urlscan.io logo urlscan.io
SecurityTrails logo

gempak.com Open in urlscan Pro
2606:4700::6810:8274  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://voting.astro.com.my/
Effective URL: https://gempak.com//404
Submission: On November 29 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 102 IPs in 9 countries across 82 domains to perform 567 HTTP transactions. The main IP is 2606:4700::6810:8274, located in United States and belongs to CLOUDFLARENET, US. The main domain is gempak.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on April 2nd 2023. Valid for: a year.
This is the only time gempak.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 2600:9000:224... 16509 (AMAZON-02)
18 2600:9000:224... 16509 (AMAZON-02)
11 2a00:1450:400... 15169 (GOOGLE)
1 18.138.19.42 16509 (AMAZON-02)
1 2606:4700::68... 13335 (CLOUDFLAR...)
9 2a00:1450:400... 15169 (GOOGLE)
7 2a00:1450:400... 15169 (GOOGLE)
1 4 108.138.26.18 16509 (AMAZON-02)
9 2001:4860:480... 15169 (GOOGLE)
8 2a00:1450:400... 15169 (GOOGLE)
9 2a00:1450:400... 15169 (GOOGLE)
5 2a00:1450:400... 15169 (GOOGLE)
2 2600:1901:0:7... 396982 (GOOGLE-CL...)
39 2a03:2880:f08... 32934 (FACEBOOK)
20 2606:4700::68... 13335 (CLOUDFLAR...)
2 2600:1901:0:a... 15169 (GOOGLE)
8 2a03:2880:f17... 32934 (FACEBOOK)
23 2a00:1450:400... 15169 (GOOGLE)
5 2a00:1450:400... 15169 (GOOGLE)
65 151.101.129.44 54113 (FASTLY)
5 2a00:1450:400... 15169 (GOOGLE)
1 2600:9000:264... 16509 (AMAZON-02)
1 143.204.205.86 16509 (AMAZON-02)
2 151.101.3.52 54113 (FASTLY)
6 20.212.64.10 8075 (MICROSOFT...)
2 2620:1ec:46::45 8075 (MICROSOFT...)
1 5 3.120.214.218 16509 (AMAZON-02)
1 146.75.120.157 54113 (FASTLY)
1 5 2a02:2638:3::c 44788 (ASN-CRITE...)
1 10 54.170.72.30 16509 (AMAZON-02)
1 54.237.54.211 14618 (AMAZON-AES)
1 104.244.42.5 13414 (TWITTER)
1 104.244.42.3 13414 (TWITTER)
6 2606:4700::68... 13335 (CLOUDFLAR...)
4 4.227.249.197 8075 (MICROSOFT...)
1 2a06:98c1:312... 13335 (CLOUDFLAR...)
3 108.138.1.25 16509 (AMAZON-02)
1 99.86.4.71 16509 (AMAZON-02)
1 34.107.231.31 396982 (GOOGLE-CL...)
1 23.57.19.78 16625 (AKAMAI-AS)
2 65.9.66.97 16509 (AMAZON-02)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
2 2606:4700:10:... 13335 (CLOUDFLAR...)
1 3 34.241.138.233 16509 (AMAZON-02)
2 2606:4700:10:... 13335 (CLOUDFLAR...)
11 151.101.2.137 54113 (FASTLY)
1 2 68.219.88.97 8075 (MICROSOFT...)
1 1 2620:1ec:c11:... 8068 (MICROSOFT...)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
2 2600:9000:215... 16509 (AMAZON-02)
2 2 52.57.12.239 16509 (AMAZON-02)
1 1 2.19.228.187 16625 (AKAMAI-AS)
18 31 172.217.16.194 15169 (GOOGLE)
6 12 54.77.160.81 16509 (AMAZON-02)
13 13 54.78.218.204 16509 (AMAZON-02)
2 162.247.243.29 54113 (FASTLY)
1 2600:9000:236... 16509 (AMAZON-02)
1 2a00:1288:80:... 203220 (YAHOO-DEB)
1 1 52.209.2.79 16509 (AMAZON-02)
1 2600:9000:20b... 16509 (AMAZON-02)
3 2600:9000:249... 16509 (AMAZON-02)
11 141.226.228.48 200478 (TABOOLA-AS)
2 2a00:1450:400... 15169 (GOOGLE)
1 2a02:2638:3::3 44788 (ASN-CRITE...)
1 2600:9000:225... 16509 (AMAZON-02)
1 34.102.146.192 396982 (GOOGLE-CL...)
8 2606:4700::68... 13335 (CLOUDFLAR...)
34 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
16 2a00:1450:400... 15169 (GOOGLE)
1 162.19.138.82 16276 (OVH)
1 2 34.120.107.143 396982 (GOOGLE-CL...)
4 188.65.124.90 41690 (DAILYMOTI...)
1 3.1.39.24 16509 (AMAZON-02)
8 188.65.124.59 41690 (DAILYMOTI...)
15 178.79.242.181 22822 (LLNW)
4 142.250.185.134 15169 (GOOGLE)
25 2a00:1450:400... 15169 (GOOGLE)
4 15.197.193.217 16509 (AMAZON-02)
1 4 2a05:d018:d29... 16509 (AMAZON-02)
4 3.71.149.231 16509 (AMAZON-02)
3 35.244.159.8 15169 (GOOGLE)
5 7 172.64.151.101 13335 (CLOUDFLAR...)
3 4 37.252.171.52 29990 (ASN-APPNEX)
3 2a00:1450:400... 15169 (GOOGLE)
1 4 2606:4700::68... 13335 (CLOUDFLAR...)
1 34.96.105.8 396982 (GOOGLE-CL...)
2 2 213.155.156.185 1299 (TWELVE99 ...)
2 185.64.190.78 62713 (AS-PUBMATIC)
1 52.19.11.170 16509 (AMAZON-02)
3 3 46.228.174.117 56396 (AMOBEE)
2 178.79.242.16 22822 (LLNW)
2 23.32.185.35 16625 (AKAMAI-AS)
1 143.204.215.88 16509 (AMAZON-02)
1 107.178.244.119 15169 (GOOGLE)
2 18.184.108.41 16509 (AMAZON-02)
1 1 69.173.144.139 26667 (RUBICONPR...)
3 3 76.223.111.18 16509 (AMAZON-02)
1 185.86.139.104 201081 (SMARTADSE...)
1 188.65.124.91 41690 (DAILYMOTI...)
1 188.65.124.66 41690 (DAILYMOTI...)
2 216.58.212.130 15169 (GOOGLE)
1 2620:116:800d... 16509 (AMAZON-02)
1 1 178.250.1.9 44788 (ASN-CRITE...)
1 141.226.224.32 200478 (TABOOLA-AS)
2 2a00:1450:400... 15169 (GOOGLE)
3 52.222.214.37 16509 (AMAZON-02)
1 2a04:4e42:600... 54113 (FASTLY)
1 2a00:1450:400... 15169 (GOOGLE)
2 2606:4700::68... 13335 (CLOUDFLAR...)
2 20.188.98.74 ()
1 1 192.96.203.13 ()
1 2606:4700:20:... ()
567 102
1    2600:9000:2240:ce00:c:9855:b600:93a1 (United States)

ASN16509 (AMAZON-02, US)
voting.astro.com.my
18    2600:9000:2240:7600:c:9855:b600:93a1 (United States)

ASN16509 (AMAZON-02, US)
voting.astro.com.my
11    2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
securepubads.g.doubleclick.net
1    18.138.19.42 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-138-19-42.ap-southeast-1.compute.amazonaws.com
voting-service.eco.astro.com.my
1    2606:4700::6812:acf (United States)

ASN13335 (CLOUDFLARENET, US)
stackpath.bootstrapcdn.com
9    2a00:1450:4001:801::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
7    2a00:1450:4001:808::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
4    108.138.26.18 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-26-18.fra56.r.cloudfront.net
sb.scorecardresearch.com
9    2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)
region1.analytics.google.com
8    2a00:1450:400c:c07::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
9    2a00:1450:4001:809::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
5    2a00:1450:4001:80f::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
2    2600:1901:0:7a0b:: (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
sessions.bugsnag.com
39    2a03:2880:f084:d:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
static.xx.fbcdn.net
scontent.xx.fbcdn.net
20    2606:4700::6810:8274 (United States)

ASN13335 (CLOUDFLARENET, US)
gempak.com
2    2600:1901:0:a5e4:: (Kansas City, United States)

ASN15169 (GOOGLE, US)
notify.bugsnag.com
8    2a03:2880:f176:84:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
23    2a00:1450:4001:830::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
5    2a00:1450:4001:803::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
65    151.101.129.44 (United States)

