21dd39a63

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://siakapkeli.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 01 Sep 2022 08:01:04 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Thu, 01 Sep 2022 08:52:20 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 01 Sep 2022 08:52:20 GMT

GET
H2 200 min.css
siakapkeli.my/wp-content/themes/gridlove/assets/css/ 172 KB
32 KB 196ms
195ms Stylesheet
text/css 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://siakapkeli.my/wp-content/themes/gridlove/assets/css/min.css?ver=1.6
Requested by: Host: siakapkeli.my
URL: https://siakapkeli.my/2022/09/01/bersalah-kes-rasuah-projek-solar-rosmah-dipenjara-30-tahun-denda-rm970-juta/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d02b2816156c0b65f812c399f986ff60c44d1de45efc634ed460e1cffb538315

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://siakapkeli.my/2022/09/01/bersalah-kes-rasuah-projek-solar-rosmah-dipenjara-30-tahun-denda-rm970-juta/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Thu, 01 Sep 2022 08:52:20 GMT
via: 1.1 varnish (Varnish/5.2)
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 743cc4eddc139bf8-FRA
x-cache: HIT
last-modified: Fri, 17 Jul 2020 12:10:04 GMT
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wdpzpBFsIhsmH8Ip8iUdw8IOVggrUXvGNtcGCCmf5vRcNRh6wr4oZnbCp5LkRxubLGj3kGNt9MlVBS%2Bv8zXHo%2BzgG%2BPezbj3plEmJrvrAQdW84qaoNMMCOVWN%2B%2F%2FL1JifQ432XiiuR62ZfpT"}],"group":"cf-nel","max_age":604800}
x-varnish: 113939474 112079511
cache-control: public, max-age=180, stale-while-revalidate=360, stale-if-error=43200
content-type: text/css
x-cache-hits: 1

GET
H3 200 wp-emoji-release.min.js Show response
siakapkeli.my/wp-includes/js/ 18 KB
5 KB 217ms
215ms Script
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://siakapkeli.my/wp-includes/js/wp-emoji-release.min.js?ver=6.0.1
Requested by: Host: siakapkeli.my
URL: https://siakapkeli.my/2022/09/01/bersalah-kes-rasuah-projek-solar-rosmah-dipenjara-30-tahun-denda-rm970-juta/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5aad5fbd4238981a9ff5e2772ff1353dfe1a801fb49542fe157418c1438f7782

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://siakapkeli.my/2022/09/01/bersalah-kes-rasuah-projek-solar-rosmah-dipenjara-30-tahun-denda-rm970-juta/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Thu, 01 Sep 2022 08:52:21 GMT
via: 1.1 varnish (Varnish/5.2)
cf-cache-status: HIT
last-modified: Tue, 16 Aug 2022 01:50:04 GMT
server: cloudflare
vary: Accept-Encoding
x-cache: MISS
x-varnish: 1476723
content-type: application/javascript
content-encoding: br
cache-control: public, max-age=180, stale-while-revalidate=360, stale-if-error=43200
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pKMgAc7TxBbOxHra4Wv6bXu2pfG7fNlsbyHWwhpsGNeCwp6HEgaJlexO8duMdtuVSErkbL1e6uyETPiWb%2Bt730pObOUxn7xx2Y9A41Iai7ZB%2FpkUB0ZIdttAQF8qvMRm7HwwBfQQCX7JYv05"}],"group":"cf-nel","max_age":604800}
cf-ray: 743cc4ef9bf09180-FRA
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 style.css
siakapkeli.my/wp-content/themes/gridlove-child/ 0
595 B 230ms
230ms Stylesheet
text/css 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://siakapkeli.my/wp-content/themes/gridlove-child/style.css?ver=1.6
Requested by: Host: siakapkeli.my
URL: https://siakapkeli.my/2022/09/01/bersalah-kes-rasuah-projek-solar-rosmah-dipenjara-30-tahun-denda-rm970-juta/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://siakapkeli.my/2022/09/01/bersalah-kes-rasuah-projek-solar-rosmah-dipenjara-30-tahun-denda-rm970-juta/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Thu, 01 Sep 2022 08:52:21 GMT
via: 1.1 varnish (Varnish/5.2)
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished: origSize=227
cf-ray: 743cc4ee08cd9180-FRA
x-cache: HIT
last-modified: Fri, 17 Jul 2020 12:10:04 GMT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
cf-bgj: minify
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9lhbtxaP9VCktaOBVdiAh4c%2FPVflPbDRlSoZIX8K641wLYmPMgOA8b717N9NFhummhaDc4TEzqYAWROCxJgC%2Bq8Ubl%2BztYBTfLzmEfmkjxM2oXO93S%2FPnGGNF7YSLW7QrK6InF8g4lXoIAt6"}],"group":"cf-nel","max_age":604800}
x-varnish: 113613909 102683263
cache-control: public, max-age=180, stale-while-revalidate=360, stale-if-error=43200
accept-ranges: bytes
content-type: text/css
x-cache-hits: 1

GET
H3 200 default.min.css
siakapkeli.my/wp-content/plugins/tablepress/css/ 5 KB
3 KB 231ms
230ms Stylesheet
text/css 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://siakapkeli.my/wp-content/plugins/tablepress/css/default.min.css?ver=1.11
Requested by: Host: siakapkeli.my
URL: https://siakapkeli.my/2022/09/01/bersalah-kes-rasuah-projek-solar-rosmah-dipenjara-30-tahun-denda-rm970-juta/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 97ce1e1f5dbfda35ac979b593e79e1673a3e725790339d767e4a6ca6e94a4828

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://siakapkeli.my/2022/09/01/bersalah-kes-rasuah-projek-solar-rosmah-dipenjara-30-tahun-denda-rm970-juta/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Thu, 01 Sep 2022 08:52:20 GMT
via: 1.1 varnish (Varnish/5.2)
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-cache: HIT
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-varnish: 107187150 114362989
last-modified: Fri, 17 Jul 2020 12:10:03 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qYArRcghGZdwYpExVbH9n6h6fZnnwtitmcwF7y3UB4C6L3fvLf2bPaP7bwmYFS9oyt7Cmt%2FSq8z5IpyoLH7f3C3H2fFimtYRDbwvB12vqyfSBq%2BwAymojLig3j9%2BXCFE0jdXqVjCkYZ6pAa5"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=180, stale-while-revalidate=360, stale-if-error=43200
cf-ray: 743cc4ee08ce9180-FRA
x-cache-hits: 1

GET
H3 200 jetpack.css
siakapkeli.my/wp-content/plugins/jetpack/css/ 84 KB
17 KB 213ms
212ms Stylesheet
text/css 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://siakapkeli.my/wp-content/plugins/jetpack/css/jetpack.css?ver=11.2
Requested by: Host: siakapkeli.my
URL: https://siakapkeli.my/2022/09/01/bersalah-kes-rasuah-projek-solar-rosmah-dipenjara-30-tahun-denda-rm970-juta/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c552d123b46d213f451750ceb2d6e5a8852824b0bc9f7e32a0224d2eabd06698

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://siakapkeli.my/2022/09/01/bersalah-kes-rasuah-projek-solar-rosmah-dipenjara-30-tahun-denda-rm970-juta/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Thu, 01 Sep 2022 08:52:20 GMT
via: 1.1 varnish (Varnish/5.2)
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished: origSize=85690
cf-ray: 743cc4ee08d09180-FRA
x-cache: MISS
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Tue, 30 Aug 2022 02:23:06 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BKs%2FESPmsH63TgQRmAkYNJaZxHq7PT1qBYGQ5PBe76tUKyLk4H9yYoo0muizX%2FbSuK17vhwyiicohejHfDL6ak4fIMM7vqUvahztLA%2BJLJfXx5xjLMCsP2NGFbLjJvGfm1kofzLAJ0G0VYnW"}],"group":"cf-nel","max_age":604800}
x-varnish: 24027973
cache-control: public, max-age=180, stale-while-revalidate=360, stale-if-error=43200
content-type: text/css
cf-bgj: minify

GET
H3 200 jquery.min.js Show response
siakapkeli.my/wp-includes/js/jquery/ 87 KB
32 KB 193ms
192ms Script
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://siakapkeli.my/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
Requested by: Host: siakapkeli.my
URL: https://siakapkeli.my/2022/09/01/bersalah-kes-rasuah-projek-solar-rosmah-dipenjara-30-tahun-denda-rm970-juta/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://siakapkeli.my/2022/09/01/bersalah-kes-rasuah-projek-solar-rosmah-dipenjara-30-tahun-denda-rm970-juta/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Thu, 01 Sep 2022 08:52:20 GMT
via: 1.1 varnish (Varnish/5.2)
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-cache: HIT
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-varnish: 107187151 112513625
last-modified: Fri, 18 Feb 2022 05:52:20 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Z3lxc6Y0sXM3DAekVS%2FCEZd14GU0pfsFxnNRO2fiQvbccZxGwxSn47gWs%2Fwj02Pl9QmATjVbH0awIh%2BA1TSjZJZArIP1oONUDgL5eWAdIf0wjGTncoEU4cbkQTTAdS6QGjV4mT0i%2FmCjyo1A"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=180, stale-while-revalidate=360, stale-if-error=43200
cf-ray: 743cc4ee08d19180-FRA
x-cache-hits: 1

GET
H3 200 jquery-migrate.min.js Show response
siakapkeli.my/wp-includes/js/jquery/ 11 KB
5 KB 232ms
231ms Script
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://siakapkeli.my/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
Requested by: Host: siakapkeli.my
URL: https://siakapkeli.my/2022/09/01/bersalah-kes-rasuah-projek-solar-rosmah-dipenjara-30-tahun-denda-rm970-juta/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://siakapkeli.my/2022/09/01/bersalah-kes-rasuah-projek-solar-rosmah-dipenjara-30-tahun-denda-rm970-juta/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Thu, 01 Sep 2022 08:52:21 GMT
via: 1.1 varnish (Varnish/5.2)
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-cache: HIT
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-varnish: 96012630 114362975
last-modified: Fri, 18 Feb 2022 05:52:20 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rVRZ%2F7BCFS2OodEfs9tjNE2uywInOFgqMvwghb8%2FJ5T07Kwx3tnqnwkxt%2FVThQBoQrA%2Bqy1h0FXACymcONg3zTwflFMqI6YRFROz4u9VEFJfnNmvZcFxZm8WKwKYhzMdyAzCdncU2Ok%2FRkGe"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=180, stale-while-revalidate=360, stale-if-error=43200
cf-ray: 743cc4ee08d59180-FRA
x-cache-hits: 1

GET
H3 200 main.js Show response
siakapkeli.my/wp-content/plugins/meks-flexible-shortcodes/js/ 2 KB
1 KB 233ms
232ms Script
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://siakapkeli.my/wp-content/plugins/meks-flexible-shortcodes/js/main.js?ver=1.3.1
Requested by: Host: siakapkeli.my
URL: https://siakapkeli.my/2022/09/01/bersalah-kes-rasuah-projek-solar-rosmah-dipenjara-30-tahun-denda-rm970-juta/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aea339c0379bdf6d66bbcd1f7671373468be82cbae34169aaebda9503ae8ad0f

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://siakapkeli.my/2022/09/01/bersalah-kes-rasuah-projek-solar-rosmah-dipenjara-30-tahun-denda-rm970-juta/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Thu, 01 Sep 2022 08:52:20 GMT
via: 1.1 varnish (Varnish/5.2)
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished: origSize=3529
cf-ray: 743cc4ee08d79180-FRA
x-cache: HIT
last-modified: Fri, 17 Jul 2020 12:10:03 GMT
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3FK6F956RR64a88P3932nLagoRHye4z9Z6QDSR5NsS7ucbnaUgYVCBCCZqCJDDWnFc9LtqUtZnlFnKm%2FPXfsQog2SdM%2ByXZluRJCKUPFrLD5EAtAAjg03puVmB91WSYjH1eEbtGb5dmEvrJ0"}],"group":"cf-nel","max_age":604800}
x-varnish: 100863315 108070484
cache-control: public, max-age=180, stale-while-revalidate=360, stale-if-error=43200
content-type: application/javascript
x-cache-hits: 1

GET
H2 200 jquery.shave.min.js Show response
cdnjs.cloudflare.com/ajax/libs/shave/2.5.2/ 1 KB
1 KB 70ms
27ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/shave/2.5.2/jquery.shave.min.js

Requested by

Host: siakapkeli.my
URL: https://siakapkeli.my/2022/09/01/bersalah-kes-rasuah-projek-solar-rosmah-dipenjara-30-tahun-denda-rm970-juta/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b96809c7445a71d16a77253355bf0849dd747766305640346feda972c466aa93

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://siakapkeli.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Thu, 01 Sep 2022 08:52:20 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 1240704
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 615
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:16:14 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03fce-592"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IM68w7ZNl5FIttgzmaTWVKkJ5UNkLkEM9C8yay2AC5n9E6IOY9lfsfRLFpifWxU6KrMXeU8dYFRBwcGK9dxnLvbXgWS%2FQjfYzFeDPmbjT7iJpiMARz%2Fhmha%2FSdGT18v5hyZwEaJOHfJe3MnQGLtick%2B%2F"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 743cc4ee5cb2909d-FRA
expires: Tue, 22 Aug 2023 08:52:20 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 105 KB
41 KB 92ms
32ms Script
application/javascript 2a00:1450:4001:800::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-62716246-1

Requested by

Host: siakapkeli.my
URL: https://siakapkeli.my/2022/09/01/bersalah-kes-rasuah-projek-solar-rosmah-dipenjara-30-tahun-denda-rm970-juta/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

4703f12867a18aa4b8cd3adbf2afdf2a2f1d6a9d16f38f3b4ea49401f882b995

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://siakapkeli.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Thu, 01 Sep 2022 08:52:21 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 41886
x-xss-protection: 0
last-modified: Thu, 01 Sep 2022 06:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 01 Sep 2022 08:52:21 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 201 KB
72 KB 118ms
58ms Script
application/javascript 2a00:1450:4001:800::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-XYKC64V3NY

Requested by

Host: siakapkeli.my
URL: https://siakapkeli.my/2022/09/01/bersalah-kes-rasuah-projek-solar-rosmah-dipenjara-30-tahun-denda-rm970-juta/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

10b74dad6e2a6d66096da20f850130fafe40ea1b4685625a1d93cb18f8813dac

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://siakapkeli.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Thu, 01 Sep 2022 08:52:21 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 73525
x-xss-protection: 0
expires: Thu, 01 Sep 2022 08:52:21 GMT

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 83 KB
28 KB 134ms
49ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: siakapkeli.my
URL: https://siakapkeli.my/2022/09/01/bersalah-kes-rasuah-projek-solar-rosmah-dipenjara-30-tahun-denda-rm970-juta/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1af83aa1a79e5f0f5f1e4abd99a4a41af2cf357f869ff45d989ff109dd988418

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://siakapkeli.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Thu, 01 Sep 2022 08:52:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28478
x-xss-protection: 0
server: sffe
etag: "1320 / 26 of 1000 / last-modified: 1662021963"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Thu, 01 Sep 2022 08:52:21 GMT

GET
H2 200 Siakap_Keli_Logo_for_default_use-1.png
sk-bucket.sgp1.cdn.digitaloceanspaces.com/2018/04/ 18 KB
19 KB 1002ms
711ms Image
image/png 205.185.216.42
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sk-bucket.sgp1.cdn.digitaloceanspaces.com/2018/04/Siakap_Keli_Logo_for_default_use-1.png

Requested by

Host: siakapkeli.my
URL: https://siakapkeli.my/2022/09/01/bersalah-kes-rasuah-projek-solar-rosmah-dipenjara-30-tahun-denda-rm970-juta/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

205.185.216.42 , United States, ASN20446 (STACKPATH-CDN, US),

Reverse DNS

map2.hwcdn.net

Software

Resource Hash

d4b9284a97b56b07179f8876dcb58a12d6d381d67ec0c8eceb650af78d3328a1

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://siakapkeli.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Thu, 01 Sep 2022 08:52:22 GMT
last-modified: Thu, 20 Sep 2018 16:53:58 GMT
age: 81
etag: "5a3adb77fa3f5004f0d1214dd18753d5"
vary: Access-Control-Request-Headers,Access-Control-Request-Method,Origin
x-hw: 1662022341.dop154.am5.t,1662022341.cds319.am5.hn,1662022342.cds270.am5.pr
content-type: image/png
cache-control: max-age=60
x-rgw-object-type: Normal
content-length: 18821
strict-transport-security: max-age=15552000; includeSubDomains; preload
accept-ranges: bytes
x-amz-request-id: tx0000000000000044a5116-0063107274-2a7c315a-sgp1a
x-amz-meta-mtime: 1524643678.49038216

GET
H2 200 580b57fcd9996e24bc43c545.png
sk-bucket.sgp1.digitaloceanspaces.com/2021/08/03154506/ 8 KB
8 KB 538ms
178ms Image
image/png 103.253.144.208
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sk-bucket.sgp1.digitaloceanspaces.com/2021/08/03154506/580b57fcd9996e24bc43c545.png

Requested by

Host: siakapkeli.my
URL: https://siakapkeli.my/2022/09/01/bersalah-kes-rasuah-projek-solar-rosmah-dipenjara-30-tahun-denda-rm970-juta/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

103.253.144.208 , Singapore, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

sgp1.digitaloceanspaces.com

Software

Resource Hash

1c5508fec8820bbbe6cbcb8a88149a25ce5a80fbfaf362810b7850fa9c3cc3ad

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://siakapkeli.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Thu, 01 Sep 2022 08:51:46 GMT
last-modified: Tue, 03 Aug 2021 07:45:06 GMT
age: 34
etag: "86e7bcc50d597bb4105d879626cc30ca"
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
content-type: image/png
cache-control: max-age=31536000
x-rgw-object-type: Normal
content-length: 7858
strict-transport-security: max-age=15552000; includeSubDomains; preload
accept-ranges: bytes
x-amz-request-id: tx0000000000000044a593a-00631072a2-2a7c315a-sgp1a
expires: Wed, 03 Aug 2022 07:45:06 GMT

GET
H3 200 css2
fonts.googleapis.com/ 2 KB
376 B 46ms
19ms Stylesheet
text/css 2a00:1450:400e:800::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Volkhov:ital,wght@0,400;0,700;1,400;1,700&display=swap

Requested by

Host: siakapkeli.my
URL: https://siakapkeli.my/2022/09/01/bersalah-kes-rasuah-projek-solar-rosmah-dipenjara-30-tahun-denda-rm970-juta/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400e:800::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c9cb18ea76b5dbd40e8824323035c63266c389b046c785dfc12451c1043699f3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://siakapkeli.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 01 Sep 2022 08:52:21 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Thu, 01 Sep 2022 08:52:21 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 01 Sep 2022 08:52:21 GMT

GET
H3 200 css2
fonts.googleapis.com/ 16 KB
811 B 49ms
23ms Stylesheet
text/css 2a00:1450:400e:800::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Lora:ital,wght@0,400;0,500;0,562;0,600;0,700;1,400;1,500;1,562;1,600;1,700&display=swap

Requested by

Host: siakapkeli.my
URL: https://siakapkeli.my/2022/09/01/bersalah-kes-rasuah-projek-solar-rosmah-dipenjara-30-tahun-denda-rm970-juta/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400e:800::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

9d54849bd13f04e00c62235d9814a7cc4ba3fa644c1b1fc60af868a7f87c8dc4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://siakapkeli.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 01 Sep 2022 08:52:21 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Thu, 01 Sep 2022 08:52:21 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 01 Sep 2022 08:52:21 GMT

GET
H2 200 siakap-keli-article-cover-1662020736-740x386.jpg
sk-bucket.sgp1.cdn.digitaloceanspaces.com/2022/09/01162610/ 52 KB
52 KB 312ms
22ms Image
image/jpeg 205.185.216.42
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sk-bucket.sgp1.cdn.digitaloceanspaces.com/2022/09/01162610/siakap-keli-article-cover-1662020736-740x386.jpg

Requested by

Host: siakapkeli.my
URL: https://siakapkeli.my/2022/09/01/bersalah-kes-rasuah-projek-solar-rosmah-dipenjara-30-tahun-denda-rm970-juta/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

205.185.216.42 , United States, ASN20446 (STACKPATH-CDN, US),

Reverse DNS

map2.hwcdn.net

Software

Resource Hash

725deded31118c60fc35b98383d8fa1573596fd334d15ec8c442f3beb2fb5124

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://siakapkeli.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Thu, 01 Sep 2022 08:52:21 GMT
last-modified: Thu, 01 Sep 2022 08:26:11 GMT
x-amz-request-id: tx000000000000013483532-0063106de5-2a7c33df-sgp1a
etag: "c3dbc600e5feda1737af144635183de8"
vary: Access-Control-Request-Headers,Access-Control-Request-Method,Origin
x-hw: 1662022341.dop154.am5.t,1662022341.cds319.am5.hn,1662022341.cds234.am5.c
content-type: image/jpeg
cache-control: max-age=31536000
x-rgw-object-type: Normal
strict-transport-security: max-age=15552000; includeSubDomains; preload
accept-ranges: bytes
content-length: 53181

GET
H2 200 ats.js Show response
anymind360.com/js/2939/ 154 KB
35 KB 62ms
21ms Script
application/javascript 2a04:4e42:400::645
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://anymind360.com/js/2939/ats.js

Requested by

Host: siakapkeli.my
URL: https://siakapkeli.my/2022/09/01/bersalah-kes-rasuah-projek-solar-rosmah-dipenjara-30-tahun-denda-rm970-juta/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:400::645 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

e00366824246a8c4cd948bba8823f0792df2004b3a2c021b17cf004ddbc4e7bb

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://siakapkeli.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Thu, 01 Sep 2022 08:52:21 GMT
content-encoding: gzip
age: 9051
x-guploader-uploadid: ADPycdtnAIo515Vb4vKkVV8DPkrB26jdrWwaVlVMyqQRzyhN97ZcU4-_QRtjOfU1YwHtnJhxNTumyeZqSV5pfkycT8h4ZaIHq4Io
x-cache: HIT, HIT
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
strict-transport-security: max-age=300
content-length: 34954
x-served-by: cache-tyo11964-TYO, cache-ams21038-AMS
access-control-allow-origin: *
expires: Thu, 01 Sep 2022 06:21:29 GMT
last-modified: Wed, 31 Aug 2022 06:21:28 GMT
server: UploadServer
x-timer: S1662022341.099406,VS0,VE1
etag: "c5dac6fd92666806867f174c9f606e13"
vary: Accept-Encoding
x-goog-hash: crc32c=XQn+SA==, md5=xdrG/ZJmaAaGfxdMn2BuEw==
x-goog-generation: 1661926888352490
via: 1.1 varnish, 1.1 varnish
access-control-expose-headers: Content-Type
cache-control: max-age=1200
x-goog-stored-content-length: 34954
accept-ranges: bytes
content-type: application/javascript; charset=UTF-8
x-cache-hits: 1, 1

GET
H3 200 top-10-tracker.min.js Show response
siakapkeli.my/wp-content/plugins/top-10/includes/js/ 286 B
695 B 217ms
216ms Script
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://siakapkeli.my/wp-content/plugins/top-10/includes/js/top-10-tracker.min.js?ver=1.0
Requested by: Host: siakapkeli.my
URL: https://siakapkeli.my/2022/09/01/bersalah-kes-rasuah-projek-solar-rosmah-dipenjara-30-tahun-denda-rm970-juta/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d0a77e495359613dd0f75850a9b9a541f059b6f215c76acddb418bedb7a2cf6b

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://siakapkeli.my/2022/09/01/bersalah-kes-rasuah-projek-solar-rosmah-dipenjara-30-tahun-denda-rm970-juta/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Thu, 01 Sep 2022 08:52:21 GMT
via: 1.1 varnish (Varnish/5.2)
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-cache: HIT
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-varnish: 86811092 113613800
last-modified: Fri, 18 Feb 2022 06:02:00 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tQ7EVYKfL1CK6FooSD8J79p4lVQcTsh2jt4gZEJIGnKLy%2Bn%2Fm4%2FQk36qt8JfHoqHnolwFGs0oDhfxxqZUaRv6JCALavNIREAzbcNL8nxmRGwg99PpqZbmx4J8byWllaO7CPTxMY3Q6kBOmc8"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=180, stale-while-revalidate=360, stale-if-error=43200
cf-ray: 743cc4ef9bdc9180-FRA
x-cache-hits: 1

GET
H3 200 imagesloaded.min.js Show response
siakapkeli.my/wp-includes/js/ 5 KB
2 KB 233ms
231ms Script
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://siakapkeli.my/wp-includes/js/imagesloaded.min.js?ver=4.1.4
Requested by: Host: siakapkeli.my
URL: https://siakapkeli.my/2022/09/01/bersalah-kes-rasuah-projek-solar-rosmah-dipenjara-30-tahun-denda-rm970-juta/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ff4bd34aa98a0214833619d3d751838db015722dfbbec15cd14dadc66cd67869

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://siakapkeli.my/2022/09/01/bersalah-kes-rasuah-projek-solar-rosmah-dipenjara-30-tahun-denda-rm970-juta/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Thu, 01 Sep 2022 08:52:21 GMT
via: 1.1 varnish (Varnish/5.2)
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-cache: HIT
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-varnish: 90639389 113613815
last-modified: Fri, 18 Feb 2022 05:52:20 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nf8Kx9rqae1gxXhdXpaiAYiGh5%2FrXnLIXELGZvc%2FtXsFWzhS8DNlXD7aXa38mzgWcMSPXEK3v5rMdiaKOPactCFx86X%2FvpwhXOJ6iTYSPAcFdEvAaY0eTCwqtIO4ElSgi9O3SdB8UCgjjgtD"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=180, stale-while-revalidate=360, stale-if-error=43200
cf-ray: 743cc4ef9be29180-FRA
x-cache-hits: 1

GET
H3 200 masonry.min.js Show response
siakapkeli.my/wp-includes/js/ 24 KB
8 KB 205ms
203ms Script
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://siakapkeli.my/wp-includes/js/masonry.min.js?ver=4.2.2
Requested by: Host: siakapkeli.my
URL: https://siakapkeli.my/2022/09/01/bersalah-kes-rasuah-projek-solar-rosmah-dipenjara-30-tahun-denda-rm970-juta/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e00add38134eac2fb8e8e9c09cbfff7bbe57952b210322eb2eecb0a21fc055eb

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://siakapkeli.my/2022/09/01/bersalah-kes-rasuah-projek-solar-rosmah-dipenjara-30-tahun-denda-rm970-juta/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Thu, 01 Sep 2022 08:52:21 GMT
via: 1.1 varnish (Varnish/5.2)
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-cache: HIT
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-varnish: 114526714 111454035
last-modified: Fri, 18 Feb 2022 05:52:20 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Z%2BPMA%2B6oGeBz1BHd1q0BaF5PtQCtTp2Q9jsINT%2F%2Fc3t6JLOiG6EgAUoTdcyjh8QdxnuicgDoURfC9Ua93BUp31nUBih8RAN%2BJDTvczc2DeMV71ShWc7eXX56E8gpNGDtiz8CGCGilvk%2B1yjf"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=180, stale-while-revalidate=360, stale-if-error=43200
cf-ray: 743cc4ef9be59180-FRA
x-cache-hits: 1

GET
H3 200 jquery.masonry.min.js Show response
siakapkeli.my/wp-includes/js/jquery/ 2 KB
1 KB 188ms
185ms Script
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://siakapkeli.my/wp-includes/js/jquery/jquery.masonry.min.js?ver=3.1.2b
Requested by: Host: siakapkeli.my
URL: https://siakapkeli.my/2022/09/01/bersalah-kes-rasuah-projek-solar-rosmah-dipenjara-30-tahun-denda-rm970-juta/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c2e606e1fc82ea3a554aad5d0520e25d2677b89a891dc5c49e7ace08fce92e25

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://siakapkeli.my/2022/09/01/bersalah-kes-rasuah-projek-solar-rosmah-dipenjara-30-tahun-denda-rm970-juta/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Thu, 01 Sep 2022 08:52:21 GMT
via: 1.1 varnish (Varnish/5.2)
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-cache: HIT
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-varnish: 111454104 114526591
last-modified: Fri, 17 Jul 2020 12:10:04 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cDoAO7PJvnjvSG0s9doiEQr6W4CUHFlFsia%2Bxj2wcw0eI6fgwsVRzJITc5zrmfsrsoh8O1ta6nfaFbcLuus%2BLcwpJDtXAe3ZnoVoYltveKkD6jlcElNWGy4m4l0yFx3UbNUR%2F34gU8EOW70m"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=180, stale-while-revalidate=360, stale-if-error=43200
cf-ray: 743cc4ef9be89180-FRA
x-cache-hits: 1

GET
H3 200 min.js Show response
siakapkeli.my/wp-content/themes/gridlove/assets/js/ 91 KB
27 KB 209ms
207ms Script
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://siakapkeli.my/wp-content/themes/gridlove/assets/js/min.js?ver=1.6
Requested by: Host: siakapkeli.my
URL: https://siakapkeli.my/2022/09/01/bersalah-kes-rasuah-projek-solar-rosmah-dipenjara-30-tahun-denda-rm970-juta/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fa1a6d4bb65840edc7b4f73e3375396bcb77da51f4993295ae2000ddecfc60d4

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://siakapkeli.my/2022/09/01/bersalah-kes-rasuah-projek-solar-rosmah-dipenjara-30-tahun-denda-rm970-juta/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Thu, 01 Sep 2022 08:52:21 GMT
via: 1.1 varnish (Varnish/5.2)
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished: origSize=93544
cf-ray: 743cc4ef9bec9180-FRA
x-cache: HIT
last-modified: Fri, 17 Jul 2020 12:10:04 GMT
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NCFguFKLQlT%2BZ3sGHSM5CZ7%2BUEu1ig53L5OV0q6eVKabR1SA9K1EABkAI%2BM3bVdS1un71h%2Fukx9UqtM379V3CUchAqZTjsqeSJC7ETqnQL2vD811NYoYJC2EqFlposoVpHmjJJWw7ZwMBH0h"}],"group":"cf-nel","max_age":604800}
x-varnish: 99289230 112079496
cache-control: public, max-age=180, stale-while-revalidate=360, stale-if-error=43200
content-type: application/javascript
x-cache-hits: 1

GET
H2 200 e-202235.js Show response
stats.wp.com/ 9 KB
3 KB 45ms
12ms Script
application/javascript 192.0.76.3
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.wp.com/e-202235.js
Requested by: Host: siakapkeli.my
URL: https://siakapkeli.my/2022/09/01/bersalah-kes-rasuah-projek-solar-rosmah-dipenjara-30-tahun-denda-rm970-juta/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 82d0aae1e7b8cfc0574d6548d1f35096f5e4310321aa964ff3fdb46c4d12e302

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://siakapkeli.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

x-nc: HIT ams
date: Thu, 01 Sep 2022 08:52:21 GMT
content-encoding: br
server: nginx
etag: W/"6197c5cf-3508"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
expires: Sun, 20 Aug 2023 23:22:13 GMT

GET
H2 200 auto.js Show response
xhr.invl.co/magic/40814/ 10 KB
4 KB 796ms
269ms Script
application/javascript 13.214.237.179
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://xhr.invl.co/magic/40814/auto.js

Requested by

Host: siakapkeli.my
URL: https://siakapkeli.my/2022/09/01/bersalah-kes-rasuah-projek-solar-rosmah-dipenjara-30-tahun-denda-rm970-juta/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

13.214.237.179 Singapore, Singapore, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-13-214-237-179.ap-southeast-1.compute.amazonaws.com

Software

nginx /

Resource Hash

e55617270594cd6380118c8c85d2bb4af1db5a7cbe998a7cb6bf9dd9059b9d05

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://siakapkeli.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Thu, 01 Sep 2022 08:52:21 GMT
content-encoding: gzip
referrer-policy: no-referrer-when-downgrade
server: nginx
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
x-xss-protection: 1; mode=block
cache-control: max-age=300, public
vary: Accept-Encoding
x-content-type-options: nosniff

GET
H2 200 u-4i0qWljRw-PfU81xCKCpdpbgZJl6Xvqdns.woff2
fonts.gstatic.com/s/cabin/v26/ 25 KB
26 KB 67ms
19ms Font
font/woff2 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/cabin/v26/u-4i0qWljRw-PfU81xCKCpdpbgZJl6Xvqdns.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Cabin%3A400%2C700%7CLato%3A400%2C700&subset=latin%2Clatin-ext&ver=1.6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

979caf94add5b00ec59d8abde43d200523745c2f4b105c2906f4d9dda4afaeec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://siakapkeli.my
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Fri, 26 Aug 2022 06:43:45 GMT
x-content-type-options: nosniff
age: 526116
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 26100
x-xss-protection: 0
last-modified: Fri, 24 Jun 2022 18:41:34 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 26 Aug 2023 06:43:45 GMT

GET
H3 200 fontawesome-webfont.woff2
siakapkeli.my/wp-content/themes/gridlove/assets/fonts/ 75 KB
76 KB 237ms
236ms Font
application/octet-stream 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://siakapkeli.my/wp-content/themes/gridlove/assets/fonts/fontawesome-webfont.woff2?v=4.7.0
Requested by: Host: siakapkeli.my
URL: https://siakapkeli.my/wp-content/themes/gridlove/assets/css/min.css?ver=1.6
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Request headers

Referer: https://siakapkeli.my/wp-content/themes/gridlove/assets/css/min.css?ver=1.6
Origin: https://siakapkeli.my
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Thu, 01 Sep 2022 08:52:21 GMT
via: 1.1 varnish (Varnish/5.2)
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-cache: HIT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 77160
last-modified: Fri, 17 Jul 2020 12:10:04 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QeqkYxnkK3Zd1lLDdVIlFtl1XOxTA3h00rrG%2BdGD4%2FCoZEc0zRl641G3OPmzCansd4oMpnpF4ytB4F9v4oP0KIxrLf3pC8N0RMwBX4lq9zAZB6KaqAZu0F6s8wgzyKVmG5lmo3rsu%2ByRfSBb"}],"group":"cf-nel","max_age":604800}
x-varnish: 62841999 63658258
cache-control: public, max-age=180, stale-while-revalidate=360, stale-if-error=43200
accept-ranges: bytes
cf-ray: 743cc4ef9c0b9180-FRA
x-cache-hits: 1

GET
H2 200 S6u9w4BMUTPHh6UVSwiPGQ.woff2
fonts.gstatic.com/s/lato/v23/ 23 KB
23 KB 84ms
38ms Font
font/woff2 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v23/S6u9w4BMUTPHh6UVSwiPGQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Cabin%3A400%2C700%7CLato%3A400%2C700&subset=latin%2Clatin-ext&ver=1.6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://siakapkeli.my
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Tue, 30 Aug 2022 17:08:09 GMT
x-content-type-options: nosniff
age: 143052
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23040
x-xss-protection: 0
last-modified: Tue, 26 Apr 2022 15:56:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 30 Aug 2023 17:08:09 GMT

GET
H2 200 post.php Show response
www.facebook.com/plugins/ Frame 3EEF 15 KB
9 KB 260ms
207ms Document
text/html 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/plugins/post.php?href=https%3A%2F%2Fwww.facebook.com%2Fsiakapkelipress%2Fposts%2Fpfbid024vjxTLxnsuzKTnDgub637qVNDuC658dM2RS36mhK2LbvmgYq78vJ5M3q7uBjLEpl&show_text=true&width=500

Requested by

Host: siakapkeli.my
URL: https://siakapkeli.my/2022/09/01/bersalah-kes-rasuah-projek-solar-rosmah-dipenjara-30-tahun-denda-rm970-juta/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

75acf65c5e3c08193c2bae4183356e43bc620cbaf1f5d7eda9340e9b19c50e86

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com 'unsafe-eval' .fbcdn.net;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com;font-src data: .gstatic.com .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com .tenor.co media.tenor.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net .giphy.com connect.facebook.net .carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com .whatsapp.net .fb.com .oculuscdn.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com https://.giphy.com data:;frame-src .doubleclick.net .google.com .facebook.com www.googleadservices.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://siakapkeli.my/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: private, no-cache, no-store, must-revalidate
content-encoding: br
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
content-type: text/html; charset="utf-8"
cross-origin-opener-policy: same-origin-allow-popups
date: Thu, 01 Sep 2022 08:52:21 GMT
document-policy: force-load-at-top
expires: Sat, 01 Jan 2000 00:00:00 GMT
pragma: no-cache
strict-transport-security: max-age=15552000; preload
vary: Accept-Encoding
x-content-type-options: nosniff
x-fb-debug: 6NLFqi4OFNLE5b1fUseW8X/5/PK5gu8Lp6EbdcAOCC0RMciNRkS4SIY78+VI+4HzWJ6EG6LzoxPIhiT6EP8qfg==
x-fb-rlafr: 0
x-xss-protection: 0

GET
H2 200 S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v23/ 23 KB
23 KB 36ms
36ms Font
font/woff2 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v23/S6uyw4BMUTPHjx4wXg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Cabin%3A400%2C700%7CLato%3A400%2C700&subset=latin%2Clatin-ext&ver=1.6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://siakapkeli.my
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Tue, 30 Aug 2022 17:08:09 GMT
x-content-type-options: nosniff
age: 143052
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23580
x-xss-protection: 0
last-modified: Tue, 26 Apr 2022 15:48:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 30 Aug 2023 17:08:09 GMT

GET
H2 200 3448ee34d6136327d110ea2b5a6ada6c
secure.gravatar.com/avatar/ 2 KB
2 KB 56ms
13ms Image
image/png 2a04:fa87:fffe::c000:4902
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure.gravatar.com/avatar/3448ee34d6136327d110ea2b5a6ada6c?s=24&d=mm&r=g
Requested by: Host: siakapkeli.my
URL: https://siakapkeli.my/2022/09/01/bersalah-kes-rasuah-projek-solar-rosmah-dipenjara-30-tahun-denda-rm970-juta/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:fa87:fffe::c000:4902 , Ireland, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: b6325aa732b3bcec5769787b5c94f7f0272492135650ed5cabcb1c67986baba4

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://siakapkeli.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

x-nc: HIT ams 1
date: Thu, 01 Sep 2022 08:52:21 GMT
last-modified: Thu, 10 Mar 2022 04:31:40 GMT
server: nginx
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=300
content-disposition: inline; filename="3448ee34d6136327d110ea2b5a6ada6c.png"
accept-ranges: bytes
link: <https://www.gravatar.com/avatar/3448ee34d6136327d110ea2b5a6ada6c?s=24&d=mm&r=g>; rel="canonical"
content-length: 1552
expires: Thu, 01 Sep 2022 08:57:21 GMT

GET
H2 200 3448ee34d6136327d110ea2b5a6ada6c
secure.gravatar.com/avatar/ 19 KB
19 KB 56ms
13ms Image
image/png 2a04:fa87:fffe::c000:4902
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure.gravatar.com/avatar/3448ee34d6136327d110ea2b5a6ada6c?s=100&d=mm&r=g
Requested by: Host: siakapkeli.my
URL: https://siakapkeli.my/2022/09/01/bersalah-kes-rasuah-projek-solar-rosmah-dipenjara-30-tahun-denda-rm970-juta/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:fa87:fffe::c000:4902 , Ireland, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: eec7d579b9d8eb1b838e35de355e3903289bd6d8dadd418fe73a9a9c33a71266

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://siakapkeli.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

x-nc: HIT ams 1
date: Thu, 01 Sep 2022 08:52:21 GMT
last-modified: Thu, 10 Mar 2022 04:31:40 GMT
server: nginx
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=300
content-disposition: inline; filename="3448ee34d6136327d110ea2b5a6ada6c.png"
accept-ranges: bytes
link: <https://www.gravatar.com/avatar/3448ee34d6136327d110ea2b5a6ada6c?s=100&d=mm&r=g>; rel="canonical"
content-length: 19537
expires: Thu, 01 Sep 2022 08:57:21 GMT

GET
H2 200 pwt.js Show response
ads.pubmatic.com/AdServer/js/pwt/158497/5998/ 245 KB
76 KB 107ms
32ms Script
text/javascript 2.21.184.200
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/pwt/158497/5998/pwt.js
Requested by: Host: anymind360.com
URL: https://anymind360.com/js/2939/ats.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.21.184.200 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-21-184-200.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 815564293529e8a1273e2d86754ea536392b6bfa1e9d98dadd708d3268e30c21

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://siakapkeli.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Thu, 01 Sep 2022 08:52:21 GMT
content-encoding: gzip
last-modified: Fri, 12 Nov 2021 07:28:04 GMT
server: Apache
etag: "17a1e90-3d366-5d092665b0914"
vary: Accept-Encoding
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: max-age=66830
accept-ranges: bytes
content-type: text/javascript
content-length: 77259
expires: Fri, 02 Sep 2022 03:26:11 GMT

GET
H/1.1 200
OK smart.js Show response
ced.sascdn.com/tag/2060/ 94 KB
32 KB 99ms
19ms Script
application/javascript 95.101.27.38
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://ced.sascdn.com/tag/2060/smart.js
Requested by: Host: siakapkeli.my
URL: https://siakapkeli.my/2022/09/01/bersalah-kes-rasuah-projek-solar-rosmah-dipenjara-30-tahun-denda-rm970-juta/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 95.101.27.38 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a95-101-27-38.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 36d774c1165ee2038184e44bb698ade39c2341b3ee13045e3fd3de74251ab274

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://siakapkeli.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Date: Thu, 01 Sep 2022 08:52:21 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Type: application/javascript; charset=UTF-8
Cache-Control: public, max-age=900
Connection: keep-alive
Content-Length: 32425
Expires: Thu, 01 Sep 2022 09:07:21 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 77ms
19ms Script
text/javascript 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-62716246-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://siakapkeli.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
server: Golfe2
age: 6621
date: Thu, 01 Sep 2022 07:02:00 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Thu, 01 Sep 2022 09:02:00 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 201 KB
72 KB 75ms
33ms Script
application/javascript 2a00:1450:4001:800::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-XYKC64V3NY&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-62716246-1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

3803a27a495e66a072d9669d36fe2abdfb8859b401531d9e8e82a898e1109c40

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://siakapkeli.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Thu, 01 Sep 2022 08:52:21 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 73666
x-xss-protection: 0
expires: Thu, 01 Sep 2022 08:52:21 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
337 B 48ms
17ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-XYKC64V3NY&gtm=2oe8t0&_p=1815976567&cid=802209565.1662022341&ul=en-us&sr=1600x1200&_z=ccd.v9B&_s=1&sid=1662022341&sct=1&seg=0&dl=https%3A%2F%2Fsiakapkeli.my%2F2022%2F09%2F01%2Fbersalah-kes-rasuah-projek-solar-rosmah-dipenjara-30-tahun-denda-rm970-juta%2F&dt=Bersalah%20Kes%20Rasuah%20Projek%20Solar%3A%20Rosmah%20Dipenjara%2030%20Tahun%2C%20Denda%20RM970%20Juta&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-XYKC64V3NY
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://siakapkeli.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 01 Sep 2022 08:52:21 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://siakapkeli.my
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 pubads_impl_2022082501.js Show response
securepubads.g.doubleclick.net/gpt/ 380 KB
129 KB 60ms
19ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022082501.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

aad48e612efa9d7364a3ad0e06aaa0d46320b7a57cc13697a8997ee9ef7c9101

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://siakapkeli.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Thu, 01 Sep 2022 07:38:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 4420
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 132254
x-xss-protection: 0
last-modified: Thu, 25 Aug 2022 08:41:05 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Fri, 01 Sep 2023 07:38:41 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 239 B
158 B 93ms
53ms XHR
application/json 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=siakapkeli.my

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6e03307e9c4699e6b0c40dea04b81b2fba77aa78eed2b33d314adfebd0c65ddb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://siakapkeli.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 01 Sep 2022 08:52:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 133
x-xss-protection: 0
expires: Thu, 01 Sep 2022 08:52:21 GMT

GET
H/1.1 200
OK ac Show response
adnetwork.adasiaholdings.com/ 22 B
331 B 1040ms
175ms Script
application/javascript 23.106.127.48
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL: https://adnetwork.adasiaholdings.com/ac?nwid=2060&siteid=328584&pgid=1362790&fmtid=44269&async=1&visit=m&tmstp=3295779871&tag=sas_44269&sh=1200&sw=1600&pgDomain=https%3A%2F%2Fsiakapkeli.my%2F2022%2F09%2F01%2Fbersalah-kes-rasuah-projek-solar-rosmah-dipenjara-30-tahun-denda-rm970-juta%2F&noadcbk=sas.noad&isLazy=0&isAdRefresh=0
Requested by: Host: ced.sascdn.com
URL: https://ced.sascdn.com/tag/2060/smart.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.106.127.48 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),
Reverse DNS
Software: /
Resource Hash: e44c51c44d98e56e70bfdd2a2a9fe73171015812ac7cdb4ce599b66f92b8fde1

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://siakapkeli.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 01 Sep 2022 08:52:21 GMT
content-encoding: br
vary: Accept-Encoding
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: no-cache,no-store
transfer-encoding: chunked
content-type: application/javascript; charset=UTF-8

GET
H/1.1 200
OK ac Show response
adnetwork.adasiaholdings.com/ 22 B
326 B 1218ms
353ms Script
application/javascript 23.106.127.48
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL: https://adnetwork.adasiaholdings.com/ac?nwid=2060&siteid=328584&pgid=1415197&fmtid=65749&async=1&visit=s&tmstp=3295779871&tag=sas_65749&sh=1200&sw=1600&pgDomain=https%3A%2F%2Fsiakapkeli.my%2F2022%2F09%2F01%2Fbersalah-kes-rasuah-projek-solar-rosmah-dipenjara-30-tahun-denda-rm970-juta%2F&noadcbk=sas.noad&isLazy=0&isAdRefresh=0
Requested by: Host: ced.sascdn.com
URL: https://ced.sascdn.com/tag/2060/smart.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.106.127.48 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),
Reverse DNS
Software: /
Resource Hash: 6cd169caaa5e5045647328ebe3c847acd6f40e0927c58a6a15c8baca72b4f8aa

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://siakapkeli.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 01 Sep 2022 08:52:22 GMT
content-encoding: br
vary: Accept-Encoding
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: no-cache,no-store
transfer-encoding: chunked
content-type: application/javascript; charset=UTF-8

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 66ms
26ms XHR
text/plain 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1815976567&t=pageview&_s=1&dl=https%3A%2F%2Fsiakapkeli.my%2F2022%2F09%2F01%2Fbersalah-kes-rasuah-projek-solar-rosmah-dipenjara-30-tahun-denda-rm970-juta%2F&ul=en-us&de=UTF-8&dt=Bersalah%20Kes%20Rasuah%20Projek%20Solar%3A%20Rosmah%20Dipenjara%2030%20Tahun%2C%20Denda%20RM970%20Juta&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAAC~&jid=933702910&gjid=1568641731&cid=802209565.1662022341&tid=UA-62716246-1&_gid=87149817.1662022341&_r=1&gtm=2ou8t0&z=371180621

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://siakapkeli.my/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 01 Sep 2022 08:52:21 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://siakapkeli.my
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 prebid_2022_8_31_6_21_10.js Show response
anymind360.com/js/2939/ 406 KB
124 KB 18ms
17ms Script
application/javascript 2a04:4e42:400::645
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://anymind360.com/js/2939/prebid_2022_8_31_6_21_10.js

Requested by

Host: anymind360.com
URL: https://anymind360.com/js/2939/ats.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:400::645 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

77f198dd7335ff424de288c16a68b57a0bb8061a93566b8359597bacd692b9f9

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://siakapkeli.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Thu, 01 Sep 2022 08:52:21 GMT
content-encoding: gzip
age: 9050
x-guploader-uploadid: ADPycdvtL2-NG2IXtb1yfisZA0nkHU1kq-rrZPJbRUntmuJwHLPuQS-uTbg3T_HDObKBdmVjBUU3xKMpnhCIzgGf7fWcIQyhFS9c
x-cache: HIT, HIT
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
strict-transport-security: max-age=300
content-length: 126440
x-served-by: cache-tyo11922-TYO, cache-ams21038-AMS
access-control-allow-origin: *
expires: Wed, 31 Aug 2022 06:21:29 GMT
last-modified: Wed, 31 Aug 2022 06:21:28 GMT
server: UploadServer
x-timer: S1662022341.325251,VS0,VE1
etag: "30148cf8de0ab63d61594bf209268704"
vary: Accept-Encoding
x-goog-hash: crc32c=g3kr/w==, md5=MBSM+N4Ktj1hWUvyCSaHBA==
x-goog-generation: 1661926888494431
via: 1.1 varnish, 1.1 varnish
access-control-expose-headers: Content-Type
cache-control: max-age=31536000, public
x-goog-stored-content-length: 126440
accept-ranges: bytes
content-type: application/javascript; charset=UTF-8
x-cache-hits: 39, 1

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
438 B 66ms
23ms XHR
text/plain 2a00:1450:400c:c06::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-62716246-1&cid=802209565.1662022341&jid=933702910&gjid=1568641731&_gid=87149817.1662022341&_u=YADAAUAAAAAAAC~&z=455744484

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c06::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://siakapkeli.my/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Thu, 01 Sep 2022 08:52:21 GMT
content-type: text/plain
access-control-allow-origin: https://siakapkeli.my
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 integrator.js Show response
adservice.google.nl/adsid/ 107 B
792 B 89ms
28ms Script
application/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.nl/adsid/integrator.js?domain=siakapkeli.my

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022082501.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://siakapkeli.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 01 Sep 2022 08:52:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 103ms
30ms Script
application/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=siakapkeli.my

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022082501.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://siakapkeli.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 01 Sep 2022 08:52:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 1 KB
738 B 212ms
211ms XHR
text/plain 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1972848161156677&correlator=2411689341773783&eid=31069183%2C44761477%2C31069126&output=ldjh&gdfp_req=1&vrg=2022082501&ptt=17&impl=fif&iu_parts=21622890900%3A55909533%2CMY_siakapkeli.my_mb_all_interstitial2_&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ifi=1&adks=2168921348&sfv=1-0-38&ists=1&fas=8&fsapi=false&sc=1&cookie_enabled=1&abxe=1&dt=1662022341417&lmt=1662022341&dlt=1662022340763&idt=627&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fsiakapkeli.my%2F2022%2F09%2F01%2Fbersalah-kes-rasuah-projek-solar-rosmah-dipenjara-30-tahun-denda-rm970-juta%2F&frm=20&vis=1&psz=0x-1&msz=0x-1&fws=2&ohw=0&ga_vid=802209565.1662022341&ga_sid=1662022341&ga_hid=1815976567&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022082501.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9603524efd6b642a39b76ba0bff83cd2d78250140ab382ecd52618384cb38f30

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://siakapkeli.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Thu, 01 Sep 2022 08:52:21 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 708
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://siakapkeli.my
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
f4f5f5dd83b6f4fca4ebb5cce3cd0739.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 4F4F 6 KB
4 KB 102ms
27ms Document
text/html 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://f4f5f5dd83b6f4fca4ebb5cce3cd0739.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022082501.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://siakapkeli.my/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 01 Sep 2022 08:52:21 GMT
expires: Fri, 01 Sep 2023 08:52:21 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 pubads_impl_page_level_ads_2022082501.js Show response
securepubads.g.doubleclick.net/gpt/ 36 KB
13 KB 21ms
21ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_page_level_ads_2022082501.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022082501.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1c9aec4f2b8e548c9177d6710f4edf73f020c9a68f5ac7458fdd2895e337c42e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://siakapkeli.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Thu, 25 Aug 2022 14:58:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 582820
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13586
x-xss-protection: 0
last-modified: Thu, 25 Aug 2022 08:41:05 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Fri, 25 Aug 2023 14:58:41 GMT

GET
H2 200 -7npWTjmX9a.css
static.xx.fbcdn.net/rsrc.php/v3/yw/l/0,cross/ Frame 3EEF 19 KB
5 KB 64ms
22ms Stylesheet
text/css 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yw/l/0,cross/-7npWTjmX9a.css?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: www.facebook.com
URL: https://www.facebook.com/plugins/post.php?href=https%3A%2F%2Fwww.facebook.com%2Fsiakapkelipress%2Fposts%2Fpfbid024vjxTLxnsuzKTnDgub637qVNDuC658dM2RS36mhK2LbvmgYq78vJ5M3q7uBjLEpl&show_text=true&width=500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

6c1b5cd1f71d20ad697e2685c02fc7d90c4227532785865a6e1e9d4e121c3859

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Thu, 01 Sep 2022 08:52:21 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: oA2vvKDZzdZjlc0sNrRt9Q==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 5035
x-fb-rlafr: 0
x-fb-debug: Ac7IkJ4sKMq1HDvFYdAeEug4ju0NCb2C9MXfPTVSbqJWzZ5gMttb1rMQKGDkGKYR+XJn5xfx0nJorwIHT6tYNw==
x-fb-trip-id: 686109401
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: text/css; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Thu, 31 Aug 2023 16:08:01 GMT

GET
H2 200 latest.json Show response
cdn.jsdelivr.net/gh/prebid/currency-file@1/ 1 KB
1 KB 57ms
13ms XHR
application/json 2a04:4e42::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json

Requested by

Host: anymind360.com
URL: https://anymind360.com/js/2939/prebid_2022_8_31_6_21_10.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

211f25cc9e2d76fd0e6ad1874f0b1c790670bbb1967b9a7f311f0066b62d2aa4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://siakapkeli.my/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type: text/plain

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
age: 21079
x-jsd-version: 1.0.1449
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 720
etag: W/"50b-hvwIsLssdIsJUD3OWJ6BJ6QHzwM"
x-served-by: cache-fra19128-FRA, cache-ams21041-AMS
x-jsd-version-type: version
date: Thu, 01 Sep 2022 08:52:21 GMT
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
accept-ranges: bytes
timing-allow-origin: *

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 53 B
735 B 88ms
36ms XHR
application/json 37.252.172.37
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: anymind360.com
URL: https://anymind360.com/js/2939/prebid_2022_8_31_6_21_10.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.37 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

691.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

a68a70f7be9281f3f7148b38d7f5971f1dc946d3034a40e55021d0fb6fb78d73

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://siakapkeli.my/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Thu, 01 Sep 2022 08:52:21 GMT
X-Proxy-Origin: 5.79.98.38; 5.79.98.38; 691.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid: 060b1f7c-8dc8-47a6-968e-7ae0326ca7cd
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://siakapkeli.my
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 53
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 200 prebid Show response
prebid.media.net/rtb/ 1 KB
889 B 104ms
63ms XHR
application/json 34.107.148.139
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.media.net/rtb/prebid?cid=8CU3VM41V
Requested by: Host: anymind360.com
URL: https://anymind360.com/js/2939/prebid_2022_8_31_6_21_10.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.107.148.139 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 139.148.107.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: b27314b45b6ace1c7489eb9d36a7aa0dedc00ed22cec93a567b615c6b1952f32

Request headers

Referer: https://siakapkeli.my/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 01 Sep 2022 08:52:21 GMT
content-encoding: gzip
server: nginx
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://siakapkeli.my
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
alt-svc: clear
via: 1.1 google

POST
H2 400 prebid Show response
prebid.ad.smaato.net/oapi/ 0
326 B 105ms
29ms XHR
text/plain 54.220.224.183
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.ad.smaato.net/oapi/prebid
Requested by: Host: anymind360.com
URL: https://anymind360.com/js/2939/prebid_2022_8_31_6_21_10.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.220.224.183 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-220-224-183.eu-west-1.compute.amazonaws.com
Software: SOMA /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://siakapkeli.my/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 01 Sep 2022 08:52:21 GMT
server: SOMA
x-smt-message: GDPR inventory not enabled for Application. Please contact your Account Manager.
access-control-allow-origin: https://siakapkeli.my
access-control-expose-headers: X-SMT-DivId,X-SMT-SessionId,X-SMT-ADTYPE,X-SMT-Impression-Measurement,X-SMT-MESSAGE,X-SMT-Expires
access-control-allow-credentials: true
content-length: 0
x-smt-sessionid: 56cb7bb1-dff7-ed7c-7624-b6aede2687d0

POST
H2 400 prebid Show response
prebid.ad.smaato.net/oapi/ 0
325 B 105ms
29ms XHR
text/plain 54.220.224.183
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.ad.smaato.net/oapi/prebid
Requested by: Host: anymind360.com
URL: https://anymind360.com/js/2939/prebid_2022_8_31_6_21_10.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.220.224.183 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-220-224-183.eu-west-1.compute.amazonaws.com
Software: SOMA /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://siakapkeli.my/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 01 Sep 2022 08:52:21 GMT
server: SOMA
x-smt-message: GDPR inventory not enabled for Application. Please contact your Account Manager.
access-control-allow-origin: https://siakapkeli.my
access-control-expose-headers: X-SMT-DivId,X-SMT-SessionId,X-SMT-ADTYPE,X-SMT-Impression-Measurement,X-SMT-MESSAGE,X-SMT-Expires
access-control-allow-credentials: true
content-length: 0
x-smt-sessionid: 45ccf526-cf9e-ab39-00e9-a7c93f93f029

POST
H2 400 prebid Show response
prebid.ad.smaato.net/oapi/ 0
325 B 105ms
29ms XHR
text/plain 54.220.224.183
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.ad.smaato.net/oapi/prebid
Requested by: Host: anymind360.com
URL: https://anymind360.com/js/2939/prebid_2022_8_31_6_21_10.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.220.224.183 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-220-224-183.eu-west-1.compute.amazonaws.com
Software: SOMA /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://siakapkeli.my/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 01 Sep 2022 08:52:21 GMT
server: SOMA
x-smt-message: GDPR inventory not enabled for Application. Please contact your Account Manager.
access-control-allow-origin: https://siakapkeli.my
access-control-expose-headers: X-SMT-DivId,X-SMT-SessionId,X-SMT-ADTYPE,X-SMT-Impression-Measurement,X-SMT-MESSAGE,X-SMT-Expires
access-control-allow-credentials: true
content-length: 0
x-smt-sessionid: 02d65c45-63be-bb9a-a5a5-d6c492710c54

POST
H2 400 prebid Show response
prebid.ad.smaato.net/oapi/ 0
325 B 128ms
53ms XHR
text/plain 54.220.224.183
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.ad.smaato.net/oapi/prebid
Requested by: Host: anymind360.com
URL: https://anymind360.com/js/2939/prebid_2022_8_31_6_21_10.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.220.224.183 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-220-224-183.eu-west-1.compute.amazonaws.com
Software: SOMA /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://siakapkeli.my/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 01 Sep 2022 08:52:21 GMT
server: SOMA
x-smt-message: GDPR inventory not enabled for Application. Please contact your Account Manager.
access-control-allow-origin: https://siakapkeli.my
access-control-expose-headers: X-SMT-DivId,X-SMT-SessionId,X-SMT-ADTYPE,X-SMT-Impression-Measurement,X-SMT-MESSAGE,X-SMT-Expires
access-control-allow-credentials: true
content-length: 0
x-smt-sessionid: 4aa83911-7a50-b95f-fe7c-14411b7d67de

POST
H2 400 prebid Show response
prebid.ad.smaato.net/oapi/ 0
325 B 128ms
53ms XHR
text/plain 54.220.224.183
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.ad.smaato.net/oapi/prebid
Requested by: Host: anymind360.com
URL: https://anymind360.com/js/2939/prebid_2022_8_31_6_21_10.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.220.224.183 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-220-224-183.eu-west-1.compute.amazonaws.com
Software: SOMA /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://siakapkeli.my/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 01 Sep 2022 08:52:21 GMT
server: SOMA
x-smt-message: GDPR inventory not enabled for Application. Please contact your Account Manager.
access-control-allow-origin: https://siakapkeli.my
access-control-expose-headers: X-SMT-DivId,X-SMT-SessionId,X-SMT-ADTYPE,X-SMT-Impression-Measurement,X-SMT-MESSAGE,X-SMT-Expires
access-control-allow-credentials: true
content-length: 0
x-smt-sessionid: 966a9032-09bb-b416-8350-c68279837074

POST
H2 204 / Show response
hb.emxdgt.com/ 0
158 B 80ms
28ms XHR
text/plain 54.93.35.187
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.emxdgt.com/?t=2000&ts=1662022341482&src=pbjs
Requested by: Host: anymind360.com
URL: https://anymind360.com/js/2939/prebid_2022_8_31_6_21_10.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.93.35.187 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-93-35-187.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://siakapkeli.my/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://siakapkeli.my
date: Thu, 01 Sep 2022 08:52:21 GMT
cache-control: no-cache
access-control-allow-credentials: true
access-control-allow-headers: security, Content-Type

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 745 B
3 KB 529ms
422ms XHR
application/json 2602:803:c004:200::141
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17692&site_id=302704&zone_id=1941024%3B1941026%3B1941036%3B1941038%3B2114244&size_id=15%3B15%3B2%3B15%3B2&alt_size_ids=10%2C16%3B16%3B43%3B16%3B55&rp_schain=1.0,1!anymanager.io,2939,1,,,&rf=https%3A%2F%2Fsiakapkeli.my%2F2022%2F09%2F01%2Fbersalah-kes-rasuah-projek-solar-rosmah-dipenjara-30-tahun-denda-rm970-juta%2F&tg_i.pbadslot=ats-insert_ads-2%3Bats-insert_ads-4%3B%2F21622890900%2C55909533%2FMY_siakapkeli.my_res_article_below_title_728x90%2F%2F320x50%3B%2F21622890900%2C55909533%2FMY_siakapkeli.my_pc_article_below_300x250%2F%2F336x280%3B%2F21622890900%2C55909533%2FMY_siakapkeli.my_pc_all_bottom_sticky_728x90&tk_flint=pbjs_lite_v6.29.2&x_source.tid=7cb33ecf-e8cd-42ac-a0a2-03b4b3f9cf78%3B9c89e0be-0bfd-40c6-8f11-238fcdb2ce37%3B7cee37c5-619a-4ed1-9e7c-a39b6a37dc2d%3Bd08c2858-af00-4c0b-83ee-5cd635143e15%3Bd54c1a21-2c64-49b9-9a28-9042e0c1e0ac&l_pb_bid_id=2863c5e4204ec3f%3B29e1f93b501ebd7%3B30729cd3e1409b6%3B31434d2fa0511d7%3B3235722c0947916&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F21622890900%2C55909533%2FMY_siakapkeli.my_mb_article_mid2long_300x350%2F%2F336x280%3B%2F21622890900%2C55909533%2FMY_siakapkeli.my_res_article_mid2_300x350%2F%2F336x280%3B%2F21622890900%2C55909533%2FMY_siakapkeli.my_res_article_below_title_728x90%2F%2F320x50%3B%2F21622890900%2C55909533%2FMY_siakapkeli.my_pc_article_below_300x250%2F%2F336x280%3B%2F21622890900%2C55909533%2FMY_siakapkeli.my_pc_all_bottom_sticky_728x90&slots=5&rand=0.802013958208267
Requested by: Host: anymind360.com
URL: https://anymind360.com/js/2939/prebid_2022_8_31_6_21_10.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 2602:803:c004:200::141 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: f011b0a1bfb1179713327186e7ccdab92bfe3cb10ba3fe1a5aac32b37d34d65e

Request headers

Referer: https://siakapkeli.my/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Thu, 01 Sep 2022 08:52:22 GMT
Server: nginx/1.21.4
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://siakapkeli.my
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Content-Length: 745
Expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H2 200 pbjs Show response
htlb.casalemedia.com/openrtb/ 37 B
569 B 103ms
49ms XHR
application/json 104.18.19.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://htlb.casalemedia.com/openrtb/pbjs?s=485904&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%2233960cd5c067daf%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fsiakapkeli.my%2F2022%2F09%2F01%2Fbersalah-kes-rasuah-projek-solar-rosmah-dipenjara-30-tahun-denda-rm970-juta%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A2%2C%22msi%22%3A2%2C%22mfu%22%3A0%2C%22bu%22%3A5%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A5%2C%22ren%22%3Afalse%2C%22version%22%3A%226.29.2%22%2C%22userIds%22%3A%5B%5D%2C%22url%22%3A%22https%3A%2F%2Fsiakapkeli.my%2F2022%2F09%2F01%2Fbersalah-kes-rasuah-projek-solar-rosmah-dipenjara-30-tahun-denda-rm970-juta%2F%22%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%22344d8ac3dde8d71%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A336%2C%22h%22%3A280%2C%22ext%22%3A%7B%22siteID%22%3A%22485904%22%2C%22sid%22%3A%2221956443220%22%7D%7D%2C%7B%22w%22%3A300%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22485904%22%2C%22sid%22%3A%2221956443220%22%7D%7D%2C%7B%22w%22%3A640%2C%22h%22%3A360%2C%22ext%22%3A%7B%22siteID%22%3A%22485904%22%2C%22sid%22%3A%22640x360%22%7D%7D%5D%7D%2C%22ext%22%3A%7B%22gpid%22%3A%22%2F21622890900%2C55909533%2FMY_siakapkeli.my_mb_article_mid2long_300x350%2F%2F336x280%22%7D%7D%2C%7B%22id%22%3A%223665f60dd0203df%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22485904%22%2C%22sid%22%3A%2221883677016%22%7D%7D%2C%7B%22w%22%3A336%2C%22h%22%3A280%2C%22ext%22%3A%7B%22siteID%22%3A%22485904%22%2C%22sid%22%3A%2221883677016%22%7D%7D%2C%7B%22w%22%3A640%2C%22h%22%3A360%2C%22ext%22%3A%7B%22siteID%22%3A%22485904%22%2C%22sid%22%3A%22640x360%22%7D%7D%5D%7D%2C%22ext%22%3A%7B%22gpid%22%3A%22%2F21622890900%2C55909533%2FMY_siakapkeli.my_res_article_mid2_300x350%2F%2F336x280%22%7D%7D%2C%7B%22id%22%3A%2238d5a6995a493f7%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A728%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22485904%22%2C%22sid%22%3A%2222060108620%22%7D%7D%5D%7D%2C%22ext%22%3A%7B%22dfp_ad_unit_code%22%3A%22%2F21622890900%2C55909533%2FMY_siakapkeli.my_res_article_below_title_728x90%2F%2F320x50%22%2C%22gpid%22%3A%22%2F21622890900%2C55909533%2FMY_siakapkeli.my_res_article_below_title_728x90%2F%2F320x50%22%7D%7D%2C%7B%22id%22%3A%22396a5c65451d5e6%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22485904%22%2C%22sid%22%3A%2221969928430%22%7D%7D%2C%7B%22w%22%3A336%2C%22h%22%3A280%2C%22ext%22%3A%7B%22siteID%22%3A%22485904%22%2C%22sid%22%3A%2221969928430%22%7D%7D%2C%7B%22w%22%3A640%2C%22h%22%3A360%2C%22ext%22%3A%7B%22siteID%22%3A%22485904%22%2C%22sid%22%3A%2221969928430%22%7D%7D%5D%7D%2C%22ext%22%3A%7B%22dfp_ad_unit_code%22%3A%22%2F21622890900%2C55909533%2FMY_siakapkeli.my_pc_article_below_300x250%2F%2F336x280%22%2C%22gpid%22%3A%22%2F21622890900%2C55909533%2FMY_siakapkeli.my_pc_article_below_300x250%2F%2F336x280%22%7D%7D%2C%7B%22id%22%3A%22429fa27edd702d6%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A728%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22485904%22%2C%22sid%22%3A%2222375583265%22%7D%7D%2C%7B%22w%22%3A970%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22485904%22%2C%22sid%22%3A%2222375583265%22%7D%7D%5D%7D%2C%22ext%22%3A%7B%22dfp_ad_unit_code%22%3A%22%2F21622890900%2C55909533%2FMY_siakapkeli.my_pc_all_bottom_sticky_728x90%22%2C%22gpid%22%3A%22%2F21622890900%2C55909533%2FMY_siakapkeli.my_pc_all_bottom_sticky_728x90%22%7D%7D%5D%2C%22at%22%3A1%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22anymanager.io%22%2C%22sid%22%3A%222939%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%7D
Requested by: Host: anymind360.com
URL: https://anymind360.com/js/2939/prebid_2022_8_31_6_21_10.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e91df7da64fd986250003e277531728096fac8eaf50445bd6cbe019f29e76d57

Request headers

Referer: https://siakapkeli.my/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 01 Sep 2022 08:52:21 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QYk4eI2XECozuqxBrNLLeBSUg3ymP8XKKVvbEE0KIUOaBR2ZmL0AjnfBO%2FF4mc7H4Bb7To%2Fh637YfB0Wp%2BcHJBGYVRDr84SWeN3mhrFMHEV5U6RuyTx4%2FvTL4kT3CRj7B%2BQhejKi"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: https://siakapkeli.my
cache-control: no-cache
access-control-allow-credentials: true
cf-ray: 743cc4f2beb79b2b-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 37
expires: 0

POST
H2 200 auction Show response
tlx.3lift.com/header/ 19 B
506 B 120ms
67ms XHR
application/json 3.123.244.81
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://tlx.3lift.com/header/auction?lib=prebid&v=6.29.2&referrer=https%3A%2F%2Fsiakapkeli.my%2F2022%2F09%2F01%2Fbersalah-kes-rasuah-projek-solar-rosmah-dipenjara-30-tahun-denda-rm970-juta%2F&tmax=2000

Requested by

Host: anymind360.com
URL: https://anymind360.com/js/2939/prebid_2022_8_31_6_21_10.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.123.244.81 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-123-244-81.eu-central-1.compute.amazonaws.com

Software

Resource Hash

0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://siakapkeli.my/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 01 Sep 2022 08:52:21 GMT
accept-ch: user-agent,sec-ch-downlink,sec-ch-ua-mobile,sec-ch-save-data,sec-ch-device-memory,sec-ch-dpr,sec-ch-ua-full-version,sec-ch-ua-model,sec-ch-ua-platform-version,sec-ch-viewport-width,sec-ch-ua-platform,sec-ch-viewport-height,sec-ch-rtt,sec-ch-ua-arch,sec-ch-ua,sec-ch-ua-bitness,sec-ch-prefers-color-scheme,sec-ch-width,sec-ch-ect
content-type: application/json; charset=utf-8
access-control-allow-origin: https://siakapkeli.my
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 19
x-xss-protection: 0
expires: Thu, 15 Oct 1992 20:10:00 GMT

POST
H/1.1 200
OK v1 Show response
prg-apac.smartadserver.com/prebid/ 171 B
555 B 147ms
39ms XHR
application/json 185.86.137.114
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg-apac.smartadserver.com/prebid/v1
Requested by: Host: anymind360.com
URL: https://anymind360.com/js/2939/prebid_2022_8_31_6_21_10.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.137.114 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer: https://siakapkeli.my/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 01 Sep 2022 08:52:21 GMT
content-encoding: br
vary: Accept-Encoding, Origin
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin: https://siakapkeli.my
cache-control: no-cache,no-store
transfer-encoding: chunked
access-control-allow-credentials: true
content-type: application/json; charset=UTF-8

POST
H/1.1 200
OK v1 Show response
prg-apac.smartadserver.com/prebid/ 171 B
555 B 146ms
38ms XHR
application/json 185.86.137.114
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg-apac.smartadserver.com/prebid/v1
Requested by: Host: anymind360.com
URL: https://anymind360.com/js/2939/prebid_2022_8_31_6_21_10.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.137.114 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer: https://siakapkeli.my/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 01 Sep 2022 08:52:21 GMT
content-encoding: br
vary: Accept-Encoding, Origin
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin: https://siakapkeli.my
cache-control: no-cache,no-store
transfer-encoding: chunked
access-control-allow-credentials: true
content-type: application/json; charset=UTF-8

POST
H/1.1 200
OK v1 Show response
prg-apac.smartadserver.com/prebid/ 171 B
555 B 141ms
33ms XHR
application/json 185.86.137.114
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg-apac.smartadserver.com/prebid/v1
Requested by: Host: anymind360.com
URL: https://anymind360.com/js/2939/prebid_2022_8_31_6_21_10.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.137.114 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer: https://siakapkeli.my/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 01 Sep 2022 08:52:20 GMT
content-encoding: br
vary: Accept-Encoding, Origin
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin: https://siakapkeli.my
cache-control: no-cache,no-store
transfer-encoding: chunked
access-control-allow-credentials: true
content-type: application/json; charset=UTF-8

POST
H/1.1 200
OK v1 Show response
prg-apac.smartadserver.com/prebid/ 171 B
555 B 145ms
37ms XHR
application/json 185.86.137.114
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg-apac.smartadserver.com/prebid/v1
Requested by: Host: anymind360.com
URL: https://anymind360.com/js/2939/prebid_2022_8_31_6_21_10.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.137.114 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer: https://siakapkeli.my/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 01 Sep 2022 08:52:21 GMT
content-encoding: br
vary: Accept-Encoding, Origin
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin: https://siakapkeli.my
cache-control: no-cache,no-store
transfer-encoding: chunked
access-control-allow-credentials: true
content-type: application/json; charset=UTF-8

POST
H/1.1 200
OK v1 Show response
prg-apac.smartadserver.com/prebid/ 171 B
555 B 145ms
37ms XHR
application/json 185.86.137.114
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg-apac.smartadserver.com/prebid/v1
Requested by: Host: anymind360.com
URL: https://anymind360.com/js/2939/prebid_2022_8_31_6_21_10.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.137.114 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer: https://siakapkeli.my/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 01 Sep 2022 08:52:21 GMT
content-encoding: br
vary: Accept-Encoding, Origin
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin: https://siakapkeli.my
cache-control: no-cache,no-store
transfer-encoding: chunked
access-control-allow-credentials: true
content-type: application/json; charset=UTF-8

POST
H/1.1 200
OK v1 Show response
prg-apac.smartadserver.com/prebid/ 0
335 B 136ms
28ms XHR
application/json 185.86.137.114
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg-apac.smartadserver.com/prebid/v1
Requested by: Host: anymind360.com
URL: https://anymind360.com/js/2939/prebid_2022_8_31_6_21_10.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.137.114 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://siakapkeli.my/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 01 Sep 2022 08:52:20 GMT
vary: Origin
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin: https://siakapkeli.my
cache-control: no-cache,no-store
access-control-allow-credentials: true
content-type: application/json; charset=UTF-8
content-length: 0

POST
H/1.1 200
OK v1 Show response
prg-apac.smartadserver.com/prebid/ 171 B
560 B 173ms
37ms XHR
application/json 185.86.137.114
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg-apac.smartadserver.com/prebid/v1
Requested by: Host: anymind360.com
URL: https://anymind360.com/js/2939/prebid_2022_8_31_6_21_10.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.137.114 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer: https://siakapkeli.my/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 01 Sep 2022 08:52:21 GMT
content-encoding: br
vary: Accept-Encoding, Origin
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin: https://siakapkeli.my
cache-control: no-cache,no-store
transfer-encoding: chunked
access-control-allow-credentials: true
content-type: application/json; charset=UTF-8

GET
H2 200 arj Show response
adasia-d.openx.net/w/1.0/ 73 B
377 B 81ms
20ms XHR
application/json 35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://adasia-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fsiakapkeli.my%2F2022%2F09%2F01%2Fbersalah-kes-rasuah-projek-solar-rosmah-dipenjara-30-tahun-denda-rm970-juta%2F&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=7cb33ecf-e8cd-42ac-a0a2-03b4b3f9cf78%2C9c89e0be-0bfd-40c6-8f11-238fcdb2ce37%2C7cee37c5-619a-4ed1-9e7c-a39b6a37dc2d%2Cd08c2858-af00-4c0b-83ee-5cd635143e15%2Cd54c1a21-2c64-49b9-9a28-9042e0c1e0ac&nocache=1662022341495&schain=1.0%2C1!anymanager.io%2C2939%2C1%2C%2C%2C&aus=336x280%2C300x250%2C640x360%7C336x280%2C300x250%2C640x360%7C728x90%7C336x280%2C300x250%2C640x360%7C728x90%2C970x90&divids=ats-insert_ads-2%2Cats-insert_ads-4%2Cats-insert_ads-5%2Cats-insert_ads-6%2Cats-overlay_bottom-10&aucs=ats-insert_ads-2%2Cats-insert_ads-4%2C%252F21622890900%252C55909533%252FMY_siakapkeli.my_res_article_below_title_728x90%252F%252F320x50%2C%252F21622890900%252C55909533%252FMY_siakapkeli.my_pc_article_below_300x250%252F%252F336x280%2C%252F21622890900%252C55909533%252FMY_siakapkeli.my_pc_all_bottom_sticky_728x90&auid=543856578%2C543856582%2C543856583%2C543856584%2C545617869
Requested by: Host: anymind360.com
URL: https://anymind360.com/js/2939/prebid_2022_8_31_6_21_10.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: a2f8800c0ad663532daf04e10deeeedb3e8824478c48b368829df2e6cebe48a2

Request headers

Referer: https://siakapkeli.my/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 01 Sep 2022 08:52:21 GMT
content-encoding: gzip
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://siakapkeli.my
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
content-type: application/json
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 79
via: 1.1 google
expires: Mon, 26 Jul 1997 05:00:00 GMT

POST
H2 200 cdb Show response
bidder.criteo.com/ 18 B
311 B 50ms
16ms XHR
application/json 178.250.2.131
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?profileId=207&av=34&wv=6.29.2&cb=61539092909

Requested by

Host: anymind360.com
URL: https://anymind360.com/js/2939/prebid_2022_8_31_6_21_10.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.131 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

bidder.am5.vip.prod.criteo.com

Software

Finatra /

Resource Hash

ad6aa18e132c373e6a0be7543103d4e5dfde8680587cea250550686591419910

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://siakapkeli.my/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 01 Sep 2022 08:52:20 GMT
content-encoding: gzip
server: Finatra
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://siakapkeli.my
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 44

GET
H2 204 / Show response
d.vidoomy.com/api/rtbserver/prebid/ 0
154 B 181ms
56ms XHR
text/plain 3.68.178.222
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d.vidoomy.com/api/rtbserver/prebid/?id=18385&adtype=banner&auc=ats-insert_ads-2&w=336&h=280&pos=1&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F105.0.5195.52%20Safari%2F537.36&l=en&dt=1&pid=62196&requestId=65e7132a37d84ba&schain=%5Bobject%20Object%5D&bidfloor=0&d=siakapkeli.my&sp=https%253A%252F%252Fsiakapkeli.my%252F2022%252F09%252F01%252Fbersalah-kes-rasuah-projek-solar-rosmah-dipenjara-30-tahun-denda-rm970-juta%252F&usp=&coppa=false&videoContext=
Requested by: Host: anymind360.com
URL: https://anymind360.com/js/2939/prebid_2022_8_31_6_21_10.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.68.178.222 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-68-178-222.eu-central-1.compute.amazonaws.com
Software: fasthttp /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://siakapkeli.my/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://siakapkeli.my
date: Thu, 01 Sep 2022 08:52:21 GMT
access-control-allow-credentials: true
server: fasthttp
vary: Origin
access-control-expose-headers: X-Vd-C

GET
H2 204 / Show response
d.vidoomy.com/api/rtbserver/prebid/ 0
154 B 166ms
41ms XHR
text/plain 3.68.178.222
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d.vidoomy.com/api/rtbserver/prebid/?id=18391&adtype=banner&auc=ats-insert_ads-4&w=336&h=280&pos=1&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F105.0.5195.52%20Safari%2F537.36&l=en&dt=1&pid=62196&requestId=66beb6ef73e9ab7&schain=%5Bobject%20Object%5D&bidfloor=0&d=siakapkeli.my&sp=https%253A%252F%252Fsiakapkeli.my%252F2022%252F09%252F01%252Fbersalah-kes-rasuah-projek-solar-rosmah-dipenjara-30-tahun-denda-rm970-juta%252F&usp=&coppa=false&videoContext=
Requested by: Host: anymind360.com
URL: https://anymind360.com/js/2939/prebid_2022_8_31_6_21_10.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.68.178.222 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-68-178-222.eu-central-1.compute.amazonaws.com
Software: fasthttp /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://siakapkeli.my/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://siakapkeli.my
date: Thu, 01 Sep 2022 08:52:21 GMT
access-control-allow-credentials: true
server: fasthttp
vary: Origin
access-control-expose-headers: X-Vd-C

GET
H2 204 / Show response
d.vidoomy.com/api/rtbserver/prebid/ 0
155 B 165ms
40ms XHR
text/plain 3.68.178.222
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d.vidoomy.com/api/rtbserver/prebid/?id=18389&adtype=banner&auc=ats-insert_ads-5&w=728&h=90&pos=1&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F105.0.5195.52%20Safari%2F537.36&l=en&dt=1&pid=62196&requestId=67698aea605e07b&schain=%5Bobject%20Object%5D&bidfloor=0&d=siakapkeli.my&sp=https%253A%252F%252Fsiakapkeli.my%252F2022%252F09%252F01%252Fbersalah-kes-rasuah-projek-solar-rosmah-dipenjara-30-tahun-denda-rm970-juta%252F&usp=&coppa=false&videoContext=
Requested by: Host: anymind360.com
URL: https://anymind360.com/js/2939/prebid_2022_8_31_6_21_10.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.68.178.222 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-68-178-222.eu-central-1.compute.amazonaws.com
Software: fasthttp /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://siakapkeli.my/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://siakapkeli.my
date: Thu, 01 Sep 2022 08:52:21 GMT
access-control-allow-credentials: true
server: fasthttp
vary: Origin
access-control-expose-headers: X-Vd-C

GET
H2 204 / Show response
d.vidoomy.com/api/rtbserver/prebid/ 0
154 B 168ms
43ms XHR
text/plain 3.68.178.222
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d.vidoomy.com/api/rtbserver/prebid/?id=18387&adtype=banner&auc=ats-insert_ads-6&w=336&h=280&pos=1&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F105.0.5195.52%20Safari%2F537.36&l=en&dt=1&pid=62196&requestId=68f408004668dda&schain=%5Bobject%20Object%5D&bidfloor=0&d=siakapkeli.my&sp=https%253A%252F%252Fsiakapkeli.my%252F2022%252F09%252F01%252Fbersalah-kes-rasuah-projek-solar-rosmah-dipenjara-30-tahun-denda-rm970-juta%252F&usp=&coppa=false&videoContext=
Requested by: Host: anymind360.com
URL: https://anymind360.com/js/2939/prebid_2022_8_31_6_21_10.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.68.178.222 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-68-178-222.eu-central-1.compute.amazonaws.com
Software: fasthttp /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://siakapkeli.my/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://siakapkeli.my
date: Thu, 01 Sep 2022 08:52:21 GMT
access-control-allow-credentials: true
server: fasthttp
vary: Origin
access-control-expose-headers: X-Vd-C

GET
H2 204 / Show response
d.vidoomy.com/api/rtbserver/prebid/ 0
154 B 196ms
71ms XHR
text/plain 3.68.178.222
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d.vidoomy.com/api/rtbserver/prebid/?id=18386&adtype=banner&auc=ats-overlay_bottom-10&w=728&h=90&pos=1&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F105.0.5195.52%20Safari%2F537.36&l=en&dt=1&pid=62196&requestId=693c5fbf43ba373&schain=%5Bobject%20Object%5D&bidfloor=0&d=siakapkeli.my&sp=https%253A%252F%252Fsiakapkeli.my%252F2022%252F09%252F01%252Fbersalah-kes-rasuah-projek-solar-rosmah-dipenjara-30-tahun-denda-rm970-juta%252F&usp=&coppa=false&videoContext=
Requested by: Host: anymind360.com
URL: https://anymind360.com/js/2939/prebid_2022_8_31_6_21_10.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.68.178.222 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-68-178-222.eu-central-1.compute.amazonaws.com
Software: fasthttp /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://siakapkeli.my/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://siakapkeli.my
date: Thu, 01 Sep 2022 08:52:21 GMT
access-control-allow-credentials: true
server: fasthttp
vary: Origin
access-control-expose-headers: X-Vd-C

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ 0
115 B 276ms
111ms XHR
text/plain 185.64.189.112
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: anymind360.com
URL: https://anymind360.com/js/2939/prebid_2022_8_31_6_21_10.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://siakapkeli.my/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://siakapkeli.my
date: Thu, 01 Sep 2022 08:52:21 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

GET
H2 200 g.gif
pixel.wp.com/ 50 B
93 B 25ms
12ms Image
image/gif 192.0.76.3
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.wp.com/g.gif?v=ext&j=1%3A11.2&blog=145859616&post=482793&tz=8&srv=siakapkeli.my&host=siakapkeli.my&ref=&fcp=564&rand=0.3846165775296049
Requested by: Host: siakapkeli.my
URL: https://siakapkeli.my/2022/09/01/bersalah-kes-rasuah-projek-solar-rosmah-dipenjara-30-tahun-denda-rm970-juta/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://siakapkeli.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

access-control-allow-origin: *
date: Thu, 01 Sep 2022 08:52:21 GMT
cache-control: no-cache
server: nginx
content-length: 50
content-type: image/gif

GET
H2

200

ptag.js Show response
cdn.adbro.me/
Redirect Chain

https://tag.adbro.me/tags/ptag.js
https://cdn.adbro.me/ptag.js

106 KB
31 KB

36ms
28ms

Script
application/x-javascript

2606:4700:10::ac43:2682
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.adbro.me/ptag.js
Requested by: Host: siakapkeli.my
URL: https://siakapkeli.my/2022/09/01/bersalah-kes-rasuah-projek-solar-rosmah-dipenjara-30-tahun-denda-rm970-juta/
Protocol: H2
Server: 2606:4700:10::ac43:2682 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 91c90926e067942ddf4c93eac3e959a3c49eabf7e59be9ff1e33f645e8b496b7

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://siakapkeli.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Thu, 01 Sep 2022 08:52:21 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 7816
x-powered-by: ASP.NET
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Tue, 28 Jun 2022 14:06:04 GMT
server: cloudflare
etag: W/"06e3734f88ad81:0"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=14400
cf-polished: origSize=137667
cf-ray: 743cc4f54a19915c-FRA
cf-bgj: minify

Redirect headers

date: Thu, 01 Sep 2022 08:52:21 GMT
server: cloudflare
vary: Accept-Encoding
location: https://cdn.adbro.me/ptag.js
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray: 743cc4f509d4915c-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H2 200 n9c241vr.js Show response
tag.adbro.me/configs/ 1 KB
760 B 401ms
346ms Script
application/javascript 2606:4700:10::ac43:2682
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tag.adbro.me/configs/n9c241vr.js
Requested by: Host: siakapkeli.my
URL: https://siakapkeli.my/2022/09/01/bersalah-kes-rasuah-projek-solar-rosmah-dipenjara-30-tahun-denda-rm970-juta/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:2682 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8746bebbd3e3f8d0b387f6fca854a6c4e3e5e5331c1a69ebe6886b683c33e20d

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://siakapkeli.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 01 Sep 2022 08:52:22 GMT
content-encoding: gzip
cf-cache-status: REVALIDATED
cf-polished: origSize=1428
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-ms-lease-status: unlocked
last-modified: Wed, 31 Aug 2022 05:02:24 GMT
server: cloudflare
vary: Accept-Encoding
content-type: application/javascript
x-ms-request-id: 67cea6a1-d01e-00c0-40f8-bcb4d2000000
cache-control: max-age=7200
x-ms-version: 2009-09-19
cf-ray: 743cc4f509d8915c-FRA
cf-bgj: minify

GET
H2 200 visits
xhr.invl.co/ 43 B
903 B 290ms
289ms Image
image/gif 13.214.237.179
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://xhr.invl.co/visits?aff_id=40814&referrer=&href=https%3A%2F%2Fsiakapkeli.my%2F2022%2F09%2F01%2Fbersalah-kes-rasuah-projek-solar-rosmah-dipenjara-30-tahun-denda-rm970-juta%2F

Requested by

Host: siakapkeli.my
URL: https://siakapkeli.my/2022/09/01/bersalah-kes-rasuah-projek-solar-rosmah-dipenjara-30-tahun-denda-rm970-juta/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

13.214.237.179 Singapore, Singapore, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-13-214-237-179.ap-southeast-1.compute.amazonaws.com

Software

nginx /

Resource Hash

aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://siakapkeli.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Thu, 01 Sep 2022 08:52:22 GMT
referrer-policy: no-referrer-when-downgrade
server: nginx
x-frame-options: SAMEORIGIN
content-type: image/gif
cache-control: no-cache, private
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 invisible.js Show response
siakapkeli.my/cdn-cgi/challenge-platform/h/b/scripts/alpha/ Frame B4E6 37 KB
13 KB 24ms
24ms Script
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://siakapkeli.my/cdn-cgi/challenge-platform/h/b/scripts/alpha/invisible.js?ts=1662019200
Requested by: Host: siakapkeli.my
URL: https://siakapkeli.my/2022/09/01/bersalah-kes-rasuah-projek-solar-rosmah-dipenjara-30-tahun-denda-rm970-juta/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0cfdb09e986a94c041898664f2300638ed8e5c7eedde27f8dd5583a863acfd22

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Thu, 01 Sep 2022 08:52:21 GMT
content-encoding: br
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: accept-encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Nn658T%2F7XE%2FEovxgKBHz0cLXB4mj3HB%2B6Hq40TJN1Ovfmnl5qU83Z%2FyAb5TggYlHP4He3Go7FihTtAZKeSxjmLssV8vC15oTyEN1A0XqzS1cFtvjbNy7i0CWKag1LbjlSeqNZS2yGMKyYAX3"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400, public
x-control-type-options: nosniff
cf-ray: 743cc4f4bcd39180-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
DATA 200
OK truncated
/ 273 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: fe50466edcdac1192aa7a5bebb69e57134216d66dc920c3611ce267751d1643b

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

POST
H3 200 admin-ajax.php Show response
siakapkeli.my/wp-admin/ 1 B
638 B 426ms
426ms XHR
text/html 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://siakapkeli.my/wp-admin/admin-ajax.php

Requested by

Host: siakapkeli.my
URL: https://siakapkeli.my/wp-includes/js/jquery/jquery.min.js?ver=3.6.0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Accept: */*
Referer: https://siakapkeli.my/2022/09/01/bersalah-kes-rasuah-projek-solar-rosmah-dipenjara-30-tahun-denda-rm970-juta/
X-Requested-With: XMLHttpRequest
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Thu, 01 Sep 2022 08:52:22 GMT
via: 1.1 varnish (Varnish/5.2)
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 0
x-cache: MISS
content-type: text/html; charset=UTF-8
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
x-robots-tag: noindex
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=thDiXNHut12WLhvzHYVxiSGfMgzIpbixbiuy7HzRd9WhJCgJxEFZx21HSwSXJtnWq%2BBRk%2F3m3XB4zgblSVRnvnPb%2F5JvL14I5qDe6rYzyH5IliqHXHQRe%2FYO7HEEL%2BONWnQ724QEatwjUczz"}],"group":"cf-nel","max_age":604800}
x-varnish: 41464487
access-control-allow-origin: https://siakapkeli.my
cache-control: no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
cf-ray: 743cc4f4cce29180-FRA
expires: Wed, 11 Jan 1984 05:00:00 GMT

GET
H3 200 pica.js
siakapkeli.my/cdn-cgi/challenge-platform/h/b/scripts/ Frame B4E6 19 KB
7 KB 27ms
27ms Other
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://siakapkeli.my/cdn-cgi/challenge-platform/h/b/scripts/pica.js
Requested by: Host: siakapkeli.my
URL: https://siakapkeli.my/2022/09/01/bersalah-kes-rasuah-projek-solar-rosmah-dipenjara-30-tahun-denda-rm970-juta/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 97ab734729d54bb7ee4d5980d96b6044870e5a048109b64d5118490290615c2a

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Thu, 01 Sep 2022 08:52:21 GMT
content-encoding: br
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: accept-encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=B1YvLPBzN3B4q7CWLH7kfvk5vLQ8syhS1VTN1GZ9amgIU9RddmaV00qMiAslav3MFVsa7T2qDCQpYmsoQZXqDiwAZG1QZ0rkqraB06olYg0N8F8FmrscKmw7yS%2F8ZIjSxsz%2FwUGTDVeNC%2B%2Fz"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400, public
x-control-type-options: nosniff
cf-ray: 743cc4f4fd299180-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 integrator.js Show response
adservice.google.nl/adsid/ 107 B
122 B 69ms
28ms Script
application/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.nl/adsid/integrator.js?domain=siakapkeli.my

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022082501.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://siakapkeli.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 01 Sep 2022 08:52:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 70ms
29ms Script
application/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=siakapkeli.my