ASN54113 (FASTLY, US)
cdn.taboola.com
trc.taboola.com
vidstat.taboola.com
images.taboola.com
videos.taboola.com
imprammp.taboola.com
wf.taboola.com
vidstatb.taboola.com
pips.taboola.com
5    2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
1    2600:9000:2646:6000:18:1fcd:353:c61 (United States)

ASN16509 (AMAZON-02, US)
static.chartbeat.com
1    143.204.205.86 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-205-86.fra53.r.cloudfront.net
d2aujjfcidxgdj.cloudfront.net
2    151.101.3.52 (United States)

ASN54113 (FASTLY, US)
rtbcdn.andbeyond.media
rtbpass-us.andbeyond.media
6    20.212.64.10 (Singapore, Singapore)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
api.vodus.com
vodus.my
2    2620:1ec:46::45 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
www.clarity.ms
5    3.120.214.218 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-120-214-218.eu-central-1.compute.amazonaws.com
ps.eyeota.net
1    146.75.120.157 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
static.ads-twitter.com
5    2a02:2638:3::c (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
gum.criteo.com
mug.criteo.com
10    54.170.72.30 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-170-72-30.eu-west-1.compute.amazonaws.com
astro.demdex.net
dpm.demdex.net
1    54.237.54.211 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-237-54-211.compute-1.amazonaws.com
ping.chartbeat.net
1    104.244.42.5 (United States)

ASN13414 (TWITTER, US)
t.co
1    104.244.42.3 (United States)

ASN13414 (TWITTER, US)
analytics.twitter.com
6    2606:4700::6811:190e (United States)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
4    4.227.249.197 (Tappahannock, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
u.clarity.ms
1    2a06:98c1:3121::3 (United States)

ASN13335 (CLOUDFLARENET, US)
rtbdemand.apiip.net
3    108.138.1.25 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-1-25.fra56.r.cloudfront.net
c.amazon-adsystem.com
1    99.86.4.71 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-4-71.fra6.r.cloudfront.net
config.aps.amazon-adsystem.com
1    34.107.231.31 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 31.231.107.34.bc.googleusercontent.com
p.adlooxtracking.com
1    23.57.19.78 (Düsseldorf, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-57-19-78.deploy.static.akamaitechnologies.com
secure.cdn.fastclick.net
2    65.9.66.97 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-66-97.fra56.r.cloudfront.net
tags.crwdcntrl.net
1    2606:4700:10::ac43:246e (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.hadronid.net
2    2606:4700:10::6816:3556 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.id5-sync.com
3    34.241.138.233 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-241-138-233.eu-west-1.compute.amazonaws.com
bcp.crwdcntrl.net
sync.crwdcntrl.net
2    2606:4700:10::6816:445 (United States)

ASN13335 (CLOUDFLARENET, US)
id.hadron.ad.gt
11    151.101.2.137 (United States)

ASN54113 (FASTLY, US)
js-agent.newrelic.com
2    68.219.88.97 (Dublin, Ireland)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
c.clarity.ms
1    2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
c.bing.com
1    2606:4700:10::6816:545 (United States)

ASN13335 (CLOUDFLARENET, US)
a.ad.gt
2    2600:9000:2156:c400:3:d4b:fac0:93a1 (United States)

ASN16509 (AMAZON-02, US)
digital-fortress-assets.eco.astro.com.my
2    52.57.12.239 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-57-12-239.eu-central-1.compute.amazonaws.com
pm.w55c.net
1    2.19.228.187 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-19-228-187.deploy.static.akamaitechnologies.com
image5.pubmatic.com
31    172.217.16.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s08-in-f194.1e100.net
cm.g.doubleclick.net
12    54.77.160.81 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-77-160-81.eu-west-1.compute.amazonaws.com
pixel.everesttech.net
13    54.78.218.204 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-78-218-204.eu-west-1.compute.amazonaws.com
cm.everesttech.net
2    162.247.243.29 (United States)

ASN54113 (FASTLY, US)
bam.nr-data.net
1    2600:9000:236e:1000:2:d490:4d80:93a1 (United States)

ASN16509 (AMAZON-02, US)
wrappers.geoedge.be
1    2a00:1288:80:807::2 (United Kingdom)

ASN203220 (YAHOO-DEB, GB)
ads.yahoo.com
1    52.209.2.79 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-209-2-79.eu-west-1.compute.amazonaws.com
synchroscript.deliveryengine.adswizz.com
1    2600:9000:20b4:4a00:19:769a:2440:93a1 (United States)

ASN16509 (AMAZON-02, US)
dce-gempak-api-prd.eco.astro.com.my
3    2600:9000:2490:ba00:0:b903:6380:93a1 (United States)

ASN16509 (AMAZON-02, US)
de-digital-fortress-stg-assets.eco.astro.com.my
11    141.226.228.48 (Netherlands)

ASN200478 (TABOOLA-AS, IL)
trc-events.taboola.com
am-trc-events.taboola.com
am-match.taboola.com
am-vid-events.taboola.com
am-wf.taboola.com
2    2a00:1450:4001:830::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    2a02:2638:3::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
static.criteo.net
1    2600:9000:2250:7800:a:e047:753:a221 (United States)

ASN16509 (AMAZON-02, US)
cdn.prod.uidapi.com
1    34.102.146.192 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 192.146.102.34.bc.googleusercontent.com
oa.openxcdn.net
8    2606:4700::6810:5814 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.jsdelivr.net
34    2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
4    2a00:1450:4001:810::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ed82c412a1d0517c38d808cdf80f705f.safeframe.googlesyndication.com
16    2a00:1450:4001:812::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
1    162.19.138.82 (Frankfurt am Main, Germany)

ASN16276 (OVH, FR)
PTR: ns31532337.ip-162-19-138.eu
id5-sync.com
2    34.120.107.143 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 143.107.120.34.bc.googleusercontent.com
oajs.openx.net
4    188.65.124.90 (Paris, France)

ASN41690 (DAILYMOTION For peering related business, please mail peering@dailymotion.com, FR)
PTR: fp.dc3.dailymotion.com
geo.dailymotion.com
www.dailymotion.com
1    3.1.39.24 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-1-39-24.ap-southeast-1.compute.amazonaws.com
prebid.andbeyond.media
8    188.65.124.59 (Paris, France)

ASN41690 (DAILYMOTION For peering related business, please mail peering@dailymotion.com, FR)
PTR: ebed2.dm.gg
pebed.dm-event.net
15    178.79.242.181 (Frankfurt am Main, Germany)

ASN22822 (LLNW, US)
PTR: https-178-79-242-181.fra.llnw.net
static1.dmcdn.net
4    142.250.185.134 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f6.1e100.net
ad.doubleclick.net
25    2a00:1450:4001:831::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
s0.2mdn.net
4    15.197.193.217 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com
match.adsrvr.org
4    2a05:d018:d29:3601:bf9c:a4a:22aa:bd3 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
pr-bh.ybp.yahoo.com
4    3.71.149.231 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-71-149-231.eu-central-1.compute.amazonaws.com
ups.analytics.yahoo.com
3    35.244.159.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com
google-bidout-d.openx.net
us-u.openx.net
7    172.64.151.101 (United States)

ASN13335 (CLOUDFLARENET, US)
dsum-sec.casalemedia.com
ssum-sec.casalemedia.com
4    37.252.171.52 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
ib.adnxs.com
3    2a00:1450:4001:82f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
imasdk.googleapis.com
4    2606:4700::6812:18ad (United States)

ASN13335 (CLOUDFLARENET, US)
a.tribalfusion.com
s.tribalfusion.com
1    34.96.105.8 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 8.105.96.34.bc.googleusercontent.com
tr.blismedia.com
2    213.155.156.185 (Sweden)

ASN1299 (TWELVE99 Arelion, fka Telia Carrier, SE)
d5p.de17a.com
2    185.64.190.78 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image6.pubmatic.com
1    52.19.11.170 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-19-11-170.eu-west-1.compute.amazonaws.com
match.360yield.com
3    46.228.174.117 (United Kingdom)

ASN56396 (AMOBEE, GB)
sync.1rx.io
sync.targeting.unrulymedia.com
2    178.79.242.16 (Frankfurt am Main, Germany)

ASN22822 (LLNW, US)
PTR: https-178-79-242-16.fra.llnw.net
vendorlist.dmcdn.net
2    23.32.185.35 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-32-185-35.deploy.static.akamaitechnologies.com
sync.teads.tv
1    143.204.215.88 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-215-88.fra53.r.cloudfront.net
choices.truste.com
1    107.178.244.119 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 119.244.178.107.bc.googleusercontent.com
beacon.sojern.com
2    18.184.108.41 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-184-108-41.eu-central-1.compute.amazonaws.com
x.bidswitch.net
1    69.173.144.139 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
pixel.rubiconproject.com
3    76.223.111.18 (United States)