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022082501.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://siakapkeli.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 01 Sep 2022 08:52:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 411 B
254 B 62ms
62ms XHR
text/plain 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1972848161156677&correlator=3265136625811694&eid=31069183%2C44761477%2C31069126&output=ldjh&gdfp_req=1&vrg=2022082501&ptt=17&impl=fif&iu_parts=55909533%2CSIAKAPKELI_UNIT_STO&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ifi=2&adks=2013099300&sfv=1-0-38&ists=1&fsapi=false&eri=1&cust_params=url%3D%252F2022%252F09%252F01%252Fbersalah-kes-rasuah-projek-solar-rosmah-dipenjara-30-tahun-denda-rm970-juta%252F%26ref%3Dnull&sc=1&cookie=ID%3Dc108e6c32e8016f8-22f684ea0ece004e%3AT%3D1662022341%3AS%3DALNI_Mb72zrJd98D4VGeeXq1L_wnl1WJPQ&abxe=1&dt=1662022342041&lmt=1662022342&dlt=1662022340763&idt=627&adxs=0&adys=2524&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=1&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fsiakapkeli.my%2F2022%2F09%2F01%2Fbersalah-kes-rasuah-projek-solar-rosmah-dipenjara-30-tahun-denda-rm970-juta%2F&frm=20&vis=1&psz=1600x0&msz=1600x0&fws=0&ohw=0&ga_vid=802209565.1662022341&ga_sid=1662022341&ga_hid=1815976567&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022082501.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

486c6143e56cc041da567ea1040a20b594795d800da1606d8964b0c042858b64

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://siakapkeli.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Thu, 01 Sep 2022 08:52:22 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 223
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://siakapkeli.my
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 969 B
502 B 414ms
412ms XHR
text/plain 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1972848161156677&correlator=3265136625811694&eid=31069183%2C44761477%2C31069126&output=ldjh&gdfp_req=1&vrg=2022082501&ptt=17&impl=fif&iu_parts=21622890900%3A55909533%2CMY_siakapkeli.my_pc_all_bottom_sticky_728x90&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90%7C970x90&ifi=3&adks=2623811611&sfv=1-0-38&fsapi=false&eri=1&cust_params=url%3D%252F2022%252F09%252F01%252Fbersalah-kes-rasuah-projek-solar-rosmah-dipenjara-30-tahun-denda-rm970-juta%252F%26ref%3Dnull&sc=1&cookie=ID%3Dc108e6c32e8016f8-22f684ea0ece004e%3AT%3D1662022341%3AS%3DALNI_Mb72zrJd98D4VGeeXq1L_wnl1WJPQ&abxe=1&dt=1662022342045&lmt=1662022342&dlt=1662022340763&idt=627&adxs=0&adys=4&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fsiakapkeli.my%2F2022%2F09%2F01%2Fbersalah-kes-rasuah-projek-solar-rosmah-dipenjara-30-tahun-denda-rm970-juta%2F&frm=20&vis=1&psz=1600x1&msz=728x0&fws=128&ohw=0&psts=AEC3cPJ5Pogrf3sBHS2YKRDh014y7KBl6X0Zjr6h1jsUSDBy&ga_vid=802209565.1662022341&ga_sid=1662022341&ga_hid=1815976567&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022082501.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f29ae6256b57c5bd75413d293259e683a6f386ed0ccddcb6922d0ac49004316b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://siakapkeli.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Thu, 01 Sep 2022 08:52:22 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 471
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://siakapkeli.my
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 21 KB
9 KB 224ms
222ms XHR
text/plain 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1972848161156677&correlator=3265136625811694&eid=31069183%2C44761477%2C31069126&output=ldjh&gdfp_req=1&vrg=2022082501&ptt=17&impl=fif&iu_parts=21622890900%3A55909533%2CMY_siakapkeli.my_pc_article_right_sticky_300x250%2C336x280%2C120x600%2C160x600%2C300x600&enc_prev_ius=%2F0%2F1%2F%2F2%2F%2F3%2F%2F4%2F%2F5&prev_iu_szs=300x250%7C336x280%7C300x600%7C160x600%7C120x600&ifi=4&adks=3069031006&sfv=1-0-38&fsapi=false&eri=1&cust_params=url%3D%252F2022%252F09%252F01%252Fbersalah-kes-rasuah-projek-solar-rosmah-dipenjara-30-tahun-denda-rm970-juta%252F%26ref%3Dnull&sc=1&cookie=ID%3Dc108e6c32e8016f8-22f684ea0ece004e%3AT%3D1662022341%3AS%3DALNI_Mb72zrJd98D4VGeeXq1L_wnl1WJPQ&abxe=1&dt=1662022342048&lmt=1662022342&dlt=1662022340763&idt=627&adxs=1035&adys=548&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=4&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fsiakapkeli.my%2F2022%2F09%2F01%2Fbersalah-kes-rasuah-projek-solar-rosmah-dipenjara-30-tahun-denda-rm970-juta%2F&frm=20&vis=1&psz=300x0&msz=300x0&fws=128&ohw=0&psts=AEC3cPJ5Pogrf3sBHS2YKRDh014y7KBl6X0Zjr6h1jsUSDBy&ga_vid=802209565.1662022341&ga_sid=1662022341&ga_hid=1815976567&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022082501.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c5a3e1072ff5fbca63068025f65d3e8e826c701a27f6f3ae2d33400e42a6dd00

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://siakapkeli.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Thu, 01 Sep 2022 08:52:22 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9686
x-xss-protection: 0
google-lineitem-id: 5396780781
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138314617879
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://siakapkeli.my
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 33 KB
15 KB 683ms
681ms XHR
text/plain 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1972848161156677&correlator=3265136625811694&eid=31069183%2C44761477%2C31069126&output=ldjh&gdfp_req=1&vrg=2022082501&ptt=17&impl=fif&iu_parts=21622890900%3A55909533%2CMY_siakapkeli.my_pc_article_below_300x250%2C336x280&enc_prev_ius=%2F0%2F1%2F%2F2&prev_iu_szs=300x250%7C336x280%7C640x360&ifi=5&adks=2611189434&sfv=1-0-38&fsapi=false&eri=1&cust_params=url%3D%252F2022%252F09%252F01%252Fbersalah-kes-rasuah-projek-solar-rosmah-dipenjara-30-tahun-denda-rm970-juta%252F%26ref%3Dnull&sc=1&cookie=ID%3Dc108e6c32e8016f8-22f684ea0ece004e%3AT%3D1662022341%3AS%3DALNI_Mb72zrJd98D4VGeeXq1L_wnl1WJPQ&abxe=1&dt=1662022342051&lmt=1662022342&dlt=1662022340763&idt=627&adxs=325&adys=2101&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=2&ucis=5&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fsiakapkeli.my%2F2022%2F09%2F01%2Fbersalah-kes-rasuah-projek-solar-rosmah-dipenjara-30-tahun-denda-rm970-juta%2F&frm=20&vis=1&psz=620x0&msz=300x0&fws=128&ohw=0&psts=AEC3cPJ5Pogrf3sBHS2YKRDh014y7KBl6X0Zjr6h1jsUSDBy&ga_vid=802209565.1662022341&ga_sid=1662022341&ga_hid=1815976567&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022082501.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3836861bde0f0d858a72d40ef9746a03f916a13df0b957ed4e67e7268c775d06

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://siakapkeli.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Thu, 01 Sep 2022 08:52:22 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: 213202
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15244
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-mediationtag-id: 327881
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://siakapkeli.my
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 980 B
504 B 884ms
882ms XHR
text/plain 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1972848161156677&correlator=3265136625811694&eid=31069183%2C44761477%2C31069126&output=ldjh&gdfp_req=1&vrg=2022082501&ptt=17&impl=fif&iu_parts=21622890900%3A55909533%2CMY_siakapkeli.my_res_article_below_title_728x90%2C320x50&enc_prev_ius=%2F0%2F1%2F%2F2&prev_iu_szs=728x90&ifi=6&adks=731482304&sfv=1-0-38&fsapi=false&eri=1&cust_params=url%3D%252F2022%252F09%252F01%252Fbersalah-kes-rasuah-projek-solar-rosmah-dipenjara-30-tahun-denda-rm970-juta%252F%26ref%3Dnull&sc=1&cookie=ID%3Dc108e6c32e8016f8-22f684ea0ece004e%3AT%3D1662022341%3AS%3DALNI_Mb72zrJd98D4VGeeXq1L_wnl1WJPQ&abxe=1&dt=1662022342056&lmt=1662022342&dlt=1662022340763&idt=627&adxs=265&adys=647&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=6&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fsiakapkeli.my%2F2022%2F09%2F01%2Fbersalah-kes-rasuah-projek-solar-rosmah-dipenjara-30-tahun-denda-rm970-juta%2F&frm=20&vis=1&psz=740x0&msz=728x0&fws=128&ohw=0&psts=AEC3cPJ5Pogrf3sBHS2YKRDh014y7KBl6X0Zjr6h1jsUSDBy&ga_vid=802209565.1662022341&ga_sid=1662022341&ga_hid=1815976567&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022082501.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4b21979da82a0dcccec7ed72669b988f4a1e00a8152ac41b2a463a0d9f8ca14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://siakapkeli.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Thu, 01 Sep 2022 08:52:22 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 473
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://siakapkeli.my
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 20 KB
9 KB 1019ms
1017ms XHR
text/plain 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1972848161156677&correlator=3265136625811694&eid=31069183%2C44761477%2C31069126&output=ldjh&gdfp_req=1&vrg=2022082501&ptt=17&impl=fif&iu_parts=21622890900%3A55909533%2CMY_siakapkeli.my_res_allsite_1x1&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ifi=7&adks=1271496268&sfv=1-0-38&fsapi=false&eri=1&cust_params=url%3D%252F2022%252F09%252F01%252Fbersalah-kes-rasuah-projek-solar-rosmah-dipenjara-30-tahun-denda-rm970-juta%252F%26ref%3Dnull&sc=1&cookie=ID%3Dc108e6c32e8016f8-22f684ea0ece004e%3AT%3D1662022341%3AS%3DALNI_Mb72zrJd98D4VGeeXq1L_wnl1WJPQ&abxe=1&dt=1662022342060&lmt=1662022342&dlt=1662022340763&idt=627&adxs=1600&adys=1200&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=3&ucis=7&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fsiakapkeli.my%2F2022%2F09%2F01%2Fbersalah-kes-rasuah-projek-solar-rosmah-dipenjara-30-tahun-denda-rm970-juta%2F&frm=20&vis=1&psz=0x-1&msz=0x-1&fws=640&ohw=0&psts=AEC3cPJ5Pogrf3sBHS2YKRDh014y7KBl6X0Zjr6h1jsUSDBy&ga_vid=802209565.1662022341&ga_sid=1662022341&ga_hid=1815976567&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022082501.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4ab0f081f5cb76cf669973642e143f8a56e511a1ccdaffc2e70402aa2f64c932

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://siakapkeli.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Thu, 01 Sep 2022 08:52:23 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9398
x-xss-protection: 0
google-lineitem-id: 5839630797
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138384468288
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://siakapkeli.my
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 31 KB
14 KB 1263ms
1260ms XHR
text/plain 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1972848161156677&correlator=3265136625811694&eid=31069183%2C44761477%2C31069126&output=ldjh&gdfp_req=1&vrg=2022082501&ptt=17&impl=fif&iu_parts=21622890900%3A55909533%2CMY_siakapkeli.my_res_article_mid2_300x350%2C336x280&enc_prev_ius=%2F0%2F1%2F%2F2&prev_iu_szs=300x250%7C336x280%7C640x360&ifi=8&adks=1914085047&sfv=1-0-38&fsapi=false&eri=1&cust_params=url%3D%252F2022%252F09%252F01%252Fbersalah-kes-rasuah-projek-solar-rosmah-dipenjara-30-tahun-denda-rm970-juta%252F%26ref%3Dnull&sc=1&cookie=ID%3Dc108e6c32e8016f8-22f684ea0ece004e%3AT%3D1662022341%3AS%3DALNI_Mb72zrJd98D4VGeeXq1L_wnl1WJPQ&abxe=1&dt=1662022342064&lmt=1662022342&dlt=1662022340763&idt=627&adxs=325&adys=1177&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=8&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fsiakapkeli.my%2F2022%2F09%2F01%2Fbersalah-kes-rasuah-projek-solar-rosmah-dipenjara-30-tahun-denda-rm970-juta%2F&frm=20&vis=1&psz=620x0&msz=300x0&fws=128&ohw=0&psts=AEC3cPJ5Pogrf3sBHS2YKRDh014y7KBl6X0Zjr6h1jsUSDBy&ga_vid=802209565.1662022341&ga_sid=1662022341&ga_hid=1815976567&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022082501.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

763afce9c8f58ab3fd98da9c6be430b9a96ff95c4fd065139cd35c75f1a17a8b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://siakapkeli.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Thu, 01 Sep 2022 08:52:23 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: 213202
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14483
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-mediationtag-id: 327881
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://siakapkeli.my
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 743cc4ec9a8e9bf8 Show response
siakapkeli.my/cdn-cgi/challenge-platform/h/b/cv/result/ Frame B4E6 2 B
649 B 50ms
50ms XHR
text/plain 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://siakapkeli.my/cdn-cgi/challenge-platform/h/b/cv/result/743cc4ec9a8e9bf8
Requested by: Host: siakapkeli.my
URL: https://siakapkeli.my/cdn-cgi/challenge-platform/h/b/scripts/alpha/invisible.js?ts=1662019200
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type: application/json

Response headers

date: Thu, 01 Sep 2022 08:52:22 GMT
content-encoding: br
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XTom47bFrKd8J889GOWaboMRLE83cWfBqw2RYgmlRbgfOVNQFxK8PRHnQBgaez%2FBGm901FoZez9MesIE7sgbM26ciz4iy3vCQjxg981tnK%2B4wIapCWTh5fuVGBy0%2BwEp2Zt0fevZyAzyqCuo"}],"group":"cf-nel","max_age":604800}
content-type: text/plain; charset=UTF-8
cf-ray: 743cc4f718eb9180-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 esp.js Show response
oa.openxcdn.net/ 24 KB
8 KB 47ms
13ms Script
application/javascript 34.102.146.192
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://oa.openxcdn.net/esp.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022082501.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.102.146.192 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 192.146.102.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://siakapkeli.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Sat, 27 Aug 2022 06:22:39 GMT
content-encoding: gzip
age: 440983
x-guploader-uploadid: ADPycdtsBW-FzsWHAQaItyzFwhb0bDt4kAKIPEdjeQOXugqU_jJk1iFTlnrGyDWZwy83905ZOzsqiMWEhSaQffaNYDaPdQ
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7927
last-modified: Thu, 27 May 2021 18:30:51 GMT
server: UploadServer
etag: "df5542b88bc0e368c6999754a5b9e2ba"
x-goog-hash: crc32c=f21hYg==, md5=31VCuIvA42jGmZdUpbniug==
x-goog-generation: 1622140251693895
cache-control: no-transform
x-goog-stored-content-length: 7927
accept-ranges: bytes
content-type: application/javascript
expires: Sun, 27 Aug 2023 06:22:39 GMT

GET
H2 200 publishertag.ids.js Show response
static.criteo.net/js/ld/ 39 KB
13 KB 1156ms
551ms Script
text/javascript 2406:2600:4::1
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.ids.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022082501.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2406:2600:4::1 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

nginx /

Resource Hash

b47eb2c147c468eb6aa9c3ba546db61b822d6d7be251f41e06aefc0d3c828163

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://siakapkeli.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Thu, 01 Sep 2022 08:52:23 GMT
content-encoding: gzip
last-modified: Tue, 23 Aug 2022 00:22:09 GMT
server: nginx
etag: W/"63041db1-9dbd"
strict-transport-security: max-age=31536000; preload;
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 02 Sep 2022 08:52:23 GMT

GET
H2 200 pubcid.min.js Show response
id.sharedid.org/lib/ 732 B
904 B 533ms
163ms Script
application/javascript 34.209.30.241
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://id.sharedid.org/lib/pubcid.min.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022082501.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.209.30.241 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-209-30-241.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://siakapkeli.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Thu, 01 Sep 2022 08:52:22 GMT
cache-control: public, max-age=86400
last-modified: Thu, 1 Sep 2022 08:33:43 GMT
accept-ranges: bytes
content-length: 732
vary: accept-encoding
content-type: application/javascript

GET
H2 200 esp.js Show response
cdn.id5-sync.com/api/1.0/ 48 KB
14 KB 84ms
27ms Script
text/javascript 2606:4700:10::6816:3556
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.id5-sync.com/api/1.0/esp.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022082501.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:3556 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b9468203d1a374c57d8f34c2df0229524b0b930bd43ed137a2a9bbbb21c1606e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://siakapkeli.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Thu, 01 Sep 2022 08:52:22 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Wed, 31 Aug 2022 11:00:45 GMT
server: cloudflare
age: 3319
etag: W/"c7c919b353e8ba2ee51dc077f03d29d1"
vary: Accept-Encoding
content-type: text/javascript;charset=utf-8
cache-control: public, max-age=3600
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-ray: 743cc4f7cf06996e-FRA
x-amz-request-id: PQ71C0MCHZSN57Q5
x-amz-id-2: nFB7HURzY05h/Uu3JbwbQucM0oWPISdpXAl45YwDhzzh5Hvme5hCVBcreYD7MwUkRcV8znjVYqw=

GET
H2 200 sync.min.js Show response
tags.crwdcntrl.net/lt/c/16589/ 29 KB
9 KB 76ms
19ms Script
text/javascript 65.9.66.97
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022082501.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.66.97 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-66-97.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 094b946adc39ade08f6d927ea066c8fef3ba6ee5c12919873172315ef7428e92

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://siakapkeli.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Thu, 01 Sep 2022 03:07:37 GMT
content-encoding: gzip
etag: W/"2fa1275c04d6208db458c1ec8559f92d"
last-modified: Tue, 19 Jul 2022 18:12:40 GMT
server: AmazonS3
age: 20685
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
via: 1.1 980059f199bdd603b925d049efedf130.cloudfront.net (CloudFront)
cache-control: max-age: 86400
x-amz-cf-pop: FRA56-C1
x-amz-cf-id: 141_g9G82_wv37GefX6Mzt2gN4-jbEZhIzw28SnqF6cg71yJ8zmRAA==

GET
H2 200 uid2-sdk-0.0.1b.js Show response
prod.uidapi.com/static/js/ 4 KB
5 KB 329ms
100ms Script
application/javascript 3.141.155.221
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://prod.uidapi.com/static/js/uid2-sdk-0.0.1b.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022082501.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.141.155.221 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-141-155-221.us-east-2.compute.amazonaws.com
Software: /
Resource Hash: 2a79d9d59e4c07752c78abc5f0243cecb939729e0728f347671fcd3a219e9b3f

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://siakapkeli.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Thu, 01 Sep 2022 08:52:22 GMT
cache-control: public, max-age=86400
last-modified: Tue, 17 May 2022 17:30:07 GMT
accept-ranges: bytes
content-length: 4559
vary: accept-encoding
content-type: application/javascript

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 9DF8 0
0 58ms
57ms Fetch
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstGgPQuTb495d-7rNCLoseohzEMopk5GmsU55zonyeVwiFFSe7_1qnfCh-bL8ZDh77vtWVo6p86lmd9rguh6RPUO0XGZ_jVSjHFGY4BoxQHouYjTNZ_N9_BAAsfdaPq9zrAJoeo_TCi3i7VB0vin-yWuyfAeVdzcIDyIx3sMh2LjvdMABAeRveVdmuq44D_0QmwQwDwZwoH6tY8HL315_KsFCh1CF3pl1lSAKrS_zzRBH4A65t8Fgbp-xGbIbeMjnTvwOyQo53ARuuA0aZ-AP7IyzO1VXOdU15rijmAIJGXAksByYJIXXj3qYrdWmsrDV7NrfDVhmsOh-IQqqF8rg36c4ahROFEOul_es9DJjj7UJBj2qV3y2qp5_B6lOwJ48AJdlvaAQ82XErheyum02vErNKnc3P6jhyN&sai=AMfl-YTdPVd3yKJeK7_JTBG3-EezTuFpclZitmyDchyiTqbgNnVl0T2voSPRyzVy-mKZjIO9rwhhBn8-_uCgCXacPMO0CJKjS_gLFZ5xFLdXHlGGB0VGW81bKp42uZs2RH4&sig=Cg0ArKJSzEl6LS-E9XKNEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: siakapkeli.my
URL: https://siakapkeli.my/2022/09/01/bersalah-kes-rasuah-projek-solar-rosmah-dipenjara-30-tahun-denda-rm970-juta/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://siakapkeli.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 01 Sep 2022 08:52:22 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 9DF8 166 KB
57 KB 162ms
114ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022082501.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d0efea0815d89b5b909ca9d3faee7bfac0fd50b46ffbb932b223e0fea09b8693

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://siakapkeli.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Thu, 01 Sep 2022 08:52:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 57432
x-xss-protection: 0
server: cafe
etag: 14624354913994780798
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Thu, 01 Sep 2022 08:52:22 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 9DF8 142 KB
44 KB 88ms
29ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022082501.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e851345505ee432c9397d60e5d91929ab4e5921f75c91f359b0939a879304b7a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://siakapkeli.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Thu, 01 Sep 2022 08:52:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44792
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1661945761880069"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 01 Sep 2022 08:52:22 GMT

GET
H3

200

esp Show response
oajs.openx.net/
Redirect Chain

https://oajs.openx.net/esp?url=https%3A%2F%2Fsiakapkeli.my%2F2022%2F09%2F01%2Fbersalah-kes-rasuah-projek-solar-rosmah-dipenjara-30-tahun-denda-rm970-juta%2F&rid=esp
https://oajs.openx.net/esp?url=https%3A%2F%2Fsiakapkeli.my%2F2022%2F09%2F01%2Fbersalah-kes-rasuah-projek-solar-rosmah-dipenjara-30-tahun-denda-rm970-juta%2F&rid=esp&cc=1

85 B
103 B

130ms
114ms

Fetch
application/json

34.120.107.143
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://oajs.openx.net/esp?url=https%3A%2F%2Fsiakapkeli.my%2F2022%2F09%2F01%2Fbersalah-kes-rasuah-projek-solar-rosmah-dipenjara-30-tahun-denda-rm970-juta%2F&rid=esp&cc=1
Requested by: Host: siakapkeli.my
URL: https://siakapkeli.my/2022/09/01/bersalah-kes-rasuah-projek-solar-rosmah-dipenjara-30-tahun-denda-rm970-juta/
Protocol: H3
Server: 34.120.107.143 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 143.107.120.34.bc.googleusercontent.com
Software: / Express
Resource Hash: f9a563fbb50b9ccb31345b43149c281c060d1754750ed1f1a32e6ff30ca3defd

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://siakapkeli.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Thu, 01 Sep 2022 08:52:22 GMT
via: 1.1 google
etag: W/"55-iuz/VjHAznzswf/hU4eAYln1jfQ"
x-powered-by: Express
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://siakapkeli.my
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 85

Redirect headers

date: Thu, 01 Sep 2022 08:52:22 GMT
via: 1.1 google
access-control-allow-origin: https://siakapkeli.my
x-powered-by: Express
vary: Origin
location: /esp?url=https%3A%2F%2Fsiakapkeli.my%2F2022%2F09%2F01%2Fbersalah-kes-rasuah-projek-solar-rosmah-dipenjara-30-tahun-denda-rm970-juta%2F&rid=esp&cc=1
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

POST
H2 200 map Show response
bcp.crwdcntrl.net/6/ 20 B
308 B 103ms
30ms XHR
application/json 52.30.246.43
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bcp.crwdcntrl.net/6/map
Requested by: Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.30.246.43 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-30-246-43.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: ab612e26357285522cbacea29b729bfdff3b7342c75ee9438ab83a27ce4b297e

Request headers

Referer: https://siakapkeli.my/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Thu, 01 Sep 2022 08:52:22 GMT
server: Jetty(9.4.38.v20210224)
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: https://siakapkeli.my
expires: 0
cache-control: no-cache
x-server: 10.45.24.187
access-control-allow-credentials: true
content-type: application/json;charset=utf-8
content-length: 20
x-consent: absent

GET
H/1.1 204 increment Show response
id5-sync.com/api/esp/ 0
322 B 79ms
23ms XHR
text/plain 141.95.98.67
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/api/esp/increment?counter=no-config

Requested by

Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/esp.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

141.95.98.67 , France, ASN16276 (OVH, FR),

Reverse DNS

ns3216533.ip-141-95-98.eu

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://siakapkeli.my/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://siakapkeli.my
date: Thu, 01 Sep 2022 08:52:22 GMT
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
strict-transport-security: max-age=63072000; includeSubDomains; preload

GET
DATA 200
OK truncated
/ Frame 9DF8 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0372e585732c57f3a3cdedb3952a2ef299ffddd39e87a8afcbc2c58b5af06046

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208250101/ Frame 9DF8 343 KB
121 KB 123ms
80ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208250101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6998313219273257&plah=siakapkeli.my

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

45bda32b828543bf69769a7dd7328b08c48b5c97bed1c545c6fd4e20295c9992

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://siakapkeli.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Thu, 01 Sep 2022 08:52:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 123441
x-xss-protection: 0
server: cafe
etag: 14059278707074010596
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Thu, 01 Sep 2022 08:52:22 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20220829/r20190131/ Frame 8E73 10 KB
5 KB 69ms
21ms Document
text/html 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20220829/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

de317176fa6b64a8e89bbd45d20b6be2560bbfa96e7e53e63eb754e18bfe6c1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://siakapkeli.my/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

age: 49064
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: gzip
content-length: 4412
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 31 Aug 2022 19:14:38 GMT
etag: 8616628553774171045
expires: Wed, 14 Sep 2022 19:14:38 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 pd Show response
google-bidout-d.openx.net/w/1.0/ Frame A87B 0
91 B 256ms
243ms Document
text/html 35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Requested by: Host: oa.openxcdn.net
URL: https://oa.openxcdn.net/esp.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://siakapkeli.my/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: gzip
content-length: 20
content-type: text/html
date: Thu, 01 Sep 2022 08:52:22 GMT
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
via: 1.1 google

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ Frame 9DF8 217 B
647 B 75ms
28ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=siakapkeli.my&callback=_gfp_s_&client=ca-pub-6998313219273257&cookie=ID%3Dc108e6c32e8016f8%3AT%3D1662022341%3AS%3DALNI_MbvA96QnRpp3aWnQj571EL-axQ2Rw

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208250101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6998313219273257&plah=siakapkeli.my

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d83bf3cea763ba65c512b052e2034075a686311d12c28e392e772a614ccbff50

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://siakapkeli.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Thu, 01 Sep 2022 08:52:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 203
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.nl/adsid/ Frame 9DF8 107 B
122 B 27ms
27ms Script
application/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.nl/adsid/integrator.js?domain=siakapkeli.my

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://siakapkeli.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 01 Sep 2022 08:52:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ Frame 9DF8 107 B
122 B 28ms
28ms Script
application/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=siakapkeli.my

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://siakapkeli.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 01 Sep 2022 08:52:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 751B 436 B
231 B 171ms
131ms Document
text/html 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6998313219273257&output=html&h=200&slotname=8351444450&adk=3785225855&adf=3173046729&pi=t.ma~as.8351444450&w=300&fwrn=3&fwrnh=100&lmt=1662022342&rafmt=1&psa=0&format=300x200&url=https%3A%2F%2Fsiakapkeli.my%2F2022%2F09%2F01%2Fbersalah-kes-rasuah-projek-solar-rosmah-dipenjara-30-tahun-denda-rm970-juta%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&sfro=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1662022342520&bpp=4&bdt=219&idt=219&shv=r20220829&mjsv=m202208250101&ptt=9&saldr=aa&cookie=ID%3Dc108e6c32e8016f8%3AT%3D1662022341%3AS%3DALNI_MbvA96QnRpp3aWnQj571EL-axQ2Rw&correlator=8218108688256&frm=23&ife=4&pv=2&ga_vid=802209565.1662022341&ga_sid=1662022343&ga_hid=1161719102&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1035&ady=566&biw=1600&bih=1200&isw=300&ish=280&ifk=2770593745&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31062931&oid=2&pvsid=2055423113641017&tmod=459292127&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C280&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=132&bc=31&ifi=1&uci=1.qh76yku8f89&fsb=1&dtd=239

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e8199a50a8994e0d2754aef4e00dc862e3a80cde12c7943a2a028b5e4a302cd4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://siakapkeli.my/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-encoding: br
content-length: 211
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 01 Sep 2022 08:52:22 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 container.html Show response
f4f5f5dd83b6f4fca4ebb5cce3cd0739.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 9DEB 6 KB
3 KB 69ms
28ms Document
text/html 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://f4f5f5dd83b6f4fca4ebb5cce3cd0739.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022082501.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://siakapkeli.my/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 01 Sep 2022 08:52:22 GMT
expires: Fri, 01 Sep 2023 08:52:22 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 9DEB 0
0 66ms
62ms Fetch
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CsYVzxnIQY7DsHKHH3gOHy4XYCp6hoa5cofno_p8DwI23ARABIABgkQSCARdjYS1wdWItOTA1ODI5MTg1NDQ0Mzg4MaABp8qQpwPIAQngAgCoAwGqBOoCT9DqWOtjriY81ziUJuCQtpDahEmh_TNK5C6mFOJ2-ZrA_xRFRv9jd1tpf50eRjfOFL-WIj_q632k8Q626hGVg7-8e4RDCTozR6h0XATrurAJRQjlbUgcp3cXWAVWw8UwRz0upNwdLpNzRZ_oTST9ts196McHvnvYPpfza0b2SA__1qc3t6bMTwS3yspsUqquW310E8yA1vB1WlO1JyEoLsBndxHvJ_IXZlJUSIb6E0wQ4ZrnCrWu9S5_uM-rFTDFd7bsDzbbrvfxYDhLYTEaQhdtwaZD2tPYieFE-1HinKO84NYUSK9I8UGTEG18h2Pmp2mXIutYNxWpQigacTzk2j7Cltsv-DBbM6k75ss41Cj0rqahLSJB_OqPtGhJotSYgDJWbrKquEf010m8P9Xx2_YYfrKKzNVLCC7pwPinbycXlhUTrwo806-IS56JCX5DJKohM8v8G8TE5FhPMqXiqLiTrLQNO02-RujgBAGABt3l-tqhufnJtQGgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA8ggbYWR4LXN1YnN5bi0zODcyNzQ4NjQyMTcwMjcxgAoD-gsCCAGADAHQFQGAFwGyFxwKGhIUcHViLTkwNTgyOTE4NTQ0NDM4ODEYttdp&sigh=ivyuIH92WjM&uach_m=[UACH]&cid=CAQSPACsnQUxsacxubvRzEdFXDNKhZaueQsOnk-BVU7EmoG34zGzYSy9oCBySuc54BSc0m0_tAMhVzXIT5mKdRgB
Requested by: Host: siakapkeli.my
URL: https://siakapkeli.my/2022/09/01/bersalah-kes-rasuah-projek-solar-rosmah-dipenjara-30-tahun-denda-rm970-juta/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://f4f5f5dd83b6f4fca4ebb5cce3cd0739.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

GET
H2 200 script.js Show response
d2q8xv8xf7whrd.cloudfront.net/ Frame 9DEB 119 KB
41 KB 83ms
21ms Script
application/javascript 2600:9000:211e:e400:3:bc0d:3a40:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d2q8xv8xf7whrd.cloudfront.net/script.js
Requested by: Host: f4f5f5dd83b6f4fca4ebb5cce3cd0739.safeframe.googlesyndication.com
URL: https://f4f5f5dd83b6f4fca4ebb5cce3cd0739.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211e:e400:3:bc0d:3a40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 488dff332d3e3ffc0ad66173890ffd23b351a50be5d430c32bb93c1bee393caa

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://f4f5f5dd83b6f4fca4ebb5cce3cd0739.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Thu, 01 Sep 2022 08:45:33 GMT
content-encoding: gzip
last-modified: Thu, 01 Sep 2022 06:38:48 GMT
server: AmazonS3
age: 410
etag: W/"0992903c132ad1ced62b7d95c42aa67a"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 3298c44116035984c2fac24b89183c4e.cloudfront.net (CloudFront)
cache-control: max-age=600,public,must-revalidate
x-amz-cf-pop: FRA56-C2
x-amz-cf-id: yrues_u-2cuaQyFiKWs5AyTJg4atMAYype-mqn8zy65dG0Y0fEDCEw==

GET
H/1.1 200
OK v1
a3268.casalemedia.com/impression/ Frame 9DEB 43 B
303 B 85ms
18ms Image
image/gif 185.170.61.169
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a3268.casalemedia.com/impression/v1?bidID=10907f6e-c8bb-4edb-b9d1-d8031dd4bda8&traceID=cc875hmf315ancjujf70&dspID=85&userID=&cmpro=0&deviceType=2&expiryTime=1662022942&ap=YxByxgAHNjAKd6OhAAFlhx1mLBs6tOyTNMDM0A&siteID=341462&creativeID=8e7d96&pubID=189149&format=banner&channel=site
Requested by: Host: f4f5f5dd83b6f4fca4ebb5cce3cd0739.safeframe.googlesyndication.com
URL: https://f4f5f5dd83b6f4fca4ebb5cce3cd0739.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.170.61.169 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://f4f5f5dd83b6f4fca4ebb5cce3cd0739.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 01 Sep 2022 08:52:22 GMT
Server: Apache
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=500
Content-Length: 43
Expires: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 9DEB 0
20 B 56ms
53ms Image
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=awbid&awbid_b=AKAmf-ASc0bQprLYce5Pd3nGpJHwsRThhqWF9UJmuz3hlgD4PuBhPXXPUVf81pEvoEjPRAws9JXBX8CvXZvphaWOo9NRll8QtA&pr=13:YxByxgAAAAA0Q6PNNySjEmGcj0jiICVqTpdI5Q

Requested by

Host: f4f5f5dd83b6f4fca4ebb5cce3cd0739.safeframe.googlesyndication.com
URL: https://f4f5f5dd83b6f4fca4ebb5cce3cd0739.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://f4f5f5dd83b6f4fca4ebb5cce3cd0739.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 01 Sep 2022 08:52:22 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 xbfe_backfill.js Show response
googleads.g.doubleclick.net/pagead/ Frame 9DEB 7 KB
3 KB 21ms
19ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/xbfe_backfill.js

Requested by

Host: f4f5f5dd83b6f4fca4ebb5cce3cd0739.safeframe.googlesyndication.com
URL: https://f4f5f5dd83b6f4fca4ebb5cce3cd0739.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

13385bc296bb2dc9cac61d19963d6868de43445187fdb91b6980e892773a1c37

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://f4f5f5dd83b6f4fca4ebb5cce3cd0739.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Thu, 01 Sep 2022 08:30:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1319
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3151
x-xss-protection: 0
server: cafe
etag: 3095951791532391640
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=3600
timing-allow-origin: *
expires: Thu, 01 Sep 2022 09:30:23 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220829/r20110914/client/ Frame 9DEB 3 KB
1 KB 74ms
24ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220829/r20110914/client/window_focus_fy2021.js

Requested by

Host: f4f5f5dd83b6f4fca4ebb5cce3cd0739.safeframe.googlesyndication.com
URL: https://f4f5f5dd83b6f4fca4ebb5cce3cd0739.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://f4f5f5dd83b6f4fca4ebb5cce3cd0739.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Thu, 01 Sep 2022 08:35:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 990
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 15 Sep 2022 08:35:52 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 9DEB 142 KB
44 KB 592ms
549ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: f4f5f5dd83b6f4fca4ebb5cce3cd0739.safeframe.googlesyndication.com
URL: https://f4f5f5dd83b6f4fca4ebb5cce3cd0739.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e851345505ee432c9397d60e5d91929ab4e5921f75c91f359b0939a879304b7a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://f4f5f5dd83b6f4fca4ebb5cce3cd0739.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Thu, 01 Sep 2022 08:52:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44792
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1661945761880069"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 01 Sep 2022 08:52:23 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220829/r20110914/client/ Frame 9DEB 17 KB
8 KB 69ms
19ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220829/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: f4f5f5dd83b6f4fca4ebb5cce3cd0739.safeframe.googlesyndication.com
URL: https://f4f5f5dd83b6f4fca4ebb5cce3cd0739.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

57000ea03bfb53734d0858b8fe992e6742226f23f311eb0f9d2177e2a84a5621

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://f4f5f5dd83b6f4fca4ebb5cce3cd0739.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Thu, 01 Sep 2022 08:43:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 509
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7599
x-xss-protection: 0
server: cafe
etag: 9215437806027971270
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 15 Sep 2022 08:43:53 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 9DEB 0
0 87ms
27ms Image
text/html 2a00:1450:4001:802::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSg9qawd6jHTv7Jm9fIck915nJwp1DPHw21_b1JMnxvRNgYc1sTv_DBPRAvUT5nOtOkm6k6xP30ieKmbbz-WToLiUmYQQ
Requested by: Host: f4f5f5dd83b6f4fca4ebb5cce3cd0739.safeframe.googlesyndication.com
URL: https://f4f5f5dd83b6f4fca4ebb5cce3cd0739.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:802::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://f4f5f5dd83b6f4fca4ebb5cce3cd0739.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

GET
H2 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-38/js/ Frame 9DEB 22 KB
7 KB 71ms
21ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-38/js/ext.js

Requested by

Host: f4f5f5dd83b6f4fca4ebb5cce3cd0739.safeframe.googlesyndication.com
URL: https://f4f5f5dd83b6f4fca4ebb5cce3cd0739.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://f4f5f5dd83b6f4fca4ebb5cce3cd0739.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Mon, 29 Aug 2022 20:25:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 217584
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7022
x-xss-protection: 0
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Tue, 29 Aug 2023 20:25:58 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 9DF8 0
0 58ms
58ms Fetch
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjst_HeatVLUK7CapEIpE4KMtsoS5Ulwd74duOgaTFJNQg1n3bsF9fNx1TqULCU9cbg9DcgzY1hMNWM6G65nmDeVT6t3t4ow6Ow6lZfP0XT4505Kc88s845YPYVVOK6EklrkbSjm-mCVMH9QwPXE7NZpfQdoDWBUMKKOYpA9yWhpIYk7H4eL4lbSAqrx7yr35O6POs8b122UWo1zGiOEsuLSKw2BApyCwxMPSkgGl9hQO7nS32-tOsZFvXlPaKvleQz8ERi4q-Lrcfw86EMnF6EyA0NydkpMYl31arl-pooXwSpM0VH954h1PDpu-pDOfnS_0Me2eC-wHpydmU3D03VLr2EWYOgCCnXfQeJj7g2en8hR8U6KFj_u0ms31au0dUJtehchf8LwMqgq44S9Ez9mfHe1K_7e25oGXKDk&sai=AMfl-YRGRXFZEStpV--bT8tf7h8noSy0-ZfaA75MyFmuiSUTV_iJ25e1vQpJ4K_-7Q6QQCnLz2uTumH4ZnRsMnmsC9Ydd-EyhQINYvWG_VyY9GlR7sgziwPB180Zc-s0bPU&sig=Cg0ArKJSzGFTvozdl4MlEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://siakapkeli.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 01 Sep 2022 08:52:22 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Thu, 01 Sep 2022 08:52:22 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 9DF8 14 KB
11 KB 129ms
66ms XHR
application/json 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20220829&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

01826976aac14f35662bdfe69279621f5c8ae87d495c474a97ec65ccf0f4aefa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://siakapkeli.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 01 Sep 2022 08:52:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11093
x-xss-protection: 0

POST
H3 200 1a Show response
i.clean.gg/ Frame 9DEB 0
15 B 130ms
103ms XHR
application/octet-stream 34.95.69.49
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://i.clean.gg/1a
Requested by: Host: d2q8xv8xf7whrd.cloudfront.net
URL: https://d2q8xv8xf7whrd.cloudfront.net/script.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.95.69.49 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 49.69.95.34.bc.googleusercontent.com
Software: nginx/1.21.6 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://f4f5f5dd83b6f4fca4ebb5cce3cd0739.safeframe.googlesyndication.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type: application/json

Response headers

date: Thu, 01 Sep 2022 08:52:23 GMT
via: 1.1 google
server: nginx/1.21.6
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Origin,Accept,X-API-Key
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/octet-stream
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Range
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

OPTIONS
H2 204 1a
i.clean.gg/ Frame 0
0 154ms
99ms Preflight
text/plain 34.95.69.49
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://i.clean.gg/1a
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.95.69.49 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 49.69.95.34.bc.googleusercontent.com
Software: nginx/1.21.6 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://f4f5f5dd83b6f4fca4ebb5cce3cd0739.safeframe.googlesyndication.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Origin,Accept,X-API-Key
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1728000
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/plain; charset=utf-8
date: Thu, 01 Sep 2022 08:52:23 GMT
server: nginx/1.21.6
via: 1.1 google

GET
H3 200 adfetch Show response
googleads.g.doubleclick.net/pagead/ Frame B78F 95 KB
33 KB 103ms
101ms Document
text/html 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adfetch?adk=274594334&adsafe=medium&client=ca-pub-5722610347565274&format=300x250_as&ip=2001:1af8:4700::&output=html&unviewed_position_start=1&url=https://siakapkeli.my/2022/09/01/bersalah-kes-rasuah-projek-solar-rosmah-dipenjara-30-tahun-denda-rm970-juta&sub_client=bidder-341462&aceid=MJXtagCuG7QARVs0AQ9oNAGbeDQBqns0Abx7NAFOfDQBWXw0Abl8NAHjfDQBGH00AR99NAFLfTQBTX00AWl9NAGAfTQBh300AYh9NAGNfTQBln00AZ99NAGhfTQBuH00Abx9NAHDfTQBxH00Acp9NAG3bEEBS3NBAVNzQQF2ENoBSej1AcAdXAJYHlwCW_mIAh_6iAIm-4gCR_uIAnhAqgInQqoCKEKqAitCqgIcRKoC_EaqAhlNqgJxj6oCgJuqAoGbqgKCm6oCoqiqAnmxqgLFtaoCuruqAi28qgLDvaoCLMGqAobNqgJP0KoCaNaqAqbaqgJV3qoCi9-qAkfgqgLI4qoCauSqAqDlqgLg5qoCW_CqAqDxqgLY8aoCT_KqArbzqgI-9aoC9PWqAlj4qgIm-6oCQvuqAqQBqwKyBasC9gWrAmwJqwKjC6sCSAyrAlAMqwKxEqsCuBOrAgkUqwKBFasChBerAk0ZqwKEGqsCYhyrAsUcqwIhHqsCXB6rArIeqwIOIKsCRiCrAsIgqwLgIasCDCOrAlQjqwKsI6sCJSSrAuMkqwKIJqsC-CarAk4nqwKiJ6sCVCirAmAoqwKWKKsCGimrAjwpqwJoKasC8ymrApkqqwLhKqsCeiurAvsrqwJHLqsCJOEYDG5dRg-zofsSsav7EiHF-xLM0fsSCej7EoHt-xKp7_sSm_L7Ekb7-xJi_vsSAf_7Epj_-xI1AvwSYwL8EuUC_BJfA_wSxFzQE2ii6hRAQKMY91ZrGtTwWSgrIvpC_9Hrbg&awbid_c=AKAmf-Dwn_0ACxIbMie5eeNem2kpiCIr4iILinjWhKfUfejARWeoG4MsEiAYZwkIs8j_kh30IrxkyuzPOjH5avVT1XifCfmYx_SmNaxKJfQpxRarH5dx4NJXlvjDBOOLjhJTNOkPNJOP8RPx-1fSUHLg_lEZbsLMbFBfKGPNMNl1FaUuFG7wB5ieLRZthZ2HIp2oJxd1XUuaCh8RgmrVXFEzBLlQ2_nTZLPALSJZPn--o-lpCQ6m6J_nVGPAQcFAbM9gVezXbWBqJNE0_DyVzTojR4GqS5O0qyJe-yOdf3B7PUwTxKJG-KYRyCLx15V8dzVBbmNMASAOtmQh4ZBOeVYmYncecRpSXcoPD4BjWSD9tV_a3rypVn18zztNqlCnMYZsw0WQlkoOxDJli2qV1RPIjk7R1HvXuQLM9ETPlu1m9yLcwPaovLG8MZj02XsQAghvvl3kcGoviqICDaIg-S4yUWchIiD26GuH1y2H4Wf_zFnepLXWUhEu96c5NuxvLAkL-cEqKDQUnmFtylwOFas8oKJ7tDU7vVcGYTGIHMX_rL6Bozr2kfRWzxcJcIa36-ZBaTNUDrJN9r2NNnBnoHtBrWZ76BdgMBFcQJAyeW8593SW9bHVm9FtEEIx-Aj0IzY3sMhIV3GB&awbid_d=AKAmf-CRRa0gi_LSxBniDbvgtIVZulg_9zBSK2wUhN5kYQoshyXnHXwUMSU6tLidu0n33-bzw-Ltcuzalk5DZyfsSANDgwvkgDww1mLwh7GvCxErxCUKJ3ycW35lYakpuNYGDoyMRSLsvNh4dl_eOi1mVJYAf0hd3EhVKdKCE94Imn-hL8dYd_HdAuN1jFOb8BnIcqeuTIYbulVTpzlkIbAPdV49-JkaHmfvXkzWwfd8SYNdnGmToqaHKcKdlX1mLrKWPlCbjCr2874-g8h4MppnLWaw5WnxXgEOp5DhrZNZ6LxN2KZph2nHfUAGr5Qe7Ca4skS1QhioY8mzIXZKZWRZTUS_Di_m5R42QzwYWJXzODLy_DWZtJEu5S1HNixMqaGCM8Hz8BsmWwDkcZ9oGyKlUB8nGq46yTmfLI7NWmeH-aggMuc6lucd9bZ36uVvOpEk9Kfr6LH-iPjmibYJIFCi-E0Qjs5dJt0UBN3ljfXHDFa-V_yK1tfJuYmUN_zEQiN8qMyI6juyboMsinCLpN_fDG78APtDEYJyKeylYSrKGQxOGkYSHZbJcoVd2QlkglLkz5wgHw4fSYvd_3WluZ4ixatgsp-Fxe4L60QfM7QXfDkDI_SqxVGJUVu6RiKdnTPtPxdw-9P8R5bfCyxjDiUW0bCC5B8Q0aLNw5l7Z8f2zlrl6sCk7krSu05P5-5LabmyRgg25_B2PaQX3qFYlH_sdB3yYwGctFbyKjc2aG2RwWcT8U8mpEoMSoIzQ-Uh9HpnN9bSc5wBOw7jDkjt9u-txQmo0Zkw3uyP3hipD0fzcbPl7i5-cU9LMVPXelFV6r604_LzA01fr__Yl8QST3tvc6WL7_T5h6Xqd_S4UWBfMvnuq7sew2dQhcjlTOhtF39J4OpvSleNl9gYIiGGJbAxsp3PQrQj7pD0mpKnYx4CYfclb0Y1aVoZ4p58vAcMTDmEE0jvO5Q-6CJgMckHIDfA80AKNJiFJDm16y1RIjhpme5yEJfKNvidT-UHy8F1RaTEt6DU-OefmAEycnkaLYW00zneeBj3wm5aEmawN7mcWbhlSPXPh7Ja5yUFKUiWekuCdd_AjuOkK-FZfaIwj1RkYRcpeeGw6yXhpjyc5mSEMAZj86T9w4pzXycLS_rhtuh8XeP8MFLWZgPSajUia7OEkWkEZ_ieP5rcI1rnHPQW6UVVF04Q2wSejRhBPCXJ8WY-OmbpMFz6PYYHc7WqqrU_imnFPSUIfww6-NqZjghfkQZFjDDdjrQpbDlud1K4-NAQrz80AyA9mQiO5DcCHbL4yz6ZGDYLjg&cid=CAASBORoGis&exk=1175156717&rfl=https%3A%2F%2Fsiakapkeli.my%2F&a_pr=13:YxByxgAAAAAmYnF5E1Mfu0u8Zb7g6W81qzA0jw

Requested by

Host: d2q8xv8xf7whrd.cloudfront.net
URL: https://d2q8xv8xf7whrd.cloudfront.net/script.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b1faeac062934485878358576b352a1d0a7e80c64151dc34132eaed21466db0b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://f4f5f5dd83b6f4fca4ebb5cce3cd0739.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-encoding: br
content-length: 34208
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 01 Sep 2022 08:52:23 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2

200

usermatch Show response
r.casalemedia.com/ Frame 46C7
Redirect Chain

https://ssum-sec.casalemedia.com/usermatch?ix_um=1&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&s=189149&us_privacy=&gdpr_consent=&gdpr=1
https://r.casalemedia.com/usermatch?ix_um=1&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&s=189149&us_privacy=&gdpr_consent=&gdpr=1&C=1

2 KB
2 KB

105ms
47ms

Document
text/html

104.18.18.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://r.casalemedia.com/usermatch?ix_um=1&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&s=189149&us_privacy=&gdpr_consent=&gdpr=1&C=1
Requested by: Host: f4f5f5dd83b6f4fca4ebb5cce3cd0739.safeframe.googlesyndication.com
URL: https://f4f5f5dd83b6f4fca4ebb5cce3cd0739.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6357e8295825a71a9df68e927757b4cf26df3b198e8d5111d1799cd0eaf4d945

Request headers

Referer: https://f4f5f5dd83b6f4fca4ebb5cce3cd0739.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-cache
cf-cache-status: DYNAMIC
cf-ray: 743cc4fcaca7bbeb-FRA
content-encoding: br
content-type: text/html
date: Thu, 01 Sep 2022 08:52:23 GMT
dropped-udsids: 45|39|241|230|195|105|13|31
expires: 0
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MDDxqYgcSvDwMLe673ZYiwZ4wz5mRN4OxzKD%2F6bjN8MQI5GRkSq2%2FKOd94hc821EU4St67c1MKMY4QXi3ak1PIWOqKPBiDj%2FP%2B9JWrMyCNE3L8%2FgduYHemzdnVA%2BuFN%2FlJWn"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Is-Traffic-Usersync, Accept-Encoding

Redirect headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-cache
cf-cache-status: DYNAMIC
cf-ray: 743cc4fc08355ba4-FRA
content-type: text/html; charset=iso-8859-1
date: Thu, 01 Sep 2022 08:52:23 GMT
expires: 0
location: https://r.casalemedia.com/usermatch?ix_um=1&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&s=189149&us_privacy=&gdpr_consent=&gdpr=1&C=1
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VK%2BgiVN5BpoLQJhBlTY1pvXOsTvkcZ3e1OLXgAasJ2APbDLKPt1sMwZZpXavXrWcM7San%2BJwM6mpG56z4lQr3snGTZ2gcXk8FWJ0vwAgEcaLnkG9ETowyqKUewUnTK9u4yS0XTiz79WrKA%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 20E8 1 KB
749 B 27ms
26ms Document
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: f4f5f5dd83b6f4fca4ebb5cce3cd0739.safeframe.googlesyndication.com
URL: https://f4f5f5dd83b6f4fca4ebb5cce3cd0739.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://f4f5f5dd83b6f4fca4ebb5cce3cd0739.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

age: 66018
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=86400
content-encoding: gzip
content-length: 724
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 31 Aug 2022 14:32:04 GMT
etag: 48472445140208031
expires: Thu, 01 Sep 2022 14:32:04 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 204 current
dclk-match.dotomi.com/match/bounce/ Frame 20E8 0
104 B 97ms
23ms Image
text/plain 2a02:fa8:8806:16::1370
VCLK-EU-SE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESENj20wy6c8ZHaa3kJ3WTMOU&google_cver=1&google_push=AehlK4CPCjJ5n0cjYeAu97Ba426QUYawzqRlysmvFFi8jCt00WR0nAzSvbo3nXoO68hbqZjGQqMaFZ9Zs9FvzEd5wWIVTNag6t8GBw
Requested by: Host: f4f5f5dd83b6f4fca4ebb5cce3cd0739.safeframe.googlesyndication.com
URL: https://f4f5f5dd83b6f4fca4ebb5cce3cd0739.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:fa8:8806:16::1370 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 01 Sep 2022 08:52:23 GMT
cache-control: no-cache, private, max-age=0, no-store
server: nginx
expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 20E8
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEFsRpX3bqNTa09BQn7ECAKE&google_cver=1&google_push=AehlK4CBZOw6qZBjF6Qx335TNF_8meZYo9HI5FwVPt5z35sM_b_jnNjYtLZt34K7B1p8-Yu2rv6QUppqNpSYg4KP...
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AehlK4CBZOw6qZBjF6Qx335TNF_8meZYo9HI5FwVPt5z35sM_b_jnNjYtLZt34K7B1p8-Yu2rv6QUppqNpSYg4KPqAQ7ZOidbPPd5Q

170 B
188 B

31ms
31ms

Image
image/png

142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AehlK4CBZOw6qZBjF6Qx335TNF_8meZYo9HI5FwVPt5z35sM_b_jnNjYtLZt34K7B1p8-Yu2rv6QUppqNpSYg4KPqAQ7ZOidbPPd5Q

Requested by

Host: siakapkeli.my
URL: https://siakapkeli.my/2022/09/01/bersalah-kes-rasuah-projek-solar-rosmah-dipenjara-30-tahun-denda-rm970-juta/

Protocol

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 01 Sep 2022 08:52:23 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Thu, 01 Sep 2022 08:52:23 GMT
Server: MT3 4505 5b23575 master hkg-pixel-x7 config:1.0.0
Access-Control-Allow-Origin: *
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AehlK4CBZOw6qZBjF6Qx335TNF_8meZYo9HI5FwVPt5z35sM_b_jnNjYtLZt34K7B1p8-Yu2rv6QUppqNpSYg4KPqAQ7ZOidbPPd5Q
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=360
Content-Length: 0
Expires: Thu, 01 Sep 2022 08:52:22 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 20E8
Redirect Chain

https://um.simpli.fi/gp_match?google_gid=CAESEDKR39BzA2DZzb1IilFMKDk&google_cver=1&google_push=AehlK4D9iHHqkJwegCWVZY-LNZpG76VwHz0cKHySfHqIOzraj7_-GhutMxnWFnM_7eXOReztukPLWUzc4ZTwta6gbvYaN-oV5vQh
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=64342DA3D38D434C8677AD4BD0B0B9A2&google_push=AehlK4D9iHHqkJwegCWVZY-LNZpG76VwHz0cKHySfHqIOzraj7_-GhutMxnWFnM_7eXOReztukPLWUzc4ZTwta6...

170 B
232 B

32ms
31ms

Image
image/png

142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=64342DA3D38D434C8677AD4BD0B0B9A2&google_push=AehlK4D9iHHqkJwegCWVZY-LNZpG76VwHz0cKHySfHqIOzraj7_-GhutMxnWFnM_7eXOReztukPLWUzc4ZTwta6gbvYaN-oV5vQh

Requested by

Host: f4f5f5dd83b6f4fca4ebb5cce3cd0739.safeframe.googlesyndication.com
URL: https://f4f5f5dd83b6f4fca4ebb5cce3cd0739.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 01 Sep 2022 08:52:23 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Thu, 01 Sep 2022 08:52:23 GMT
x-content-type-options: nosniff
server: nginx
location: https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=64342DA3D38D434C8677AD4BD0B0B9A2&google_push=AehlK4D9iHHqkJwegCWVZY-LNZpG76VwHz0cKHySfHqIOzraj7_-GhutMxnWFnM_7eXOReztukPLWUzc4ZTwta6gbvYaN-oV5vQh
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 138
expires: Wed, 31 Aug 2022 08:52:23 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 20E8
Redirect Chain

https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEC9wkrBrEQMQLB0CdBIKfm8&google_cver=1&google_push=AehlK4CaeaGtp3xgS6s-3tnOnSCfMwu1ItRLgGTCBi9qNebjg-bCZLx5BDGK7xcaGszy1wW0bsIukq8rZKx3_D...
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzEzODMzMTYwODQwOTE3NjIxOA%3D%3D&google_push=AehlK4CaeaGtp3xgS6s-3tnOnSCfMwu1ItRLgGTCBi9qNebjg-bCZLx5BDGK7xcaGszy1wW0bsIukq8rZKx3_DZqts...

170 B
329 B

31ms
31ms

Image
image/png

142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzEzODMzMTYwODQwOTE3NjIxOA%3D%3D&google_push=AehlK4CaeaGtp3xgS6s-3tnOnSCfMwu1ItRLgGTCBi9qNebjg-bCZLx5BDGK7xcaGszy1wW0bsIukq8rZKx3_DZqtsyk5-FZr7WO5g

Requested by

Host: f4f5f5dd83b6f4fca4ebb5cce3cd0739.safeframe.googlesyndication.com
URL: https://f4f5f5dd83b6f4fca4ebb5cce3cd0739.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 01 Sep 2022 08:52:23 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzEzODMzMTYwODQwOTE3NjIxOA%3D%3D&google_push=AehlK4CaeaGtp3xgS6s-3tnOnSCfMwu1ItRLgGTCBi9qNebjg-bCZLx5BDGK7xcaGszy1wW0bsIukq8rZKx3_DZqtsyk5-FZr7WO5g
Date: Thu, 01 Sep 2022 08:52:23 GMT
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
p3p: policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 20E8
Redirect Chain

https://x.bidswitch.net/sync?ssp=google&google_gid=CAESECEOwzaPutOKdYJnvtKN_v0&google_cver=1&google_push=AehlK4CC6ZHSD1P8BZOpwtxcItgDW6RcARsBkwJRB1hRjH7SfwafoH7bRAs0s5xocfu3NNRBt47spw3JlMAvU3hpTcdg...
https://x.bidswitch.net/ul_cb/sync?ssp=google&google_gid=CAESECEOwzaPutOKdYJnvtKN_v0&google_cver=1&google_push=AehlK4CC6ZHSD1P8BZOpwtxcItgDW6RcARsBkwJRB1hRjH7SfwafoH7bRAs0s5xocfu3NNRBt47spw3JlMAvU3...
https://a.sportradarserving.com/sync?ssp=bidswitch&bidswitch_ssp_id=google
https://a.sportradarserving.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=google
https://x.bidswitch.net/sync?dsp_id=409&expires=14&user_group=1&user_id=e69840d1-1323-4893-87bb-45b05989e19f&ssp=google
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AehlK4CC6ZHSD1P8BZOpwtxcItgDW6RcARsBkwJRB1hRjH7SfwafoH7bRAs0s5xocfu3NNRBt47spw3JlMAvU3hpTcdgDh6b_ZSvzA&google_hm=TpWqR84VSFyLuG4kxhpP4g==

170 B
188 B

32ms
31ms

Image
image/png

142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AehlK4CC6ZHSD1P8BZOpwtxcItgDW6RcARsBkwJRB1hRjH7SfwafoH7bRAs0s5xocfu3NNRBt47spw3JlMAvU3hpTcdgDh6b_ZSvzA&google_hm=TpWqR84VSFyLuG4kxhpP4g==

Requested by

Host: f4f5f5dd83b6f4fca4ebb5cce3cd0739.safeframe.googlesyndication.com
URL: https://f4f5f5dd83b6f4fca4ebb5cce3cd0739.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 01 Sep 2022 08:52:23 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: //cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AehlK4CC6ZHSD1P8BZOpwtxcItgDW6RcARsBkwJRB1hRjH7SfwafoH7bRAs0s5xocfu3NNRBt47spw3JlMAvU3hpTcdgDh6b_ZSvzA&google_hm=TpWqR84VSFyLuG4kxhpP4g==
Date: Thu, 01 Sep 2022 08:52:23 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 0

GET
H2 200 UCookieSetPug
image6.pubmatic.com/AdServer/ Frame 20E8 0
166 B 76ms
18ms Image
text/html 185.64.190.78
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEKuxvi5A7Xv2awPUmO3jguU&google_cver=1&google_push=AehlK4DEHeFVb4UylRxTArEr57AmWsCFAGiDKAvxNQ-FYJiuy6990nVsYBysoxfZtE8Inpu3rtVvsizcR_CIgchYsK2Q1kR3oZEd-w
Requested by: Host: f4f5f5dd83b6f4fca4ebb5cce3cd0739.safeframe.googlesyndication.com
URL: https://f4f5f5dd83b6f4fca4ebb5cce3cd0739.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Thu, 01 Sep 2022 08:52:22 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 0
content-type: text/html; charset=UTF-8

GET
H/1.1 200
OK sync
ssbsync.smartadserver.com/api/ Frame 20E8 0
75 B 177ms
27ms Image
text/plain 185.86.139.104
SMARTADSERVER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssbsync.smartadserver.com/api/sync?callerId=3&google_gid=CAESEK3DhKhf3GbapiFKmqjrXtg&google_cver=1&google_push=AehlK4AOJydEa06MzQHYCLht9_bIZNDqVy-Fj1CG4nk3n_cBr8O33V8yS36kUTcd_Ijlj_xxYCXQ19ubF8QtdaGxNh7cI2kzhu8IvA
Requested by: Host: f4f5f5dd83b6f4fca4ebb5cce3cd0739.safeframe.googlesyndication.com
URL: https://f4f5f5dd83b6f4fca4ebb5cce3cd0739.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.139.104 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Thu, 01 Sep 2022 08:52:22 GMT
content-length: 0

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame 20E8 0
223 B 101ms
27ms Image
text/html 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LJb48LGo4x4aCEXP8jWtimUSZJor7HGT6BZtXNvelJ_F2LmRWNi-Ji8mriY6ysEkmu7SkH

Requested by

Host: f4f5f5dd83b6f4fca4ebb5cce3cd0739.safeframe.googlesyndication.com
URL: https://f4f5f5dd83b6f4fca4ebb5cce3cd0739.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Thu, 01 Sep 2022 08:52:23 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 9DF8 17 KB
6 KB 89ms
47ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://siakapkeli.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Thu, 01 Sep 2022 08:52:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 01 Sep 2022 08:52:23 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame E5CC 0
0 55ms
54ms Fetch
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuozPWXooIpbNi4UuuIAOAcvSUfUZ1rgmE20iFaA_QUO_Q1C5aExHXIoWqIP7StbMUhnnXBII-KxY1-Dl7Mkf-ft-2SbHCvtotWP-Sm6O_3yx7YWnU-dW2wvHUt0QQlTh19Mzwuw5JkX5duuBK2yUDNXplnCa4j1URXfehAh2lLhRMFnifyLtvJDCcbN3RBXLXOJgu3fVENa_v6_DuEKPTGbKzcegnycegA4rOHkyfstBz3SVdrHJ9Wk21HL9jtaTWq9kkSwmkdlvZRCYDuMdwRwmfSIHB7DityLe_aNFH-B8_Atf04TWL1gFJNjX0wvU8vX7nILVcBG2ltcU-JyN8NYuJOotUzeo8&sai=AMfl-YSUxsPLM6d7YqZYxztWe3iUZqhLNepVb8FIf9LWlmkLAtYePQOs_l6V8odMyMbtK7wsKGUaa5KwdLm4MX1fG08O_RUe1DgA_z9a-I5pohuPS9S3sgE2udtWiHTH4Gg&sig=Cg0ArKJSzKsl9mu5zms4EAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: siakapkeli.my
URL: https://siakapkeli.my/2022/09/01/bersalah-kes-rasuah-projek-solar-rosmah-dipenjara-30-tahun-denda-rm970-juta/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://siakapkeli.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 01 Sep 2022 08:52:23 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H2 200 6032.js Show response
cnt.trvdp.com/js/1273/ Frame E5CC 3 KB
2 KB 94ms
20ms Script
application/javascript 65.9.66.43
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cnt.trvdp.com/js/1273/6032.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022082501.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.66.43 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-66-43.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 483a4fdfc56fb9d51ab02fe709b7a4d353005f0662f6833785e1539cf39fee34

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://siakapkeli.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Fri, 24 Jun 2022 06:34:02 GMT
content-encoding: gzip
last-modified: Tue, 15 Mar 2022 08:01:17 GMT
server: AmazonS3
age: 5969902
etag: W/"69202691d58122284939cb42ef8286bd"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 2fc0d20914c32e5cd76477ed042298d0.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C1
x-amz-cf-id: ffLmWLm9bGDtJ79ijPIBwVe_nUuu4TQGDwmAX0JgKiWyyz7FfvsiCw==

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame E5CC 142 KB
44 KB 347ms
347ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022082501.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e851345505ee432c9397d60e5d91929ab4e5921f75c91f359b0939a879304b7a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://siakapkeli.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Thu, 01 Sep 2022 08:52:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44792
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1661945761880069"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 01 Sep 2022 08:52:23 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame B78F 6 KB
672 B 19ms
18ms Stylesheet
text/css 2a00:1450:400e:800::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/adfetch?adk=274594334&adsafe=medium&client=ca-pub-5722610347565274&format=300x250_as&ip=2001:1af8:4700::&output=html&unviewed_position_start=1&url=https://siakapkeli.my/2022/09/01/bersalah-kes-rasuah-projek-solar-rosmah-dipenjara-30-tahun-denda-rm970-juta&sub_client=bidder-341462&aceid=MJXtagCuG7QARVs0AQ9oNAGbeDQBqns0Abx7NAFOfDQBWXw0Abl8NAHjfDQBGH00AR99NAFLfTQBTX00AWl9NAGAfTQBh300AYh9NAGNfTQBln00AZ99NAGhfTQBuH00Abx9NAHDfTQBxH00Acp9NAG3bEEBS3NBAVNzQQF2ENoBSej1AcAdXAJYHlwCW_mIAh_6iAIm-4gCR_uIAnhAqgInQqoCKEKqAitCqgIcRKoC_EaqAhlNqgJxj6oCgJuqAoGbqgKCm6oCoqiqAnmxqgLFtaoCuruqAi28qgLDvaoCLMGqAobNqgJP0KoCaNaqAqbaqgJV3qoCi9-qAkfgqgLI4qoCauSqAqDlqgLg5qoCW_CqAqDxqgLY8aoCT_KqArbzqgI-9aoC9PWqAlj4qgIm-6oCQvuqAqQBqwKyBasC9gWrAmwJqwKjC6sCSAyrAlAMqwKxEqsCuBOrAgkUqwKBFasChBerAk0ZqwKEGqsCYhyrAsUcqwIhHqsCXB6rArIeqwIOIKsCRiCrAsIgqwLgIasCDCOrAlQjqwKsI6sCJSSrAuMkqwKIJqsC-CarAk4nqwKiJ6sCVCirAmAoqwKWKKsCGimrAjwpqwJoKasC8ymrApkqqwLhKqsCeiurAvsrqwJHLqsCJOEYDG5dRg-zofsSsav7EiHF-xLM0fsSCej7EoHt-xKp7_sSm_L7Ekb7-xJi_vsSAf_7Epj_-xI1AvwSYwL8EuUC_BJfA_wSxFzQE2ii6hRAQKMY91ZrGtTwWSgrIvpC_9Hrbg&awbid_c=AKAmf-Dwn_0ACxIbMie5eeNem2kpiCIr4iILinjWhKfUfejARWeoG4MsEiAYZwkIs8j_kh30IrxkyuzPOjH5avVT1XifCfmYx_SmNaxKJfQpxRarH5dx4NJXlvjDBOOLjhJTNOkPNJOP8RPx-1fSUHLg_lEZbsLMbFBfKGPNMNl1FaUuFG7wB5ieLRZthZ2HIp2oJxd1XUuaCh8RgmrVXFEzBLlQ2_nTZLPALSJZPn--o-lpCQ6m6J_nVGPAQcFAbM9gVezXbWBqJNE0_DyVzTojR4GqS5O0qyJe-yOdf3B7PUwTxKJG-KYRyCLx15V8dzVBbmNMASAOtmQh4ZBOeVYmYncecRpSXcoPD4BjWSD9tV_a3rypVn18zztNqlCnMYZsw0WQlkoOxDJli2qV1RPIjk7R1HvXuQLM9ETPlu1m9yLcwPaovLG8MZj02XsQAghvvl3kcGoviqICDaIg-S4yUWchIiD26GuH1y2H4Wf_zFnepLXWUhEu96c5NuxvLAkL-cEqKDQUnmFtylwOFas8oKJ7tDU7vVcGYTGIHMX_rL6Bozr2kfRWzxcJcIa36-ZBaTNUDrJN9r2NNnBnoHtBrWZ76BdgMBFcQJAyeW8593SW9bHVm9FtEEIx-Aj0IzY3sMhIV3GB&awbid_d=AKAmf-CRRa0gi_LSxBniDbvgtIVZulg_9zBSK2wUhN5kYQoshyXnHXwUMSU6tLidu0n33-bzw-Ltcuzalk5DZyfsSANDgwvkgDww1mLwh7GvCxErxCUKJ3ycW35lYakpuNYGDoyMRSLsvNh4dl_eOi1mVJYAf0hd3EhVKdKCE94Imn-hL8dYd_HdAuN1jFOb8BnIcqeuTIYbulVTpzlkIbAPdV49-JkaHmfvXkzWwfd8SYNdnGmToqaHKcKdlX1mLrKWPlCbjCr2874-g8h4MppnLWaw5WnxXgEOp5DhrZNZ6LxN2KZph2nHfUAGr5Qe7Ca4skS1QhioY8mzIXZKZWRZTUS_Di_m5R42QzwYWJXzODLy_DWZtJEu5S1HNixMqaGCM8Hz8BsmWwDkcZ9oGyKlUB8nGq46yTmfLI7NWmeH-aggMuc6lucd9bZ36uVvOpEk9Kfr6LH-iPjmibYJIFCi-E0Qjs5dJt0UBN3ljfXHDFa-V_yK1tfJuYmUN_zEQiN8qMyI6juyboMsinCLpN_fDG78APtDEYJyKeylYSrKGQxOGkYSHZbJcoVd2QlkglLkz5wgHw4fSYvd_3WluZ4ixatgsp-Fxe4L60QfM7QXfDkDI_SqxVGJUVu6RiKdnTPtPxdw-9P8R5bfCyxjDiUW0bCC5B8Q0aLNw5l7Z8f2zlrl6sCk7krSu05P5-5LabmyRgg25_B2PaQX3qFYlH_sdB3yYwGctFbyKjc2aG2RwWcT8U8mpEoMSoIzQ-Uh9HpnN9bSc5wBOw7jDkjt9u-txQmo0Zkw3uyP3hipD0fzcbPl7i5-cU9LMVPXelFV6r604_LzA01fr__Yl8QST3tvc6WL7_T5h6Xqd_S4UWBfMvnuq7sew2dQhcjlTOhtF39J4OpvSleNl9gYIiGGJbAxsp3PQrQj7pD0mpKnYx4CYfclb0Y1aVoZ4p58vAcMTDmEE0jvO5Q-6CJgMckHIDfA80AKNJiFJDm16y1RIjhpme5yEJfKNvidT-UHy8F1RaTEt6DU-OefmAEycnkaLYW00zneeBj3wm5aEmawN7mcWbhlSPXPh7Ja5yUFKUiWekuCdd_AjuOkK-FZfaIwj1RkYRcpeeGw6yXhpjyc5mSEMAZj86T9w4pzXycLS_rhtuh8XeP8MFLWZgPSajUia7OEkWkEZ_ieP5rcI1rnHPQW6UVVF04Q2wSejRhBPCXJ8WY-OmbpMFz6PYYHc7WqqrU_imnFPSUIfww6-NqZjghfkQZFjDDdjrQpbDlud1K4-NAQrz80AyA9mQiO5DcCHbL4yz6ZGDYLjg&cid=CAASBORoGis&exk=1175156717&rfl=https%3A%2F%2Fsiakapkeli.my%2F&a_pr=13:YxByxgAAAAAmYnF5E1Mfu0u8Zb7g6W81qzA0jw

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400e:800::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e0be1d222e2e367ac5106f4aee4830c3de18af1d266f8cde53915e11e8b01bfd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 01 Sep 2022 07:25:16 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Thu, 01 Sep 2022 08:52:23 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 01 Sep 2022 08:52:23 GMT

GET
H3 200 load_preloaded_resource.js Show response
tpc.googlesyndication.com/pagead/js/r20220829/r20110914/client/ Frame B78F 2 KB
1 KB 59ms
36ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220829/r20110914/client/load_preloaded_resource.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1f4362568e9be366759f9ada329e928f398f49333040bc12fcf2de18483d1f52

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Thu, 01 Sep 2022 07:38:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 4410
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1201
x-xss-protection: 0
server: cafe
etag: 17441257144546641969
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 15 Sep 2022 07:38:53 GMT

GET
H3 200 abg_lite.js Show response
tpc.googlesyndication.com/pagead/js/r20220829/r20110914/ Frame B78F 30 KB
12 KB 53ms
30ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220829/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

dac404ab5c3fcdc83e30b66349bccf92526406c5fdd63b9c1394acf78348ac52

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Thu, 01 Sep 2022 08:37:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 891
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11766
x-xss-protection: 0
server: cafe
etag: 14053427913132020778
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 15 Sep 2022 08:37:32 GMT

GET
H3 200 window_focus.js Show response
tpc.googlesyndication.com/pagead/js/r20220829/r20110914/client/ Frame B78F 3 KB
1 KB 33ms
19ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220829/r20110914/client/window_focus.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b59e198c356c79d1ba89670c50cdb7e54181037f277ee106126caf570278bc11

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Thu, 01 Sep 2022 08:46:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 335
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1432
x-xss-protection: 0
server: cafe
etag: 15450667304708860052
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 15 Sep 2022 08:46:48 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame B78F 142 KB
44 KB 362ms
362ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e851345505ee432c9397d60e5d91929ab4e5921f75c91f359b0939a879304b7a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Thu, 01 Sep 2022 08:52:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44792
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1661945761880069"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 01 Sep 2022 08:52:23 GMT

GET
H3 200 qs_click_protection.js Show response
tpc.googlesyndication.com/pagead/js/r20220829/r20110914/client/ Frame B78F 26 KB
10 KB 42ms
21ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220829/r20110914/client/qs_click_protection.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f882756b47651b0f3e87b7031f4d98412c1f2b43fc6cfa900285b8d00a3d3c11

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Thu, 01 Sep 2022 08:49:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 144
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10270
x-xss-protection: 0
server: cafe
etag: 538911934249463863
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 15 Sep 2022 08:49:59 GMT

GET
H2 200 99d351374812bfb865cd4e83ebb83e02.js Show response
www.gstatic.com/mysidia/ Frame B78F 43 KB
17 KB 68ms
19ms Script
text/javascript 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/99d351374812bfb865cd4e83ebb83e02.js?tag=mysidia_one_click_handler_one_afma

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6bd2aa31d3fd0959adbeedc4d69713ca9e68cc3b074672bc992f808eeb668e8d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Wed, 31 Aug 2022 22:50:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 36142
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16711
x-xss-protection: 0
last-modified: Thu, 25 Aug 2022 01:10:52 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Tue, 29 Nov 2022 22:50:01 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame B78F 0
17 B 69ms
69ms Image
text/html 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CimJCxnIQY62yJJqm3wPzmLDYDNiS55hrqq-l0J0Nv-EeEAEgt-WEIWCRhJOF_BegAa_OgqQDyAEJqQJd_tEOk8-wPqgDAcgDywSqBKkCT9B2bhoc4FipPTGn6Q1YA0vrneSM8Wmc2lkfc31nY-3c9tpyLVOMPN1VhX0JfZwSYJ4mfSgyyynUp-2OxZhJv0HCTTb9652R8HgS1Zkxop5B96Ksq9kiDgPIf8GH3R-s3kL8QKQ0j8nPxQzQn3e7pPHFP-pwRuJ0YVfY3YiX3sUXoR94NgjG5kavVwbNtwqB8i-PthRnQr2QFCJwme7Apo-AD75Kjfo7ZY_MhZJdS2AoufKa0wpZZIOr5FQ7kkgjj4UK6EzRPPmtb7lin-6amz2GzZ_mIxj3i9tS2RVmpJYm4Ck1BxmICqbnhKG9TbAxjJe_NhsrP8MnY_g3wtxYdY_xfxkTeRYZC1SIH9-GxYG6kYM9Bf1JUEYu07Qhfj5U9ohgOxh-w6CcwASUosbWvwKSBQQIBBgBkgUECAUYBKAGLoAHubH9W6gHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcA0ggRCIDhgBAQARgAMgKqAjoCgEDyCA1iaWRkZXItMzQxNDYygAoEyAsBuBPkA9gTDYgUB9AVAYAXAbIXCAoGCAASABgA&sigh=lALBqawm-4E&uach_m=[UACH]&pr=13:YxByxgAAAAAmYnF5E1Mfu0u8Zb7g6W81qzA0jw&template_id=484&vis=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/adfetch?adk=274594334&adsafe=medium&client=ca-pub-5722610347565274&format=300x250_as&ip=2001:1af8:4700::&output=html&unviewed_position_start=1&url=https://siakapkeli.my/2022/09/01/bersalah-kes-rasuah-projek-solar-rosmah-dipenjara-30-tahun-denda-rm970-juta&sub_client=bidder-341462&aceid=MJXtagCuG7QARVs0AQ9oNAGbeDQBqns0Abx7NAFOfDQBWXw0Abl8NAHjfDQBGH00AR99NAFLfTQBTX00AWl9NAGAfTQBh300AYh9NAGNfTQBln00AZ99NAGhfTQBuH00Abx9NAHDfTQBxH00Acp9NAG3bEEBS3NBAVNzQQF2ENoBSej1AcAdXAJYHlwCW_mIAh_6iAIm-4gCR_uIAnhAqgInQqoCKEKqAitCqgIcRKoC_EaqAhlNqgJxj6oCgJuqAoGbqgKCm6oCoqiqAnmxqgLFtaoCuruqAi28qgLDvaoCLMGqAobNqgJP0KoCaNaqAqbaqgJV3qoCi9-qAkfgqgLI4qoCauSqAqDlqgLg5qoCW_CqAqDxqgLY8aoCT_KqArbzqgI-9aoC9PWqAlj4qgIm-6oCQvuqAqQBqwKyBasC9gWrAmwJqwKjC6sCSAyrAlAMqwKxEqsCuBOrAgkUqwKBFasChBerAk0ZqwKEGqsCYhyrAsUcqwIhHqsCXB6rArIeqwIOIKsCRiCrAsIgqwLgIasCDCOrAlQjqwKsI6sCJSSrAuMkqwKIJqsC-CarAk4nqwKiJ6sCVCirAmAoqwKWKKsCGimrAjwpqwJoKasC8ymrApkqqwLhKqsCeiurAvsrqwJHLqsCJOEYDG5dRg-zofsSsav7EiHF-xLM0fsSCej7EoHt-xKp7_sSm_L7Ekb7-xJi_vsSAf_7Epj_-xI1AvwSYwL8EuUC_BJfA_wSxFzQE2ii6hRAQKMY91ZrGtTwWSgrIvpC_9Hrbg&awbid_c=AKAmf-Dwn_0ACxIbMie5eeNem2kpiCIr4iILinjWhKfUfejARWeoG4MsEiAYZwkIs8j_kh30IrxkyuzPOjH5avVT1XifCfmYx_SmNaxKJfQpxRarH5dx4NJXlvjDBOOLjhJTNOkPNJOP8RPx-1fSUHLg_lEZbsLMbFBfKGPNMNl1FaUuFG7wB5ieLRZthZ2HIp2oJxd1XUuaCh8RgmrVXFEzBLlQ2_nTZLPALSJZPn--o-lpCQ6m6J_nVGPAQcFAbM9gVezXbWBqJNE0_DyVzTojR4GqS5O0qyJe-yOdf3B7PUwTxKJG-KYRyCLx15V8dzVBbmNMASAOtmQh4ZBOeVYmYncecRpSXcoPD4BjWSD9tV_a3rypVn18zztNqlCnMYZsw0WQlkoOxDJli2qV1RPIjk7R1HvXuQLM9ETPlu1m9yLcwPaovLG8MZj02XsQAghvvl3kcGoviqICDaIg-S4yUWchIiD26GuH1y2H4Wf_zFnepLXWUhEu96c5NuxvLAkL-cEqKDQUnmFtylwOFas8oKJ7tDU7vVcGYTGIHMX_rL6Bozr2kfRWzxcJcIa36-ZBaTNUDrJN9r2NNnBnoHtBrWZ76BdgMBFcQJAyeW8593SW9bHVm9FtEEIx-Aj0IzY3sMhIV3GB&awbid_d=AKAmf-CRRa0gi_LSxBniDbvgtIVZulg_9zBSK2wUhN5kYQoshyXnHXwUMSU6tLidu0n33-bzw-Ltcuzalk5DZyfsSANDgwvkgDww1mLwh7GvCxErxCUKJ3ycW35lYakpuNYGDoyMRSLsvNh4dl_eOi1mVJYAf0hd3EhVKdKCE94Imn-hL8dYd_HdAuN1jFOb8BnIcqeuTIYbulVTpzlkIbAPdV49-JkaHmfvXkzWwfd8SYNdnGmToqaHKcKdlX1mLrKWPlCbjCr2874-g8h4MppnLWaw5WnxXgEOp5DhrZNZ6LxN2KZph2nHfUAGr5Qe7Ca4skS1QhioY8mzIXZKZWRZTUS_Di_m5R42QzwYWJXzODLy_DWZtJEu5S1HNixMqaGCM8Hz8BsmWwDkcZ9oGyKlUB8nGq46yTmfLI7NWmeH-aggMuc6lucd9bZ36uVvOpEk9Kfr6LH-iPjmibYJIFCi-E0Qjs5dJt0UBN3ljfXHDFa-V_yK1tfJuYmUN_zEQiN8qMyI6juyboMsinCLpN_fDG78APtDEYJyKeylYSrKGQxOGkYSHZbJcoVd2QlkglLkz5wgHw4fSYvd_3WluZ4ixatgsp-Fxe4L60QfM7QXfDkDI_SqxVGJUVu6RiKdnTPtPxdw-9P8R5bfCyxjDiUW0bCC5B8Q0aLNw5l7Z8f2zlrl6sCk7krSu05P5-5LabmyRgg25_B2PaQX3qFYlH_sdB3yYwGctFbyKjc2aG2RwWcT8U8mpEoMSoIzQ-Uh9HpnN9bSc5wBOw7jDkjt9u-txQmo0Zkw3uyP3hipD0fzcbPl7i5-cU9LMVPXelFV6r604_LzA01fr__Yl8QST3tvc6WL7_T5h6Xqd_S4UWBfMvnuq7sew2dQhcjlTOhtF39J4OpvSleNl9gYIiGGJbAxsp3PQrQj7pD0mpKnYx4CYfclb0Y1aVoZ4p58vAcMTDmEE0jvO5Q-6CJgMckHIDfA80AKNJiFJDm16y1RIjhpme5yEJfKNvidT-UHy8F1RaTEt6DU-OefmAEycnkaLYW00zneeBj3wm5aEmawN7mcWbhlSPXPh7Ja5yUFKUiWekuCdd_AjuOkK-FZfaIwj1RkYRcpeeGw6yXhpjyc5mSEMAZj86T9w4pzXycLS_rhtuh8XeP8MFLWZgPSajUia7OEkWkEZ_ieP5rcI1rnHPQW6UVVF04Q2wSejRhBPCXJ8WY-OmbpMFz6PYYHc7WqqrU_imnFPSUIfww6-NqZjghfkQZFjDDdjrQpbDlud1K4-NAQrz80AyA9mQiO5DcCHbL4yz6ZGDYLjg&cid=CAASBORoGis&exk=1175156717&rfl=https%3A%2F%2Fsiakapkeli.my%2F&a_pr=13:YxByxgAAAAAmYnF5E1Mfu0u8Zb7g6W81qzA0jw
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Thu, 01 Sep 2022 08:52:23 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 200 2076313506083323656
tpc.googlesyndication.com/simgad/15840875757089635592/ Frame B78F 21 KB
21 KB 34ms
23ms Image
image/jpeg 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/15840875757089635592/2076313506083323656

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3b99ad02d9da439559c39ee133e8532e9c78415f2f45ee8bde02039ea1dccedb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Mon, 29 Aug 2022 11:38:27 GMT
x-content-type-options: nosniff
age: 249236
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21711
x-xss-protection: 0
last-modified: Fri, 23 Aug 2019 12:13:29 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 29 Aug 2023 11:38:27 GMT

GET
H3 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/5810213038087041701/ Frame B78F 2 KB
2 KB 46ms
35ms Image
image/png 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/5810213038087041701/downsize_200k_v1?w=100&h=100

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eaed33d9144a040c80639039a1f5078641dee7b545af5ee03adb7f489bb83aef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Fri, 26 Aug 2022 08:46:56 GMT
x-content-type-options: nosniff
age: 518727
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1837
x-xss-protection: 0
last-modified: Fri, 09 Aug 2019 13:50:11 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 26 Aug 2023 08:46:56 GMT

GET
DATA 200
OK truncated
/ Frame B78F 218 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: fca1cecbb79ec1a111a8704840209211403a227b6d36818224dd490926077583

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 6941 13 KB
5 KB 21ms
19ms Document
text/html 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://siakapkeli.my/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

accept-ranges: bytes
age: 2145
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 01 Sep 2022 08:16:38 GMT
expires: Fri, 01 Sep 2023 08:16:38 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 052C 783 B
532 B 80ms
31ms Document
text/html 2a00:1450:4001:802::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

e3d2fb52b6c39beb7a1eac1170b32bdbdec819f941425516be5d38bad454065e

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-FmInhaixGXn1hplCEGeMMg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://siakapkeli.my/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 510
content-security-policy: script-src 'report-sample' 'nonce-FmInhaixGXn1hplCEGeMMg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Thu, 01 Sep 2022 08:52:23 GMT
expires: Thu, 01 Sep 2022 08:52:23 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3

200

crum
dsum-sec.casalemedia.com/ Frame 46C7
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1
https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YxByx5XL2mcMcYgGF8NJTAAA
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEExsIPodXmcI9sPh7G-4d6c&google_cver=1&gdpr=1

43 B
844 B

40ms
40ms

Image
image/gif

104.18.18.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEExsIPodXmcI9sPh7G-4d6c&google_cver=1&gdpr=1
Requested by: Host: r.casalemedia.com
URL: https://r.casalemedia.com/usermatch?ix_um=1&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&s=189149&us_privacy=&gdpr_consent=&gdpr=1&C=1
Protocol: H3
Server: 104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://r.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

cf-ray: 743cc4fe180c5c85-FRA
pragma: no-cache
date: Thu, 01 Sep 2022 08:52:23 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Cy9fL%2BW3vWng0cn6pGlWpU74HuzU9ozNVrbA99ypsuc9q3gPZNcfGRtGn%2B5Bmh%2BFJ1VHX5aV2l9AkadrLzFWzORjKZPJ1Fb1fQU5mCqFIlChy7J4NJm6b7CgKlaiDZ3s1yXO%2BD51ti2XOQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control: no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Thu, 01 Sep 2022 08:52:23 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEExsIPodXmcI9sPh7G-4d6c&google_cver=1&gdpr=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 325
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 casale
match.adsrvr.org/track/cmf/ Frame 46C7 70 B
265 B 140ms
54ms Image
image/gif 52.223.40.198
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/casale?gdpr=1
Requested by: Host: r.casalemedia.com
URL: https://r.casalemedia.com/usermatch?ix_um=1&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&s=189149&us_privacy=&gdpr_consent=&gdpr=1&C=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://r.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 01 Sep 2022 08:52:23 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H/1.1

200
OK

dcm
s.amazon-adsystem.com/ Frame 46C7
Redirect Chain

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YxByx5XL2mcMcYgGF8NJTAAABIwAAAAB
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YxByx5XL2mcMcYgGF8NJTAAABIwAAAAB&dcc=t

43 B
645 B

105ms
104ms

Image
image/gif

52.46.128.147
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YxByx5XL2mcMcYgGF8NJTAAABIwAAAAB&dcc=t

Requested by

Host: r.casalemedia.com
URL: https://r.casalemedia.com/usermatch?ix_um=1&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&s=189149&us_privacy=&gdpr_consent=&gdpr=1&C=1

Protocol

HTTP/1.1

Server

52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://r.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 01 Sep 2022 08:52:23 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: RJWZT8MD0VPA2G2XPSPC
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Thu, 01 Sep 2022 08:52:23 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: 2YZX1KQKDBAWBVZSMM5Y
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location: https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YxByx5XL2mcMcYgGF8NJTAAABIwAAAAB&dcc=t
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3 200 pixel
cm.g.doubleclick.net/ Frame 46C7 170 B
188 B 73ms
31ms Image
image/png 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YxByx5XL2mcMcYgGF8NJTAAABIwAAAAB&gdpr_consent=&us_privacy=&gdpr=1

Requested by

Host: r.casalemedia.com
URL: https://r.casalemedia.com/usermatch?ix_um=1&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&s=189149&us_privacy=&gdpr_consent=&gdpr=1&C=1

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://r.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 01 Sep 2022 08:52:23 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

crum
dsum-sec.casalemedia.com/ Frame 46C7
Redirect Chain

https://nep.advangelists.com/xp/user-sync?acctid=405&redirect=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D195%26external_user_id%3D%7BPARTNER_VISITOR_ID%7D%0A
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=195&external_user_id=av-e81098f2-ff60-40e3-911f-108d4e2968d3

43 B
846 B

46ms
45ms

Image
image/gif

104.18.18.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=195&external_user_id=av-e81098f2-ff60-40e3-911f-108d4e2968d3
Requested by: Host: r.casalemedia.com
URL: https://r.casalemedia.com/usermatch?ix_um=1&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&s=189149&us_privacy=&gdpr_consent=&gdpr=1&C=1
Protocol: H3
Server: 104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://r.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

cf-ray: 743cc4ff59e95c85-FRA
pragma: no-cache
date: Thu, 01 Sep 2022 08:52:23 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vtPlmTwJ86F2SLBEQg4818oymu4ijqEKLpduLSBvPsAu4B5%2FHjELugEBHNXnCnYsfdXjBYUC49DqLX4%2Be8h1Fbm5D1%2BcRZfqrqpFW3rYxn4m9HOHk9H7%2B4z38ojwyQA9cDsNyPm%2Br4Vysw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control: no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=195&external_user_id=av-e81098f2-ff60-40e3-911f-108d4e2968d3
date: Thu, 01 Sep 2022 08:52:23 GMT
server: Apache-Coyote/1.1
content-length: 0

GET
H3

200

crum
dsum-sec.casalemedia.com/ Frame 46C7
Redirect Chain

https://d.adroll.com/cm/index/ssp?gdpr=1
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=105&external_user_id=0

43 B
839 B

74ms
52ms

Image
image/gif

104.18.18.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=105&external_user_id=0
Requested by: Host: r.casalemedia.com
URL: https://r.casalemedia.com/usermatch?ix_um=1&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&s=189149&us_privacy=&gdpr_consent=&gdpr=1&C=1
Protocol: H3
Server: 104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://r.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

cf-ray: 743cc4fe0fdf5c85-FRA
pragma: no-cache
date: Thu, 01 Sep 2022 08:52:23 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HV%2FvN1S2R9taoKl3c6BHphcc12a1tTcild6e36ZO8U1Ei3lHjb1pk08SAX9G2cxgUs9ZULcE6rfaqJv5iE2TtVrZCQoOAiXcdhlx73QSQSE7pnLTUqWP%2BVK8mrW3A6q8meKIMChdBWTPCg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control: no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=105&external_user_id=0
date: Thu, 01 Sep 2022 08:52:23 GMT
server: nginx/1.20.0
content-length: 76

GET
H3

200

crum
dsum-sec.casalemedia.com/ Frame 46C7
Redirect Chain

https://sync.adotmob.com/cookie/indexexchange?r=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D13%26external_user_id%3D%7bamob_user_id%7d%26expiration%3D%5bEXPIRATION%5d&gdpr=1
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&external_user_id=%7Bamob_user_id%7D&expiration=[EXPIRATION]&gdpr=1

43 B
887 B

65ms
34ms

Image
image/gif

104.18.18.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&external_user_id=%7Bamob_user_id%7D&expiration=[EXPIRATION]&gdpr=1
Requested by: Host: r.casalemedia.com
URL: https://r.casalemedia.com/usermatch?ix_um=1&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&s=189149&us_privacy=&gdpr_consent=&gdpr=1&C=1
Protocol: H3
Server: 104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://r.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

cf-ray: 743cc4fe0fdd5c85-FRA
pragma: no-cache
date: Thu, 01 Sep 2022 08:52:23 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=huIvEk7JN%2F7sT5XOUdGq5pQr%2BN46w6Q43IVKGt9rHMM7b9HGwdEPsRZIM7Ub1MclyqwzAvGVHuQPExC3CHQSQN4%2B%2FcRqCGPGen5qc143k%2Bz1kpmxtB%2FVPB9LHEWk%2FMsK3vRjZLXdlID1rw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control: no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&external_user_id=%7Bamob_user_id%7D&expiration=[EXPIRATION]&gdpr=1
date: Thu, 01 Sep 2022 08:52:23 GMT
access-control-allow-credentials: true
x-powered-by: Express
content-length: 0
vary: Origin
keep-alive: timeout=5

GET
H/1.1

200
OK

noop
px.owneriq.net/ Frame 46C7
Redirect Chain

https://px.owneriq.net/eucm/p/cc?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D31%26external_user_id%3D(OIQ_UUID)
https://px.owneriq.net/ecc?redir=https%3a%2f%2fdsum-sec.casalemedia.com%2fcrum%3fcm_dsp_id%3d31%26external_user_id%3dQ7153087431397151257&uid=Q7153087431397151257&ref=%2Feucm%2Fp%2Fcc
https://px.owneriq.net/noop?ct=image%2Fgif