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com
eb2.3lift.com
1    185.86.139.104 (France)

ASN201081 (SMARTADSERVER, FR)
ssbsync.smartadserver.com
1    188.65.124.91 (Paris, France)

ASN41690 (DAILYMOTION For peering related business, please mail peering@dailymotion.com, FR)
PTR: st.dc3.dailymotion.com
speedtest.dailymotion.com
1    188.65.124.66 (Paris, France)

ASN41690 (DAILYMOTION For peering related business, please mail peering@dailymotion.com, FR)
PTR: ingress-03-pub-prod-ix7.vip.dailymotion.com
dmxleo.dailymotion.com
2    216.58.212.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s46-in-f2.1e100.net
googleads4.g.doubleclick.net
1    2620:116:800d:21:5ed4:8d5d:fed7:f5ef (United States)

ASN16509 (AMAZON-02, US)
cms.quantserve.com
1    178.250.1.9 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
dis.criteo.com
1    141.226.224.32 (United States)

ASN200478 (TABOOLA-AS, IL)
cds.taboola.com
2    2a00:1450:4001:828::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
3    52.222.214.37 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-214-37.fra56.r.cloudfront.net
choices.trustarc.com
1    2a04:4e42:600::649 (United States)

ASN54113 (FASTLY, US)
code.jquery.com
1    2a00:1450:4001:82b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
apis.google.com
2    2606:4700::6810:7c60 (United States)

ASN13335 (CLOUDFLARENET, US)
www.cloudflare.com
2    20.188.98.74 (None, )

ASN- ()
vodus-api-serverless.azurewebsites.net
1    192.96.203.13 (None, )

ASN- ()
ads.aralego.com
1    2606:4700:20::ac43:47fe (None, )