0
287 B

19ms
19ms

Image
image/gif

23.75.246.168
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.owneriq.net/noop?ct=image%2Fgif
Requested by: Host: r.casalemedia.com
URL: https://r.casalemedia.com/usermatch?ix_um=1&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&s=189149&us_privacy=&gdpr_consent=&gdpr=1&C=1
Protocol: HTTP/1.1
Server: 23.75.246.168 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-75-246-168.deploy.static.akamaitechnologies.com
Software: Apache/2.4.6 (CentOS) / PHP/7.3.33
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://r.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Date: Thu, 01 Sep 2022 08:52:23 GMT
Server: Apache/2.4.6 (CentOS)
Connection: keep-alive
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
X-Powered-By: PHP/7.3.33
Content-Length: 0
Content-Type: image/gif

Redirect headers

Location: https://px.owneriq.net/noop?ct=image%2Fgif
Date: Thu, 01 Sep 2022 08:52:23 GMT
Server: AkamaiGHost
Connection: keep-alive
Content-Length: 0

GET
H/1.1 200
OK htw-pixel.gif
js-sec.indexww.com/ht/ Frame 46C7 43 B
424 B 130ms
30ms Image
image/gif 2.21.184.247
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://js-sec.indexww.com/ht/htw-pixel.gif?YxByx5XL2mcMcYgGF8NJTAAABIwAAAAB?gdpr=1
Requested by: Host: r.casalemedia.com
URL: https://r.casalemedia.com/usermatch?ix_um=1&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&s=189149&us_privacy=&gdpr_consent=&gdpr=1&C=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.21.184.247 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-21-184-247.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://r.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Date: Thu, 01 Sep 2022 08:52:23 GMT
Last-Modified: Tue, 24 Jan 2017 19:36:04 GMT
Server: Apache
ETag: "761e21-2b-546dc3a097100"
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=689
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: image/gif
Content-Length: 43
Expires: Thu, 01 Sep 2022 09:03:52 GMT

GET
H3 200 X5Wcp9Ugq7sZToVDu26YRTjm5OYazRuFrO0o8wz5lEo.js Show response
pagead2.googlesyndication.com/bg/ Frame 6941 36 KB
15 KB 20ms
20ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/X5Wcp9Ugq7sZToVDu26YRTjm5OYazRuFrO0o8wz5lEo.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5f959ca7d520abbb194e8543bb6e984538e6e4e61acd1b85aced28f30cf9944a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Thu, 01 Sep 2022 08:44:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 473
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15759
x-xss-protection: 0
last-modified: Mon, 22 Aug 2022 11:08:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 01 Sep 2023 08:44:30 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 052C 0
0 52ms
52ms Image
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20220829&jk=2055423113641017&rc=
Requested by: Host: siakapkeli.my
URL: https://siakapkeli.my/2022/09/01/bersalah-kes-rasuah-projek-solar-rosmah-dipenjara-30-tahun-denda-rm970-juta/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

GET
H2 200 rid Show response
match.adsrvr.org/track/ 63 B
388 B 29ms
29ms XHR
application/json 52.223.40.198
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://match.adsrvr.org/track/rid?ttd_pid=pubmatic&fmt=json
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/158497/5998/pwt.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: e528d33985475b8ba0fcf45f92a88481c6af14f444c8e5842b1a14d468c1cd73

Request headers

Referer: https://siakapkeli.my/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 01 Sep 2022 08:52:23 GMT
x-aspnet-version: 4.0.30319
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://siakapkeli.my
cache-control: private
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length: 63
expires: Sat, 01 Oct 2022 08:52:23 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 6941 0
10 B 20ms
19ms Image
text/plain 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?ywOZIw
Requested by: Host: siakapkeli.my
URL: https://siakapkeli.my/2022/09/01/bersalah-kes-rasuah-projek-solar-rosmah-dipenjara-30-tahun-denda-rm970-juta/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Thu, 01 Sep 2022 08:52:23 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3 200 container.html Show response
f4f5f5dd83b6f4fca4ebb5cce3cd0739.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame A1DF 6 KB
3 KB 21ms
20ms Document
text/html 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://f4f5f5dd83b6f4fca4ebb5cce3cd0739.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022082501.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://siakapkeli.my/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 01 Sep 2022 08:52:22 GMT
expires: Fri, 01 Sep 2023 08:52:22 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame A1DF 0
0 65ms
64ms Fetch
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=C_bsjx3IQY_m7BIjR3gOy2q7QBJ6hoa5cofno_p8DwI23ARABIABgkQSCARdjYS1wdWItOTA1ODI5MTg1NDQ0Mzg4MaABp8qQpwPIAQngAgCoAwGqBOoCT9DbJe0WLf8vwHzh3TGRhmTn7b52MavxsbvBJ5D9FXGVQ8ey0RhDUnSA9gOhIx2EZdgiV4BJANGpbpiwOBxZPK6GkyKKVykXUCHp1N-J2ZFGWJE5G6RzuLmWXeAzAd_EihbNUeCM-G2OUTUG19eOQGaqQNNreZEL4EmYdqbd9KbgZcC3RkrPLbg8fvy_3ugfdMr_KmEjFCgisPb8XqPQwIDlNA_moBNWk433ImMEtvcVeeXl7LZ-Ybs07uKiJe7oxMD8wYp4YXhG6T8ygkAGpNXnj352oS5SuY1bHxTPvHa5MX4D9eWFTpAzdCvz94xnVzsowWDZWJ63zweCIUqBf7ySCWi0ZwpexCCdjvbJooSpxp2KNGnsKYt4ClsYvqQoEJiRo8x5k-heNpgeNB1KWQH7dglAOWGdlq4uaERK0jxcTNPhon6qEgaXwMl85olw_C7nF6HkLOrKiE2C5TCGUmEHhbIW0bOML5HgBAGABpfYmvyxpdipwgGgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA8ggbYWR4LXN1YnN5bi0zODcyNzQ4NjQyMTcwMjcxgAoD-gsCCAGADAHQFQGAFwGyFxwKGhIUcHViLTkwNTgyOTE4NTQ0NDM4ODEYttdp&sigh=2krHxfZDFwU&uach_m=[UACH]&cid=CAQSPACsnQUxb_T25O1oeiDZoUm8E8Rb4LjcZH8DVfEIUGjMM3I_Dx_hSl3WNyUHAvAh7cnCaci92eFU3-kVJRgB
Requested by: Host: siakapkeli.my
URL: https://siakapkeli.my/2022/09/01/bersalah-kes-rasuah-projek-solar-rosmah-dipenjara-30-tahun-denda-rm970-juta/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://f4f5f5dd83b6f4fca4ebb5cce3cd0739.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

GET
H2 200 script.js Show response
d2q8xv8xf7whrd.cloudfront.net/ Frame A1DF 119 KB
41 KB 22ms
20ms Script
application/javascript 2600:9000:211e:e400:3:bc0d:3a40:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d2q8xv8xf7whrd.cloudfront.net/script.js
Requested by: Host: f4f5f5dd83b6f4fca4ebb5cce3cd0739.safeframe.googlesyndication.com
URL: https://f4f5f5dd83b6f4fca4ebb5cce3cd0739.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211e:e400:3:bc0d:3a40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 488dff332d3e3ffc0ad66173890ffd23b351a50be5d430c32bb93c1bee393caa

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://f4f5f5dd83b6f4fca4ebb5cce3cd0739.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Thu, 01 Sep 2022 08:45:33 GMT
content-encoding: gzip
last-modified: Thu, 01 Sep 2022 06:38:48 GMT
server: AmazonS3
age: 411
etag: W/"0992903c132ad1ced62b7d95c42aa67a"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 3298c44116035984c2fac24b89183c4e.cloudfront.net (CloudFront)
cache-control: max-age=600,public,must-revalidate
x-amz-cf-pop: FRA56-C2
x-amz-cf-id: xL8YwaATHa-xRfyYWMntWfm1C0OsxJ1yZ_nW9dElKCIrrXof3ShMfA==

GET
H/1.1 200
OK v1
a3281.casalemedia.com/impression/ Frame A1DF 43 B
303 B 66ms
19ms Image
image/gif 85.91.44.123
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a3281.casalemedia.com/impression/v1?bidID=ee14217d-28e7-4bde-a54a-75705d40ebb5&traceID=cc875hou2j6usv03kl7g&dspID=85&userID=&cmpro=0&deviceType=2&expiryTime=1662022943&ap=YxByxwABHfkKd6iIAAutMmYjUkpTkw-FoXgveg&siteID=341462&creativeID=304c34&pubID=189149&format=banner&channel=site
Requested by: Host: f4f5f5dd83b6f4fca4ebb5cce3cd0739.safeframe.googlesyndication.com
URL: https://f4f5f5dd83b6f4fca4ebb5cce3cd0739.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 85.91.44.123 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://f4f5f5dd83b6f4fca4ebb5cce3cd0739.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 01 Sep 2022 08:52:23 GMT
Server: Apache
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=500
Content-Length: 43
Expires: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame A1DF 0
20 B 54ms
53ms Image
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=awbid&awbid_b=AKAmf-Dyckt0LHftNYdHUzHJ5uYLPLKQnC5-fbz0LvFKcU9wtcA0vejaLbKCPlW_6U-iYsX3-MK7HAWSe2pcc0vF20qD3wOltg&pr=13:YxByxwAAAAB4rTIihekeMU8Ed2H_brgy0Wx7Gg

Requested by

Host: f4f5f5dd83b6f4fca4ebb5cce3cd0739.safeframe.googlesyndication.com
URL: https://f4f5f5dd83b6f4fca4ebb5cce3cd0739.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://f4f5f5dd83b6f4fca4ebb5cce3cd0739.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 01 Sep 2022 08:52:23 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 xbfe_backfill.js Show response
googleads.g.doubleclick.net/pagead/ Frame A1DF 7 KB
3 KB 20ms
19ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/xbfe_backfill.js

Requested by

Host: f4f5f5dd83b6f4fca4ebb5cce3cd0739.safeframe.googlesyndication.com
URL: https://f4f5f5dd83b6f4fca4ebb5cce3cd0739.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

13385bc296bb2dc9cac61d19963d6868de43445187fdb91b6980e892773a1c37

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://f4f5f5dd83b6f4fca4ebb5cce3cd0739.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Thu, 01 Sep 2022 08:30:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1320
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3151
x-xss-protection: 0
server: cafe
etag: 3095951791532391640
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=3600
timing-allow-origin: *
expires: Thu, 01 Sep 2022 09:30:23 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220829/r20110914/client/ Frame A1DF 3 KB
1 KB 22ms
21ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220829/r20110914/client/window_focus_fy2021.js

Requested by

Host: f4f5f5dd83b6f4fca4ebb5cce3cd0739.safeframe.googlesyndication.com
URL: https://f4f5f5dd83b6f4fca4ebb5cce3cd0739.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://f4f5f5dd83b6f4fca4ebb5cce3cd0739.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Thu, 01 Sep 2022 08:35:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 991
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 15 Sep 2022 08:35:52 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220829/r20110914/client/ Frame A1DF 17 KB
7 KB 22ms
21ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220829/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: f4f5f5dd83b6f4fca4ebb5cce3cd0739.safeframe.googlesyndication.com
URL: https://f4f5f5dd83b6f4fca4ebb5cce3cd0739.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

57000ea03bfb53734d0858b8fe992e6742226f23f311eb0f9d2177e2a84a5621

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://f4f5f5dd83b6f4fca4ebb5cce3cd0739.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Thu, 01 Sep 2022 08:45:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 411
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7599
x-xss-protection: 0
server: cafe
etag: 9215437806027971270
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 15 Sep 2022 08:45:32 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame A1DF 0
0 29ms
28ms Image
text/html 2a00:1450:4001:802::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQAJDnwZZjL9DB_Gena_oJ0pXmGiTGSUmfE7CUEZR-FyIUgZN4QSwK2laeRBM7iTLp_JUCdfthFK30TPbj6GAEO1hueSA
Requested by: Host: f4f5f5dd83b6f4fca4ebb5cce3cd0739.safeframe.googlesyndication.com
URL: https://f4f5f5dd83b6f4fca4ebb5cce3cd0739.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:802::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://f4f5f5dd83b6f4fca4ebb5cce3cd0739.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

GET
H3 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-38/js/ Frame A1DF 22 KB
7 KB 23ms
22ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-38/js/ext.js

Requested by

Host: f4f5f5dd83b6f4fca4ebb5cce3cd0739.safeframe.googlesyndication.com
URL: https://f4f5f5dd83b6f4fca4ebb5cce3cd0739.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://f4f5f5dd83b6f4fca4ebb5cce3cd0739.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Mon, 29 Aug 2022 20:25:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 217585
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7022
x-xss-protection: 0
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Tue, 29 Aug 2023 20:25:58 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame A1DF 142 KB
44 KB 93ms
92ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: f4f5f5dd83b6f4fca4ebb5cce3cd0739.safeframe.googlesyndication.com
URL: https://f4f5f5dd83b6f4fca4ebb5cce3cd0739.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e851345505ee432c9397d60e5d91929ab4e5921f75c91f359b0939a879304b7a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://f4f5f5dd83b6f4fca4ebb5cce3cd0739.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Thu, 01 Sep 2022 08:52:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44792
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1661945761880069"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 01 Sep 2022 08:52:23 GMT

POST
H3 200 1a Show response
i.clean.gg/ Frame A1DF 0
15 B 100ms
100ms XHR
application/octet-stream 34.95.69.49
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://i.clean.gg/1a
Requested by: Host: d2q8xv8xf7whrd.cloudfront.net
URL: https://d2q8xv8xf7whrd.cloudfront.net/script.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.95.69.49 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 49.69.95.34.bc.googleusercontent.com
Software: nginx/1.21.6 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://f4f5f5dd83b6f4fca4ebb5cce3cd0739.safeframe.googlesyndication.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type: application/json

Response headers

date: Thu, 01 Sep 2022 08:52:23 GMT
via: 1.1 google
server: nginx/1.21.6
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Origin,Accept,X-API-Key
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/octet-stream
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Range
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

OPTIONS
H3 204 1a
i.clean.gg/ Frame 0
0 103ms
103ms Preflight
text/plain 34.95.69.49
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://i.clean.gg/1a
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.95.69.49 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 49.69.95.34.bc.googleusercontent.com
Software: nginx/1.21.6 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://f4f5f5dd83b6f4fca4ebb5cce3cd0739.safeframe.googlesyndication.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Origin,Accept,X-API-Key
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1728000
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/plain; charset=utf-8
date: Thu, 01 Sep 2022 08:52:23 GMT
server: nginx/1.21.6
via: 1.1 google

GET
H3 200 adfetch Show response
googleads.g.doubleclick.net/pagead/ Frame 618E 121 KB
43 KB 98ms
97ms Document
text/html 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: d2q8xv8xf7whrd.cloudfront.net
URL: https://d2q8xv8xf7whrd.cloudfront.net/script.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

24f32ec98f7d493c9c0e45a4e74aa7a133b538d11be35ec16b247e85bf78ef45

Security Headers

Name	Value
Content-Security-Policy	child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4017250493934934444/300x250.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4017250493934934444/300x250.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CMyCkNub8_kCFQeHgwcdmgsBEA&gqi=x3IQY4ilG8TR7_UP-8OOqAQ&layout=/sadbundle/%24csp%253Der3%24/4017250493934934444/300x250.html
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://f4f5f5dd83b6f4fca4ebb5cce3cd0739.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-encoding: br
content-length: 43586
content-security-policy: child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4017250493934934444/300x250.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4017250493934934444/300x250.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CMyCkNub8_kCFQeHgwcdmgsBEA&gqi=x3IQY4ilG8TR7_UP-8OOqAQ&layout=/sadbundle/%24csp%253Der3%24/4017250493934934444/300x250.html
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 01 Sep 2022 08:52:23 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 usermatch Show response
ssum-sec.casalemedia.com/ Frame 105A 1 KB
2 KB 75ms
48ms Document
text/html 104.18.18.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ssum-sec.casalemedia.com/usermatch?ix_um=1&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&s=189149&us_privacy=&gdpr_consent=&gdpr=1
Requested by: Host: f4f5f5dd83b6f4fca4ebb5cce3cd0739.safeframe.googlesyndication.com
URL: https://f4f5f5dd83b6f4fca4ebb5cce3cd0739.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4a92e2e9f05bdcb3dc090cb7d682cf1537153785d35363654ae7c61d0d85691e

Request headers

Referer: https://f4f5f5dd83b6f4fca4ebb5cce3cd0739.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-cache
cf-cache-status: DYNAMIC
cf-ray: 743cc4feac29bb41-FRA
content-encoding: br
content-type: text/html
date: Thu, 01 Sep 2022 08:52:23 GMT
dropped-udsids: 46|73|88|130|57|17|41|156
expires: 0
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kQudAUiU4xVTlgTDYkZ6Vp%2FyRFtQbl%2B%2Fja9cTdE0wSny9lp1LUTFBx1Cc0wDu4%2BunfbHuiTdXFv8tQluOyEtvNgZN7VZhBKZto5pXS%2BuP8cXqkRoT6nhPJfuInkQtn40l92ihIupOguFCw%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Is-Traffic-Usersync, Accept-Encoding

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame E276 1 KB
749 B 19ms
19ms Document
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: f4f5f5dd83b6f4fca4ebb5cce3cd0739.safeframe.googlesyndication.com
URL: https://f4f5f5dd83b6f4fca4ebb5cce3cd0739.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://f4f5f5dd83b6f4fca4ebb5cce3cd0739.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

age: 66019
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=86400
content-encoding: gzip
content-length: 724
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 31 Aug 2022 14:32:04 GMT
etag: 48472445140208031
expires: Thu, 01 Sep 2022 14:32:04 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame A1DF 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1a5333e41af5d667618dede5fcdae2011b604b655cc72725addec65bfd3f8cef

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 dpixel
cms.quantserve.com/ Frame E276 35 B
463 B 90ms
20ms Image
image/gif 2620:116:800d:21:7eb1:3826:be7e:d981
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEIMuIMsm97q6j0nq34hr45s&google_cver=1&google_push=AehlK4BGOM04OA4y6mt_sJZyWiSVxSksZGaJNcUXNjnCTsIB2U1Yavae4GdVTekFzDBHMVYSDymuXF7SoqC7YSEyw-oQw-sKc4_g

Requested by

Host: f4f5f5dd83b6f4fca4ebb5cce3cd0739.safeframe.googlesyndication.com
URL: https://f4f5f5dd83b6f4fca4ebb5cce3cd0739.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:7eb1:3826:be7e:d981 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 01 Sep 2022 08:52:23 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control: private, no-cache, no-store, proxy-revalidate
content-type: image/gif
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2 204 current
dclk-match.dotomi.com/match/bounce/ Frame E276 0
103 B 14ms
11ms Image
text/plain 2a02:fa8:8806:16::1370
VCLK-EU-SE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESEFeG-AlEyY1vSWUSJ2UC6Mw&google_cver=1&google_push=AehlK4CKuVPhpIWowncYj3Td9Q6laOxBpx7XI-ieJBxibWHSpDfg6uh0JoO_zdwbsY7KEURv7go57FEg4upV0KoIDdaUpOT2k-lc
Requested by: Host: f4f5f5dd83b6f4fca4ebb5cce3cd0739.safeframe.googlesyndication.com
URL: https://f4f5f5dd83b6f4fca4ebb5cce3cd0739.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:fa8:8806:16::1370 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 01 Sep 2022 08:52:23 GMT
cache-control: no-cache, private, max-age=0, no-store
server: nginx
expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame E276
Redirect Chain

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEFD9heEp846h3culDZw-p6U&google_cve...
https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEFD9heEp846h3culDZw-p6U&goog...
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=Z25OZEs5SGYxT3RGVlo1&google_gid=CAESEFD9heEp846h3culDZw-p6U&google_cver=1&google_push=AehlK4BB_iC4kUAu0kfwF774vcKQbe_imAZ2QXUXdrznGNa...

170 B
188 B

30ms
30ms

Image
image/png

142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=Z25OZEs5SGYxT3RGVlo1&google_gid=CAESEFD9heEp846h3culDZw-p6U&google_cver=1&google_push=AehlK4BB_iC4kUAu0kfwF774vcKQbe_imAZ2QXUXdrznGNapt-HVfoTDzAPHqYPTHMwhJtmmUsfcguA02UnJBzg_sRFARiW_Ir4G

Requested by

Host: f4f5f5dd83b6f4fca4ebb5cce3cd0739.safeframe.googlesyndication.com
URL: https://f4f5f5dd83b6f4fca4ebb5cce3cd0739.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 01 Sep 2022 08:52:23 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Thu, 01 Sep 2022 08:52:22 GMT
Server: PingMatch/9853e75#9853e75792b29505864c0b7c23889ef441e21f3f i-083ca9c8ddef9a183@eu-central-1a@dxedge-app-eu-central-1-prod-asg
Strict-Transport-Security: max-age=2592000; includeSubDomains
Location: https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=Z25OZEs5SGYxT3RGVlo1&google_gid=CAESEFD9heEp846h3culDZw-p6U&google_cver=1&google_push=AehlK4BB_iC4kUAu0kfwF774vcKQbe_imAZ2QXUXdrznGNapt-HVfoTDzAPHqYPTHMwhJtmmUsfcguA02UnJBzg_sRFARiW_Ir4G
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame E276
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEO1KwDDObxRf9SkFMTU29tw&google_cver=1&google_push=AehlK4C-WA_7FBN6IeTBRDXgCEvvGIf6s9I34Y_Dk5ZEvUpnRsstANrfl_GBnlGsMcvTUuKP2tVC2ctyzZwsj0Rn...
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AehlK4C-WA_7FBN6IeTBRDXgCEvvGIf6s9I34Y_Dk5ZEvUpnRsstANrfl_GBnlGsMcvTUuKP2tVC2ctyzZwsj0Rnl8DTwPCi9e8

170 B
188 B

30ms
30ms

Image
image/png

142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AehlK4C-WA_7FBN6IeTBRDXgCEvvGIf6s9I34Y_Dk5ZEvUpnRsstANrfl_GBnlGsMcvTUuKP2tVC2ctyzZwsj0Rnl8DTwPCi9e8

Requested by

Host: f4f5f5dd83b6f4fca4ebb5cce3cd0739.safeframe.googlesyndication.com
URL: https://f4f5f5dd83b6f4fca4ebb5cce3cd0739.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 01 Sep 2022 08:52:23 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Thu, 01 Sep 2022 08:52:23 GMT
Server: MT3 4505 5b23575 master hkg-pixel-x2 config:1.0.0
Access-Control-Allow-Origin: *
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AehlK4C-WA_7FBN6IeTBRDXgCEvvGIf6s9I34Y_Dk5ZEvUpnRsstANrfl_GBnlGsMcvTUuKP2tVC2ctyzZwsj0Rnl8DTwPCi9e8
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=360
Content-Length: 0
Expires: Thu, 01 Sep 2022 08:52:22 GMT

GET
H2 200 dds
rtb.openx.net/sync/ Frame E276 43 B
351 B 105ms
19ms Image
image/gif 35.227.252.103
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.openx.net/sync/dds?google_gid=CAESEGH8bgZB52LkvtCaExGocRg&google_cver=1&google_push=AehlK4A78Fjhc6zkjhE28bRxUICHKRra6y_97xZvDq7t29B6ukzboe7C3mg0eUgakjTi5impC7gJsOEHJP9wZ0FllmcJzDG1XhD3
Requested by: Host: f4f5f5dd83b6f4fca4ebb5cce3cd0739.safeframe.googlesyndication.com
URL: https://f4f5f5dd83b6f4fca4ebb5cce3cd0739.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.227.252.103 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 103.252.227.35.bc.googleusercontent.com
Software: Cowboy /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 01 Sep 2022 08:52:22 GMT
via: 1.1 google
server: Cowboy
vary: Origin
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: null
access-control-expose-headers
cache-control: private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials: true
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
x-request-id: bgi16mhs3odd05psishfqdpc6kkr40md

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame E276
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEDjenajcyCF_2Ws-wYyJVO0&google_cver=1&google_push=AehlK4CmICZK0FQg4GfUCsr8ssRKP6QA1qIGwPed_TTWnPm02aArHS0Ssh1CVszWCbRPFkGrYpn...
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDdJVDZVQVYtMVotNDRKNA==&google_push=AehlK4CmICZK0FQg4GfUCsr8ssRKP6QA1qIGwPed_TTWnPm02aArHS0Ssh1CVszWCbRPFkGrYpn8Hc6CkXcosPIch63dYa75Xszf

170 B
188 B

31ms
31ms

Image
image/png

142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDdJVDZVQVYtMVotNDRKNA==&google_push=AehlK4CmICZK0FQg4GfUCsr8ssRKP6QA1qIGwPed_TTWnPm02aArHS0Ssh1CVszWCbRPFkGrYpn8Hc6CkXcosPIch63dYa75Xszf

Requested by

Host: f4f5f5dd83b6f4fca4ebb5cce3cd0739.safeframe.googlesyndication.com
URL: https://f4f5f5dd83b6f4fca4ebb5cce3cd0739.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 01 Sep 2022 08:52:23 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDdJVDZVQVYtMVotNDRKNA==&google_push=AehlK4CmICZK0FQg4GfUCsr8ssRKP6QA1qIGwPed_TTWnPm02aArHS0Ssh1CVszWCbRPFkGrYpn8Hc6CkXcosPIch63dYa75Xszf
Cache-Control: no-cache,no-store,must-revalidate
Content-Type: text/html
content-length: 0
X-RPHost: 78e3bdce5107450057bade54d54a0a7e
Expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame E276
Redirect Chain

https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESED3oiYnS6jTEsIegUguLU1U&google_cver=1&google_push=AehlK4AnWTlR6NkmMRazlmohB6VOIgs9-HUe-IDDgHTrpNWukd5fyIr3DSOK1DhMF8jVoKQcNo7bffUdoY2bu2LS...
https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AehlK4AnWTlR6NkmMRazlmohB6VOIgs9-HUe-IDDgHTrpNWukd5fyIr3DSOK1DhMF8jVoKQcNo7bffUdoY2bu2LS33huI75wtFfx

170 B
188 B

29ms
29ms

Image
image/png

142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AehlK4AnWTlR6NkmMRazlmohB6VOIgs9-HUe-IDDgHTrpNWukd5fyIr3DSOK1DhMF8jVoKQcNo7bffUdoY2bu2LS33huI75wtFfx

Requested by

Host: f4f5f5dd83b6f4fca4ebb5cce3cd0739.safeframe.googlesyndication.com
URL: https://f4f5f5dd83b6f4fca4ebb5cce3cd0739.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 01 Sep 2022 08:52:23 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Thu, 01 Sep 2022 08:52:23 GMT
via: 1.1 78059242182c195ff7f26013772da09a.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: FRA6-C1
x-cache: FunctionGeneratedResponse from cloudfront
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AehlK4AnWTlR6NkmMRazlmohB6VOIgs9-HUe-IDDgHTrpNWukd5fyIr3DSOK1DhMF8jVoKQcNo7bffUdoY2bu2LS33huI75wtFfx
cache-control: no-cache, must-revalidate
content-length: 0
x-amz-cf-id: mJQlJwNY2FLSV0-zrIZZtGqvwiHeG34iWUSJOKofsUtEfQggktqpxw==

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame E276 0
12 B 31ms
29ms Image
text/html 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LheSrPbLAoE-W3UOBfwZ0Q_xEOyVcmD_8s2yjw6ICI9It6xKPYFzB48UOC1wqPERiPE9xo

Requested by

Host: f4f5f5dd83b6f4fca4ebb5cce3cd0739.safeframe.googlesyndication.com
URL: https://f4f5f5dd83b6f4fca4ebb5cce3cd0739.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Thu, 01 Sep 2022 08:52:23 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame EC48 15 KB
6 KB 81ms
25ms Document
text/html 2a02:2638::1c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=siakapkeli.my

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.ids.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

6e842f654a304fd1eece02a5d588d2a998cc87cc65730b04d1e2c916e3a72a10

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://siakapkeli.my/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Thu, 01 Sep 2022 08:52:22 GMT
server: Kestrel
server-processing-duration-in-ticks: 902016
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
DATA 200
OK truncated
/ Frame E5CC 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 93f4f6f0b03c174b244b202497511f810e0cf6f9c0657f7676b807bb6fe74946

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame E5CC 0
0 56ms
56ms Fetch
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuBTbWkN8TG8pkAKf9_dcroCryilaaK_EgxuStCM5jbUJc2Z9MkqJ0ps9UHWCPOmNrsA_JN5SVPkoUjRdX6gSw9D63ZNaIWZKgMzjaLOs76OL5T4g_-gX137jxoqcCzrUE9erPP0XlkYLcogCPpKKCKX2f-9W4FkRvviP45LpgvO3-WqQtyY0v58_io-jKD6J8TvawC6kLx8a9cgxMbMl6aXGmCnbsVCeDgUz_-28VTmuKrqvPcL4NDqnSTwM3WFlX35b6fQ_dAm5KwBpVkzZmF0OLYuD4nyuZf2WdwkFoGg-qd8pzcQ5k_XrLMqRDTuaEMOq6eNBjzlXFF8_QT31j3fw56HOn3gpRr5A&sai=AMfl-YSZIqkv7pMIpCcvmiFpO0yUvlYdOLmqSDZt7qkfT7Ts29y8q2-Qn4wj0YT-CKvBvl0VK8QYUgSZC60k6F5zJ0szjprLHanLbBxj7iE0XA0eWhwhvSKPGIIr_qbhKoo&sig=Cg0ArKJSzHlDrf6r7kUhEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://siakapkeli.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 01 Sep 2022 08:52:23 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Thu, 01 Sep 2022 08:52:23 GMT

GET
H2 200 publishertag.prebid.123.js Show response
static.criteo.net/js/ld/ 87 KB
28 KB 366ms
365ms Script
text/javascript 2406:2600:4::1
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.prebid.123.js

Requested by

Host: anymind360.com
URL: https://anymind360.com/js/2939/prebid_2022_8_31_6_21_10.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2406:2600:4::1 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

nginx /

Resource Hash

0413c66952464f1ecd016f7bcaab521634a380fc3f9b1b907caa11cb70c2ebc5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://siakapkeli.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Thu, 01 Sep 2022 08:52:23 GMT
content-encoding: gzip
last-modified: Tue, 03 May 2022 11:21:03 GMT
server: nginx
etag: W/"6271101f-15b58"
strict-transport-security: max-age=31536000; preload;
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 02 Sep 2022 08:52:23 GMT

GET
H/1.1 400
Request failed due to privacy signals getuid
secure.adnxs.com/ Frame 105A 0
0 61ms
19ms Image
text/html 37.252.172.123
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID&gdpr=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?ix_um=1&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&s=189149&us_privacy=&gdpr_consent=&gdpr=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 37.252.172.123 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS: 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

GET
H2 200 YxByx5XL2mcMcYgGF8NJTAAABIwAAAAB
pr-bh.ybp.yahoo.com/sync/casale/ Frame 105A 43 B
1 KB 113ms
34ms Image
image/gif 2a05:d018:d29:3602:364b:13fe:3893:404c
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pr-bh.ybp.yahoo.com/sync/casale/YxByx5XL2mcMcYgGF8NJTAAABIwAAAAB?gdpr_consent=&us_privacy=&gdpr=1

Requested by

Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?ix_um=1&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&s=189149&us_privacy=&gdpr_consent=&gdpr=1

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a05:d018:d29:3602:364b:13fe:3893:404c Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

ATS /

Resource Hash

48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Security Headers

Name	Value
Content-Security-Policy	sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Thu, 01 Sep 2022 08:52:23 GMT
referrer-policy: strict-origin-when-cross-origin
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
content-type: image/gif
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
strict-transport-security: max-age=31536000
content-length: 43
x-content-type-options: nosniff

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame 105A
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D&gdpr=1
https://sync-tm.everesttech.net/ct/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D&gdpr=1&_test=YxByxwAD7I00kgBN
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=YxByxwAD7I00kgBN&gdpr=1&_test=YxByxwAD7I00kgBN

43 B
844 B

59ms
59ms

Image
image/gif

104.18.18.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=YxByxwAD7I00kgBN&gdpr=1&_test=YxByxwAD7I00kgBN
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?ix_um=1&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&s=189149&us_privacy=&gdpr_consent=&gdpr=1
Protocol: H3
Server: 104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

cf-ray: 743cc500dc025c85-FRA
pragma: no-cache
date: Thu, 01 Sep 2022 08:52:23 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mo9XNwwtNAp3wzTaVe65%2BAkhCZEqkiqgAgh%2B5noS0LHXc5sh%2FQiBgMd%2FuJJpLCl6nRX1EPWeo3n3vRqZVFfemdodn7ngSWVAMtYbIs%2FXa7LEclbfummIaKCbUNb2I6raNk2o53DNkA87fg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control: no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Thu, 01 Sep 2022 08:52:23 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1662022344.798767,VS0,VE0
x-served-by: cache-ams21054-AMS
x-cache: HIT
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=YxByxwAD7I00kgBN&gdpr=1&_test=YxByxwAD7I00kgBN
cache-control: no-cache
accept-ranges: bytes
content-length: 0
retry-after: 0
x-cache-hits: 0

GET
H/1.1 200
OK ie
match.prod.bidr.io/cookie-sync/ Frame 105A 43 B
430 B 150ms
30ms Image
image/gif 52.50.170.21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://match.prod.bidr.io/cookie-sync/ie?gdpr=1

Requested by

Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?ix_um=1&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&s=189149&us_privacy=&gdpr_consent=&gdpr=1

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.50.170.21 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-50-170-21.eu-west-1.compute.amazonaws.com

Software

nginx /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

pragma: no-cache
Date: Thu, 01 Sep 2022 08:52:23 GMT
Server: nginx
strict-transport-security: max-age=2592000; includeSubDomains
p3p: CP="This is not a P3P policy! See https://beeswax.com/privacy for more info."
cache-control: no-cache, must-revalidate
Connection: keep-alive
content-type: image/gif
Content-Length: 43
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

crum
dsum-sec.casalemedia.com/ Frame 105A
Redirect Chain

https://p.rfihub.com/cm?in=1&pub=2079&gdpr=1
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=5107433824399306303

43 B
843 B

61ms
61ms

Image
image/gif

104.18.18.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=5107433824399306303
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?ix_um=1&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&s=189149&us_privacy=&gdpr_consent=&gdpr=1
Protocol: H3
Server: 104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

cf-ray: 743cc5002b135c85-FRA
pragma: no-cache
date: Thu, 01 Sep 2022 08:52:23 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jbZbQWz4wz9muj5h2Lm9uYoqeXhIG%2Bs13lBXTJ4wS4ANymrhjdikYtmhVGCU4WrNLWOH%2BXgNecU9cx%2BxiMCzh09mc3ILdkwlOSWR9viPa6dhXug56shrxbEKuvynSgkFT05X65BNiUXiXw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control: no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

Location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=5107433824399306303
Date: Thu, 01 Sep 2022 08:52:23 GMT
Server: Jetty(9.3.29.v20201019)
Content-Length: 0
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H3

200

crum
dsum-sec.casalemedia.com/ Frame 105A
Redirect Chain

https://b1sync.zemanta.com/usersync/index/?us_privacy=&gdpr=1&gdpr_consent=
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=17&external_user_id=&gdpr=1

43 B
847 B

40ms
39ms

Image
image/gif

104.18.18.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=17&external_user_id=&gdpr=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?ix_um=1&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&s=189149&us_privacy=&gdpr_consent=&gdpr=1
Protocol: H3
Server: 104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

cf-ray: 743cc5029efd5c85-FRA
pragma: no-cache
date: Thu, 01 Sep 2022 08:52:24 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Z2oBGtDx%2FIeYMwH5Nf8HcdwPNwMpjfWIbePvbGYGsyrc2ag%2BwVpjnT7EYtlqo%2FC8XHRUTDMvhocMD6C%2F8eyqa%2FLdCeG7FuParQ7B9lwUa9eMTM%2FZ0lykRGaegTCAPgbE44GBF6rzIK42eA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control: no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

Location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=17&external_user_id=&gdpr=1
Pragma: no-cache
Date: Thu, 01 Sep 2022 08:52:23 GMT
Cache-Control: no-cache, no-store, must-revalidate
Expires: Thu, 01 Dec 1994 16:00:00 GMT
Content-Length: 106
Content-Type: text/html; charset=utf-8

GET
H/1.1 200
OK bridge
cm.adgrx.com/ Frame 105A 43 B
408 B 101ms
15ms Image
image/gif 63.251.232.165
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.adgrx.com/bridge?AG_PID=casale&AG_SETCOOKIE&gdpr=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?ix_um=1&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&s=189149&us_privacy=&gdpr_consent=&gdpr=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 63.251.232.165 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software: Cowboy /
Resource Hash: 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 01 Sep 2022 08:52:23 GMT
server: Cowboy
P3P: CP="NOI OTC OTP OUR NOR"
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate, proxy-revalidate
Connection: keep-alive
Content-Type: image/gif
X-RealServer-NX: ams-delivery-9
Content-Length: 43
Expires: Thu, 23 Sep 2004 17:42:04 GMT

GET
H2 200 cookiesync
bttrack.com/pixel/ Frame 105A 35 B
263 B 363ms
113ms Image
image/gif 192.132.33.46
BIDTELLECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bttrack.com/pixel/cookiesync?source=67e94f23-25d6-4008-8236-375d1743c2e0&secure=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?ix_um=1&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&s=189149&us_privacy=&gdpr_consent=&gdpr=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 192.132.33.46 , United States, ASN18568 (BIDTELLECT, US),
Reverse DNS: 46.bidtellect.com
Software: Microsoft-IIS/8.5 /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

x-servername: Track004-iad
pragma: no-cache
date: Thu, 01 Sep 2022 08:51:43 GMT
x-aspnetmvc-version: 5.2
server: Microsoft-IIS/8.5
x-aspnet-version: 4.0.30319
p3p: CP="CAO DSP COR ADMo DEVo PSAo PSDo HISo IVAo IVDo OUR IND OTC"
cache-control: private,no-cache
content-type: image/gif
content-length: 35
expires: -1

GET
H/1.1 200
OK htw-pixel.gif
js-sec.indexww.com/ht/ Frame 105A 43 B
424 B 30ms
29ms Image
image/gif 2.21.184.247
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://js-sec.indexww.com/ht/htw-pixel.gif?YxByx5XL2mcMcYgGF8NJTAAABIwAAAAB?gdpr=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?ix_um=1&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&s=189149&us_privacy=&gdpr_consent=&gdpr=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.21.184.247 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-21-184-247.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Date: Thu, 01 Sep 2022 08:52:23 GMT
Last-Modified: Tue, 24 Jan 2017 19:36:04 GMT
Server: Apache
ETag: "761e21-2b-546dc3a097100"
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=689
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: image/gif
Content-Length: 43
Expires: Thu, 01 Sep 2022 09:03:52 GMT

GET
DATA 200
OK truncated
/ Frame 9DEB 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 798b31c8d6278c26e16783552e21654d54dbc39eaed852cba2ad3810155c1c07

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame B78F 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 264cac1fad5b7e0109fccf3eb115eb515d7559cd17504fc0b467ee626ccefb98

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 300x250.html Show response
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4017250493934934444/ Frame 2386 3 KB
1 KB 20ms
19ms Document
text/html 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4017250493934934444/300x250.html

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/adfetch?adk=274594334&adsafe=medium&client=ca-pub-5722610347565274&format=300x250_as&ip=2001:1af8:4700::&output=html&unviewed_position_start=1&url=https://siakapkeli.my/2022/09/01/bersalah-kes-rasuah-projek-solar-rosmah-dipenjara-30-tahun-denda-rm970-juta&sub_client=bidder-341462&aceid=MKoDHwBQF7QAkWA0AbFrNAGbeDQBOXo0AWV6NAG8ezQBD3w0AU18NAGzfDQBGH00AR99NAFLfTQBaX00AYB9NAGHfTQBiH00AY19NAGWfTQBn300AaF9NAG4fTQBvH00AcN9NAHEfTQByn00AUtzQQFQc0EBRPUeAukdXAJYHlwC2x5cAt8eXAJi-4gCn0CqAidCqgI7WqoCX1uqAkx9qgLZjqoCgJuqAoGbqgKCm6oCoqiqAjC3qgK3vaoCGMWqAobNqgJ12qoCVd6qAqDlqgLX8aoCn_SqAj31qgLz9aoCafiqAib7qgJB-6oCv_-qAqYEqwL2BasCbAarAsQJqwILDasC2g2rAtoRqwIPFKsCaBarAoQXqwIDGasCTRmrAoQaqwLiGqsCgRurAoQbqwILHKsCLhyrAmIcqwLhHKsC6xyrAoAdqwJdHqsCgh6rAqAeqwLUHqsCBB-rAqAgqwLBIKsC4CCrAgoiqwJ5IqsCjCKrApIiqwKkIqsCDSOrAssjqwIiJKsCoCSrAs8kqwKdJasCqiarAhknqwJMJ6sCVCirAnAoqwLmKKsC6iirAhIpqwJpKasCfimrAo8pqwI7KqsC-yurAkgsqwJULqsCZi6rAiHtBQNUssUFj4qfDs-T-xJZtfsSzNH7EjPi-xLv7fsS7PP7Epn1-xJr-PsS2_r7Elf--xJmAPwSSgH8Ek8B_BK5AfwS7gH8EgYC_BKZAvwSwLByFFuf6hQNXDcXbRb3F_dWaxqJI8U5ANLrbg&awbid_c=AKAmf-A85k_qXGhs7JPfzYWZLzJxQ_MYuRdoyPFb4eUwIjeFyaExgdZ3TzMSEgL6n0Q6nygtFO1SOwcGi8A_PYMEX6cqCIz2FUo7rGi2UYs_co3BP9oqe6SiZzdjYYD0JUG8MtxsE8AauAZ5n40EMGslpNqV-Nepw0k0y2nsdNm6rljSEzT8RXc&awbid_d=AKAmf-Dajv9A6s8QQ0SMjl6wlrnbypDlnayMa5aYRDMMs5cMhrWTPiKrH-XOhFwEAzY1-hCUbg-S2-g-qFgsXvAjs2P_Fs7ZfEn-6WOS32xuoCFlHzgWOJdwmXRDMzMKii5MeI_AW5WWgXZKHEpJwPld7wis6HAAaGXtTqwC6rC0T1cA3Rt6TeIUxFHhlkj6Pgzu0B5ihdwr-Psy6FK4OpDcBx_rGEihrLdy996SBaFdgfqo5V4SUtHDmoY7-SbddjnvXmtf5Lf4liKfzcW46XwAH0JVWXeLLLop__MaDEDak2e98kSde7orOs0uH-ITr7vTt6HSGoKtAZgScOtBFVJeP4GwkczJ3BbsBmrX9hACZ0w-CvbuiwSab0K0XMIwTxjc5esmOgilYN_TGqQ_YH429a4QRM7wjuxMQWH5ROkao0Co25g7mY13E4F8OA5RYtigCJU4LUF5-pV6KBUnlaP0zmD6rn_EqOqH12efTMojl6Y7I0iTyNczcK-dJSXdKbIPOezLRJRH5FIXDfWf-F5eacYlZDLShr6PcHRXPqH8I48ZPkqpL8zfRuyp7LtNxnfbfSvO4BOyqEdPZyT1xQFFeO7o9iLOc5579ak7NkD6e65w9QisP8MW8dABTDlUEio81zWnN2oahyb9WLYQD9wrbwEI2CZ6zjra6eXet4DNBjzyo5OtEGDwCs8SrNQpMxbjcssBvffxdKOvPweWZQajWcjEJN_MauhLltEyzM9NX05Elh_uLJYzHwe06PpEywouVNf3f5qpK43wvdpyHI0ELI2iofgdQyfx0U98DYwPe7rOoBHZ0b4&cid=CAASBORo-Zs&exk=1227658683&rfl=https%3A%2F%2Fsiakapkeli.my%2F&a_pr=13:YxByxwAAAAADL2M6Fnv_y1PdjmXtmB_3P8x2CQ

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f65f69b16c07734bbd93413e50348d92f8ffc380b4035a265ce8467e50b65468