ASN- ()
cdn.aralego.net
Apex Domain
Subdomains		 Transfer
77 taboola.com
cdn.taboola.com — Cisco Umbrella Rank: 1136
trc.taboola.com — Cisco Umbrella Rank: 705
trc-events.taboola.com — Cisco Umbrella Rank: 2170
vidstat.taboola.com — Cisco Umbrella Rank: 3029
am-trc-events.taboola.com — Cisco Umbrella Rank: 16673
images.taboola.com — Cisco Umbrella Rank: 1923
videos.taboola.com — Cisco Umbrella Rank: 6288
imprammp.taboola.com — Cisco Umbrella Rank: 15442
am-match.taboola.com — Cisco Umbrella Rank: 15833
wf.taboola.com — Cisco Umbrella Rank: 3148
am-vid-events.taboola.com — Cisco Umbrella Rank: 15082
vidstatb.taboola.com — Cisco Umbrella Rank: 5039
pips.taboola.com — Cisco Umbrella Rank: 1694
cds.taboola.com — Cisco Umbrella Rank: 1933
am-wf.taboola.com — Cisco Umbrella Rank: 17326
3 MB
61 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 196
stats.g.doubleclick.net — Cisco Umbrella Rank: 78
googleads.g.doubleclick.net — Cisco Umbrella Rank: 33
cm.g.doubleclick.net — Cisco Umbrella Rank: 245
ad.doubleclick.net — Cisco Umbrella Rank: 154
googleads4.g.doubleclick.net — Cisco Umbrella Rank: 439
461 KB
54 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 97
ed82c412a1d0517c38d808cdf80f705f.safeframe.googlesyndication.com
tpc.googlesyndication.com — Cisco Umbrella Rank: 149
317 KB
32 fbcdn.net
static.xx.fbcdn.net — Cisco Umbrella Rank: 933
scontent.xx.fbcdn.net — Cisco Umbrella Rank: 449
611 KB
26 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 31
imasdk.googleapis.com — Cisco Umbrella Rank: 447
504 KB
26 astro.com.my
voting.astro.com.my
voting-service.eco.astro.com.my
digital-fortress-assets.eco.astro.com.my — Cisco Umbrella Rank: 418565
dce-gempak-api-prd.eco.astro.com.my
de-digital-fortress-stg-assets.eco.astro.com.my — Cisco Umbrella Rank: 518777
1 MB
25 2mdn.net
s0.2mdn.net — Cisco Umbrella Rank: 300
902 KB
25 everesttech.net
pixel.everesttech.net — Cisco Umbrella Rank: 5429
cm.everesttech.net — Cisco Umbrella Rank: 1275
13 KB
20 gempak.com
gempak.com
963 KB
17 dmcdn.net
static1.dmcdn.net — Cisco Umbrella Rank: 8624
vendorlist.dmcdn.net — Cisco Umbrella Rank: 13037
662 KB
15 google.com
region1.analytics.google.com — Cisco Umbrella Rank: 3040
www.google.com — Cisco Umbrella Rank: 2
apis.google.com — Cisco Umbrella Rank: 112
24 KB
11 newrelic.com
js-agent.newrelic.com — Cisco Umbrella Rank: 562
32 KB
10 demdex.net
astro.demdex.net — Cisco Umbrella Rank: 402341
dpm.demdex.net — Cisco Umbrella Rank: 228
11 KB
9 yahoo.com
ads.yahoo.com — Cisco Umbrella Rank: 7567
pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 492
ups.analytics.yahoo.com — Cisco Umbrella Rank: 327
2 KB
9 google.de
www.google.de — Cisco Umbrella Rank: 6862
1001 B
9 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 35
803 KB
8 dm-event.net
pebed.dm-event.net — Cisco Umbrella Rank: 9164
3 KB
8 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 335
104 KB
8 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 223
www.cloudflare.com — Cisco Umbrella Rank: 6077
45 KB
8 clarity.ms
www.clarity.ms — Cisco Umbrella Rank: 827
u.clarity.ms — Cisco Umbrella Rank: 7536
c.clarity.ms — Cisco Umbrella Rank: 1405
28 KB
8 facebook.com
www.facebook.com — Cisco Umbrella Rank: 110
24 KB
7 casalemedia.com
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 625
ssum-sec.casalemedia.com — Cisco Umbrella Rank: 486
4 KB
7 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 174
282 KB
7 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 27
62 KB
6 dailymotion.com
geo.dailymotion.com — Cisco Umbrella Rank: 8076
www.dailymotion.com — Cisco Umbrella Rank: 9701
speedtest.dailymotion.com — Cisco Umbrella Rank: 9958
dmxleo.dailymotion.com — Cisco Umbrella Rank: 9093
45 KB
6 criteo.com
gum.criteo.com — Cisco Umbrella Rank: 454
mug.criteo.com — Cisco Umbrella Rank: 2926
dis.criteo.com — Cisco Umbrella Rank: 597
8 KB
5 openx.net
oajs.openx.net — Cisco Umbrella Rank: 1656
google-bidout-d.openx.net — Cisco Umbrella Rank: 1665
us-u.openx.net — Cisco Umbrella Rank: 522
1007 B
5 crwdcntrl.net
tags.crwdcntrl.net — Cisco Umbrella Rank: 976
bcp.crwdcntrl.net — Cisco Umbrella Rank: 887
sync.crwdcntrl.net — Cisco Umbrella Rank: 865
25 KB
5 eyeota.net
ps.eyeota.net — Cisco Umbrella Rank: 1148
2 KB
5 vodus.com
api.vodus.com — Cisco Umbrella Rank: 179733
7 KB
5 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 212
285 KB
4 tribalfusion.com
a.tribalfusion.com — Cisco Umbrella Rank: 860
s.tribalfusion.com — Cisco Umbrella Rank: 2311
2 KB
4 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 246
3 KB
4 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 353
593 B
4 gstatic.com
fonts.gstatic.com
www.gstatic.com
70 KB
4 amazon-adsystem.com
c.amazon-adsystem.com — Cisco Umbrella Rank: 306
config.aps.amazon-adsystem.com — Cisco Umbrella Rank: 598
72 KB
4 bugsnag.com
sessions.bugsnag.com — Cisco Umbrella Rank: 832
notify.bugsnag.com — Cisco Umbrella Rank: 1272
210 B
4 scorecardresearch.com
sb.scorecardresearch.com — Cisco Umbrella Rank: 172
1 KB
3 trustarc.com
choices.trustarc.com — Cisco Umbrella Rank: 872
8 KB
3 3lift.com
eb2.3lift.com — Cisco Umbrella Rank: 417
1 KB
3 pubmatic.com
image5.pubmatic.com — Cisco Umbrella Rank: 69402
image6.pubmatic.com — Cisco Umbrella Rank: 823
554 B
3 ad.gt
id.hadron.ad.gt — Cisco Umbrella Rank: 1601
a.ad.gt — Cisco Umbrella Rank: 1844
4 KB
3 id5-sync.com
cdn.id5-sync.com — Cisco Umbrella Rank: 863
id5-sync.com — Cisco Umbrella Rank: 440
67 KB
3 andbeyond.media
rtbcdn.andbeyond.media — Cisco Umbrella Rank: 33163
rtbpass-us.andbeyond.media — Cisco Umbrella Rank: 58660
prebid.andbeyond.media — Cisco Umbrella Rank: 30387
217 KB
2 azurewebsites.net
vodus-api-serverless.azurewebsites.net
1 KB
2 bidswitch.net
x.bidswitch.net — Cisco Umbrella Rank: 351
291 B
2 teads.tv
sync.teads.tv — Cisco Umbrella Rank: 1403
326 B
2 1rx.io
sync.1rx.io — Cisco Umbrella Rank: 567
2 KB
2 de17a.com
d5p.de17a.com — Cisco Umbrella Rank: 4905
651 B
2 nr-data.net
bam.nr-data.net — Cisco Umbrella Rank: 225
739 B
2 w55c.net
pm.w55c.net — Cisco Umbrella Rank: 912
1 KB
1 aralego.net
cdn.aralego.net
5 KB
1 aralego.com
ads.aralego.com
sync.aralego.com Failed
136 B
1 vodus.my
vodus.my — Cisco Umbrella Rank: 248640
1 KB
1 jquery.com
code.jquery.com — Cisco Umbrella Rank: 762
67 KB
1 quantserve.com
cms.quantserve.com — Cisco Umbrella Rank: 764
463 B
1 smartadserver.com
ssbsync.smartadserver.com — Cisco Umbrella Rank: 774
45 B
1 rubiconproject.com
pixel.rubiconproject.com — Cisco Umbrella Rank: 376
616 B
1 sojern.com
beacon.sojern.com — Cisco Umbrella Rank: 5796
208 B
1 truste.com
choices.truste.com — Cisco Umbrella Rank: 883
10 KB
1 unrulymedia.com
sync.targeting.unrulymedia.com — Cisco Umbrella Rank: 1268
576 B
1 360yield.com
match.360yield.com — Cisco Umbrella Rank: 2249
199 B
1 blismedia.com
tr.blismedia.com — Cisco Umbrella Rank: 1824
173 B
1 openxcdn.net
oa.openxcdn.net — Cisco Umbrella Rank: 1762
8 KB
1 uidapi.com
cdn.prod.uidapi.com — Cisco Umbrella Rank: 2491
3 KB
1 criteo.net
static.criteo.net — Cisco Umbrella Rank: 668
13 KB
1 adswizz.com
synchroscript.deliveryengine.adswizz.com — Cisco Umbrella Rank: 2700
453 B
1 geoedge.be
wrappers.geoedge.be — Cisco Umbrella Rank: 21126
3 KB
1 bing.com
c.bing.com — Cisco Umbrella Rank: 236
758 B
1 hadronid.net
cdn.hadronid.net — Cisco Umbrella Rank: 1779
10 KB
1 fastclick.net
secure.cdn.fastclick.net — Cisco Umbrella Rank: 1155
17 KB
1 adlooxtracking.com
p.adlooxtracking.com — Cisco Umbrella Rank: 24339
4 KB
1 apiip.net
rtbdemand.apiip.net — Cisco Umbrella Rank: 28377
991 B
1 twitter.com
analytics.twitter.com — Cisco Umbrella Rank: 747
725 B
1 t.co
t.co — Cisco Umbrella Rank: 607
378 B
1 chartbeat.net
ping.chartbeat.net — Cisco Umbrella Rank: 1376
201 B
1 ads-twitter.com
static.ads-twitter.com — Cisco Umbrella Rank: 713
15 KB
1 cloudfront.net
d2aujjfcidxgdj.cloudfront.net
13 KB
1 chartbeat.com
static.chartbeat.com — Cisco Umbrella Rank: 1585
15 KB
1 bootstrapcdn.com
stackpath.bootstrapcdn.com — Cisco Umbrella Rank: 2914
7 KB
0 eu-1-id5-sync.com Failed
lb.eu-1-id5-sync.com Failed
0 spotxchange.com Failed
sync.search.spotxchange.com Failed
567 82
Domain Requested by
40 images.taboola.com cdn.taboola.com
34 pagead2.googlesyndication.com voting.astro.com.my
tpc.googlesyndication.com
ed82c412a1d0517c38d808cdf80f705f.safeframe.googlesyndication.com
pagead2.googlesyndication.com
googleads.g.doubleclick.net
imasdk.googleapis.com
s0.2mdn.net
www.googletagservices.com
31 cm.g.doubleclick.net 18 redirects googleads.g.doubleclick.net
ed82c412a1d0517c38d808cdf80f705f.safeframe.googlesyndication.com
30 static.xx.fbcdn.net www.facebook.com
static.xx.fbcdn.net
25 s0.2mdn.net ed82c412a1d0517c38d808cdf80f705f.safeframe.googlesyndication.com
voting.astro.com.my
s0.2mdn.net
imasdk.googleapis.com
23 fonts.googleapis.com client
s0.2mdn.net
cdn.jsdelivr.net
20 gempak.com voting.astro.com.my
gempak.com
19 voting.astro.com.my 1 redirects voting.astro.com.my
16 tpc.googlesyndication.com voting.astro.com.my
ed82c412a1d0517c38d808cdf80f705f.safeframe.googlesyndication.com
tpc.googlesyndication.com
s0.2mdn.net
15 static1.dmcdn.net geo.dailymotion.com
13 cm.everesttech.net 13 redirects
12 pixel.everesttech.net 6 redirects
11 js-agent.newrelic.com voting.astro.com.my
11 securepubads.g.doubleclick.net voting.astro.com.my
securepubads.g.doubleclick.net
www.googletagservices.com
10 cdn.taboola.com voting.astro.com.my
cdn.taboola.com
9 www.google.de voting.astro.com.my
9 region1.analytics.google.com www.googletagmanager.com
9 www.googletagmanager.com voting.astro.com.my
www.googletagmanager.com
www.google-analytics.com
8 pebed.dm-event.net geo.dailymotion.com
static1.dmcdn.net
8 cdn.jsdelivr.net voting.astro.com.my
8 www.facebook.com voting.astro.com.my
static.xx.fbcdn.net
8 stats.g.doubleclick.net www.googletagmanager.com
www.google-analytics.com
7 connect.facebook.net voting.astro.com.my
connect.facebook.net
7 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
voting.astro.com.my
6 am-trc-events.taboola.com voting.astro.com.my
6 dpm.demdex.net
6 cdnjs.cloudflare.com voting.astro.com.my
5 dsum-sec.casalemedia.com 3 redirects googleads.g.doubleclick.net
5 vidstat.taboola.com voting.astro.com.my
5 ps.eyeota.net 1 redirects voting.astro.com.my
5 api.vodus.com voting.astro.com.my
cdnjs.cloudflare.com
api.vodus.com
5 googleads.g.doubleclick.net voting.astro.com.my
ed82c412a1d0517c38d808cdf80f705f.safeframe.googlesyndication.com
pagead2.googlesyndication.com
5 www.googletagservices.com gempak.com
securepubads.g.doubleclick.net
ed82c412a1d0517c38d808cdf80f705f.safeframe.googlesyndication.com
5 www.google.com voting.astro.com.my
ed82c412a1d0517c38d808cdf80f705f.safeframe.googlesyndication.com
4 ib.adnxs.com 3 redirects googleads.g.doubleclick.net
4 ups.analytics.yahoo.com imprammp.taboola.com
am-match.taboola.com
googleads.g.doubleclick.net