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 51316
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 1333
content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
cross-origin-resource-policy: cross-origin
date: Wed, 31 Aug 2022 18:37:07 GMT
expires: Thu, 31 Aug 2023 18:37:07 GMT
last-modified: Mon, 15 Aug 2022 12:35:50 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 618E 0
17 B 66ms
65ms Image
text/html 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CtoQtx3IQY76bDMeRrAT8tIroBPLHjelr6s_VxbkQ38aivcABEAEgt-WEIWCRBKAB2ZGSpAPIAQmpAtfAciV_zrA-qAMByANIqgSsAk_Q_JRhtGzuJC71Jao-BfBZYqRV30c-tjlJwFJn5XkoNeuIhUyEJnCKOFO4NUwgRsRbeZiUKC__b0rTxbfVpRHR57HAj6uq0KNl2IxSeXQTjCOzaqlpT6NN2oa7FZZSL_ChBq5lOREvZ2d4avtmjLZt7VtjSDeQtB9STTTDhyCfmY0Q0564-DCSNoqYo9ZA3zsuwVACIn-ycJoRuq081o-vG4Kc6UARdK9AoNZi5guXSfL6QHvvgXQVdmjj_OtrS6vNzqA0WFDswQruAgoeZ5gpNIhDFdCfdb65af6V5jS2gSmOR3KA-Q6Uj-Rl7pvx87UIu3gaNqZjM4M2VVyZWwVYM2DObgveOulEonCQNNGlWFkwEwmPus1f98YIvS1Tpl4bYE8-iIL48V3s-sAEgPG1h58EkgUECAQYAZIFBAgFGASgBi6AB4_u7VuoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHANIIEQiA4YAQEAEYADICqgI6AoBA8ggNYmlkZGVyLTM0MTQ2MoAKBMgLAdgTDdAVAZgWAYAXAbIXCAoGCAASABgA&sigh=W_IUjLxjkA4&uach_m=[UACH]&pr=13:YxByxwAAAAADL2M6Fnv_y1PdjmXtmB_3P8x2CQ&template_id=419&vis=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/adfetch?adk=274594334&adsafe=medium&client=ca-pub-5722610347565274&format=300x250_as&ip=2001:1af8:4700::&output=html&unviewed_position_start=1&url=https://siakapkeli.my/2022/09/01/bersalah-kes-rasuah-projek-solar-rosmah-dipenjara-30-tahun-denda-rm970-juta&sub_client=bidder-341462&aceid=MKoDHwBQF7QAkWA0AbFrNAGbeDQBOXo0AWV6NAG8ezQBD3w0AU18NAGzfDQBGH00AR99NAFLfTQBaX00AYB9NAGHfTQBiH00AY19NAGWfTQBn300AaF9NAG4fTQBvH00AcN9NAHEfTQByn00AUtzQQFQc0EBRPUeAukdXAJYHlwC2x5cAt8eXAJi-4gCn0CqAidCqgI7WqoCX1uqAkx9qgLZjqoCgJuqAoGbqgKCm6oCoqiqAjC3qgK3vaoCGMWqAobNqgJ12qoCVd6qAqDlqgLX8aoCn_SqAj31qgLz9aoCafiqAib7qgJB-6oCv_-qAqYEqwL2BasCbAarAsQJqwILDasC2g2rAtoRqwIPFKsCaBarAoQXqwIDGasCTRmrAoQaqwLiGqsCgRurAoQbqwILHKsCLhyrAmIcqwLhHKsC6xyrAoAdqwJdHqsCgh6rAqAeqwLUHqsCBB-rAqAgqwLBIKsC4CCrAgoiqwJ5IqsCjCKrApIiqwKkIqsCDSOrAssjqwIiJKsCoCSrAs8kqwKdJasCqiarAhknqwJMJ6sCVCirAnAoqwLmKKsC6iirAhIpqwJpKasCfimrAo8pqwI7KqsC-yurAkgsqwJULqsCZi6rAiHtBQNUssUFj4qfDs-T-xJZtfsSzNH7EjPi-xLv7fsS7PP7Epn1-xJr-PsS2_r7Elf--xJmAPwSSgH8Ek8B_BK5AfwS7gH8EgYC_BKZAvwSwLByFFuf6hQNXDcXbRb3F_dWaxqJI8U5ANLrbg&awbid_c=AKAmf-A85k_qXGhs7JPfzYWZLzJxQ_MYuRdoyPFb4eUwIjeFyaExgdZ3TzMSEgL6n0Q6nygtFO1SOwcGi8A_PYMEX6cqCIz2FUo7rGi2UYs_co3BP9oqe6SiZzdjYYD0JUG8MtxsE8AauAZ5n40EMGslpNqV-Nepw0k0y2nsdNm6rljSEzT8RXc&awbid_d=AKAmf-Dajv9A6s8QQ0SMjl6wlrnbypDlnayMa5aYRDMMs5cMhrWTPiKrH-XOhFwEAzY1-hCUbg-S2-g-qFgsXvAjs2P_Fs7ZfEn-6WOS32xuoCFlHzgWOJdwmXRDMzMKii5MeI_AW5WWgXZKHEpJwPld7wis6HAAaGXtTqwC6rC0T1cA3Rt6TeIUxFHhlkj6Pgzu0B5ihdwr-Psy6FK4OpDcBx_rGEihrLdy996SBaFdgfqo5V4SUtHDmoY7-SbddjnvXmtf5Lf4liKfzcW46XwAH0JVWXeLLLop__MaDEDak2e98kSde7orOs0uH-ITr7vTt6HSGoKtAZgScOtBFVJeP4GwkczJ3BbsBmrX9hACZ0w-CvbuiwSab0K0XMIwTxjc5esmOgilYN_TGqQ_YH429a4QRM7wjuxMQWH5ROkao0Co25g7mY13E4F8OA5RYtigCJU4LUF5-pV6KBUnlaP0zmD6rn_EqOqH12efTMojl6Y7I0iTyNczcK-dJSXdKbIPOezLRJRH5FIXDfWf-F5eacYlZDLShr6PcHRXPqH8I48ZPkqpL8zfRuyp7LtNxnfbfSvO4BOyqEdPZyT1xQFFeO7o9iLOc5579ak7NkD6e65w9QisP8MW8dABTDlUEio81zWnN2oahyb9WLYQD9wrbwEI2CZ6zjra6eXet4DNBjzyo5OtEGDwCs8SrNQpMxbjcssBvffxdKOvPweWZQajWcjEJN_MauhLltEyzM9NX05Elh_uLJYzHwe06PpEywouVNf3f5qpK43wvdpyHI0ELI2iofgdQyfx0U98DYwPe7rOoBHZ0b4&cid=CAASBORo-Zs&exk=1227658683&rfl=https%3A%2F%2Fsiakapkeli.my%2F&a_pr=13:YxByxwAAAAADL2M6Fnv_y1PdjmXtmB_3P8x2CQ

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/adfetch?adk=274594334&adsafe=medium&client=ca-pub-5722610347565274&format=300x250_as&ip=2001:1af8:4700::&output=html&unviewed_position_start=1&url=https://siakapkeli.my/2022/09/01/bersalah-kes-rasuah-projek-solar-rosmah-dipenjara-30-tahun-denda-rm970-juta&sub_client=bidder-341462&aceid=MKoDHwBQF7QAkWA0AbFrNAGbeDQBOXo0AWV6NAG8ezQBD3w0AU18NAGzfDQBGH00AR99NAFLfTQBaX00AYB9NAGHfTQBiH00AY19NAGWfTQBn300AaF9NAG4fTQBvH00AcN9NAHEfTQByn00AUtzQQFQc0EBRPUeAukdXAJYHlwC2x5cAt8eXAJi-4gCn0CqAidCqgI7WqoCX1uqAkx9qgLZjqoCgJuqAoGbqgKCm6oCoqiqAjC3qgK3vaoCGMWqAobNqgJ12qoCVd6qAqDlqgLX8aoCn_SqAj31qgLz9aoCafiqAib7qgJB-6oCv_-qAqYEqwL2BasCbAarAsQJqwILDasC2g2rAtoRqwIPFKsCaBarAoQXqwIDGasCTRmrAoQaqwLiGqsCgRurAoQbqwILHKsCLhyrAmIcqwLhHKsC6xyrAoAdqwJdHqsCgh6rAqAeqwLUHqsCBB-rAqAgqwLBIKsC4CCrAgoiqwJ5IqsCjCKrApIiqwKkIqsCDSOrAssjqwIiJKsCoCSrAs8kqwKdJasCqiarAhknqwJMJ6sCVCirAnAoqwLmKKsC6iirAhIpqwJpKasCfimrAo8pqwI7KqsC-yurAkgsqwJULqsCZi6rAiHtBQNUssUFj4qfDs-T-xJZtfsSzNH7EjPi-xLv7fsS7PP7Epn1-xJr-PsS2_r7Elf--xJmAPwSSgH8Ek8B_BK5AfwS7gH8EgYC_BKZAvwSwLByFFuf6hQNXDcXbRb3F_dWaxqJI8U5ANLrbg&awbid_c=AKAmf-A85k_qXGhs7JPfzYWZLzJxQ_MYuRdoyPFb4eUwIjeFyaExgdZ3TzMSEgL6n0Q6nygtFO1SOwcGi8A_PYMEX6cqCIz2FUo7rGi2UYs_co3BP9oqe6SiZzdjYYD0JUG8MtxsE8AauAZ5n40EMGslpNqV-Nepw0k0y2nsdNm6rljSEzT8RXc&awbid_d=AKAmf-Dajv9A6s8QQ0SMjl6wlrnbypDlnayMa5aYRDMMs5cMhrWTPiKrH-XOhFwEAzY1-hCUbg-S2-g-qFgsXvAjs2P_Fs7ZfEn-6WOS32xuoCFlHzgWOJdwmXRDMzMKii5MeI_AW5WWgXZKHEpJwPld7wis6HAAaGXtTqwC6rC0T1cA3Rt6TeIUxFHhlkj6Pgzu0B5ihdwr-Psy6FK4OpDcBx_rGEihrLdy996SBaFdgfqo5V4SUtHDmoY7-SbddjnvXmtf5Lf4liKfzcW46XwAH0JVWXeLLLop__MaDEDak2e98kSde7orOs0uH-ITr7vTt6HSGoKtAZgScOtBFVJeP4GwkczJ3BbsBmrX9hACZ0w-CvbuiwSab0K0XMIwTxjc5esmOgilYN_TGqQ_YH429a4QRM7wjuxMQWH5ROkao0Co25g7mY13E4F8OA5RYtigCJU4LUF5-pV6KBUnlaP0zmD6rn_EqOqH12efTMojl6Y7I0iTyNczcK-dJSXdKbIPOezLRJRH5FIXDfWf-F5eacYlZDLShr6PcHRXPqH8I48ZPkqpL8zfRuyp7LtNxnfbfSvO4BOyqEdPZyT1xQFFeO7o9iLOc5579ak7NkD6e65w9QisP8MW8dABTDlUEio81zWnN2oahyb9WLYQD9wrbwEI2CZ6zjra6eXet4DNBjzyo5OtEGDwCs8SrNQpMxbjcssBvffxdKOvPweWZQajWcjEJN_MauhLltEyzM9NX05Elh_uLJYzHwe06PpEywouVNf3f5qpK43wvdpyHI0ELI2iofgdQyfx0U98DYwPe7rOoBHZ0b4&cid=CAASBORo-Zs&exk=1227658683&rfl=https%3A%2F%2Fsiakapkeli.my%2F&a_pr=13:YxByxwAAAAADL2M6Fnv_y1PdjmXtmB_3P8x2CQ
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Thu, 01 Sep 2022 08:52:23 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 200 abg_lite.js Show response
tpc.googlesyndication.com/pagead/js/r20220829/r20110914/ Frame 618E 30 KB
12 KB 19ms
18ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220829/r20110914/abg_lite.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/adfetch?adk=274594334&adsafe=medium&client=ca-pub-5722610347565274&format=300x250_as&ip=2001:1af8:4700::&output=html&unviewed_position_start=1&url=https://siakapkeli.my/2022/09/01/bersalah-kes-rasuah-projek-solar-rosmah-dipenjara-30-tahun-denda-rm970-juta&sub_client=bidder-341462&aceid=MKoDHwBQF7QAkWA0AbFrNAGbeDQBOXo0AWV6NAG8ezQBD3w0AU18NAGzfDQBGH00AR99NAFLfTQBaX00AYB9NAGHfTQBiH00AY19NAGWfTQBn300AaF9NAG4fTQBvH00AcN9NAHEfTQByn00AUtzQQFQc0EBRPUeAukdXAJYHlwC2x5cAt8eXAJi-4gCn0CqAidCqgI7WqoCX1uqAkx9qgLZjqoCgJuqAoGbqgKCm6oCoqiqAjC3qgK3vaoCGMWqAobNqgJ12qoCVd6qAqDlqgLX8aoCn_SqAj31qgLz9aoCafiqAib7qgJB-6oCv_-qAqYEqwL2BasCbAarAsQJqwILDasC2g2rAtoRqwIPFKsCaBarAoQXqwIDGasCTRmrAoQaqwLiGqsCgRurAoQbqwILHKsCLhyrAmIcqwLhHKsC6xyrAoAdqwJdHqsCgh6rAqAeqwLUHqsCBB-rAqAgqwLBIKsC4CCrAgoiqwJ5IqsCjCKrApIiqwKkIqsCDSOrAssjqwIiJKsCoCSrAs8kqwKdJasCqiarAhknqwJMJ6sCVCirAnAoqwLmKKsC6iirAhIpqwJpKasCfimrAo8pqwI7KqsC-yurAkgsqwJULqsCZi6rAiHtBQNUssUFj4qfDs-T-xJZtfsSzNH7EjPi-xLv7fsS7PP7Epn1-xJr-PsS2_r7Elf--xJmAPwSSgH8Ek8B_BK5AfwS7gH8EgYC_BKZAvwSwLByFFuf6hQNXDcXbRb3F_dWaxqJI8U5ANLrbg&awbid_c=AKAmf-A85k_qXGhs7JPfzYWZLzJxQ_MYuRdoyPFb4eUwIjeFyaExgdZ3TzMSEgL6n0Q6nygtFO1SOwcGi8A_PYMEX6cqCIz2FUo7rGi2UYs_co3BP9oqe6SiZzdjYYD0JUG8MtxsE8AauAZ5n40EMGslpNqV-Nepw0k0y2nsdNm6rljSEzT8RXc&awbid_d=AKAmf-Dajv9A6s8QQ0SMjl6wlrnbypDlnayMa5aYRDMMs5cMhrWTPiKrH-XOhFwEAzY1-hCUbg-S2-g-qFgsXvAjs2P_Fs7ZfEn-6WOS32xuoCFlHzgWOJdwmXRDMzMKii5MeI_AW5WWgXZKHEpJwPld7wis6HAAaGXtTqwC6rC0T1cA3Rt6TeIUxFHhlkj6Pgzu0B5ihdwr-Psy6FK4OpDcBx_rGEihrLdy996SBaFdgfqo5V4SUtHDmoY7-SbddjnvXmtf5Lf4liKfzcW46XwAH0JVWXeLLLop__MaDEDak2e98kSde7orOs0uH-ITr7vTt6HSGoKtAZgScOtBFVJeP4GwkczJ3BbsBmrX9hACZ0w-CvbuiwSab0K0XMIwTxjc5esmOgilYN_TGqQ_YH429a4QRM7wjuxMQWH5ROkao0Co25g7mY13E4F8OA5RYtigCJU4LUF5-pV6KBUnlaP0zmD6rn_EqOqH12efTMojl6Y7I0iTyNczcK-dJSXdKbIPOezLRJRH5FIXDfWf-F5eacYlZDLShr6PcHRXPqH8I48ZPkqpL8zfRuyp7LtNxnfbfSvO4BOyqEdPZyT1xQFFeO7o9iLOc5579ak7NkD6e65w9QisP8MW8dABTDlUEio81zWnN2oahyb9WLYQD9wrbwEI2CZ6zjra6eXet4DNBjzyo5OtEGDwCs8SrNQpMxbjcssBvffxdKOvPweWZQajWcjEJN_MauhLltEyzM9NX05Elh_uLJYzHwe06PpEywouVNf3f5qpK43wvdpyHI0ELI2iofgdQyfx0U98DYwPe7rOoBHZ0b4&cid=CAASBORo-Zs&exk=1227658683&rfl=https%3A%2F%2Fsiakapkeli.my%2F&a_pr=13:YxByxwAAAAADL2M6Fnv_y1PdjmXtmB_3P8x2CQ

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

dac404ab5c3fcdc83e30b66349bccf92526406c5fdd63b9c1394acf78348ac52

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Thu, 01 Sep 2022 08:37:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 891
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11766
x-xss-protection: 0
server: cafe
etag: 14053427913132020778
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 15 Sep 2022 08:37:32 GMT

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame B78F 15 KB
15 KB 61ms
20ms Font
font/woff2 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Thu, 01 Sep 2022 08:01:51 GMT
x-content-type-options: nosniff
age: 3032
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 01 Sep 2023 08:01:51 GMT

GET
H3 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame B78F 15 KB
16 KB 61ms
22ms Font
font/woff2 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Sun, 28 Aug 2022 05:29:41 GMT
x-content-type-options: nosniff
age: 357762
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 28 Aug 2023 05:29:41 GMT

GET
H3 200 KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame B78F 15 KB
15 KB 63ms
27ms Font
font/woff2 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Mon, 29 Aug 2022 11:47:17 GMT
x-content-type-options: nosniff
age: 248706
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15740
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 29 Aug 2023 11:47:17 GMT

GET
H2

200

sid Show response
mug.criteo.com/ Frame EC48
Redirect Chain

https://gum.criteo.com/sid/json?origin=publishertagids&domain=siakapkeli.my&sn=ChromeSyncframe&so=0&topUrl=siakapkeli.my&cw=1&lsw=1&topicsavail=0&fledgeavail=0
https://mug.criteo.com/sid?cpp=oami5nw0VC83UmVMSnZRcWFVdnl3WW9rVkN6WDRSZzJYb1hBUVdMb0lBZTN1V2pKcnlLZExzRUdrN2FEL2RvaDg0OXErUXZUMlpucnRyV3ZhMjA2cjk4aWtjcHdSMEtGRVlhcEluTi9wdVMxRWpjS2NpQitmQXlUQlFkYW...

449 B
658 B

208ms
30ms

Fetch
application/json

178.250.0.157
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=oami5nw0VC83UmVMSnZRcWFVdnl3WW9rVkN6WDRSZzJYb1hBUVdMb0lBZTN1V2pKcnlLZExzRUdrN2FEL2RvaDg0OXErUXZUMlpucnRyV3ZhMjA2cjk4aWtjcHdSMEtGRVlhcEluTi9wdVMxRWpjS2NpQitmQXlUQlFkYW1wVnBvQVVJVEs2ZXJiekR1bFVsZTFwaXFlOUUxZVpzMFZTNmgyRG5kKzM2NmhkbktCcjRXczZxbmFJZDU5ZDNxUE15cTQ1TmxFVWV6bFIzZk1GU05SRGM4eWxBOGMwbkhyVTYyMWNFSEV1K2w0akdEeUhQSXIycmhuTEUvanhiV3VKMlQrQ1ZBaDFBTVoyOEk2djVKTWdvRjlLbi8yUEo3NHc1U0dPOWRIV1lVdy8rbEtxOD18&cppv=2

Requested by

Host: siakapkeli.my
URL: https://siakapkeli.my/2022/09/01/bersalah-kes-rasuah-projek-solar-rosmah-dipenjara-30-tahun-denda-rm970-juta/

Protocol

Server

178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

2e5748c93df04d1b67860f1fc4cd6444093de13f5a0066cf85fdfbb1c04d031b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 01 Sep 2022 08:52:23 GMT
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 5083301
strict-transport-security: max-age=31536000; preload;
expires: 0

Redirect headers

pragma: no-cache
date: Thu, 01 Sep 2022 08:52:23 GMT
server: Kestrel
strict-transport-security: max-age=31536000; preload;
location: https://mug.criteo.com/sid?cpp=oami5nw0VC83UmVMSnZRcWFVdnl3WW9rVkN6WDRSZzJYb1hBUVdMb0lBZTN1V2pKcnlLZExzRUdrN2FEL2RvaDg0OXErUXZUMlpucnRyV3ZhMjA2cjk4aWtjcHdSMEtGRVlhcEluTi9wdVMxRWpjS2NpQitmQXlUQlFkYW1wVnBvQVVJVEs2ZXJiekR1bFVsZTFwaXFlOUUxZVpzMFZTNmgyRG5kKzM2NmhkbktCcjRXczZxbmFJZDU5ZDNxUE15cTQ1TmxFVWV6bFIzZk1GU05SRGM4eWxBOGMwbkhyVTYyMWNFSEV1K2w0akdEeUhQSXIycmhuTEUvanhiV3VKMlQrQ1ZBaDFBTVoyOEk2djVKTWdvRjlLbi8yUEo3NHc1U0dPOWRIV1lVdy8rbEtxOD18&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 500307
content-length: 0
expires: 0

GET
H3 200 X5Wcp9Ugq7sZToVDu26YRTjm5OYazRuFrO0o8wz5lEo.js Show response
pagead2.googlesyndication.com/bg/ Frame 2C9F 36 KB
15 KB 19ms
19ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/X5Wcp9Ugq7sZToVDu26YRTjm5OYazRuFrO0o8wz5lEo.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5f959ca7d520abbb194e8543bb6e984538e6e4e61acd1b85aced28f30cf9944a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Thu, 01 Sep 2022 08:44:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 473
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15759
x-xss-protection: 0
last-modified: Mon, 22 Aug 2022 11:08:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 01 Sep 2023 08:44:30 GMT

GET
H3 200 exitapi-impl.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/api/ Frame 2386 9 KB
3 KB 21ms
20ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/api/exitapi-impl.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4017250493934934444/300x250.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d661244532ddce6a92fb96fde511e23ea4de69ff2e41a5bffb884caa71166e01

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Wed, 31 Aug 2022 09:41:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 83445
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3271
x-xss-protection: 0
server: cafe
etag: 7483759447172721109
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Thu, 01 Sep 2022 09:41:38 GMT

GET
H3 200 addata.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame 2386 26 KB
10 KB 21ms
20ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4017250493934934444/300x250.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

54a66c4693bfd79901040269ae7d7304508cbd02859797a1780f2bbe72176e23

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Thu, 01 Sep 2022 04:14:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 16699
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10382
x-xss-protection: 0
server: cafe
etag: 12806417668659483808
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Fri, 02 Sep 2022 04:14:04 GMT

GET
H2 200 createjs_2019.11.15_min.js Show response
s0.2mdn.net/ads/studio/cached_libs/ Frame 2386 236 KB
63 KB 115ms
28ms Script
text/javascript 2a00:1450:4001:810::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/studio/cached_libs/createjs_2019.11.15_min.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4017250493934934444/300x250.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bc12347103da4da2ac30f8b4defd567679284e0bad691a54fad78ad804fc9c27

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Thu, 01 Sep 2022 08:52:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 64275
x-xss-protection: 0
last-modified: Fri, 15 Nov 2019 19:16:20 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=0
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 01 Sep 2022 08:52:23 GMT

GET
H3 200 300x250.js Show response
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4017250493934934444/ Frame 2386 242 KB
50 KB 22ms
21ms Script
application/x-javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4017250493934934444/300x250.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4017250493934934444/300x250.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ffa47a378fb9016f551770c396b755767014c1f1df831f78cc4c482d36146b0a

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding: gzip
x-content-type-options: nosniff
age: 51316
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 51254
x-xss-protection: 0
last-modified: Mon, 15 Aug 2022 12:35:50 GMT
server: sffe
date: Wed, 31 Aug 2022 18:37:07 GMT
vary: Accept-Encoding
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 31 Aug 2023 18:37:07 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame F900 143 B
163 B 19ms
18ms Document
text/html 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/adfetch?adk=274594334&adsafe=medium&client=ca-pub-5722610347565274&format=300x250_as&ip=2001:1af8:4700::&output=html&unviewed_position_start=1&url=https://siakapkeli.my/2022/09/01/bersalah-kes-rasuah-projek-solar-rosmah-dipenjara-30-tahun-denda-rm970-juta&sub_client=bidder-341462&aceid=MKoDHwBQF7QAkWA0AbFrNAGbeDQBOXo0AWV6NAG8ezQBD3w0AU18NAGzfDQBGH00AR99NAFLfTQBaX00AYB9NAGHfTQBiH00AY19NAGWfTQBn300AaF9NAG4fTQBvH00AcN9NAHEfTQByn00AUtzQQFQc0EBRPUeAukdXAJYHlwC2x5cAt8eXAJi-4gCn0CqAidCqgI7WqoCX1uqAkx9qgLZjqoCgJuqAoGbqgKCm6oCoqiqAjC3qgK3vaoCGMWqAobNqgJ12qoCVd6qAqDlqgLX8aoCn_SqAj31qgLz9aoCafiqAib7qgJB-6oCv_-qAqYEqwL2BasCbAarAsQJqwILDasC2g2rAtoRqwIPFKsCaBarAoQXqwIDGasCTRmrAoQaqwLiGqsCgRurAoQbqwILHKsCLhyrAmIcqwLhHKsC6xyrAoAdqwJdHqsCgh6rAqAeqwLUHqsCBB-rAqAgqwLBIKsC4CCrAgoiqwJ5IqsCjCKrApIiqwKkIqsCDSOrAssjqwIiJKsCoCSrAs8kqwKdJasCqiarAhknqwJMJ6sCVCirAnAoqwLmKKsC6iirAhIpqwJpKasCfimrAo8pqwI7KqsC-yurAkgsqwJULqsCZi6rAiHtBQNUssUFj4qfDs-T-xJZtfsSzNH7EjPi-xLv7fsS7PP7Epn1-xJr-PsS2_r7Elf--xJmAPwSSgH8Ek8B_BK5AfwS7gH8EgYC_BKZAvwSwLByFFuf6hQNXDcXbRb3F_dWaxqJI8U5ANLrbg&awbid_c=AKAmf-A85k_qXGhs7JPfzYWZLzJxQ_MYuRdoyPFb4eUwIjeFyaExgdZ3TzMSEgL6n0Q6nygtFO1SOwcGi8A_PYMEX6cqCIz2FUo7rGi2UYs_co3BP9oqe6SiZzdjYYD0JUG8MtxsE8AauAZ5n40EMGslpNqV-Nepw0k0y2nsdNm6rljSEzT8RXc&awbid_d=AKAmf-Dajv9A6s8QQ0SMjl6wlrnbypDlnayMa5aYRDMMs5cMhrWTPiKrH-XOhFwEAzY1-hCUbg-S2-g-qFgsXvAjs2P_Fs7ZfEn-6WOS32xuoCFlHzgWOJdwmXRDMzMKii5MeI_AW5WWgXZKHEpJwPld7wis6HAAaGXtTqwC6rC0T1cA3Rt6TeIUxFHhlkj6Pgzu0B5ihdwr-Psy6FK4OpDcBx_rGEihrLdy996SBaFdgfqo5V4SUtHDmoY7-SbddjnvXmtf5Lf4liKfzcW46XwAH0JVWXeLLLop__MaDEDak2e98kSde7orOs0uH-ITr7vTt6HSGoKtAZgScOtBFVJeP4GwkczJ3BbsBmrX9hACZ0w-CvbuiwSab0K0XMIwTxjc5esmOgilYN_TGqQ_YH429a4QRM7wjuxMQWH5ROkao0Co25g7mY13E4F8OA5RYtigCJU4LUF5-pV6KBUnlaP0zmD6rn_EqOqH12efTMojl6Y7I0iTyNczcK-dJSXdKbIPOezLRJRH5FIXDfWf-F5eacYlZDLShr6PcHRXPqH8I48ZPkqpL8zfRuyp7LtNxnfbfSvO4BOyqEdPZyT1xQFFeO7o9iLOc5579ak7NkD6e65w9QisP8MW8dABTDlUEio81zWnN2oahyb9WLYQD9wrbwEI2CZ6zjra6eXet4DNBjzyo5OtEGDwCs8SrNQpMxbjcssBvffxdKOvPweWZQajWcjEJN_MauhLltEyzM9NX05Elh_uLJYzHwe06PpEywouVNf3f5qpK43wvdpyHI0ELI2iofgdQyfx0U98DYwPe7rOoBHZ0b4&cid=CAASBORo-Zs&exk=1227658683&rfl=https%3A%2F%2Fsiakapkeli.my%2F&a_pr=13:YxByxwAAAAADL2M6Fnv_y1PdjmXtmB_3P8x2CQ

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/adfetch?adk=274594334&adsafe=medium&client=ca-pub-5722610347565274&format=300x250_as&ip=2001:1af8:4700::&output=html&unviewed_position_start=1&url=https://siakapkeli.my/2022/09/01/bersalah-kes-rasuah-projek-solar-rosmah-dipenjara-30-tahun-denda-rm970-juta&sub_client=bidder-341462&aceid=MKoDHwBQF7QAkWA0AbFrNAGbeDQBOXo0AWV6NAG8ezQBD3w0AU18NAGzfDQBGH00AR99NAFLfTQBaX00AYB9NAGHfTQBiH00AY19NAGWfTQBn300AaF9NAG4fTQBvH00AcN9NAHEfTQByn00AUtzQQFQc0EBRPUeAukdXAJYHlwC2x5cAt8eXAJi-4gCn0CqAidCqgI7WqoCX1uqAkx9qgLZjqoCgJuqAoGbqgKCm6oCoqiqAjC3qgK3vaoCGMWqAobNqgJ12qoCVd6qAqDlqgLX8aoCn_SqAj31qgLz9aoCafiqAib7qgJB-6oCv_-qAqYEqwL2BasCbAarAsQJqwILDasC2g2rAtoRqwIPFKsCaBarAoQXqwIDGasCTRmrAoQaqwLiGqsCgRurAoQbqwILHKsCLhyrAmIcqwLhHKsC6xyrAoAdqwJdHqsCgh6rAqAeqwLUHqsCBB-rAqAgqwLBIKsC4CCrAgoiqwJ5IqsCjCKrApIiqwKkIqsCDSOrAssjqwIiJKsCoCSrAs8kqwKdJasCqiarAhknqwJMJ6sCVCirAnAoqwLmKKsC6iirAhIpqwJpKasCfimrAo8pqwI7KqsC-yurAkgsqwJULqsCZi6rAiHtBQNUssUFj4qfDs-T-xJZtfsSzNH7EjPi-xLv7fsS7PP7Epn1-xJr-PsS2_r7Elf--xJmAPwSSgH8Ek8B_BK5AfwS7gH8EgYC_BKZAvwSwLByFFuf6hQNXDcXbRb3F_dWaxqJI8U5ANLrbg&awbid_c=AKAmf-A85k_qXGhs7JPfzYWZLzJxQ_MYuRdoyPFb4eUwIjeFyaExgdZ3TzMSEgL6n0Q6nygtFO1SOwcGi8A_PYMEX6cqCIz2FUo7rGi2UYs_co3BP9oqe6SiZzdjYYD0JUG8MtxsE8AauAZ5n40EMGslpNqV-Nepw0k0y2nsdNm6rljSEzT8RXc&awbid_d=AKAmf-Dajv9A6s8QQ0SMjl6wlrnbypDlnayMa5aYRDMMs5cMhrWTPiKrH-XOhFwEAzY1-hCUbg-S2-g-qFgsXvAjs2P_Fs7ZfEn-6WOS32xuoCFlHzgWOJdwmXRDMzMKii5MeI_AW5WWgXZKHEpJwPld7wis6HAAaGXtTqwC6rC0T1cA3Rt6TeIUxFHhlkj6Pgzu0B5ihdwr-Psy6FK4OpDcBx_rGEihrLdy996SBaFdgfqo5V4SUtHDmoY7-SbddjnvXmtf5Lf4liKfzcW46XwAH0JVWXeLLLop__MaDEDak2e98kSde7orOs0uH-ITr7vTt6HSGoKtAZgScOtBFVJeP4GwkczJ3BbsBmrX9hACZ0w-CvbuiwSab0K0XMIwTxjc5esmOgilYN_TGqQ_YH429a4QRM7wjuxMQWH5ROkao0Co25g7mY13E4F8OA5RYtigCJU4LUF5-pV6KBUnlaP0zmD6rn_EqOqH12efTMojl6Y7I0iTyNczcK-dJSXdKbIPOezLRJRH5FIXDfWf-F5eacYlZDLShr6PcHRXPqH8I48ZPkqpL8zfRuyp7LtNxnfbfSvO4BOyqEdPZyT1xQFFeO7o9iLOc5579ak7NkD6e65w9QisP8MW8dABTDlUEio81zWnN2oahyb9WLYQD9wrbwEI2CZ6zjra6eXet4DNBjzyo5OtEGDwCs8SrNQpMxbjcssBvffxdKOvPweWZQajWcjEJN_MauhLltEyzM9NX05Elh_uLJYzHwe06PpEywouVNf3f5qpK43wvdpyHI0ELI2iofgdQyfx0U98DYwPe7rOoBHZ0b4&cid=CAASBORo-Zs&exk=1227658683&rfl=https%3A%2F%2Fsiakapkeli.my%2F&a_pr=13:YxByxwAAAAADL2M6Fnv_y1PdjmXtmB_3P8x2CQ
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

age: 783
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
date: Thu, 01 Sep 2022 08:39:20 GMT
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 window_focus.js Show response
tpc.googlesyndication.com/pagead/js/r20220829/r20110914/client/ Frame 618E 3 KB
1 KB 23ms
23ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220829/r20110914/client/window_focus.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/adfetch?adk=274594334&adsafe=medium&client=ca-pub-5722610347565274&format=300x250_as&ip=2001:1af8:4700::&output=html&unviewed_position_start=1&url=https://siakapkeli.my/2022/09/01/bersalah-kes-rasuah-projek-solar-rosmah-dipenjara-30-tahun-denda-rm970-juta&sub_client=bidder-341462&aceid=MKoDHwBQF7QAkWA0AbFrNAGbeDQBOXo0AWV6NAG8ezQBD3w0AU18NAGzfDQBGH00AR99NAFLfTQBaX00AYB9NAGHfTQBiH00AY19NAGWfTQBn300AaF9NAG4fTQBvH00AcN9NAHEfTQByn00AUtzQQFQc0EBRPUeAukdXAJYHlwC2x5cAt8eXAJi-4gCn0CqAidCqgI7WqoCX1uqAkx9qgLZjqoCgJuqAoGbqgKCm6oCoqiqAjC3qgK3vaoCGMWqAobNqgJ12qoCVd6qAqDlqgLX8aoCn_SqAj31qgLz9aoCafiqAib7qgJB-6oCv_-qAqYEqwL2BasCbAarAsQJqwILDasC2g2rAtoRqwIPFKsCaBarAoQXqwIDGasCTRmrAoQaqwLiGqsCgRurAoQbqwILHKsCLhyrAmIcqwLhHKsC6xyrAoAdqwJdHqsCgh6rAqAeqwLUHqsCBB-rAqAgqwLBIKsC4CCrAgoiqwJ5IqsCjCKrApIiqwKkIqsCDSOrAssjqwIiJKsCoCSrAs8kqwKdJasCqiarAhknqwJMJ6sCVCirAnAoqwLmKKsC6iirAhIpqwJpKasCfimrAo8pqwI7KqsC-yurAkgsqwJULqsCZi6rAiHtBQNUssUFj4qfDs-T-xJZtfsSzNH7EjPi-xLv7fsS7PP7Epn1-xJr-PsS2_r7Elf--xJmAPwSSgH8Ek8B_BK5AfwS7gH8EgYC_BKZAvwSwLByFFuf6hQNXDcXbRb3F_dWaxqJI8U5ANLrbg&awbid_c=AKAmf-A85k_qXGhs7JPfzYWZLzJxQ_MYuRdoyPFb4eUwIjeFyaExgdZ3TzMSEgL6n0Q6nygtFO1SOwcGi8A_PYMEX6cqCIz2FUo7rGi2UYs_co3BP9oqe6SiZzdjYYD0JUG8MtxsE8AauAZ5n40EMGslpNqV-Nepw0k0y2nsdNm6rljSEzT8RXc&awbid_d=AKAmf-Dajv9A6s8QQ0SMjl6wlrnbypDlnayMa5aYRDMMs5cMhrWTPiKrH-XOhFwEAzY1-hCUbg-S2-g-qFgsXvAjs2P_Fs7ZfEn-6WOS32xuoCFlHzgWOJdwmXRDMzMKii5MeI_AW5WWgXZKHEpJwPld7wis6HAAaGXtTqwC6rC0T1cA3Rt6TeIUxFHhlkj6Pgzu0B5ihdwr-Psy6FK4OpDcBx_rGEihrLdy996SBaFdgfqo5V4SUtHDmoY7-SbddjnvXmtf5Lf4liKfzcW46XwAH0JVWXeLLLop__MaDEDak2e98kSde7orOs0uH-ITr7vTt6HSGoKtAZgScOtBFVJeP4GwkczJ3BbsBmrX9hACZ0w-CvbuiwSab0K0XMIwTxjc5esmOgilYN_TGqQ_YH429a4QRM7wjuxMQWH5ROkao0Co25g7mY13E4F8OA5RYtigCJU4LUF5-pV6KBUnlaP0zmD6rn_EqOqH12efTMojl6Y7I0iTyNczcK-dJSXdKbIPOezLRJRH5FIXDfWf-F5eacYlZDLShr6PcHRXPqH8I48ZPkqpL8zfRuyp7LtNxnfbfSvO4BOyqEdPZyT1xQFFeO7o9iLOc5579ak7NkD6e65w9QisP8MW8dABTDlUEio81zWnN2oahyb9WLYQD9wrbwEI2CZ6zjra6eXet4DNBjzyo5OtEGDwCs8SrNQpMxbjcssBvffxdKOvPweWZQajWcjEJN_MauhLltEyzM9NX05Elh_uLJYzHwe06PpEywouVNf3f5qpK43wvdpyHI0ELI2iofgdQyfx0U98DYwPe7rOoBHZ0b4&cid=CAASBORo-Zs&exk=1227658683&rfl=https%3A%2F%2Fsiakapkeli.my%2F&a_pr=13:YxByxwAAAAADL2M6Fnv_y1PdjmXtmB_3P8x2CQ

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b59e198c356c79d1ba89670c50cdb7e54181037f277ee106126caf570278bc11

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Thu, 01 Sep 2022 08:46:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 335
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1432
x-xss-protection: 0
server: cafe
etag: 15450667304708860052
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 15 Sep 2022 08:46:48 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 618E 142 KB
44 KB 32ms
32ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/adfetch?adk=274594334&adsafe=medium&client=ca-pub-5722610347565274&format=300x250_as&ip=2001:1af8:4700::&output=html&unviewed_position_start=1&url=https://siakapkeli.my/2022/09/01/bersalah-kes-rasuah-projek-solar-rosmah-dipenjara-30-tahun-denda-rm970-juta&sub_client=bidder-341462&aceid=MKoDHwBQF7QAkWA0AbFrNAGbeDQBOXo0AWV6NAG8ezQBD3w0AU18NAGzfDQBGH00AR99NAFLfTQBaX00AYB9NAGHfTQBiH00AY19NAGWfTQBn300AaF9NAG4fTQBvH00AcN9NAHEfTQByn00AUtzQQFQc0EBRPUeAukdXAJYHlwC2x5cAt8eXAJi-4gCn0CqAidCqgI7WqoCX1uqAkx9qgLZjqoCgJuqAoGbqgKCm6oCoqiqAjC3qgK3vaoCGMWqAobNqgJ12qoCVd6qAqDlqgLX8aoCn_SqAj31qgLz9aoCafiqAib7qgJB-6oCv_-qAqYEqwL2BasCbAarAsQJqwILDasC2g2rAtoRqwIPFKsCaBarAoQXqwIDGasCTRmrAoQaqwLiGqsCgRurAoQbqwILHKsCLhyrAmIcqwLhHKsC6xyrAoAdqwJdHqsCgh6rAqAeqwLUHqsCBB-rAqAgqwLBIKsC4CCrAgoiqwJ5IqsCjCKrApIiqwKkIqsCDSOrAssjqwIiJKsCoCSrAs8kqwKdJasCqiarAhknqwJMJ6sCVCirAnAoqwLmKKsC6iirAhIpqwJpKasCfimrAo8pqwI7KqsC-yurAkgsqwJULqsCZi6rAiHtBQNUssUFj4qfDs-T-xJZtfsSzNH7EjPi-xLv7fsS7PP7Epn1-xJr-PsS2_r7Elf--xJmAPwSSgH8Ek8B_BK5AfwS7gH8EgYC_BKZAvwSwLByFFuf6hQNXDcXbRb3F_dWaxqJI8U5ANLrbg&awbid_c=AKAmf-A85k_qXGhs7JPfzYWZLzJxQ_MYuRdoyPFb4eUwIjeFyaExgdZ3TzMSEgL6n0Q6nygtFO1SOwcGi8A_PYMEX6cqCIz2FUo7rGi2UYs_co3BP9oqe6SiZzdjYYD0JUG8MtxsE8AauAZ5n40EMGslpNqV-Nepw0k0y2nsdNm6rljSEzT8RXc&awbid_d=AKAmf-Dajv9A6s8QQ0SMjl6wlrnbypDlnayMa5aYRDMMs5cMhrWTPiKrH-XOhFwEAzY1-hCUbg-S2-g-qFgsXvAjs2P_Fs7ZfEn-6WOS32xuoCFlHzgWOJdwmXRDMzMKii5MeI_AW5WWgXZKHEpJwPld7wis6HAAaGXtTqwC6rC0T1cA3Rt6TeIUxFHhlkj6Pgzu0B5ihdwr-Psy6FK4OpDcBx_rGEihrLdy996SBaFdgfqo5V4SUtHDmoY7-SbddjnvXmtf5Lf4liKfzcW46XwAH0JVWXeLLLop__MaDEDak2e98kSde7orOs0uH-ITr7vTt6HSGoKtAZgScOtBFVJeP4GwkczJ3BbsBmrX9hACZ0w-CvbuiwSab0K0XMIwTxjc5esmOgilYN_TGqQ_YH429a4QRM7wjuxMQWH5ROkao0Co25g7mY13E4F8OA5RYtigCJU4LUF5-pV6KBUnlaP0zmD6rn_EqOqH12efTMojl6Y7I0iTyNczcK-dJSXdKbIPOezLRJRH5FIXDfWf-F5eacYlZDLShr6PcHRXPqH8I48ZPkqpL8zfRuyp7LtNxnfbfSvO4BOyqEdPZyT1xQFFeO7o9iLOc5579ak7NkD6e65w9QisP8MW8dABTDlUEio81zWnN2oahyb9WLYQD9wrbwEI2CZ6zjra6eXet4DNBjzyo5OtEGDwCs8SrNQpMxbjcssBvffxdKOvPweWZQajWcjEJN_MauhLltEyzM9NX05Elh_uLJYzHwe06PpEywouVNf3f5qpK43wvdpyHI0ELI2iofgdQyfx0U98DYwPe7rOoBHZ0b4&cid=CAASBORo-Zs&exk=1227658683&rfl=https%3A%2F%2Fsiakapkeli.my%2F&a_pr=13:YxByxwAAAAADL2M6Fnv_y1PdjmXtmB_3P8x2CQ

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e851345505ee432c9397d60e5d91929ab4e5921f75c91f359b0939a879304b7a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Thu, 01 Sep 2022 08:52:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44792
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1661945761880069"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 01 Sep 2022 08:52:23 GMT

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame F900
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

37ms
37ms

Document
text/html

2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/adfetch?adk=274594334&adsafe=medium&client=ca-pub-5722610347565274&format=300x250_as&ip=2001:1af8:4700::&output=html&unviewed_position_start=1&url=https://siakapkeli.my/2022/09/01/bersalah-kes-rasuah-projek-solar-rosmah-dipenjara-30-tahun-denda-rm970-juta&sub_client=bidder-341462&aceid=MKoDHwBQF7QAkWA0AbFrNAGbeDQBOXo0AWV6NAG8ezQBD3w0AU18NAGzfDQBGH00AR99NAFLfTQBaX00AYB9NAGHfTQBiH00AY19NAGWfTQBn300AaF9NAG4fTQBvH00AcN9NAHEfTQByn00AUtzQQFQc0EBRPUeAukdXAJYHlwC2x5cAt8eXAJi-4gCn0CqAidCqgI7WqoCX1uqAkx9qgLZjqoCgJuqAoGbqgKCm6oCoqiqAjC3qgK3vaoCGMWqAobNqgJ12qoCVd6qAqDlqgLX8aoCn_SqAj31qgLz9aoCafiqAib7qgJB-6oCv_-qAqYEqwL2BasCbAarAsQJqwILDasC2g2rAtoRqwIPFKsCaBarAoQXqwIDGasCTRmrAoQaqwLiGqsCgRurAoQbqwILHKsCLhyrAmIcqwLhHKsC6xyrAoAdqwJdHqsCgh6rAqAeqwLUHqsCBB-rAqAgqwLBIKsC4CCrAgoiqwJ5IqsCjCKrApIiqwKkIqsCDSOrAssjqwIiJKsCoCSrAs8kqwKdJasCqiarAhknqwJMJ6sCVCirAnAoqwLmKKsC6iirAhIpqwJpKasCfimrAo8pqwI7KqsC-yurAkgsqwJULqsCZi6rAiHtBQNUssUFj4qfDs-T-xJZtfsSzNH7EjPi-xLv7fsS7PP7Epn1-xJr-PsS2_r7Elf--xJmAPwSSgH8Ek8B_BK5AfwS7gH8EgYC_BKZAvwSwLByFFuf6hQNXDcXbRb3F_dWaxqJI8U5ANLrbg&awbid_c=AKAmf-A85k_qXGhs7JPfzYWZLzJxQ_MYuRdoyPFb4eUwIjeFyaExgdZ3TzMSEgL6n0Q6nygtFO1SOwcGi8A_PYMEX6cqCIz2FUo7rGi2UYs_co3BP9oqe6SiZzdjYYD0JUG8MtxsE8AauAZ5n40EMGslpNqV-Nepw0k0y2nsdNm6rljSEzT8RXc&awbid_d=AKAmf-Dajv9A6s8QQ0SMjl6wlrnbypDlnayMa5aYRDMMs5cMhrWTPiKrH-XOhFwEAzY1-hCUbg-S2-g-qFgsXvAjs2P_Fs7ZfEn-6WOS32xuoCFlHzgWOJdwmXRDMzMKii5MeI_AW5WWgXZKHEpJwPld7wis6HAAaGXtTqwC6rC0T1cA3Rt6TeIUxFHhlkj6Pgzu0B5ihdwr-Psy6FK4OpDcBx_rGEihrLdy996SBaFdgfqo5V4SUtHDmoY7-SbddjnvXmtf5Lf4liKfzcW46XwAH0JVWXeLLLop__MaDEDak2e98kSde7orOs0uH-ITr7vTt6HSGoKtAZgScOtBFVJeP4GwkczJ3BbsBmrX9hACZ0w-CvbuiwSab0K0XMIwTxjc5esmOgilYN_TGqQ_YH429a4QRM7wjuxMQWH5ROkao0Co25g7mY13E4F8OA5RYtigCJU4LUF5-pV6KBUnlaP0zmD6rn_EqOqH12efTMojl6Y7I0iTyNczcK-dJSXdKbIPOezLRJRH5FIXDfWf-F5eacYlZDLShr6PcHRXPqH8I48ZPkqpL8zfRuyp7LtNxnfbfSvO4BOyqEdPZyT1xQFFeO7o9iLOc5579ak7NkD6e65w9QisP8MW8dABTDlUEio81zWnN2oahyb9WLYQD9wrbwEI2CZ6zjra6eXet4DNBjzyo5OtEGDwCs8SrNQpMxbjcssBvffxdKOvPweWZQajWcjEJN_MauhLltEyzM9NX05Elh_uLJYzHwe06PpEywouVNf3f5qpK43wvdpyHI0ELI2iofgdQyfx0U98DYwPe7rOoBHZ0b4&cid=CAASBORo-Zs&exk=1227658683&rfl=https%3A%2F%2Fsiakapkeli.my%2F&a_pr=13:YxByxwAAAAADL2M6Fnv_y1PdjmXtmB_3P8x2CQ