4 pr-bh.ybp.yahoo.com 1 redirects imprammp.taboola.com
am-match.taboola.com
4 match.adsrvr.org imprammp.taboola.com
am-match.taboola.com
ed82c412a1d0517c38d808cdf80f705f.safeframe.googlesyndication.com
4 ad.doubleclick.net voting.astro.com.my
4 ed82c412a1d0517c38d808cdf80f705f.safeframe.googlesyndication.com voting.astro.com.my
4 u.clarity.ms voting.astro.com.my
4 astro.demdex.net 1 redirects voting.astro.com.my
4 gum.criteo.com 1 redirects voting.astro.com.my
4 sb.scorecardresearch.com 1 redirects voting.astro.com.my
3 choices.trustarc.com choices.truste.com
3 eb2.3lift.com 3 redirects
3 a.tribalfusion.com 1 redirects ed82c412a1d0517c38d808cdf80f705f.safeframe.googlesyndication.com
3 imasdk.googleapis.com geo.dailymotion.com
static1.dmcdn.net
imasdk.googleapis.com
3 geo.dailymotion.com securepubads.g.doubleclick.net
geo.dailymotion.com
3 de-digital-fortress-stg-assets.eco.astro.com.my voting.astro.com.my
3 trc.taboola.com voting.astro.com.my
3 c.amazon-adsystem.com voting.astro.com.my
2 vodus-api-serverless.azurewebsites.net voting.astro.com.my
2 www.cloudflare.com api.vodus.com
voting.astro.com.my
2 www.gstatic.com static1.dmcdn.net
www.gstatic.com
2 googleads4.g.doubleclick.net voting.astro.com.my
2 ssum-sec.casalemedia.com 2 redirects
2 x.bidswitch.net ed82c412a1d0517c38d808cdf80f705f.safeframe.googlesyndication.com
2 sync.teads.tv googleads.g.doubleclick.net
2 us-u.openx.net googleads.g.doubleclick.net
2 vendorlist.dmcdn.net static1.dmcdn.net
2 sync.1rx.io 2 redirects
2 image6.pubmatic.com ed82c412a1d0517c38d808cdf80f705f.safeframe.googlesyndication.com
2 d5p.de17a.com 2 redirects
2 wf.taboola.com voting.astro.com.my
2 am-match.taboola.com voting.astro.com.my
2 scontent.xx.fbcdn.net www.facebook.com
2 videos.taboola.com
2 oajs.openx.net 1 redirects
2 fonts.gstatic.com fonts.googleapis.com
2 bam.nr-data.net voting.astro.com.my
2 pm.w55c.net 2 redirects
2 digital-fortress-assets.eco.astro.com.my voting.astro.com.my
2 c.clarity.ms 1 redirects
2 id.hadron.ad.gt voting.astro.com.my
2 bcp.crwdcntrl.net voting.astro.com.my
2 cdn.id5-sync.com voting.astro.com.my
2 tags.crwdcntrl.net voting.astro.com.my
2 www.clarity.ms voting.astro.com.my
2 notify.bugsnag.com voting.astro.com.my
2 sessions.bugsnag.com voting.astro.com.my
1 cdn.aralego.net
1 ads.aralego.com 1 redirects
1 am-wf.taboola.com voting.astro.com.my
1 vodus.my cdnjs.cloudflare.com
1 apis.google.com voting.astro.com.my
1 code.jquery.com voting.astro.com.my
1 cds.taboola.com voting.astro.com.my
1 pips.taboola.com voting.astro.com.my
1 dis.criteo.com 1 redirects
1 cms.quantserve.com ed82c412a1d0517c38d808cdf80f705f.safeframe.googlesyndication.com
1 dmxleo.dailymotion.com static1.dmcdn.net
1 speedtest.dailymotion.com static1.dmcdn.net
1 ssbsync.smartadserver.com ed82c412a1d0517c38d808cdf80f705f.safeframe.googlesyndication.com
1 pixel.rubiconproject.com 1 redirects
1 vidstatb.taboola.com
1 beacon.sojern.com ed82c412a1d0517c38d808cdf80f705f.safeframe.googlesyndication.com
1 choices.truste.com ed82c412a1d0517c38d808cdf80f705f.safeframe.googlesyndication.com
1 am-vid-events.taboola.com
1 www.dailymotion.com geo.dailymotion.com
1 sync.targeting.unrulymedia.com 1 redirects
1 match.360yield.com ed82c412a1d0517c38d808cdf80f705f.safeframe.googlesyndication.com
1 tr.blismedia.com ed82c412a1d0517c38d808cdf80f705f.safeframe.googlesyndication.com
1 s.tribalfusion.com ed82c412a1d0517c38d808cdf80f705f.safeframe.googlesyndication.com
1 google-bidout-d.openx.net voting.astro.com.my
1 imprammp.taboola.com voting.astro.com.my
1 mug.criteo.com
1 prebid.andbeyond.media voting.astro.com.my
1 id5-sync.com voting.astro.com.my
1 oa.openxcdn.net voting.astro.com.my
1 cdn.prod.uidapi.com voting.astro.com.my
1 static.criteo.net voting.astro.com.my
1 trc-events.taboola.com voting.astro.com.my
1 dce-gempak-api-prd.eco.astro.com.my voting.astro.com.my
1 synchroscript.deliveryengine.adswizz.com 1 redirects
1 sync.crwdcntrl.net 1 redirects
1 ads.yahoo.com
1 wrappers.geoedge.be voting.astro.com.my
1 image5.pubmatic.com 1 redirects
1 a.ad.gt voting.astro.com.my
1 c.bing.com 1 redirects
1 cdn.hadronid.net voting.astro.com.my
1 secure.cdn.fastclick.net voting.astro.com.my
1 p.adlooxtracking.com voting.astro.com.my
1 rtbpass-us.andbeyond.media voting.astro.com.my
1 config.aps.amazon-adsystem.com voting.astro.com.my
1 rtbdemand.apiip.net voting.astro.com.my
1 analytics.twitter.com
1 t.co
1 ping.chartbeat.net
1 static.ads-twitter.com voting.astro.com.my
1 rtbcdn.andbeyond.media voting.astro.com.my
1 d2aujjfcidxgdj.cloudfront.net voting.astro.com.my
1 static.chartbeat.com voting.astro.com.my
1 stackpath.bootstrapcdn.com voting.astro.com.my
1 voting-service.eco.astro.com.my voting.astro.com.my
0 sync.aralego.com Failed voting.astro.com.my
0 lb.eu-1-id5-sync.com Failed voting.astro.com.my
0 sync.search.spotxchange.com Failed googleads.g.doubleclick.net
567 139
Subject Issuer Validity Valid
*.astro.com.my
DigiCert SHA2 High Assurance Server CA		 2023-04-14 -
2024-05-14		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-10-23 -
2024-01-15		 3 months crt.sh
*.eco.astro.com.my
Amazon RSA 2048 M02		 2023-02-01 -
2024-03-01		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-12-30 -
2023-12-30		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-10-23 -
2024-01-15		 3 months crt.sh
*.scorecardresearch.com
Sectigo RSA Domain Validation Secure Server CA		 2022-12-15 -
2023-12-28		 a year crt.sh
www.google.de
GTS CA 1C3		 2023-10-23 -
2024-01-15		 3 months crt.sh
www.google.com
GTS CA 1C3		 2023-10-23 -
2024-01-15		 3 months crt.sh
*.google.de
GTS CA 1C3		 2023-10-23 -
2024-01-15		 3 months crt.sh
*.bugsnag.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-04-19 -
2024-04-12		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2023-09-07 -
2023-12-06		 3 months crt.sh
gempak.com
Cloudflare Inc ECC CA-3		 2023-04-02 -
2024-04-01		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2023-10-23 -
2024-01-15		 3 months crt.sh
*.taboola.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-10-23 -
2024-11-22		 a year crt.sh
*.chartbeat.com
Thawte TLS RSA CA G1		 2023-05-16 -
2024-06-06		 a year crt.sh
*.cloudfront.net
Amazon RSA 2048 M01		 2023-10-10 -
2024-09-19		 a year crt.sh
andbeyond.media
Certainly Intermediate R1		 2023-11-20 -
2023-12-20		 a month crt.sh
api.vodus.com
GeoTrust Global TLS RSA4096 SHA256 2022 CA1		 2023-07-24 -
2024-01-24		 6 months crt.sh
www.clarity.ms
DigiCert TLS RSA SHA256 2020 CA1		 2023-08-29 -
2024-08-29		 a year crt.sh
eyeota.net
GoGetSSL RSA DV CA		 2023-03-08 -
2024-04-07		 a year crt.sh
ads-twitter.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-07-21 -
2024-07-19		 a year crt.sh
*.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-09-26 -
2023-12-23		 3 months crt.sh
*.chartbeat.net
Thawte TLS RSA CA G1		 2023-11-20 -
2024-12-20		 a year crt.sh
t.co
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2023-02-05 -
2024-02-05		 a year crt.sh
*.twitter.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-10-31 -
2024-10-29		 a year crt.sh
a.clarity.ms
Microsoft Azure TLS Issuing CA 06		 2023-02-13 -
2024-02-08		 a year crt.sh
*.demdex.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-09-26 -
2024-10-26		 a year crt.sh
c.amazon-adsystem.com
Amazon RSA 2048 M01		 2023-02-28 -
2024-02-17		 a year crt.sh
config.aps.amazon-adsystem.com
Amazon RSA 2048 M02		 2023-02-20 -
2024-03-20		 a year crt.sh
p.adlooxtracking.com
GTS CA 1D4		 2023-11-13 -
2024-02-11		 3 months crt.sh
secure.cdn.fastclick.net
DigiCert TLS RSA SHA256 2020 CA1		 2023-10-03 -
2024-10-03		 a year crt.sh
*.crwdcntrl.net
Amazon RSA 2048 M01		 2023-10-08 -
2024-11-05		 a year crt.sh
hadronid.net
GTS CA 1P5		 2023-10-05 -
2024-01-03		 3 months crt.sh
js-agent.newrelic.com
GlobalSign Atlas R3 DV TLS CA 2023 Q2		 2023-04-13 -
2024-05-14		 a year crt.sh
*.nr-data.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-09-29 -
2024-10-01		 a year crt.sh
gw.geoedge.be
Amazon RSA 2048 M01		 2023-08-12 -
2024-09-09		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2023-10-23 -
2024-01-15		 3 months crt.sh
*.criteo.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-10-09 -
2024-01-06		 3 months crt.sh
cdn.prod.uidapi.com
R3		 2023-11-02 -
2024-01-31		 3 months crt.sh
oa.openxcdn.net
GTS CA 1D4		 2023-11-24 -
2024-02-22		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2023-10-23 -
2024-01-15		 3 months crt.sh
*.id5-sync.com
R3		 2023-11-01 -
2024-01-30		 3 months crt.sh
www.dailymotion.com
ZeroSSL ECC Domain Secure Site CA		 2023-11-24 -
2024-02-22		 3 months crt.sh
*.andbeyond.media
Starfield Secure Certificate Authority - G2		 2023-02-14 -
2024-03-17		 a year crt.sh
*.google.com
GTS CA 1C3		 2023-10-23 -
2024-01-15		 3 months crt.sh
*.dm-event.net
ZeroSSL RSA Domain Secure Site CA		 2023-10-17 -
2024-01-15		 3 months crt.sh
*.dmcdn.net
ZeroSSL RSA Domain Secure Site CA		 2023-11-12 -
2024-02-10		 3 months crt.sh
*.doubleclick.net
GTS CA 1C3		 2023-10-23 -
2024-01-15		 3 months crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2023-04-12 -
2024-05-13		 a year crt.sh
*.ybp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2023-08-29 -
2024-02-21		 6 months crt.sh
ups.analytics.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2023-08-03 -
2024-01-24		 6 months crt.sh
*.openx.net
RapidSSL TLS RSA CA G1		 2023-08-18 -
2024-08-18		 a year crt.sh
tr.blismedia.com
GTS CA 1D4		 2023-10-04 -
2024-01-02		 3 months crt.sh
*.pubmatic.com
DigiCert Baltimore TLS RSA SHA256 2020 CA1		 2023-04-20 -
2024-05-20		 a year crt.sh
*.360yield.com
Amazon RSA 2048 M01		 2023-05-29 -
2024-06-26		 a year crt.sh
teads.tv
R3		 2023-11-03 -
2024-02-01		 3 months crt.sh
*.truste.com
Amazon RSA 2048 M02		 2023-11-18 -
2024-12-15		 a year crt.sh
*.sojern.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-01-17 -
2024-02-17		 a year crt.sh
*.bidswitch.net
Sectigo RSA Domain Validation Secure Server CA		 2023-03-23 -
2024-03-23		 a year crt.sh
*.smartadserver.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2023-01-21 -
2024-01-23		 a year crt.sh
speedtest.dailymotion.com
ZeroSSL ECC Domain Secure Site CA		 2023-10-12 -
2024-01-10		 3 months crt.sh
dmxleo.dailymotion.com
ZeroSSL RSA Domain Secure Site CA		 2023-10-27 -
2024-01-25		 3 months crt.sh
quantserve.com
R3		 2023-10-28 -
2024-01-26		 3 months crt.sh
*.trustarc.com
Amazon RSA 2048 M02		 2023-04-17 -
2024-05-14		 a year crt.sh
*.jquery.com
Sectigo RSA Domain Validation Secure Server CA		 2023-07-11 -
2024-07-14		 a year crt.sh
*.apis.google.com
GTS CA 1C3		 2023-10-23 -
2024-01-15		 3 months crt.sh
www.cloudflare.com
GTS CA 1P5		 2023-11-17 -
2024-02-15		 3 months crt.sh
vodus.my
GeoTrust Global TLS RSA4096 SHA256 2022 CA1		 2023-07-27 -
2024-01-27		 6 months crt.sh
*.azurewebsites.net
Microsoft Azure TLS Issuing CA 06		 2023-05-21 -
2024-05-15		 a year crt.sh