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 01 Sep 2022 08:52:23 GMT
expires: Thu, 01 Sep 2022 08:52:23 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 01 Sep 2022 08:52:23 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 qs_click_protection.js Show response
tpc.googlesyndication.com/pagead/js/r20220829/r20110914/client/ Frame 618E 26 KB
10 KB 19ms
18ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220829/r20110914/client/qs_click_protection.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/adfetch?adk=274594334&adsafe=medium&client=ca-pub-5722610347565274&format=300x250_as&ip=2001:1af8:4700::&output=html&unviewed_position_start=1&url=https://siakapkeli.my/2022/09/01/bersalah-kes-rasuah-projek-solar-rosmah-dipenjara-30-tahun-denda-rm970-juta&sub_client=bidder-341462&aceid=MKoDHwBQF7QAkWA0AbFrNAGbeDQBOXo0AWV6NAG8ezQBD3w0AU18NAGzfDQBGH00AR99NAFLfTQBaX00AYB9NAGHfTQBiH00AY19NAGWfTQBn300AaF9NAG4fTQBvH00AcN9NAHEfTQByn00AUtzQQFQc0EBRPUeAukdXAJYHlwC2x5cAt8eXAJi-4gCn0CqAidCqgI7WqoCX1uqAkx9qgLZjqoCgJuqAoGbqgKCm6oCoqiqAjC3qgK3vaoCGMWqAobNqgJ12qoCVd6qAqDlqgLX8aoCn_SqAj31qgLz9aoCafiqAib7qgJB-6oCv_-qAqYEqwL2BasCbAarAsQJqwILDasC2g2rAtoRqwIPFKsCaBarAoQXqwIDGasCTRmrAoQaqwLiGqsCgRurAoQbqwILHKsCLhyrAmIcqwLhHKsC6xyrAoAdqwJdHqsCgh6rAqAeqwLUHqsCBB-rAqAgqwLBIKsC4CCrAgoiqwJ5IqsCjCKrApIiqwKkIqsCDSOrAssjqwIiJKsCoCSrAs8kqwKdJasCqiarAhknqwJMJ6sCVCirAnAoqwLmKKsC6iirAhIpqwJpKasCfimrAo8pqwI7KqsC-yurAkgsqwJULqsCZi6rAiHtBQNUssUFj4qfDs-T-xJZtfsSzNH7EjPi-xLv7fsS7PP7Epn1-xJr-PsS2_r7Elf--xJmAPwSSgH8Ek8B_BK5AfwS7gH8EgYC_BKZAvwSwLByFFuf6hQNXDcXbRb3F_dWaxqJI8U5ANLrbg&awbid_c=AKAmf-A85k_qXGhs7JPfzYWZLzJxQ_MYuRdoyPFb4eUwIjeFyaExgdZ3TzMSEgL6n0Q6nygtFO1SOwcGi8A_PYMEX6cqCIz2FUo7rGi2UYs_co3BP9oqe6SiZzdjYYD0JUG8MtxsE8AauAZ5n40EMGslpNqV-Nepw0k0y2nsdNm6rljSEzT8RXc&awbid_d=AKAmf-Dajv9A6s8QQ0SMjl6wlrnbypDlnayMa5aYRDMMs5cMhrWTPiKrH-XOhFwEAzY1-hCUbg-S2-g-qFgsXvAjs2P_Fs7ZfEn-6WOS32xuoCFlHzgWOJdwmXRDMzMKii5MeI_AW5WWgXZKHEpJwPld7wis6HAAaGXtTqwC6rC0T1cA3Rt6TeIUxFHhlkj6Pgzu0B5ihdwr-Psy6FK4OpDcBx_rGEihrLdy996SBaFdgfqo5V4SUtHDmoY7-SbddjnvXmtf5Lf4liKfzcW46XwAH0JVWXeLLLop__MaDEDak2e98kSde7orOs0uH-ITr7vTt6HSGoKtAZgScOtBFVJeP4GwkczJ3BbsBmrX9hACZ0w-CvbuiwSab0K0XMIwTxjc5esmOgilYN_TGqQ_YH429a4QRM7wjuxMQWH5ROkao0Co25g7mY13E4F8OA5RYtigCJU4LUF5-pV6KBUnlaP0zmD6rn_EqOqH12efTMojl6Y7I0iTyNczcK-dJSXdKbIPOezLRJRH5FIXDfWf-F5eacYlZDLShr6PcHRXPqH8I48ZPkqpL8zfRuyp7LtNxnfbfSvO4BOyqEdPZyT1xQFFeO7o9iLOc5579ak7NkD6e65w9QisP8MW8dABTDlUEio81zWnN2oahyb9WLYQD9wrbwEI2CZ6zjra6eXet4DNBjzyo5OtEGDwCs8SrNQpMxbjcssBvffxdKOvPweWZQajWcjEJN_MauhLltEyzM9NX05Elh_uLJYzHwe06PpEywouVNf3f5qpK43wvdpyHI0ELI2iofgdQyfx0U98DYwPe7rOoBHZ0b4&cid=CAASBORo-Zs&exk=1227658683&rfl=https%3A%2F%2Fsiakapkeli.my%2F&a_pr=13:YxByxwAAAAADL2M6Fnv_y1PdjmXtmB_3P8x2CQ

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f882756b47651b0f3e87b7031f4d98412c1f2b43fc6cfa900285b8d00a3d3c11

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Thu, 01 Sep 2022 08:49:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 144
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10270
x-xss-protection: 0
server: cafe
etag: 538911934249463863
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 15 Sep 2022 08:49:59 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 618E 0
0 28ms
28ms Image
text/html 2a00:1450:4001:802::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTtsQg07lbszSdpACa2xCl6w0MwEKn1aJ8VNYLNi__KeW_ljhStnCtkszv-n8LQeKCY7Rhsh1p3-SqwM6fxukaiYUy8QQ
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/adfetch?adk=274594334&adsafe=medium&client=ca-pub-5722610347565274&format=300x250_as&ip=2001:1af8:4700::&output=html&unviewed_position_start=1&url=https://siakapkeli.my/2022/09/01/bersalah-kes-rasuah-projek-solar-rosmah-dipenjara-30-tahun-denda-rm970-juta&sub_client=bidder-341462&aceid=MKoDHwBQF7QAkWA0AbFrNAGbeDQBOXo0AWV6NAG8ezQBD3w0AU18NAGzfDQBGH00AR99NAFLfTQBaX00AYB9NAGHfTQBiH00AY19NAGWfTQBn300AaF9NAG4fTQBvH00AcN9NAHEfTQByn00AUtzQQFQc0EBRPUeAukdXAJYHlwC2x5cAt8eXAJi-4gCn0CqAidCqgI7WqoCX1uqAkx9qgLZjqoCgJuqAoGbqgKCm6oCoqiqAjC3qgK3vaoCGMWqAobNqgJ12qoCVd6qAqDlqgLX8aoCn_SqAj31qgLz9aoCafiqAib7qgJB-6oCv_-qAqYEqwL2BasCbAarAsQJqwILDasC2g2rAtoRqwIPFKsCaBarAoQXqwIDGasCTRmrAoQaqwLiGqsCgRurAoQbqwILHKsCLhyrAmIcqwLhHKsC6xyrAoAdqwJdHqsCgh6rAqAeqwLUHqsCBB-rAqAgqwLBIKsC4CCrAgoiqwJ5IqsCjCKrApIiqwKkIqsCDSOrAssjqwIiJKsCoCSrAs8kqwKdJasCqiarAhknqwJMJ6sCVCirAnAoqwLmKKsC6iirAhIpqwJpKasCfimrAo8pqwI7KqsC-yurAkgsqwJULqsCZi6rAiHtBQNUssUFj4qfDs-T-xJZtfsSzNH7EjPi-xLv7fsS7PP7Epn1-xJr-PsS2_r7Elf--xJmAPwSSgH8Ek8B_BK5AfwS7gH8EgYC_BKZAvwSwLByFFuf6hQNXDcXbRb3F_dWaxqJI8U5ANLrbg&awbid_c=AKAmf-A85k_qXGhs7JPfzYWZLzJxQ_MYuRdoyPFb4eUwIjeFyaExgdZ3TzMSEgL6n0Q6nygtFO1SOwcGi8A_PYMEX6cqCIz2FUo7rGi2UYs_co3BP9oqe6SiZzdjYYD0JUG8MtxsE8AauAZ5n40EMGslpNqV-Nepw0k0y2nsdNm6rljSEzT8RXc&awbid_d=AKAmf-Dajv9A6s8QQ0SMjl6wlrnbypDlnayMa5aYRDMMs5cMhrWTPiKrH-XOhFwEAzY1-hCUbg-S2-g-qFgsXvAjs2P_Fs7ZfEn-6WOS32xuoCFlHzgWOJdwmXRDMzMKii5MeI_AW5WWgXZKHEpJwPld7wis6HAAaGXtTqwC6rC0T1cA3Rt6TeIUxFHhlkj6Pgzu0B5ihdwr-Psy6FK4OpDcBx_rGEihrLdy996SBaFdgfqo5V4SUtHDmoY7-SbddjnvXmtf5Lf4liKfzcW46XwAH0JVWXeLLLop__MaDEDak2e98kSde7orOs0uH-ITr7vTt6HSGoKtAZgScOtBFVJeP4GwkczJ3BbsBmrX9hACZ0w-CvbuiwSab0K0XMIwTxjc5esmOgilYN_TGqQ_YH429a4QRM7wjuxMQWH5ROkao0Co25g7mY13E4F8OA5RYtigCJU4LUF5-pV6KBUnlaP0zmD6rn_EqOqH12efTMojl6Y7I0iTyNczcK-dJSXdKbIPOezLRJRH5FIXDfWf-F5eacYlZDLShr6PcHRXPqH8I48ZPkqpL8zfRuyp7LtNxnfbfSvO4BOyqEdPZyT1xQFFeO7o9iLOc5579ak7NkD6e65w9QisP8MW8dABTDlUEio81zWnN2oahyb9WLYQD9wrbwEI2CZ6zjra6eXet4DNBjzyo5OtEGDwCs8SrNQpMxbjcssBvffxdKOvPweWZQajWcjEJN_MauhLltEyzM9NX05Elh_uLJYzHwe06PpEywouVNf3f5qpK43wvdpyHI0ELI2iofgdQyfx0U98DYwPe7rOoBHZ0b4&cid=CAASBORo-Zs&exk=1227658683&rfl=https%3A%2F%2Fsiakapkeli.my%2F&a_pr=13:YxByxwAAAAADL2M6Fnv_y1PdjmXtmB_3P8x2CQ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:802::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

GET
DATA 200
OK truncated
/ Frame 618E 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 77a306f8f3f1aab83a5b720fe853e6a812e25c291c43e7f1796e3fbd4ae73f56

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 btnS.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4017250493934934444/images/ Frame 2386 4 KB
4 KB 24ms
23ms Image
image/png 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4017250493934934444/images/btnS.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/adfetch?adk=274594334&adsafe=medium&client=ca-pub-5722610347565274&format=300x250_as&ip=2001:1af8:4700::&output=html&unviewed_position_start=1&url=https://siakapkeli.my/2022/09/01/bersalah-kes-rasuah-projek-solar-rosmah-dipenjara-30-tahun-denda-rm970-juta&sub_client=bidder-341462&aceid=MKoDHwBQF7QAkWA0AbFrNAGbeDQBOXo0AWV6NAG8ezQBD3w0AU18NAGzfDQBGH00AR99NAFLfTQBaX00AYB9NAGHfTQBiH00AY19NAGWfTQBn300AaF9NAG4fTQBvH00AcN9NAHEfTQByn00AUtzQQFQc0EBRPUeAukdXAJYHlwC2x5cAt8eXAJi-4gCn0CqAidCqgI7WqoCX1uqAkx9qgLZjqoCgJuqAoGbqgKCm6oCoqiqAjC3qgK3vaoCGMWqAobNqgJ12qoCVd6qAqDlqgLX8aoCn_SqAj31qgLz9aoCafiqAib7qgJB-6oCv_-qAqYEqwL2BasCbAarAsQJqwILDasC2g2rAtoRqwIPFKsCaBarAoQXqwIDGasCTRmrAoQaqwLiGqsCgRurAoQbqwILHKsCLhyrAmIcqwLhHKsC6xyrAoAdqwJdHqsCgh6rAqAeqwLUHqsCBB-rAqAgqwLBIKsC4CCrAgoiqwJ5IqsCjCKrApIiqwKkIqsCDSOrAssjqwIiJKsCoCSrAs8kqwKdJasCqiarAhknqwJMJ6sCVCirAnAoqwLmKKsC6iirAhIpqwJpKasCfimrAo8pqwI7KqsC-yurAkgsqwJULqsCZi6rAiHtBQNUssUFj4qfDs-T-xJZtfsSzNH7EjPi-xLv7fsS7PP7Epn1-xJr-PsS2_r7Elf--xJmAPwSSgH8Ek8B_BK5AfwS7gH8EgYC_BKZAvwSwLByFFuf6hQNXDcXbRb3F_dWaxqJI8U5ANLrbg&awbid_c=AKAmf-A85k_qXGhs7JPfzYWZLzJxQ_MYuRdoyPFb4eUwIjeFyaExgdZ3TzMSEgL6n0Q6nygtFO1SOwcGi8A_PYMEX6cqCIz2FUo7rGi2UYs_co3BP9oqe6SiZzdjYYD0JUG8MtxsE8AauAZ5n40EMGslpNqV-Nepw0k0y2nsdNm6rljSEzT8RXc&awbid_d=AKAmf-Dajv9A6s8QQ0SMjl6wlrnbypDlnayMa5aYRDMMs5cMhrWTPiKrH-XOhFwEAzY1-hCUbg-S2-g-qFgsXvAjs2P_Fs7ZfEn-6WOS32xuoCFlHzgWOJdwmXRDMzMKii5MeI_AW5WWgXZKHEpJwPld7wis6HAAaGXtTqwC6rC0T1cA3Rt6TeIUxFHhlkj6Pgzu0B5ihdwr-Psy6FK4OpDcBx_rGEihrLdy996SBaFdgfqo5V4SUtHDmoY7-SbddjnvXmtf5Lf4liKfzcW46XwAH0JVWXeLLLop__MaDEDak2e98kSde7orOs0uH-ITr7vTt6HSGoKtAZgScOtBFVJeP4GwkczJ3BbsBmrX9hACZ0w-CvbuiwSab0K0XMIwTxjc5esmOgilYN_TGqQ_YH429a4QRM7wjuxMQWH5ROkao0Co25g7mY13E4F8OA5RYtigCJU4LUF5-pV6KBUnlaP0zmD6rn_EqOqH12efTMojl6Y7I0iTyNczcK-dJSXdKbIPOezLRJRH5FIXDfWf-F5eacYlZDLShr6PcHRXPqH8I48ZPkqpL8zfRuyp7LtNxnfbfSvO4BOyqEdPZyT1xQFFeO7o9iLOc5579ak7NkD6e65w9QisP8MW8dABTDlUEio81zWnN2oahyb9WLYQD9wrbwEI2CZ6zjra6eXet4DNBjzyo5OtEGDwCs8SrNQpMxbjcssBvffxdKOvPweWZQajWcjEJN_MauhLltEyzM9NX05Elh_uLJYzHwe06PpEywouVNf3f5qpK43wvdpyHI0ELI2iofgdQyfx0U98DYwPe7rOoBHZ0b4&cid=CAASBORo-Zs&exk=1227658683&rfl=https%3A%2F%2Fsiakapkeli.my%2F&a_pr=13:YxByxwAAAAADL2M6Fnv_y1PdjmXtmB_3P8x2CQ

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2abe53bd69c5f6a053a8faa70ef1258c6f0e0f45d4d7cf8e8a901b7818b4f3cd

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 51316
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4228
x-xss-protection: 0
last-modified: Mon, 15 Aug 2022 12:35:50 GMT
server: sffe
date: Wed, 31 Aug 2022 18:37:07 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 31 Aug 2023 18:37:07 GMT

GET
H3 200 X5Wcp9Ugq7sZToVDu26YRTjm5OYazRuFrO0o8wz5lEo.js Show response
pagead2.googlesyndication.com/bg/ Frame 2386 36 KB
15 KB 23ms
23ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/X5Wcp9Ugq7sZToVDu26YRTjm5OYazRuFrO0o8wz5lEo.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5f959ca7d520abbb194e8543bb6e984538e6e4e61acd1b85aced28f30cf9944a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Thu, 01 Sep 2022 08:44:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 473
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15759
x-xss-protection: 0
last-modified: Mon, 22 Aug 2022 11:08:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 01 Sep 2023 08:44:30 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 9DF8 0
0 56ms
55ms Image
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20220829&jk=2055423113641017&bg=!FBelF1PNAAaXrHhMt6w7ACkAdvg8Wsk-eqw-UzJ9dDAnVy1p28Apz1RYS6bmeklB_EPhDwccnTyK9AIAAAB6UgAAAAFoAQeZAq00W0XKiDw9phiT0pzDbdkRbW8UgF2A87smyN1-1P5HQ5tB2ggBE8De4g8DGoqTm6uajKnCprUzR8PngRk66D2RDHQBYjiaXgcAVqRDzPpITXfJXcnlLnFWSuK7Dmhq1ZMwJo4JrmiK2uAVL1Ttg8HKDYyH24jc8PwJMSGFnz9BQOeZwgRPxgwWFlRqRzxT94pTBrEOUnNM2jYc28Q87orcCFHXOLJbQo9uU_bh0qFZKXPkyD5Wyv3jDSsVpw2D2FsLkS4KiZ8IXwVn0cQ4-WeTIcnw2VwsK0O9esMgcE1pJ9CnHgUPxd0TcYeAJefHCOf3UAExeLP1eD2JzPpNY0KUoGz6wUj-oRCo-1lA9RFAd4e_pLsDmVUSu4gM8RY8eRy7LSiLtPwt0iovO1yvOOIVUhC8VIrbq3_cHRkBxJyKSvkOFmbJULvGMUttErvyUmWVqKZhl5IgV7_bnP3ILLziUAAclMpA7FMWdXgJWoXJ1kmBq6Ey6PiuuEYYlvyVMrRtBQmX23bz8B4-HcQg9H48ernDYh86lX_jMdTRq9fpoW2dt8X3i2aPmcqngjXYTkoRWOcKj57PSRXjaWy3lDBwkKuaz-cMQL88LaOOIWtOxaau0WPQ2wtk197BACFAqBf4ceY0_efTMqO5DXi9LS8ElmALFGr6y4WJGrkZkMGi-joJlJuJTxcOJiTPj-CN2aBf3SdqWq4seincv4cvwbt7MkCWAZNdUYo7tDG8WNgIu3eS8TS1qXD2TDS8Ae0iQTU52HaqnereO3RJEN9FQdOqscDsEK-zJOenjzOUQGalVCLzkQGcChFtHX8lqQD8f3hczWGk3RaK9cyRqGQHtKPvQWO-6aP-HdB5x4sBQwqCAC0dXz6NBEZSnmiYVawNc1PCiCpoO3nrcvk-szFu
Requested by: Host: siakapkeli.my
URL: https://siakapkeli.my/2022/09/01/bersalah-kes-rasuah-projek-solar-rosmah-dipenjara-30-tahun-denda-rm970-juta/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://siakapkeli.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

GET
H3 200 cardboard.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4017250493934934444/images/ Frame 2386 33 KB
33 KB 20ms
20ms Image
image/png 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4017250493934934444/images/cardboard.png

Requested by

Host: f4f5f5dd83b6f4fca4ebb5cce3cd0739.safeframe.googlesyndication.com
URL: https://f4f5f5dd83b6f4fca4ebb5cce3cd0739.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

593546cc3cded8eb8597bd643918da046bc80efede459bdf477714cc492e50c0

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 51316
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 34100
x-xss-protection: 0
last-modified: Mon, 15 Aug 2022 12:35:50 GMT
server: sffe
date: Wed, 31 Aug 2022 18:37:07 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 31 Aug 2023 18:37:07 GMT

GET
H3 200 tov1.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4017250493934934444/images/ Frame 2386 10 KB
10 KB 21ms
20ms Image
image/png 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4017250493934934444/images/tov1.png

Requested by

Host: f4f5f5dd83b6f4fca4ebb5cce3cd0739.safeframe.googlesyndication.com
URL: https://f4f5f5dd83b6f4fca4ebb5cce3cd0739.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d59943dee71cbf4d72c369d91a616e376be27626e74dcfb698945734377e7fad

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 51316
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10223
x-xss-protection: 0
last-modified: Mon, 15 Aug 2022 12:35:50 GMT
server: sffe
date: Wed, 31 Aug 2022 18:37:07 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 31 Aug 2023 18:37:07 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 9DF8 42 B
64 B 55ms
55ms Fetch
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssblSsjbMqdpl-R56dg7_N-ptTht52rGriz9YmFEbx9R6tW8amD2KbXoZavxNoxHEr3Bwm3N16GutUbS938t_8Gkvkc1yMb6jQyjlfOGiXgsyFafTn5&sig=Cg0ArKJSzGG3hcMjSpE0EAE&id=lidar2&mcvt=1000&p=566,1035,766,1335&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20220831&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=19&adk=3069031006&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1662022342302&rpt=650&isd=0&lsd=0&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://siakapkeli.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 01 Sep 2022 08:52:23 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 tov2.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4017250493934934444/images/ Frame 2386 10 KB
10 KB 20ms
20ms Image
image/png 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4017250493934934444/images/tov2.png

Requested by

Host: f4f5f5dd83b6f4fca4ebb5cce3cd0739.safeframe.googlesyndication.com
URL: https://f4f5f5dd83b6f4fca4ebb5cce3cd0739.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8c1df6f09960add44f09f9c38af97175688526f1d264138627bf53ef3c427435

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 51316
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9801
x-xss-protection: 0
last-modified: Mon, 15 Aug 2022 12:35:50 GMT
server: sffe
date: Wed, 31 Aug 2022 18:37:07 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 31 Aug 2023 18:37:07 GMT

GET
H3 200 tov3.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4017250493934934444/images/ Frame 2386 13 KB
13 KB 20ms
20ms Image
image/png 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4017250493934934444/images/tov3.png

Requested by

Host: f4f5f5dd83b6f4fca4ebb5cce3cd0739.safeframe.googlesyndication.com
URL: https://f4f5f5dd83b6f4fca4ebb5cce3cd0739.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bea2b86a5809892051431395ffbffa6389e8cbc79c2c985fc8158f35bdfe3536

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 51317
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13159
x-xss-protection: 0
last-modified: Mon, 15 Aug 2022 12:35:50 GMT
server: sffe
date: Wed, 31 Aug 2022 18:37:07 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 31 Aug 2023 18:37:07 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 14 KB
11 KB 66ms
66ms XHR
application/json 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022082501&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022082501.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

216dc604d1b76e335179f91859f5e7520f716dfe5cf9c7d01972c6a10a460246

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://siakapkeli.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 01 Sep 2022 08:52:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10937
x-xss-protection: 0

GET
H2 200 6032.js Show response
go.trvdp.com/init/ 6 KB
6 KB 101ms
23ms Script
binary/octet-stream 143.204.215.42
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://go.trvdp.com/init/6032.js
Requested by: Host: cnt.trvdp.com
URL: https://cnt.trvdp.com/js/1273/6032.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.215.42 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-215-42.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 6cce90e944e79ff8a47eb85a04ab7d402cc873622cf6bf8cb1d2262a11cabf96

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://siakapkeli.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Thu, 26 May 2022 16:08:53 GMT
via: 1.1 e0064d0a2437e206ed082e1fa1cdae60.cloudfront.net (CloudFront)
last-modified: Sun, 01 May 2022 12:06:01 GMT
server: AmazonS3
age: 8441012
etag: "677f8a9e006845cd7da362db1cbd05ee"
x-cache: Hit from cloudfront
content-type: binary/octet-stream
x-amz-cf-pop: FRA53-C1
accept-ranges: bytes
content-length: 5845
x-amz-cf-id: vVC8awDWlhAHU8OYTwjwqReTx4gHy5UNCVBbrKtvrJbEu28ZhKXS7w==

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 37ms
37ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022082501.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://siakapkeli.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Thu, 01 Sep 2022 08:52:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 01 Sep 2022 08:52:24 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame EAC6 13 KB
5 KB 21ms
20ms Document
text/html 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://siakapkeli.my/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

accept-ranges: bytes
age: 2146
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 01 Sep 2022 08:16:38 GMT
expires: Fri, 01 Sep 2023 08:16:38 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 972D 783 B
535 B 30ms
29ms Document
text/html 2a00:1450:4001:802::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

1389e9b0188188798771a20ba0fd794e15c6983dc37ec2ea79eaf4956c5b00f6

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-GSwrbqGIpDC2ejasux6NUQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://siakapkeli.my/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 513
content-security-policy: script-src 'report-sample' 'nonce-GSwrbqGIpDC2ejasux6NUQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Thu, 01 Sep 2022 08:52:24 GMT
expires: Thu, 01 Sep 2022 08:52:24 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 X5Wcp9Ugq7sZToVDu26YRTjm5OYazRuFrO0o8wz5lEo.js Show response
pagead2.googlesyndication.com/bg/ Frame EAC6 36 KB
15 KB 19ms
19ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/X5Wcp9Ugq7sZToVDu26YRTjm5OYazRuFrO0o8wz5lEo.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5f959ca7d520abbb194e8543bb6e984538e6e4e61acd1b85aced28f30cf9944a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Thu, 01 Sep 2022 08:44:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 474
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15759
x-xss-protection: 0
last-modified: Mon, 22 Aug 2022 11:08:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 01 Sep 2023 08:44:30 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 972D 0
0 53ms
53ms Image
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022082501&jk=1972848161156677&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

GET
H2 200 p.php Show response
stg.truvidplayer.com/ 3 KB
2 KB 187ms
123ms XHR
application/json 143.204.215.89
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://stg.truvidplayer.com/p.php?sid=1273&wid=6032&cb=3110.1042056650717&pid=4168&url=https%3A%2F%2Fsiakapkeli.my%2F2022%2F09%2F01%2Fbersalah-kes-rasuah-projek-solar-rosmah-dipenjara-30-tahun-denda-rm970-juta%2F
Requested by: Host: go.trvdp.com
URL: https://go.trvdp.com/init/6032.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.215.89 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-215-89.fra53.r.cloudfront.net
Software: nginx /
Resource Hash: c8e05403731f038bb3f9b521c1b0d5176ace6449bbf76c8cb1b746d524625984

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://siakapkeli.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Thu, 01 Sep 2022 08:52:24 GMT
content-encoding: gzip
server: nginx
x-amz-cf-pop: FRA53-C1
x-cache: Miss from cloudfront
content-type: application/json
access-control-allow-origin: https://siakapkeli.my
access-control-allow-credentials: true
x-amz-cf-id: kGJrFL367o7ouotjr-ccm9eHUqvtLU2I13HbypKP1V_9_VjlBO-DTA==
via: 1.1 110641d379117242a91443ac729d6dee.cloudfront.net (CloudFront)

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame EAC6 0
12 B 19ms
19ms Image
text/plain 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?ATqrcw
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Thu, 01 Sep 2022 08:52:24 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H2 200 ins.js Show response
s.trvdp.com/scripts/v5.761/ 659 KB
196 KB 94ms
21ms Script
application/javascript 13.32.99.110
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.trvdp.com/scripts/v5.761/ins.js
Requested by: Host: go.trvdp.com
URL: https://go.trvdp.com/init/6032.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.99.110 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-99-110.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 2bd27a61f64c193e2b5d4a1b5408fb0ee1a21ab556f6c128d25c0515d4603413

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://siakapkeli.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Sun, 14 Aug 2022 07:12:42 GMT
content-encoding: gzip
last-modified: Thu, 07 Jul 2022 16:19:45 GMT
server: AmazonS3
age: 1561183
etag: W/"8286a07bcd2e7fe3f15dd3a949360e7b"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 c43915e0cad14ee7685e5f74a99ce93c.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P3
x-amz-cf-id: m8EQu24XvFhq-i4B7lBVQIJRXDONQuEVK9ls-8ZifCBWbfqvmzhFjQ==

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame E5CC 42 B
64 B 53ms
53ms Fetch
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssrrIEMXMvLO86RHJUi7BUBI-gDWQOYw3mDiHCujbqM3IdkivBTImA47EqfEH_XRxP9c2s-yX4x6-iwmzMB66XqvmWdfAKm16UTcO8pINAuhYbuy6Kn&sig=Cg0ArKJSzNhyfinL-pv_EAE&id=lidar2&mcvt=1001&p=1157,1599,1158,1600&mtos=1001,1001,1001,1001,1001&tos=1001,0,0,0,0&v=20220831&bin=7&avms=nio&bs=1600,1200&mc=1.08&vu=1&app=0&itpl=19&adk=1271496268&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1662022343098&rpt=405&isd=0&lsd=0&met=ce&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://siakapkeli.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 01 Sep 2022 08:52:24 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK cors Show response
data.ad-score.com/score/ 52 B
722 B 507ms
121ms XHR
text/plain 130.211.115.4
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://data.ad-score.com/score/cors?s=1&pid=1000032&tid=truvidTraffic&pub_domain=siakapkeli.my&l1=6032&l2=siakapkeli.my&l3=NL&l4=desktop&l5=5.761&cb=0.14644625431744185
Requested by: Host: s.trvdp.com
URL: https://s.trvdp.com/scripts/v5.761/ins.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 130.211.115.4 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 4.115.211.130.bc.googleusercontent.com
Software: /
Resource Hash: a3fb12e0586cb7710bc4ff3f906aa390cd18576b4d2a086389454e72c7f0b8df

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://siakapkeli.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 01 Sep 2022 08:52:25 GMT
Age: 0
Access-Control-Allow-Methods: GET,POST
P3p: CP="CURa ADMa DEVa TAIi PSAi PSDi IVAi IVDi CONi HISa TELi OUR IND DSP CAO COR"
Access-Control-Allow-Origin: https://siakapkeli.my
Cache-Control: post-check=0, pre-check=0, false, proxy-revalidate, no-cache, no-cache=Set-Cookie, no-store, must-revalidate, max-age=0, s-maxage=0
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/plain; charset=utf-8
Content-Length: 52

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 56ms
55ms Image
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2022082501&jk=1972848161156677&bg=!kpGlkdXNAAaXrHhMt6w7ACkAdvg8Wv_QonrPRvrS3eFMdUKUIt87km_C-NS6H16Qbifhzu8GSCr3PAIAAABYUgAAAANoAQcKAI075_YF1MZ6AfC0FXYSEZ0bsltFhjv9Xkm3w_cC0OaYXo5mhnL9ySFpbTnlIqLsrpslZEFVhb2i9ZRwuScJ2-qcKqfVoItuZOEOazFKgyunqaZphhtbwdbPHpQNZhng6-xMhmHlVtd62pru0geFTL5QFndxmUBZFtdzGnIAboMYRu4wiH1uosZsvl3vqe2ZAqmdtIg8-hSnR162t5h-np33oXJWRBf6vQuF3V1KXOKJdHlOxcvQ8ptaop11r677dCmmCCCA7jQqiX3HIY68_GpgIsBY1X1WP-rp0V8vXMSKu06hxuPOQgYYyY0SqGzLL73YVYLA55ryGTCc_s0nddafzSF4IKULebDrlDRcnyQlUbM5ZASVg56-ZFZavJ2JpHudE9XcUzc_z7bbQWbiwaiw1e3YTVBO4YeDorLXbY-BTR4a_V6t_n3PNDtixTRgWzjl5t4LTxMsWZpLH8pH6cWHmnUI9DDSK2QYDJuTJKInsmEwGsp3pqOgOXEohLlpDosJsgZnps4zxiBUooqiaBCoA8VUg6x0t8VlSz1T15CgqJtQrOpgwGeLuxBWFzXNoXlyXxRviRdXV8k2iKyCB_OW7EPyhRG2FRj-dN_1FUN13EuOJxR-_d1TcuT06bPf1Ns_7uDvZfX3tsRRB-KTKHc2lVOaPZ4bMsXOzFbhRg9JuC3p9YpVcMlEAPZDtEYWRkHnp1sC3_UqW0ATwyouqEoe0ViHn1sDZwAdjBYK4gwlY8Ikd45k0EVh2ID5OlU9RjVhrq3-XZ-XH8H-vojdt6J7gRjD--5fi4pnk4GwhdB3wqTkUZ5TcKD9KdxkaRMqUOK76u5850GXkjpJOsy5yGPq1bA4JxujqSKuQ2vmpzoJBxyqpfuka8mkiAg0ARSNbHtg6KZiJbuSjHTcwOyrPqYMNc01Zn7uxmZ6f63Uvmpsm5d3T7VwDkCcE-wy4gG30opbeJUJSfA4wE4Wtn8jYWF5AV4G1BqE1_4godsKftdx9hgYBzm_Fd-ViVYnxZnXk0D8_O9IJOUpZpEuQ2eDoUBIiH5WaBkqLQXPoQjjyroRPa8qtCNrwGNxtNMM2pd8jYEh4_WdW8vfs-U
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://siakapkeli.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

POST
H3 200 admin-ajax.php Show response
siakapkeli.my/wp-admin/ 1 B
633 B 701ms
700ms XHR
text/html 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://siakapkeli.my/wp-admin/admin-ajax.php

Requested by

Host: siakapkeli.my
URL: https://siakapkeli.my/wp-includes/js/jquery/jquery.min.js?ver=3.6.0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Accept: */*
Referer: https://siakapkeli.my/2022/09/01/bersalah-kes-rasuah-projek-solar-rosmah-dipenjara-30-tahun-denda-rm970-juta/
X-Requested-With: XMLHttpRequest
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Thu, 01 Sep 2022 08:52:26 GMT
via: 1.1 varnish (Varnish/5.2)
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 0
x-cache: MISS
content-type: text/html; charset=UTF-8
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
x-robots-tag: noindex
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Kwl%2BYqAbf17puE34lixYpYMKEBScBhWa91Bf92B5doqJuI3O%2B5U7hYcz64a4LqSrFg7kBIFswlZ%2Fa%2B5OZUroKeiw8BumaR3ekP9Sw3HirimUELULlKt67weEf37yAASTbs2o9U05M7N7ZSNR"}],"group":"cf-nel","max_age":604800}
x-varnish: 40147794
access-control-allow-origin: https://siakapkeli.my
cache-control: no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
cf-ray: 743cc50a6c159180-FRA
expires: Wed, 11 Jan 1984 05:00:00 GMT

GET
H2

200

sid Show response
mug.criteo.com/
Redirect Chain

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fsiakapkeli.my%2F&domain=siakapkeli.my&cw=1&pbt=1&lsw=1
https://mug.criteo.com/sid?cpp=ft5fnHw1U09mYUV3Y2pLakhHZDhRT3BnbXZhcUV4T0tZSGUxeUk3RlRzUEwrdXJ2UHIzRHBMd0RCNVFOMXBRR2ZPamgrNjhLNDVMalFabjVSZzkrMDVYeDh6czQzeHM0dUdDMkFJUUs3VzU3VE9TOTdxSjNRcFQ4SVNuSm...

408 B
683 B

28ms
27ms

XHR
application/json

178.250.0.157
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=ft5fnHw1U09mYUV3Y2pLakhHZDhRT3BnbXZhcUV4T0tZSGUxeUk3RlRzUEwrdXJ2UHIzRHBMd0RCNVFOMXBRR2ZPamgrNjhLNDVMalFabjVSZzkrMDVYeDh6czQzeHM0dUdDMkFJUUs3VzU3VE9TOTdxSjNRcFQ4SVNuSm14dUR0dHM5YkhxTysxeVNlU05CUG1kdkhWRHZadE9YUzB1dloydGdYVkNRR3UyREZ0WDZLTmNFSkgzKzlGNlVPYmQ0OERLTlovdWhvQko2MzVHZlhRWFVQYjRUZSt4RHFIRloxVmZSN1lLczBtcDdEVmwySlJ6dUZvbXRwL1FMN3h4RGJZUUkxcDBnOXlyelR1dUtYbTNSODBaT1EyZz09fA&cppv=2

Protocol

Server

178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

7b4c8198dde51dd3520ceb5f12c099b5e5347e5e204324ccaf46904f80d7f444

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://siakapkeli.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 01 Sep 2022 08:52:27 GMT
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: null
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 2588889
strict-transport-security: max-age=31536000; preload;
expires: 0

Redirect headers

pragma: no-cache
date: Thu, 01 Sep 2022 08:52:27 GMT
server: Kestrel
location: https://mug.criteo.com/sid?cpp=ft5fnHw1U09mYUV3Y2pLakhHZDhRT3BnbXZhcUV4T0tZSGUxeUk3RlRzUEwrdXJ2UHIzRHBMd0RCNVFOMXBRR2ZPamgrNjhLNDVMalFabjVSZzkrMDVYeDh6czQzeHM0dUdDMkFJUUs3VzU3VE9TOTdxSjNRcFQ4SVNuSm14dUR0dHM5YkhxTysxeVNlU05CUG1kdkhWRHZadE9YUzB1dloydGdYVkNRR3UyREZ0WDZLTmNFSkgzKzlGNlVPYmQ0OERLTlovdWhvQko2MzVHZlhRWFVQYjRUZSt4RHFIRloxVmZSN1lLczBtcDdEVmwySlJ6dUZvbXRwL1FMN3h4RGJZUUkxcDBnOXlyelR1dUtYbTNSODBaT1EyZz09fA&cppv=2
strict-transport-security: max-age=31536000; preload;
access-control-allow-methods: GET
access-control-allow-origin: https://siakapkeli.my
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 709755
content-length: 0
expires: 0

GET
H/1.1 200
OK ixmatch.html Show response
js-sec.indexww.com/um/ Frame A7BA 3 KB
2 KB 29ms
29ms Document
text/html 2.21.184.247
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://js-sec.indexww.com/um/ixmatch.html
Requested by: Host: anymind360.com
URL: https://anymind360.com/js/2939/prebid_2022_8_31_6_21_10.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.21.184.247 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-21-184-247.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb

Request headers

Referer: https://siakapkeli.my/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 1387
Content-Type: text/html; charset=UTF-8
Date: Thu, 01 Sep 2022 08:52:28 GMT
ETag: "e20015-b68-5e4a60c97afb7"
Last-Modified: Mon, 25 Jul 2022 19:18:30 GMT
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Server: Apache
Vary: Accept-Encoding

GET
H2 200 checksync.php Show response
contextual.media.net/ Frame 1666 23 KB
8 KB 143ms
98ms Document
text/html 2.18.235.93

General

Check archive.org

Show headers Download Go to

Full URL

https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU3VM41V&prvid=2034%2C2033%2C2030%2C233%2C2028%2C2027%2C159%2C2025%2C237%2C117%2C359%2C97%2C55%2C99%2C3012%2C3010%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C326%2C9%2C208%2C2055%2C3020%2C173%2C251%2C175%2C178%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C77%2C182%2C141%2C222%2C10000%2C228%2C80%2C108%2C229%2C109%2C307&itype=PREBID&purpose1=1&gdprconsent=0&gdpr=1&coppa=0&usp_status=0&usp_consent=1

Requested by

Host: anymind360.com
URL: https://anymind360.com/js/2939/prebid_2022_8_31_6_21_10.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.18.235.93 -, , ASN (),

Reverse DNS

Software

Apache /

Resource Hash

5ac431b785111551ec67b7c37f1743a5167995498849117b93e94a4b85b97de0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://siakapkeli.my/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

cache-control: max-age=172800
content-encoding: gzip
content-length: 8243
content-type: text/html; charset=UTF-8
date: Thu, 01 Sep 2022 08:52:28 GMT
expires: Sat, 03 Sep 2022 08:52:28 GMT
server: Apache
strict-transport-security: max-age=31536000
vary: Accept-Encoding
x-mnet-hl2: E

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame 7144 52 KB
17 KB 96ms
13ms Document
text/html 151.101.129.108

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html
Requested by: Host: anymind360.com
URL: https://anymind360.com/js/2939/prebid_2022_8_31_6_21_10.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.129.108 -, , ASN (),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer: https://siakapkeli.my/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Age: 14636
Cache-Control: max-age=86402
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 17053
Content-Type: text/html
Date: Thu, 01 Sep 2022 08:52:28 GMT
ETag: W/"623de86a-cf34"
Expires: Wed, 03 Aug 2022 04:41:10 GMT
Last-Modified: Fri, 25 Mar 2022 16:06:02 GMT
Server: nginx/1.18.0 (Ubuntu)
Vary: Accept-Encoding
Via: 1.1 varnish, 1.1 varnish
X-Cache: HIT, HIT
X-Cache-Hits: 1, 106634
X-Served-By: cache-lga21977-LGA, cache-ams21083-AMS
X-Timer: S1662022348.246157,VS0,VE0

GET
H/1.1 200
OK check.html Show response
biddr.brealtime.com/ Frame E0F4 926 B
1 KB 93ms
28ms Document
text/html 104.17.120.107

General

Check archive.org

Show headers Download Go to

Full URL: https://biddr.brealtime.com/check.html
Requested by: Host: anymind360.com
URL: https://anymind360.com/js/2939/prebid_2022_8_31_6_21_10.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.17.120.107 -, , ASN (),
Reverse DNS
Software: cloudflare /
Resource Hash: 868a78df4f3d0a21f89c48ccc709df44d3875f5fb33e22bf51ca8b5c28be4202

Request headers

Referer: https://siakapkeli.my/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

Age: 4417
CF-Cache-Status: HIT
CF-RAY: 743cc51c7998bb8b-FRA
Cache-Control: public, max-age=3600
Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html
Date: Thu, 01 Sep 2022 08:52:28 GMT
Expires: Thu, 01 Sep 2022 09:52:28 GMT
Last-Modified: Tue, 08 Sep 2020 13:51:51 GMT
Server: cloudflare
Transfer-Encoding: chunked
Vary: Accept-Encoding
x-amz-id-2: TZDfxO4uwORNUA/4irnRs9qqp9lI3eH+ruz8qqqAX5jBwgQ1rzgBbhsPKs2FgAnYzrbwWSW5JnM=
x-amz-request-id: 15DYQDFYDGXZWWWF

GET
H/1.1 200
OK usync.html Show response
eus.rubiconproject.com/ Frame E074 281 B
554 B 132ms
32ms Document
text/html 92.123.9.160

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html
Requested by: Host: anymind360.com
URL: https://anymind360.com/js/2939/prebid_2022_8_31_6_21_10.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 92.123.9.160 -, , ASN (),
Reverse DNS
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://siakapkeli.my/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Thu, 01 Sep 2022 08:52:28 GMT
ETag: "40014-119-5d32342a551c0"
Last-Modified: Tue, 14 Dec 2021 23:07:59 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

GET
H2 200 sync Show response
eb2.3lift.com/ Frame 245D 37 B
140 B 66ms
19ms Document
image/gif 13.248.245.213

General

Check archive.org

Show headers Download Go to

Full URL: https://eb2.3lift.com/sync?
Requested by: Host: anymind360.com
URL: https://anymind360.com/js/2939/prebid_2022_8_31_6_21_10.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.248.245.213 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer: https://siakapkeli.my/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

cache-control: no-cache, no-store, must-revalidate
content-length: 37
content-type: image/gif
date: Thu, 01 Sep 2022 08:52:28 GMT

GET
H2 200 user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame 0CCD 15 KB
6 KB 31ms
30ms Document
text/html 2.21.184.200
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158497
Requested by: Host: anymind360.com
URL: https://anymind360.com/js/2939/prebid_2022_8_31_6_21_10.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.21.184.200 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-21-184-200.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Referer: https://siakapkeli.my/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=134240
content-encoding: gzip
content-length: 5549
content-type: text/html; charset=UTF-8
date: Thu, 01 Sep 2022 08:52:28 GMT
etag: "1300708-3de4-5d6ef246ef4cf"
expires: Fri, 02 Sep 2022 22:09:48 GMT
last-modified: Tue, 01 Feb 2022 06:38:00 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: Apache
vary: Accept-Encoding

GET
H2 200 pd Show response
u.openx.net/w/1.0/ Frame 290F 0
80 B 59ms
19ms Document
text/html 35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://u.openx.net/w/1.0/pd
Requested by: Host: anymind360.com
URL: https://anymind360.com/js/2939/prebid_2022_8_31_6_21_10.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://siakapkeli.my/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: gzip
content-length: 20
content-type: text/html
date: Thu, 01 Sep 2022 08:52:28 GMT
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
via: 1.1 google

GET
H2 204 pixelSync
pixel-sync.sitescout.com/dmp/ 0
191 B 164ms
28ms Image
text/plain 66.155.71.149

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel-sync.sitescout.com/dmp/pixelSync?nid=120&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fa.vidoomy.com%2Fapi%2Frtbserver%2Fcookie%3Fi%3DCEN%26uid%3D%7BuserId%7D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 66.155.71.149 -, , ASN (),
Reverse DNS
Software: AC1.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://siakapkeli.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 01 Sep 2022 08:52:27 GMT
cache-control: max-age=0,no-cache,no-store
server: AC1.1
p3p: CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
expires: Tue, 11 Oct 1977 12:34:56 GMT

GET
H2

200

setuid
a-prebid.vidoomy.com/
Redirect Chain

https://ups.analytics.yahoo.com/ups/58531/occ?gdpr=0&gdpr_consent=
https://a-prebid.vidoomy.com/setuid?bidder=verizonmedia&uid=y-.zDuPA9E2uEKD0_Lhev2UUlEBPcCvyrMCE1AY7s-~A&gdpr=0&gdpr_consent=

0
549 B

19ms
19ms

Image
text/plain

3.68.178.222
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a-prebid.vidoomy.com/setuid?bidder=verizonmedia&uid=y-.zDuPA9E2uEKD0_Lhev2UUlEBPcCvyrMCE1AY7s-~A&gdpr=0&gdpr_consent=
Protocol: H2
Server: 3.68.178.222 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-68-178-222.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://siakapkeli.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 01 Sep 2022 08:52:28 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
vary: Accept-Encoding, Origin
expires: 0

Redirect headers

location: https://a-prebid.vidoomy.com/setuid?bidder=verizonmedia&uid=y-.zDuPA9E2uEKD0_Lhev2UUlEBPcCvyrMCE1AY7s-~A&gdpr=0&gdpr_consent=
date: Thu, 01 Sep 2022 08:52:28 GMT
server: ATS/9.1.10.25
age: 0
content-length: 0
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2 200 cookie
cm.adform.net/ 43 B
106 B 159ms
25ms Image
image/gif 37.157.3.28

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.adform.net/cookie?redirect_url=https%3A%2F%2Fa-prebid.vidoomy.com%2Fsetuid%3Fbidder%3Dadf%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%24UID
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.3.28 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://siakapkeli.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Thu, 01 Sep 2022 08:52:28 GMT
server: nginx
content-length: 43
content-type: image/gif

GET
H2

200

setuid
a-prebid.vidoomy.com/
Redirect Chain

https://ib.adnxs.com/getuid?https%3A%2F%2Fa-prebid.vidoomy.com%2Fsetuid%3Fbidder%3Dadnxs%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%24UID
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fa-prebid.vidoomy.com%252Fsetuid%253Fbidder%253Dadnxs%2526gdpr%253D0%2526gdpr_consent%253D%2526uid%253D%2524UID
https://a-prebid.vidoomy.com/setuid?bidder=adnxs&gdpr=0&gdpr_consent=&uid=5666057463092414965

0
427 B

84ms
18ms

Image
text/plain

3.68.178.222
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a-prebid.vidoomy.com/setuid?bidder=adnxs&gdpr=0&gdpr_consent=&uid=5666057463092414965
Protocol: H2
Server: 3.68.178.222 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-68-178-222.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://siakapkeli.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 01 Sep 2022 08:52:28 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
vary: Accept-Encoding, Origin
expires: 0