This page contains 35 frames:

Primary Page: https://gempak.com//404
Frame ID: CF832AD3BD1811400A626F399FCC1A3E
Requests: 319 HTTP requests in this frame

Frame: https://astro.demdex.net/dest4.html?d_nsid=0
Frame ID: FFB79C77876E8B47CCE6A33A16F3CA25
Requests: 14 HTTP requests in this frame

Frame: https://ed82c412a1d0517c38d808cdf80f705f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: C674134BB1FDAE32B42F254CB247AAD8
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fhref%3Dhttps%253A%252F%252Fwww.facebook.com%252FPortalAstroGempak%252F%26width%3D340%26height%3D214%26small_header%3Dfalse%26adapt_container_width%3Dtrue%26hide_cover%3Dfalse%26show_facepile%3Dtrue%26appId
Frame ID: 0B368A7DDD13D5A0E5B6FC723F7EA27C
Requests: 38 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsu4FvUaWrq8t2uqiuhIpcCpBlPYwWx89LVS8Y2CfSpSAeiNVke8jGIq7wPaPA6hYUhXo2SK8sLegsy3sWGvTT-eRl22sjOYAv2sypIVPQxM0ry3Nilf-hL5vXiXb26ng15eQhYVxlJ0nuTm-IPctNmgo_eUC46P8iTrEi2b9DUWfFECUKmnrFxXrzz9YeR2qedhYWcq6N7suDqINnBuChr9IsINev0tYEYZtL5zRtXYgbaQiXOnQ7uTW4IQUXSIAKe5az-rBfV-SdNCatqrVSAHEMuE4SLKDkPyv-9DgxISMfauwKMu9SAkBsgALVDOnpciEIQysrGx0wSpPjIqG9EgkxbTPMlFEl_DAGjakONfcFgHsk5f4gdkG2rxPZwkmPHNEEOt4bju30ze08N_cnq1ZMWIHrc-N8qBNXcNnUu9GpXPCi8EFgQ&sai=AMfl-YRTzP2iOsajG1ghhEVnCX1G95-Xh4mEtykESFuLphZlZ7dJU5ejnF1fX-K5gLS1-NEEsm7jyb1XGbSneBovFn2RjMFh9C6vQ-2ryBEEQYarJiFdA2iKltB_VubzXiMvEvpD7BIqsH7Y1A&sig=Cg0ArKJSzHWgOC5NaxwxEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=
Frame ID: C850F5A97BE9826A7C6998D6010B7CCC
Requests: 10 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=gempak.com
Frame ID: 16D0E57C6002D60E39DDEA27E3AABD1A
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: F97CDCC0E789D5BED6739F644B652205
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 82CEBE2161675E62B3185FCB1FD5ED45
Requests: 2 HTTP requests in this frame

Frame: https://ed82c412a1d0517c38d808cdf80f705f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 936ED4983E3516A5859C8F207A990FB4
Requests: 13 HTTP requests in this frame

Frame: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V8VUECLAa4rDSk9sQwThJwWWlI7YlhnCwAAABgYID-AElOZs7FcLdySwaDmVu0MbncEodt41ZZZrvBZOSwOFy-ISDJycy5GO5WbslgMHOLNiaXW-Kwbdwqy2w3mIwcFofLNwUfxnKZDGqBhGX2-w4KyunpMbsMoqLrbbE7nGbPG1yg6XT4XPd6nctteHjtGr_brxcNRnMAAAAA8OD___8fAgAAAEAEAAAAAAkAAAAAFAIq_FsQuAAAAACA4f___18DABQHg3V4Pi-zPwAAAACAAAAAACABgDCUUQLgRez_xP________9_jAH6zBsZ_____zcMegA8-AB4EAIAAPAxBHb1I2QP2T6PSEFvEUYAAAAAsuW0KY5M0gkqFlX-___7rQBcAQAIYNz4hbPOojso8RYGAABAQIyWvY0QNOG15ZgFelj8frPDrvG7Xeb_________38z_mX80Qk0zM2mCMPTC1fwCAgCs-QUEAGCjbgAA3gjACTkcaDodPte9XvY3Pe0-u8JzuvztGr_brnb-RYegFYPB6gTE7AAAAADc-f___8ejZW8jBE14bakHpGyrkWs1Wy5WC5ttObPNPBPXZLKw2Waj2XCxW2zPEOSn9Wp4AnufEGGZ_b6DgnJ6eswug6joelvsDqfZcxAfNAzLySCYnwlbjFaTyWY5nC0Xk8FwNByN9mcgFssBmojBcjmZLCa71Wg12gx3o9lggQRiMEEULRpMVqPRZDEZrkaT1Wy52O02iKJVq9loMxiuZpPZbrcaDobL0QhN2GK0mkw2y-FsuZgMhqPhaDREMOJw7XaT2cStshhnbtFktlwLFzaPW-KZmBYeh3Ezcw3WotfH9LENVo7haIsEA1L2InlapBPVcrOazVwTz2q2G45My9HENNxNTLPFcuFwrDaLiViiOVmkE9ll37KtRq7VbLlYLWy25cw280xck8nCZpuNZsPFbrGvOFy73WQ2cassxplbNJkt18KFzeOWeCamhcdh3Mxcg7Xo9TF9bIOVYzjaN3aDxWQ3WQ0H-8ZusJjsJqvhYN-hcgmD3YvRe9KYPTrV5y95JmxOg8JlsHh_EtNi2p0dRCff0amTqpRFndHv9_v9fr_f7_f7DVrPwWxQ-K61iLT5eBZ313D4cTAoYongIp0oPKfL3-0yOR2ev9l1evrtnrfO5TY8vBaxRGm6SCd6vWgwmoglgtNFOhG9jKeL-o8cZLGbKxajuWQxnEsGqwQAAAAAAAAAYAmmmW4CAAAA4GRQo8Votlqng1kMVqvNarkALACAdQGDAAAAAAAA7IL-S8OmYAPCKNbYYxrhOV3-bpfJ6fD8za7T02_3vHUut-HhtTIACwBfZpt9RhBrtVrWAAAABLABAAAEcNONNwFkUdz_____OAAAADJy6AEAANDvA8oCAAAAAAD4B6BCrNVqdbuxVqsVsGCGo8lwAv____8B!&cmcv=&pix=undefined&cb=1701272581264&uv=3362&tms=1701272581264&abt=adxLoadDist7-out_vC!adxsub-out_vA!adxsub-out_vB!ufm_vD&ru=https://voting.astro.com.my/&ft=0&su=3&unm=FEED_MANAGER&aure=false&agl=1&cirid=92f9187e-200f-4cde-ba6c-e26702dabae7&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Frame ID: 192BE56579DB96B81A5E440DE9CE2291
Requests: 4 HTTP requests in this frame

Frame: https://am-match.taboola.com/sync?dast=V8VUECLAa4rDSk9sQwThJwWWlI7YlhnCwAAABgYID-AElOZs7FcLdySwaDmVu0MbncEodt41ZZZrvBZOSwOFy-ISDJycy5GO5WbslgMHOLNiaXW-Kwbdwqy2w3mIwcFofLNwUfxnKZDGqBhGX2-w4KyunpMbsMoqLrbbE7nGbPG1yg6XT4XPd6nctteHjtGr_brxcNRnMAAAAA8OD___8fAgAAAEAEAAAAAAkAAAAAFAIq_FsQuAAAAACA4f___18DABQHg3V4Pi-zPwAAAACAAAAAACABgDCUUQLgRez_xP________9_jAH6zBsZ_____zcMegA8-AB4EAIAAPAxBHb1I2QP2T6PSEFvEUYAAAAAsuW0KY5M0gkqFlX-___7rQBcAQAIYNz4hbPOojso8RYGAABAQIyWvY0QNOG15ZgFelj8frPDrvG7Xeb_________38z_mX80Qk0zM2mCMPTC1fwCAgCs-QUEAGCjbgAA3gjACTkcaDodPte9XvY3Pe0-u8JzuvztGr_brnb-RYegFYPB6gTE7AAAAADc-f___8ejZW8jBE14bakHpGyrkWs1Wy5WC5ttObPNPBPXZLKw2Waj2XCxW2zPEOSn9Wp4AnufEGGZ_b6DgnJ6eswug6joelvsDqfZcxAfNAzLySCYnwlbjFaTyWY5nC0Xk8FwNByN9mcgFssBmojBcjmZLCa71Wg12gx3o9lggQRiMEEULRpMVqPRZDEZrkaT1Wy52O02iKJVq9loMxiuZpPZbrcaDobL0QhN2GK0mkw2y-FsuZgMhqPhaDREMOJw7XaT2cStshhnbtFktlwLFzaPW-KZmBYeh3Ezcw3WotfH9LENVo7haIsEA1L2InlapBPVcrOazVwTz2q2G45My9HENNxNTLPFcuFwrDaLiViiOVmkE9ll37KtRq7VbLlYLWy25cw280xck8nCZpuNZsPFbrGvOFy73WQ2cassxplbNJkt18KFzeOWeCamhcdh3Mxcg7Xo9TF9bIOVYzjaN3aDxWQ3WQ0H-8ZusJjsJqvhYN-hcgmD3YvRe9KYPTrV5y95JmxOg8JlsHh_EtNi2p0dRCff0amTqpRFndHv9_v9fr_f7_f7DVrPwWxQ-K61iLT5eBZ313D4cTAoYongIp0oPKfL3-0yOR2ev9l1evrtnrfO5TY8vBaxRGm6SCd6vWgwmoglgtNFOhG9jKeL-o8cZLGbKxajuWQxnEsGqwQAAAAAAAAAYAmmmW4CAAAA4GRQo8Votlqng1kMVqvNarkALACAdQGDAAAAAAAA7IL-S8OmYAPCKNbYYxrhOV3-bpfJ6fD8za7T02_3vHUut-HhtTIACwBfZpt9RhBrtVrWAAAABLABAAAEcNONNwFkUdz_____OAAAADJy6AEAANDvA8oCAAAAAAD4B6BCrNVqdbuxVqsVsGCGo8lwAv____8B!&excid=22&docw=0&cijs=1&nlb=false
Frame ID: 963D971172E012DF59667C4558FB4159
Requests: 4 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKvU5fQCEMaIsIIEGK3o7vgBMAE&v=APEucNX_V6J0CsrA0CbE1gNiVLhrInJmTUu6zEhcrzL6B2ZwkgPDGokmQ7h34is8ktlcDbsq9FPeu0l-92H3z_POcB5u3OiXUxtWV4hFIJI6IAT39sjNho6GEVQ8b4dY7IgAa0u2Jd_MWOMHhxkN6njShGsz-MtwFAiHyb9eemz8yi-l48pEodw
Frame ID: 2F1BE562B045320C3C9CF524E8918F35
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 5AF5F5EC3ADC7027B51DA8BE87B322EB
Requests: 9 HTTP requests in this frame

Frame: https://geo.dailymotion.com/player/xd17s.html?video=x8q120x
Frame ID: 668F083F206118C45087336090299282
Requests: 29 HTTP requests in this frame

Frame: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Frame ID: 20A33F564F95597C0793B0EFF88EA3CF
Requests: 1 HTTP requests in this frame

Frame: https://ed82c412a1d0517c38d808cdf80f705f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 830C13D71AE0CFCC87ECB47B2BE52522
Requests: 14 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLOokgEQm8iDzQIYmq_V5gEwAQ&v=APEucNUcwL68-SoI8CFrfSjVjp-bRbBatqT8sBLrzgwg1TrbDqottC4Hk4KUI-FBew3m7CBOnooVJjoaTyOWb2x-VYXCEoGudbcmzwehRmbgkXPCHfSCcWvxzZsUuefITxeib0o5n8RDJrskQNig6-9kcRnD8Fw38IyIDU7SQRZUvxI56XQZchQ
Frame ID: DE376AC2B2D3F82160A88FAED1EA3491
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: D40297481F88B026250EED78FF2FC7A7
Requests: 9 HTTP requests in this frame

Frame: https://ed82c412a1d0517c38d808cdf80f705f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 0A2BEBABF101C9BB276EE75423A0D9AF
Requests: 24 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: 6DAADA52D2B86FB255042B2DC0E6538F
Requests: 3 HTTP requests in this frame