Redirect headers

Pragma: no-cache
Date: Thu, 01 Sep 2022 08:52:28 GMT
X-Proxy-Origin: 5.79.98.38; 5.79.98.38; 691.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid: ca61673a-148d-4781-85e1-1cb038e14cc3
Server: nginx/1.21.3
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://a-prebid.vidoomy.com/setuid?bidder=adnxs&gdpr=0&gdpr_consent=&uid=5666057463092414965
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

cookie
a.vidoomy.com/api/rtbserver/
Redirect Chain

https://x.bidswitch.net/sync?ssp=vidoomy
https://ads.betweendigital.com/match?bidder_id=43092&gdpr=&consent=&callback_url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D429%26user_id%3D%24%7BUSER_ID%7D%26ssp%3Dvidoomy%26expires%3D30%26us...
https://ads.betweendigital.com/match?bidder_id=43092&gdpr=&consent=&callback_url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D429%26user_id%3D%24%7BUSER_ID%7D%26ssp%3Dvidoomy%26expires%3D30%26us...
https://x.bidswitch.net/sync?dsp_id=429&user_id=acd962df-4f23-52f4-a6ac-352bc5bc47e7&ssp=vidoomy&expires=30&user_group=1&gdpr=&gdpr_consent=
https://a.vidoomy.com/api/rtbserver/cookie?i=BS&uid=4e95aa47-ce15-485c-8bb8-6e24c61a4fe2

43 B
331 B

28ms
22ms

Image
image/gif

3.68.178.222
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.vidoomy.com/api/rtbserver/cookie?i=BS&uid=4e95aa47-ce15-485c-8bb8-6e24c61a4fe2
Protocol: H2
Server: 3.68.178.222 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-68-178-222.eu-central-1.compute.amazonaws.com
Software: fasthttp /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://siakapkeli.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Thu, 01 Sep 2022 08:52:28 GMT
content-encoding: none
server: fasthttp
content-length: 43
vary: Origin
content-type: image/gif

Redirect headers

Location: //a.vidoomy.com/api/rtbserver/cookie?i=BS&uid=4e95aa47-ce15-485c-8bb8-6e24c61a4fe2
Date: Thu, 01 Sep 2022 08:52:28 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 0

OPTIONS
H2 200 json
gum.criteo.com/sid/ Frame 0
0 74ms
27ms Preflight
application/json 2a02:2638::1c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fsiakapkeli.my%2F&domain=siakapkeli.my&cw=1&pbt=1&lsw=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://siakapkeli.my
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET
access-control-allow-origin: https://siakapkeli.my
cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
content-type: application/json; charset=utf-8
date: Thu, 01 Sep 2022 08:52:27 GMT
expires: 0
pragma: no-cache
server: Kestrel
server-processing-duration-in-ticks: 500589
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

OPTIONS
H2 200 sid
mug.criteo.com/ Frame 0
0 71ms
24ms Preflight
application/json 178.250.0.157
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: null
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET
access-control-allow-origin: null
cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
content-type: application/json; charset=utf-8
date: Thu, 01 Sep 2022 08:52:27 GMT
expires: 0
pragma: no-cache
server: Kestrel
server-processing-duration-in-ticks: 525576
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H3 200 usermatch Show response
ssum-sec.casalemedia.com/ Frame D829 2 KB
2 KB 43ms
42ms Document
text/html 104.18.18.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fsiakapkeli.my%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Requested by: Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e5fe4978879adfdef67b41585d5c45479529832d164dec883813b4bea698f6d0

Request headers

Referer: https://js-sec.indexww.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-cache
cf-cache-status: DYNAMIC
cf-ray: 743cc51c5da8bb41-FRA
content-encoding: br
content-type: text/html
date: Thu, 01 Sep 2022 08:52:28 GMT
dropped-udsids: 4|3|206|65|11|5|46|218
expires: 0
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8OKFH0bCvlaH8pTxLkaB8Kf8e%2FkhewWS6c0PfitnsgnhAVjKULtx0Qsh720nBXA1a66whGre7AiEWIPkflQCpCqQp%2FNZI6dIGgR3TScjXX%2Fw8btH1pdcgbYbqHi8Sni0uyyP4vmIkOixEw%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Is-Traffic-Usersync, Accept-Encoding

GET
H2 200 PugMaster Show response
image6.pubmatic.com/AdServer/ Frame 0CCD 0
39 B 18ms
18ms Script
text/plain 185.64.190.78
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=66423979&p=158497&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158497
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Thu, 01 Sep 2022 08:52:27 GMT
content-length: 0

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame D829
Redirect Chain

https://ad.turn.com/r/cs?pid=21&gdpr=1
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=7347147593828597803

43 B
845 B

39ms
39ms

Image
image/gif

104.18.18.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=7347147593828597803
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fsiakapkeli.my%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol: H3
Server: 104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

cf-ray: 743cc51d2f4d5c85-FRA
pragma: no-cache
date: Thu, 01 Sep 2022 08:52:28 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GiLSZsJSE1nGW9hjY2YCPdaPMb4hRlmwTKyWclQ%2FE4xjiRLlEQwfwnfUKVy0aoFdRRzqxi5FMbnNrLadJ6SurM5sytWyLPGvbPoBV3CMOGlhOKBFV%2FL7XT9%2B4%2Bfgl832IqY31D00gV0Iww%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control: no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=7347147593828597803
pragma: no-cache
date: Thu, 01 Sep 2022 08:52:27 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 0
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

GET
H3

200

crum
dsum-sec.casalemedia.com/ Frame D829
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=15&redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D3%26external_user_id%3D%5BMM_UUID%5D&gdpr=1
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=61bd6310-72c7-4e00-bb71-3720587fcbba&gdpr=1&gdpr_consent=

43 B
842 B

43ms
43ms

Image
image/gif

104.18.18.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=61bd6310-72c7-4e00-bb71-3720587fcbba&gdpr=1&gdpr_consent=
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fsiakapkeli.my%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol: H3
Server: 104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

cf-ray: 743cc51df8b65c85-FRA
pragma: no-cache
date: Thu, 01 Sep 2022 08:52:28 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=giFqRgN6OU5HUqBs28JMsPH5yHJbAEWZlPJY9jmcvkLrxNHJoVXy9BLAqZi67NOmtivVVRE%2FvTrbp1CyLuzFXZdhkgdhN02jkpswWn%2BQ9YiA04PClpRJpxJ2ZYPrLotdr1tqrbpQhnpeGg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control: no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

Date: Thu, 01 Sep 2022 08:52:28 GMT
Server: MT3 4505 5b23575 master hkg-pixel-x17 config:1.0.0
Access-Control-Allow-Origin: *
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=61bd6310-72c7-4e00-bb71-3720587fcbba&gdpr=1&gdpr_consent=
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=360
Content-Length: 0
Expires: Thu, 01 Sep 2022 08:52:27 GMT

GET
H2 204 sync
ups.analytics.yahoo.com/ups/55940/ Frame D829 0
15 B 23ms
21ms Image
text/plain 3.126.56.137

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=YxByx5XL2mcMcYgGF8NJTAAABIwAAAAB&gdpr_consent=&us_privacy=&gdpr=1

Requested by

Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fsiakapkeli.my%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

3.126.56.137 -, , ASN (),

Reverse DNS

Software

ATS/9.1.10.25 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Thu, 01 Sep 2022 08:52:28 GMT
server: ATS/9.1.10.25
age: 0
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2

200

rum
dsum.casalemedia.com/ Frame D829
Redirect Chain

https://casale-match.dotomi.com/match/bounce/current?networkId=19998&version=1&gdpr=1
https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1662108748&gdpr=1

43 B
870 B

104ms
38ms

Image
image/gif

104.18.18.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1662108748&gdpr=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fsiakapkeli.my%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol: H2
Server: 104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

cf-ray: 743cc51d796dbbf8-FRA
pragma: no-cache
date: Thu, 01 Sep 2022 08:52:28 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Qnyhlc7CgVyxT3RRmprLegYLzq0ZkG3Pd1ikOQcBkXjo09BYqb0wpR55y4qqvzkL3xXpq2w8gMoSVUcdzKmthmqALfxHe%2BRF03jbK6rL1BQm7%2B2QShNSAM1q8CiGjrXxs4FvfOiq"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control: no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

location: https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1662108748&gdpr=1
pragma: no-cache
date: Thu, 01 Sep 2022 08:52:28 GMT
cache-control: no-cache, private, max-age=0, no-store
server: nginx
content-length: 0
expires: 0

GET
H3

200

crum
dsum-sec.casalemedia.com/ Frame D829
Redirect Chain

https://euexchangesync.digitaleast.mobi/usersync/index.gif?us_privacy=&gdpr=1&gdpr_consent=
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=11&external_user_id=bb59b381-cb1b-4d7c-9ff4-7cf41f9b07c5

43 B
845 B

42ms
41ms

Image
image/gif

104.18.18.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=11&external_user_id=bb59b381-cb1b-4d7c-9ff4-7cf41f9b07c5
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fsiakapkeli.my%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol: H3
Server: 104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

cf-ray: 743cc51d1f1a5c85-FRA
pragma: no-cache
date: Thu, 01 Sep 2022 08:52:28 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Tc3WFANCWqGHm22X7Ls1Txm6q2WM90jDJjlrQ4M4aF0E7Pp6lWs%2BV88SDASq8pLwUroQ9T0z0DRZATKxLNc4bWS6w9UwGz5khhpmq1dG%2FGKY44IuO%2F%2B4FOabl9CXejEXPTumJVK10zu6Lw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control: no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=11&external_user_id=bb59b381-cb1b-4d7c-9ff4-7cf41f9b07c5
date: Thu, 01 Sep 2022 08:52:28 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 131
content-type: text/html; charset=utf-8

GET
H2 200 ix
ad4m.at/ad/sim/ Frame D829 0
0 87ms
29ms Image
text/html 2606:4700:20::681a:ad1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad4m.at/ad/sim/ix?gdpr=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fsiakapkeli.my%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

GET
H/1.1 400
Request failed due to privacy signals getuid
secure.adnxs.com/ Frame D829 0
0 88ms
49ms Image
text/html 37.252.172.123
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID&gdpr=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fsiakapkeli.my%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 37.252.172.123 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS: 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

GET
H/1.1 200
OK ibs:dpid=23728&dpuuid=YxByx5XL2mcMcYgGF8NJTAAA%261164
dpm.demdex.net/ Frame D829 0
0 190ms
31ms Image
application/json 54.77.35.16

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dpm.demdex.net/ibs:dpid=23728&dpuuid=YxByx5XL2mcMcYgGF8NJTAAA%261164?gdpr_consent=&us_privacy=&gdpr=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fsiakapkeli.my%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.77.35.16 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

GET
H2 200 htw-pixel.gif
cdn.indexww.com/ht/ Frame D829 43 B
352 B 89ms
27ms Image
image/gif 2606:4700::6812:d4c

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.indexww.com/ht/htw-pixel.gif?YxByx5XL2mcMcYgGF8NJTAAA%261164
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fsiakapkeli.my%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:d4c -, , ASN (),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

cf-ray: 743cc51d2cee6940-FRA
date: Thu, 01 Sep 2022 08:52:28 GMT
cf-cache-status: HIT
last-modified: Tue, 24 Jan 2017 19:36:04 GMT
server: cloudflare
age: 199
etag: "da1f1d-2b-546dc3a097100"
vary: Accept-Encoding
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
edge-control: cache-maxage=1h
cache-control: public, max-age=14400
accept-ranges: bytes
content-type: image/gif
content-length: 43
expires: Thu, 01 Sep 2022 12:52:28 GMT

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame 7144 0
737 B 21ms
21ms Script
text/html 37.252.172.37
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.37 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

691.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 01 Sep 2022 08:52:28 GMT
X-Proxy-Origin: 5.79.98.38; 5.79.98.38; 691.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid: 6bfb70a3-822a-423b-8709-1a71cccdaf6a
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame E074 31 KB
10 KB 33ms
33ms Script
text/html 92.123.9.160

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 92.123.9.160 -, , ASN (),
Reverse DNS
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: bbe8560826479959291cf70d3080f513bd35cc48126cf13dd43f6ffcec28907d

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://eus.rubiconproject.com/usync.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Date: Thu, 01 Sep 2022 08:52:28 GMT
Content-Encoding: gzip
Last-Modified: Wed, 24 Aug 2022 20:46:19 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=49167
Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Content-Length: 9378
Expires: Thu, 01 Sep 2022 22:31:55 GMT

GET
H2

200

setuid
px.ads.linkedin.com/ Frame E074
Redirect Chain

https://token.rubiconproject.com/token?pid=36584
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=L7IT6UAV-1Z-44J4

0
707 B

147ms
116ms

Image
text/plain

2620:1ec:21::14

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=L7IT6UAV-1Z-44J4
Protocol: H2
Server: 2620:1ec:21::14 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Thu, 01 Sep 2022 08:52:28 GMT
x-li-pop: afd-prod-lva1-x
x-msedge-ref: Ref A: E1FB842B09904D03AF981CA7424B751B Ref B: AMBEDGE0806 Ref C: 2022-09-01T08:52:28Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-lva1
x-li-proto: http/2
content-length: 0
x-li-uuid: AAXnmbuyqNhsHQlkUNi1FQ==

Redirect headers

Location: https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=L7IT6UAV-1Z-44J4
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 66ef90d06496cfd000aab8206f2b6221
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1

204
No Content

tap.php
pixel.rubiconproject.com/ Frame E074
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEKnfuJF9c936HsrR8_Xc648&google_cver=1

0
239 B

21ms
21ms

Image
image/gif

69.173.144.139
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEKnfuJF9c936HsrR8_Xc648&google_cver=1
Protocol: HTTP/1.1
Server: 69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost: 78e3bdce5107450057bade54d54a0a7e
Content-Type: image/gif

Redirect headers

pragma: no-cache
date: Thu, 01 Sep 2022 08:52:28 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEKnfuJF9c936HsrR8_Xc648&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 326
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame E074
Redirect Chain

https://token.rubiconproject.com/token?pid=2249&pt=n
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=Y2IzYTJkNWM3YzdmODUwODQ4N2Y4OGRlNDU4MTRhYjM3NmQwY2Y5OQ

170 B
188 B

31ms
30ms

Image
image/png

142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=Y2IzYTJkNWM3YzdmODUwODQ4N2Y4OGRlNDU4MTRhYjM3NmQwY2Y5OQ

Protocol

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 01 Sep 2022 08:52:28 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=Y2IzYTJkNWM3YzdmODUwODQ4N2Y4OGRlNDU4MTRhYjM3NmQwY2Y5OQ
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 66ef90d06496cfd000aab8206f2b6221
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2 200 rubicon
match.adsrvr.org/track/cmf/ Frame E074 70 B
264 B 30ms
29ms Image
image/gif 52.223.40.198
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/rubicon
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 01 Sep 2022 08:52:28 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame E074
Redirect Chain

https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=
https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&dcc=t
https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=XuAW8FjmQFuV4970zHWasA&rk=usync-na
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=XuAW8FjmQFuV4970zHWasA

43 B
556 B

108ms
108ms

Image
image/gif

52.46.128.147
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=XuAW8FjmQFuV4970zHWasA

Protocol

HTTP/1.1

Server

52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 01 Sep 2022 08:52:28 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: ABGD308N8NBXR41F5PBX
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location: https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=XuAW8FjmQFuV4970zHWasA
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 78e3bdce5107450057bade54d54a0a7e
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame E074
Redirect Chain

https://token.rubiconproject.com/token?pid=25470
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDdJVDZVQVYtMVotNDRKNA==

170 B
188 B

30ms
30ms

Image
image/png

142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDdJVDZVQVYtMVotNDRKNA==

Protocol

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 01 Sep 2022 08:52:28 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDdJVDZVQVYtMVotNDRKNA==
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 66ef90d06496cfd000aab8206f2b6221
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2

204

v1
ads.yahoo.com/cms/ Frame E074
Redirect Chain

https://token.rubiconproject.com/token?pid=26594
https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=L7IT6UAV-1Z-44J4&sigv=1&esig=2~7b482eb8afb99c3736911520fd5e481724c9ddb9

0
194 B

263ms
30ms

Image
text/plain

2a00:1288:f03d:1fa::4000

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=L7IT6UAV-1Z-44J4&sigv=1&esig=2~7b482eb8afb99c3736911520fd5e481724c9ddb9

Protocol

Server

2a00:1288:f03d:1fa::4000 -, , ASN (),

Reverse DNS

Software

ATS /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Thu, 01 Sep 2022 08:52:28 GMT
cache-control: no-store
x-content-type-options: nosniff
server: ATS
strict-transport-security: max-age=15552000
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-xss-protection: 1; mode=block

Redirect headers

Location: https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=L7IT6UAV-1Z-44J4&sigv=1&esig=2~7b482eb8afb99c3736911520fd5e481724c9ddb9
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 8f052d4f888ae4e0626c5f819879cacd
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2 451 709414.gif
id.rlcdn.com/ Frame E074 0
98 B 60ms
19ms Image
text/plain 35.244.174.68

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://id.rlcdn.com/709414.gif
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.174.68 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Thu, 01 Sep 2022 08:52:28 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

Verdicts & Comments Add Verdict or Comment

239 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

47 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.siakapkeli.my/	1970-01-20 15:16:22	Name: _ga_XYKC64V3NY Value: GS1.1.1662022341.1.0.1662022341.0.0.0
.siakapkeli.my/	1970-01-20 15:16:22	Name: _ga Value: GA1.2.802209565.1662022341
.siakapkeli.my/	1970-01-20 05:41:48	Name: _gid Value: GA1.2.87149817.1662022341
.siakapkeli.my/	1970-01-20 05:40:22	Name: _gat_gtag_UA_62716246_1 Value: 1
siakapkeli.my/	1970-01-20 06:23:34	Name: _pbjs_userid_consent_data Value: 3524755945110770
.siakapkeli.my/	1970-01-20 09:59:34	Name: _pubcid Value: e0a20a3d-72d2-4ce4-b620-542e71b2e460
.rubiconproject.com/	1970-01-20 14:25:58	Name: khaos Value: L7IT6UAV-1Z-44J4
.rubiconproject.com/	1970-01-20 14:25:58	Name: audit Value: 1\|hLZGFuTafB0UcQTDqncUs+XUadRsMXL7tE4q61KpmVno7MnwgGVQkC+aC62QLunFLYZCvcXU+1w+YlvmjJDClTm05Xhm+qskudG7ymXM6VE=
xhr.invl.co/	1970-01-20 05:50:27	Name: AWSALBCORS Value: b2QLDvJ+Yds8e8W0xCI0+wLXlrm/ykEn0cP5k+pb51EQJa8lkKOu5cw0GXpBQRQ7S/V58I6bfXnIUPbnx3dn41rtfnn58MWYOo6xEw9ckYjL+OYPr9RSgBQF5uUk
.siakapkeli.my/	1970-01-20 05:40:24	Name: __cf_bm Value: QeZiVjVpRnNPPCXhOFa00ZrJh2oTCtdfme3qn0aby6o-1662022342-0-AdOVA7sfcsZx/jrnM/wj9Kmb93HQJ8NNLM723I5xMhnnTkZnIDGK/rEfs3ipoO6mpJLJRpG2+OUI9WATVuxe0pqPajwyqky/4y4IgrX+lFmpxgVPhVcIFi7eL+Vr6SACbA==
.openx.net/	1970-01-20 14:25:58	Name: i Value: 337c43a1-4904-45aa-9bc0-6caf03e53881\|1662022342
.siakapkeli.my/	1970-01-20 15:01:58	Name: __gads Value: ID=c108e6c32e8016f8:T=1662022341:S=ALNI_MbvA96QnRpp3aWnQj571EL-axQ2Rw
.casalemedia.com/	1970-01-20 14:25:58	Name: CMID Value: YxByx5XL2mcMcYgGF8NJTAAA
.casalemedia.com/	1970-01-20 07:49:58	Name: CMPS Value: 1193
.simpli.fi/	1970-01-20 14:27:24	Name: suid Value: 64342DA3D38D434C8677AD4BD0B0B9A2
.adfarm1.adition.com/	1970-01-20 07:49:58	Name: UserID1 Value: 7138331608409176218
.casalemedia.com/	1970-01-20 07:49:58	Name: CMPRO Value: 1164
.casalemedia.com/	1970-01-20 05:41:48	Name: CMST Value: YxByx2MQcscA
.bidswitch.net/	1970-01-20 14:25:58	Name: tuuid Value: 4e95aa47-ce15-485c-8bb8-6e24c61a4fe2
.bidswitch.net/	1970-01-20 14:25:58	Name: c Value: 1662022343
.bidswitch.net/	1970-01-20 14:25:58	Name: tuuid_lu Value: 1662022343
.owneriq.net/	1970-01-20 15:16:22	Name: si Value: Q7153087431397151257
.owneriq.net/	1970-01-20 05:54:46	Name: p2 Value: cc
.doubleclick.net/	1970-01-20 15:01:58	Name: IDE Value: AHWqTUmDy0OZtaJa3ZrxAr22VJPLoyf5uiO__FcHViEUAIhUqjXMaAhocKBBZUjSnco
siakapkeli.my/	1970-01-20 07:06:46	Name: pubmatic-unifiedid Value: %7B%22TDID_LOOKUP%22%3A%22FALSE%22%2C%22TDID_CREATED_AT%22%3A%222022-09-01T08%3A52%3A23%22%7D
.sportradarserving.com/	1970-01-20 14:25:58	Name: zuuid Value: e69840d1-1323-4893-87bb-45b05989e19f
.sportradarserving.com/	1970-01-20 14:25:58	Name: c Value: 1662022343
.sportradarserving.com/	1970-01-20 14:25:58	Name: zuuid_lu Value: 1662022343
.sportradarserving.com/	1970-01-20 14:25:58	Name: zuuid_k Value: 1
.sportradarserving.com/	1970-01-20 14:25:58	Name: zuuid_k_lu Value: 1662022343
.casalemedia.com/	1970-01-20 14:25:58	Name: CMRUM3 Value: 9c631072c705a00&82631072c7a8c0&2d631072c705a0CAESEExsIPodXmcI9sPh7G-4d6c&c3631072c705a00&2e631072c705a0&69631072c705a00&f1631072c705a0&11631072c705a0&1f631072c705a00&39631072c705a0&49631072c705a0&27631072c70b40&29631072c705a0&e6631072c72760&0d631072c705a0&58631072c705a0
.quantserve.com/	1970-01-20 07:49:58	Name: d Value: EEEBCQH_JoEA
.quantserve.com/	1970-01-20 15:10:36	Name: mc Value: 631072c7-85518-866c2-4c0db
.criteo.com/	1970-01-20 15:01:58	Name: uid Value: 9df297c3-f04c-4087-8b85-31aab90a694b
.w55c.net/	1970-01-20 15:09:10	Name: wfivefivec Value: gnNdK9Hf1OtFVZ5
.w55c.net/	1970-01-20 06:23:34	Name: matchgoogle Value: 5
.rfihub.com/	1970-01-20 15:01:58	Name: rud Value: H4sIAAAAAAAA_-MSNjU0MDcxNrYwMjG2tDQ2MDM2MBbiM9QNyA4sdw1KK_PNDM4DAIqTa78lAAAA
.rfihub.com/	1969-12-31 23:59:59	Name: ruds Value: H4sIAAAAAAAA_-MSNjU0MDcxNrYwMjG2tDQ2MDM2MBbiM9QNyA4sdw1KK_PNDM4DAIqTa78lAAAA
.rfihub.com/	1970-01-20 15:01:58	Name: eud Value: H4sIAAAAAAAA__vFyGtoZmZkYGRkbGJsZm4KAKWRFhwQAAAA
.yahoo.com/	1970-01-20 14:26:19	Name: A3 Value: d=AQABBMdyEGMCEAhYzFM1Tv41F4oqhK7J1HMFEgEBAQHEEWMaYwAAAAAA_eMAAA&S=AQAAAv9HDSiwk-fGgATAGNuSSx8
.everesttech.net/	1970-01-20 14:25:58	Name: everest_g_v2 Value: g_surferid~YxByxwAD7I00kgBN
.mathtag.com/	1970-01-20 06:23:34	Name: mt_mop Value: 4:1662022343
.doubleclick.net/	1970-01-20 05:40:25	Name: DSID Value: NO_DATA
.mathtag.com/	1970-01-20 15:06:17	Name: uuid Value: 61bd6310-72c7-4e00-bb71-3720587fcbba
.siakapkeli.my/	1970-01-20 15:01:58	Name: cto_bundle Value: eMUUYV90eCUyRmRYcUtkWFYlMkY5bGIwV3MlMkJHZ2xtYWpOcGtRNWwlMkJRWGFmMHJCTTRUVUc2Y1d0TVJ2ZUIwbiUyRnlIcTJ3T0JOJTJCb05CdHRacWglMkJoYzFQR01mY2xjdjU1VUhBRUtEM1FlUDdMQUQ4QkhIc3hBMjZEQWZwV1JTZHNqNEtGd2dxMDRiZnZnQlVpRnNBZ1RDb3B6dVN5JTJCOVlBJTNEJTNE
.casalemedia.com/	1970-01-20 07:49:58	Name: CMTS Value: 1169
data.ad-score.com/	1970-01-20 15:16:22	Name: token Value: bFKhjHIMjFFzT-2krn-lryfJJaXlzNnR

9 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://siakapkeli.my/2022/09/01/bersalah-kes-rasuah-projek-solar-rosmah-dipenjara-30-tahun-denda-rm970-juta/(Line 290) Message: Unrecognized feature: 'web-share'.
network	error	URL: https://prebid.ad.smaato.net/oapi/prebid Message: Failed to load resource: the server responded with a status of 400 ()
network	error	URL: https://prebid.ad.smaato.net/oapi/prebid Message: Failed to load resource: the server responded with a status of 400 ()
network	error	URL: https://prebid.ad.smaato.net/oapi/prebid Message: Failed to load resource: the server responded with a status of 400 ()
network	error	URL: https://prebid.ad.smaato.net/oapi/prebid Message: Failed to load resource: the server responded with a status of 400 ()
network	error	URL: https://prebid.ad.smaato.net/oapi/prebid Message: Failed to load resource: the server responded with a status of 400 ()
network	error	URL: https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID&gdpr=1 Message: Failed to load resource: the server responded with a status of 400 (Request failed due to privacy signals)
network	error	URL: https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID&gdpr=1 Message: Failed to load resource: the server responded with a status of 400 (Request failed due to privacy signals)
network	error	URL: https://id.rlcdn.com/709414.gif Message: Failed to load resource: the server responded with a status of 451 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a-prebid.vidoomy.com
a.sportradarserving.com
a.vidoomy.com
a3268.casalemedia.com
a3281.casalemedia.com
acdn.adnxs.com
ad.turn.com
ad4m.at
adasia-d.openx.net
adnetwork.adasiaholdings.com
ads.betweendigital.com
ads.pubmatic.com
ads.yahoo.com
adservice.google.com
adservice.google.nl
anymind360.com
b1sync.zemanta.com
bcp.crwdcntrl.net
bidder.criteo.com
biddr.brealtime.com
bttrack.com
casale-match.dotomi.com
cdn.adbro.me
cdn.id5-sync.com
cdn.indexww.com
cdn.jsdelivr.net
cdnjs.cloudflare.com
ced.sascdn.com
cm.adform.net
cm.adgrx.com
cm.g.doubleclick.net
cms.quantserve.com
cnt.trvdp.com
contextual.media.net
d.adroll.com
d.vidoomy.com
d2q8xv8xf7whrd.cloudfront.net
data.ad-score.com
dclk-match.dotomi.com
dpm.demdex.net
dsp.adfarm1.adition.com
dsum-sec.casalemedia.com
dsum.casalemedia.com
eb2.3lift.com
euexchangesync.digitaleast.mobi
eus.rubiconproject.com
f4f5f5dd83b6f4fca4ebb5cce3cd0739.safeframe.googlesyndication.com
fastlane.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
go.trvdp.com
google-bidout-d.openx.net
googleads.g.doubleclick.net
gum.criteo.com
hb.emxdgt.com
hbopenbid.pubmatic.com
htlb.casalemedia.com
i.clean.gg
ib.adnxs.com
id.rlcdn.com
id.sharedid.org
id5-sync.com
image6.pubmatic.com
js-sec.indexww.com
match.adsrvr.org
match.prod.bidr.io
mug.criteo.com
nep.advangelists.com
oa.openxcdn.net
oajs.openx.net
p.rfihub.com
pagead2.googlesyndication.com
partner.googleadservices.com
pixel-sync.sitescout.com
pixel.rubiconproject.com
pixel.wp.com
pm.w55c.net
pr-bh.ybp.yahoo.com
prebid.ad.smaato.net
prebid.media.net
prg-apac.smartadserver.com
prod.uidapi.com
px.ads.linkedin.com
px.owneriq.net
r.casalemedia.com
region1.google-analytics.com
rtb.openx.net
s.ad.smaato.net
s.amazon-adsystem.com
s.trvdp.com
s0.2mdn.net
secure.adnxs.com
secure.gravatar.com
securepubads.g.doubleclick.net
siakapkeli.my
sk-bucket.sgp1.cdn.digitaloceanspaces.com
sk-bucket.sgp1.digitaloceanspaces.com
ssbsync.smartadserver.com
ssum-sec.casalemedia.com
static.criteo.net
static.xx.fbcdn.net
stats.g.doubleclick.net
stats.wp.com
stg.truvidplayer.com
sync-tm.everesttech.net
sync.adotmob.com
sync.mathtag.com
tag.adbro.me
tags.crwdcntrl.net
tlx.3lift.com
token.rubiconproject.com
tpc.googlesyndication.com
u.openx.net
um.simpli.fi
ups.analytics.yahoo.com
www.facebook.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
x.bidswitch.net
xhr.invl.co
103.229.206.241
103.253.144.208
104.17.120.107
104.18.18.126
104.18.19.126
13.214.237.179
13.248.245.213
13.32.99.110
130.211.115.4
141.95.98.67
142.250.185.162
143.204.215.42
143.204.215.89
151.101.129.108
151.101.130.49
169.50.137.184
178.250.0.157
178.250.2.131
18.158.57.249
185.170.61.169
185.183.112.155
185.64.189.112
185.64.190.78
185.86.137.114
185.86.139.104
188.42.191.196
192.0.76.3
192.132.33.46
193.0.160.129
2.18.235.93
2.21.184.200
2.21.184.247
2001:4860:4802:34::36
2001:678:cb4:bbbb::11
205.185.216.42
23.106.127.48
23.23.202.74
23.75.246.168
2406:2600:4::1
2600:9000:2057:2c00:1b:5138:8a40:93a1
2600:9000:211e:e400:3:bc0d:3a40:21
2602:803:c004:200::141
2606:4700:10::6816:3556
2606:4700:10::ac43:2682
2606:4700:20::681a:ad1
2606:4700::6811:180e
2606:4700::6812:d4c
2620:116:800d:21:7eb1:3826:be7e:d981
2620:1ec:21::14
2a00:1288:f03d:1fa::4000
2a00:1450:4001:800::2008
2a00:1450:4001:801::2002
2a00:1450:4001:801::2003
2a00:1450:4001:802::2004
2a00:1450:4001:80e::2001
2a00:1450:4001:80e::2002
2a00:1450:4001:80e::2003
2a00:1450:4001:80f::200e
2a00:1450:4001:810::2002
2a00:1450:4001:810::2006
2a00:1450:4001:828::2001
2a00:1450:4001:82b::2002
2a00:1450:4001:82f::2002
2a00:1450:4001:830::2002
2a00:1450:400c:c06::9a
2a00:1450:400e:800::200a
2a02:2638::1c
2a02:fa8:8806:16::1370
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
2a04:4e42:400::645
2a04:4e42::485
2a04:fa87:fffe::c000:4902
2a05:d018:d29:3602:364b:13fe:3893:404c
2a06:98c1:3120::3
3.121.84.223
3.123.244.81
3.126.56.137
3.141.155.221
3.68.178.222
34.102.146.192
34.107.148.139
34.120.107.143
34.209.30.241
34.95.69.49
34.95.81.168
35.158.200.182
35.227.252.103
35.244.159.8
35.244.174.68
37.157.3.28
37.252.172.123
37.252.172.37
52.223.40.198
52.30.246.43
52.46.128.147
52.50.170.21
54.220.224.183
54.247.81.92
54.77.35.16
54.93.35.187
63.251.232.165
64.74.236.159
65.9.66.43
65.9.66.97
66.155.71.149
69.173.144.138
69.173.144.139
85.114.159.118
85.91.44.123
92.123.9.160
95.101.27.38
01826976aac14f35662bdfe69279621f5c8ae87d495c474a97ec65ccf0f4aefa
01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
0372e585732c57f3a3cdedb3952a2ef299ffddd39e87a8afcbc2c58b5af06046
0413c66952464f1ecd016f7bcaab521634a380fc3f9b1b907caa11cb70c2ebc5
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
094b946adc39ade08f6d927ea066c8fef3ba6ee5c12919873172315ef7428e92
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5
0cfdb09e986a94c041898664f2300638ed8e5c7eedde27f8dd5583a863acfd22
10b74dad6e2a6d66096da20f850130fafe40ea1b4685625a1d93cb18f8813dac
13385bc296bb2dc9cac61d19963d6868de43445187fdb91b6980e892773a1c37
1389e9b0188188798771a20ba0fd794e15c6983dc37ec2ea79eaf4956c5b00f6
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1a5333e41af5d667618dede5fcdae2011b604b655cc72725addec65bfd3f8cef
1af83aa1a79e5f0f5f1e4abd99a4a41af2cf357f869ff45d989ff109dd988418
1c5508fec8820bbbe6cbcb8a88149a25ce5a80fbfaf362810b7850fa9c3cc3ad
1c9aec4f2b8e548c9177d6710f4edf73f020c9a68f5ac7458fdd2895e337c42e
1f4362568e9be366759f9ada329e928f398f49333040bc12fcf2de18483d1f52
211f25cc9e2d76fd0e6ad1874f0b1c790670bbb1967b9a7f311f0066b62d2aa4
216dc604d1b76e335179f91859f5e7520f716dfe5cf9c7d01972c6a10a460246
24f32ec98f7d493c9c0e45a4e74aa7a133b538d11be35ec16b247e85bf78ef45
264cac1fad5b7e0109fccf3eb115eb515d7559cd17504fc0b467ee626ccefb98
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
2a79d9d59e4c07752c78abc5f0243cecb939729e0728f347671fcd3a219e9b3f
2abe53bd69c5f6a053a8faa70ef1258c6f0e0f45d4d7cf8e8a901b7818b4f3cd
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2bd27a61f64c193e2b5d4a1b5408fb0ee1a21ab556f6c128d25c0515d4603413
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2e10d353ff038c2cad3492fc17801af3e6ef2669c9e9713bdb78b1dcb104c4fe
2e5748c93df04d1b67860f1fc4cd6444093de13f5a0066cf85fdfbb1c04d031b
36d774c1165ee2038184e44bb698ade39c2341b3ee13045e3fd3de74251ab274
3803a27a495e66a072d9669d36fe2abdfb8859b401531d9e8e82a898e1109c40
3836861bde0f0d858a72d40ef9746a03f916a13df0b957ed4e67e7268c775d06
3b99ad02d9da439559c39ee133e8532e9c78415f2f45ee8bde02039ea1dccedb
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
45bda32b828543bf69769a7dd7328b08c48b5c97bed1c545c6fd4e20295c9992
4703f12867a18aa4b8cd3adbf2afdf2a2f1d6a9d16f38f3b4ea49401f882b995
483a4fdfc56fb9d51ab02fe709b7a4d353005f0662f6833785e1539cf39fee34
486c6143e56cc041da567ea1040a20b594795d800da1606d8964b0c042858b64
488dff332d3e3ffc0ad66173890ffd23b351a50be5d430c32bb93c1bee393caa
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
4a92e2e9f05bdcb3dc090cb7d682cf1537153785d35363654ae7c61d0d85691e
4ab0f081f5cb76cf669973642e143f8a56e511a1ccdaffc2e70402aa2f64c932
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
54a66c4693bfd79901040269ae7d7304508cbd02859797a1780f2bbe72176e23
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
57000ea03bfb53734d0858b8fe992e6742226f23f311eb0f9d2177e2a84a5621
593546cc3cded8eb8597bd643918da046bc80efede459bdf477714cc492e50c0
5aad5fbd4238981a9ff5e2772ff1353dfe1a801fb49542fe157418c1438f7782
5ac431b785111551ec67b7c37f1743a5167995498849117b93e94a4b85b97de0
5f959ca7d520abbb194e8543bb6e984538e6e4e61acd1b85aced28f30cf9944a
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6357e8295825a71a9df68e927757b4cf26df3b198e8d5111d1799cd0eaf4d945
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6bd2aa31d3fd0959adbeedc4d69713ca9e68cc3b074672bc992f808eeb668e8d
6c1b5cd1f71d20ad697e2685c02fc7d90c4227532785865a6e1e9d4e121c3859
6cce90e944e79ff8a47eb85a04ab7d402cc873622cf6bf8cb1d2262a11cabf96
6cd169caaa5e5045647328ebe3c847acd6f40e0927c58a6a15c8baca72b4f8aa
6e03307e9c4699e6b0c40dea04b81b2fba77aa78eed2b33d314adfebd0c65ddb
6e842f654a304fd1eece02a5d588d2a998cc87cc65730b04d1e2c916e3a72a10
725deded31118c60fc35b98383d8fa1573596fd334d15ec8c442f3beb2fb5124
75acf65c5e3c08193c2bae4183356e43bc620cbaf1f5d7eda9340e9b19c50e86
763afce9c8f58ab3fd98da9c6be430b9a96ff95c4fd065139cd35c75f1a17a8b
77a306f8f3f1aab83a5b720fe853e6a812e25c291c43e7f1796e3fbd4ae73f56
77f198dd7335ff424de288c16a68b57a0bb8061a93566b8359597bacd692b9f9
798b31c8d6278c26e16783552e21654d54dbc39eaed852cba2ad3810155c1c07
7b4c8198dde51dd3520ceb5f12c099b5e5347e5e204324ccaf46904f80d7f444
815564293529e8a1273e2d86754ea536392b6bfa1e9d98dadd708d3268e30c21
82d0aae1e7b8cfc0574d6548d1f35096f5e4310321aa964ff3fdb46c4d12e302
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb
868a78df4f3d0a21f89c48ccc709df44d3875f5fb33e22bf51ca8b5c28be4202
8704f607741a4e0a4d82cf024d026c9e7c1d65241250c2223f31dca29a07dc15
8746bebbd3e3f8d0b387f6fca854a6c4e3e5e5331c1a69ebe6886b683c33e20d
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
8c1df6f09960add44f09f9c38af97175688526f1d264138627bf53ef3c427435
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8ee6a829478761f158d239ceb4dd636ae4e703dc1970057c71628549d1de6d14
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
91c90926e067942ddf4c93eac3e959a3c49eabf7e59be9ff1e33f645e8b496b7
93f4f6f0b03c174b244b202497511f810e0cf6f9c0657f7676b807bb6fe74946
9603524efd6b642a39b76ba0bff83cd2d78250140ab382ecd52618384cb38f30
966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068
979caf94add5b00ec59d8abde43d200523745c2f4b105c2906f4d9dda4afaeec
97ab734729d54bb7ee4d5980d96b6044870e5a048109b64d5118490290615c2a
97ce1e1f5dbfda35ac979b593e79e1673a3e725790339d767e4a6ca6e94a4828
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9d54849bd13f04e00c62235d9814a7cc4ba3fa644c1b1fc60af868a7f87c8dc4
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a2f8800c0ad663532daf04e10deeeedb3e8824478c48b368829df2e6cebe48a2
a3fb12e0586cb7710bc4ff3f906aa390cd18576b4d2a086389454e72c7f0b8df
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a4b21979da82a0dcccec7ed72669b988f4a1e00a8152ac41b2a463a0d9f8ca14
a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e
a68a70f7be9281f3f7148b38d7f5971f1dc946d3034a40e55021d0fb6fb78d73
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
aad48e612efa9d7364a3ad0e06aaa0d46320b7a57cc13697a8997ee9ef7c9101
ab612e26357285522cbacea29b729bfdff3b7342c75ee9438ab83a27ce4b297e
ad6aa18e132c373e6a0be7543103d4e5dfde8680587cea250550686591419910
aea339c0379bdf6d66bbcd1f7671373468be82cbae34169aaebda9503ae8ad0f
b115cccf8f40a47e153fbd79f4cb18488f4cc952ccb40881f120e5f21dd39a63
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b1faeac062934485878358576b352a1d0a7e80c64151dc34132eaed21466db0b
b27314b45b6ace1c7489eb9d36a7aa0dedc00ed22cec93a567b615c6b1952f32
b47eb2c147c468eb6aa9c3ba546db61b822d6d7be251f41e06aefc0d3c828163
b59e198c356c79d1ba89670c50cdb7e54181037f277ee106126caf570278bc11
b6325aa732b3bcec5769787b5c94f7f0272492135650ed5cabcb1c67986baba4
b7908a015a567ec2363011df2475368dbff34360e9da3fdff50604d6395fb646
b9468203d1a374c57d8f34c2df0229524b0b930bd43ed137a2a9bbbb21c1606e
b96809c7445a71d16a77253355bf0849dd747766305640346feda972c466aa93
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bbe8560826479959291cf70d3080f513bd35cc48126cf13dd43f6ffcec28907d
bc12347103da4da2ac30f8b4defd567679284e0bad691a54fad78ad804fc9c27
bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea
bea2b86a5809892051431395ffbffa6389e8cbc79c2c985fc8158f35bdfe3536
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c2e606e1fc82ea3a554aad5d0520e25d2677b89a891dc5c49e7ace08fce92e25
c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49
c552d123b46d213f451750ceb2d6e5a8852824b0bc9f7e32a0224d2eabd06698
c5a3e1072ff5fbca63068025f65d3e8e826c701a27f6f3ae2d33400e42a6dd00
c8e05403731f038bb3f9b521c1b0d5176ace6449bbf76c8cb1b746d524625984
c9cb18ea76b5dbd40e8824323035c63266c389b046c785dfc12451c1043699f3
d02b2816156c0b65f812c399f986ff60c44d1de45efc634ed460e1cffb538315
d0a77e495359613dd0f75850a9b9a541f059b6f215c76acddb418bedb7a2cf6b
d0efea0815d89b5b909ca9d3faee7bfac0fd50b46ffbb932b223e0fea09b8693
d261205cf1f286a5d6255461ac2332f0c24327323aa37cbabc04886411b2f9d2
d4b9284a97b56b07179f8876dcb58a12d6d381d67ec0c8eceb650af78d3328a1
d59943dee71cbf4d72c369d91a616e376be27626e74dcfb698945734377e7fad
d661244532ddce6a92fb96fde511e23ea4de69ff2e41a5bffb884caa71166e01
d7705700d24d5919255576642ad2c28bfc790390b7183a369038ff5c1e814d51
d83bf3cea763ba65c512b052e2034075a686311d12c28e392e772a614ccbff50
dac404ab5c3fcdc83e30b66349bccf92526406c5fdd63b9c1394acf78348ac52
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
ddb5f37e49e5bb129115dc56bf737c89b3a27770107d3c24abe60b2cec84460e
de317176fa6b64a8e89bbd45d20b6be2560bbfa96e7e53e63eb754e18bfe6c1f
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e00366824246a8c4cd948bba8823f0792df2004b3a2c021b17cf004ddbc4e7bb
e00add38134eac2fb8e8e9c09cbfff7bbe57952b210322eb2eecb0a21fc055eb
e0be1d222e2e367ac5106f4aee4830c3de18af1d266f8cde53915e11e8b01bfd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3d2fb52b6c39beb7a1eac1170b32bdbdec819f941425516be5d38bad454065e
e44c51c44d98e56e70bfdd2a2a9fe73171015812ac7cdb4ce599b66f92b8fde1
e528d33985475b8ba0fcf45f92a88481c6af14f444c8e5842b1a14d468c1cd73
e55617270594cd6380118c8c85d2bb4af1db5a7cbe998a7cb6bf9dd9059b9d05
e5fe4978879adfdef67b41585d5c45479529832d164dec883813b4bea698f6d0
e8199a50a8994e0d2754aef4e00dc862e3a80cde12c7943a2a028b5e4a302cd4
e851345505ee432c9397d60e5d91929ab4e5921f75c91f359b0939a879304b7a
e91df7da64fd986250003e277531728096fac8eaf50445bd6cbe019f29e76d57
e9f42f63ba258eb1f829e80baa68b9f5afaa63c0ea3b85af3c3ed3a27fcf28a8
eaed33d9144a040c80639039a1f5078641dee7b545af5ee03adb7f489bb83aef
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152
eec7d579b9d8eb1b838e35de355e3903289bd6d8dadd418fe73a9a9c33a71266
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f011b0a1bfb1179713327186e7ccdab92bfe3cb10ba3fe1a5aac32b37d34d65e
f29ae6256b57c5bd75413d293259e683a6f386ed0ccddcb6922d0ac49004316b
f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f65f69b16c07734bbd93413e50348d92f8ffc380b4035a265ce8467e50b65468
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef
f882756b47651b0f3e87b7031f4d98412c1f2b43fc6cfa900285b8d00a3d3c11
f9a563fbb50b9ccb31345b43149c281c060d1754750ed1f1a32e6ff30ca3defd
fa1a6d4bb65840edc7b4f73e3375396bcb77da51f4993295ae2000ddecfc60d4
fca1cecbb79ec1a111a8704840209211403a227b6d36818224dd490926077583
fe50466edcdac1192aa7a5bebb69e57134216d66dc920c3611ce267751d1643b
ff4bd34aa98a0214833619d3d751838db015722dfbbec15cd14dadc66cd67869
ffa47a378fb9016f551770c396b755767014c1f1df831f78cc4c482d36146b0a

siakapkeli.my Open in urlscan Pro 2a06:98c1:3120::3 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

290 Requests

88 %HTTPS

35 %IPv6

79 Domains

123 Subdomains

96 IPs

11 Countries

2684 kBTransfer

7346 kBSize

47 Cookies

4 Outgoing links

Redirected requests

290 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 8 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

siakapkeli.my Open in urlscan Pro
2a06:98c1:3120::3 Public Scan

Screenshot
Live screenshot

Full Image

290
Requests

88 %
HTTPS

35 %
IPv6

79
Domains

123
Subdomains

96
IPs

11
Countries

2684 kB
Transfer

7346 kB
Size

47
Cookies

290 HTTP transactions
8 data transactions