Frame: https://am-match.taboola.com/sync?dast=V8VUECLAa4rDSk9sQwThJwWWlI7YlhnCwAAABgYID-AElOZs7FcLdySwaDmVu0MbncEodt41ZZZrvBZOSwOFy-ISDJycy5GO5WbslgMHOLNiaXW-Kwbdwqy2w3mIwcFofLNwUfxnKZDGqBhGX2-w4KyunpMbsMoqLrbbE7nGbPG1yg6XT4XPd6nctteHjtGr_brxcNRnMAAAAA8OD___8fAgAAAEAEAAAAAAkAAAAAFAIq_FsQuAAAAACA4f___18DABQHg3V4Pi-zPwAAAACAAAAAACABgDCUUQLgRez_xP________9_jAH6zBsZ_____zcMegA8-AB4EAIAAPAxBHb1I2QP2T6PSEFvEUYAAAAAsuW0KY5M0gkqFlX-___7rQBcAQAIYNz4hbPOojso8RYGAABAQIyWvY0QNOG15ZgFelj8frPDrvG7Xeb_________38z_mX80Qk0zM2mCMPTC1fwCAgCs-QUEAGCjbgAA3gjACTkcaDodPte9XvY3Pe0-u8JzuvztGr_brnb-RYegFYPB6gTE7AAAAADc-f___8ejZW8jBE14bakHpGyrkWs1Wy5WC5ttObPNPBPXZLKw2Waj2XCxW2zPEOSn9Wp4AnufEGGZ_b6DgnJ6eswug6joelvsDqfZcxAfNAzLySCYnwlbjFaTyWY5nC0Xk8FwNByN9mcgFssBmojBcjmZLCa71Wg12gx3o9lggQRiMEEULRpMVqPRZDEZrkaT1Wy52O02iKJVq9loMxiuZpPZbrcaDobL0QhN2GK0mkw2y-FsuZgMhqPhaDREMOJw7XaT2cStshhnbtFktlwLFzaPW-KZmBYeh3Ezcw3WotfH9LENVo7haIsEA1L2InlapBPVcrOazVwTz2q2G45My9HENNxNTLPFcuFwrDaLiViiOVmkE9ll37KtRq7VbLlYLWy25cw280xck8nCZpuNZsPFbrGvOFy73WQ2cassxplbNJkt18KFzeOWeCamhcdh3Mxcg7Xo9TF9bIOVYzjaN3aDxWQ3WQ0H-8ZusJjsJqvhYN-hcgmD3YvRe9KYPTrV5y95JmxOg8JlsHh_EtNi2p0dRCff0amTqpRFndHv9_v9fr_f7_f7DVrPwWxQ-K61iLT5eBZ313D4cTAoYongIp0oPKfL3-0yOR2ev9l1evrtnrfO5TY8vBaxRGm6SCd6vWgwmoglgtNFOhG9jKeL-o8cZLGbKxajuWQxnEsGqwQAAAAAAAAAYAmmmW4CAAAA4GRQo8Votlqng1kMVqvNarkALACAdQGDAAAAAAAA7IL-S8OmYAPCKNbYYxrhOV3-bpfJ6fD8za7T02_3vHUut-HhtTIACwBfZpt9RhBrtVrWAAAABLABAAAEcNONNwFkUdz_____OAAAADJy6AEAANDvA8oCAAAAAAD4B6BCrNVqdbuxVqsVsGCGo8lwAv____8B!&excid=22&docw=0&cijs=1&nlb=false
Frame ID: C2FC40225892CFE46DF5E74243A6FD59
Requests: 4 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJq9JBD1mXwYgeaU_QEwAQ&v=APEucNUcPe7DQPBG2QpKeWP3r_NfnCf3aUxDUWU9hfTHVaj200gXxfT654Gj3XtumnUlfF2oSg4UwtmGm-KgdxKGc5ZApwmkcM9zGGY1wRCBZgduZnx8Zzvt_z4woM4LoCgV4RAUgfl2nki1aQijufRXNpl4wEaEYE2bU--Zotx2PNBA6Scssw0
Frame ID: A30E2CCE5F7BDE97D96E898A13BB2E47
Requests: 4 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/11952719878557111332/index.html?e=69&leftOffset=0&topOffset=0&c=SeeFuYCFHA&t=1&renderingType=2&ev=01_250
Frame ID: A53E8B5DF315BCCA7CA97A706F024ACE
Requests: 11 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Frame ID: 513386CF5BE204DB6215A54665604B59
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: E8A284EB3869AAB3A7E189666EC956B2
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: DAB0A5187F669BDB5DD43D884340C061
Requests: 9 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.605.0_en.html
Frame ID: B1DF592656DED3C9D1EEA07DDDCB58F0
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: 4062BC02E9FF995F44D1CFFAA0415957
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: 5B58B51F216AE57E8AD334B452D635BA
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/2634629190918671081/index.html?ev=01_250
Frame ID: CDC3CBFE8C025ACDC31695CF7024D5B3
Requests: 14 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js
Frame ID: F0F23238E1B7BBF33BD4F1C5197AF62C
Requests: 1 HTTP requests in this frame

Frame: https://choices.trustarc.com/get?name=admarker-icon-tr.png
Frame ID: 434ACDE6B6F68A6D056158E853ED73F5
Requests: 1 HTTP requests in this frame

Frame: https://api.vodus.com/thirdparty-cookie-check-complete.html
Frame ID: 82CB2110F4119AFD9FC5B66BB9CE2126
Requests: 2 HTTP requests in this frame

Frame: https://api.vodus.com/v1/token/serverless?partnerCode=
Frame ID: 06C73300DEC376AC9EE4AC7FA92A212B
Requests: 2 HTTP requests in this frame

Frame: https://vodus.my/token/check?partnerCode=
Frame ID: 33663179FBEC42C41F5AB9CA354123F1
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

TikTokEmail

Page URL History Show full URLs

  1. http://voting.astro.com.my/ HTTP 301
    https://voting.astro.com.my/ Page URL
  2. https://gempak.com//404 Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • apis\.google\.com/js/platform\.js
Overall confidence: 100%
Detected patterns
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • \bangular.{0,32}\.js
Overall confidence: 100%
Detected patterns
  • <[^>]+data-react
Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • /bugsnag.*\.js
Overall confidence: 100%
Detected patterns
  • chartbeat\.js
Overall confidence: 100%
Detected patterns
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • googletagservices\.com/tag/js/gpt(?:_mobile)?\.js
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • apis\.google\.com/js/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • ([\d.]+)/jquery-ui(?:\.min)?\.js
  • jquery-ui.*\.js
Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

567
Requests

89 %
HTTPS

44 %
IPv6

82
Domains

139
Subdomains

102
IPs

9
Countries

11784 kB
Transfer

28170 kB
Size

85
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://voting.astro.com.my/ HTTP 301
    https://voting.astro.com.my/ Page URL
  2. https://gempak.com//404 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • http://voting.astro.com.my/ HTTP 301
  • https://voting.astro.com.my/
Request Chain 102
  • https://astro.demdex.net/event?d_nsid=0&d_ld=_ts%3D1701272577121&d_rtbd=json&d_jsonv=1&d_dst=1&d_cb=demdexRequestCallback_0_1701272577121&c_hash=&c_host=gempak.com&c_hostname=gempak.com&c_pathname=%2F404&c_protocol=https%3A&d_referer=https%3A%2F%2Fvoting.astro.com.my%2F&d_URL=https%3A%2F%2Fgempak.com%2F%2F404 HTTP 302
  • https://astro.demdex.net/firstevent?d_nsid=0&d_ld=_ts%3D1701272577121&d_rtbd=json&d_jsonv=1&d_dst=1&d_cb=demdexRequestCallback_0_1701272577121&c_hash=&c_host=gempak.com&c_hostname=gempak.com&c_pathname=%2F404&c_protocol=https%3A&d_referer=https%3A%2F%2Fvoting.astro.com.my%2F&d_URL=https%3A%2F%2Fgempak.com%2F%2F404
Request Chain 146
  • https://c.clarity.ms/c.gif HTTP 302
  • https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=27486D69EFB84A6098568CB07B73A916&RedC=c.clarity.ms&MXFR=3F104F5A20236419332B5C8224236AE5 HTTP 302
  • https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=27486D69EFB84A6098568CB07B73A916&MUID=25254C39A008605013DD5FE1A1086112
Request Chain 152
  • https://sb.scorecardresearch.com/c2/38465268/cs.js HTTP 302
  • https://sb.scorecardresearch.com/internal-c2/default/cs.js
Request Chain 158
  • https://pm.w55c.net/ping_match.gif?st=dmx&rurl=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D359%26dpuuid%3D_wfivefivec_ HTTP 302
  • https://pm.w55c.net/ping_match.gif?scc=1&st=dmx&rurl=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D359%26dpuuid%3D_wfivefivec_ HTTP 302
  • https://dpm.demdex.net/ibs:dpid=359&dpuuid=MDL1Q4sC1R8mIi5
Request Chain 168
  • https://image5.pubmatic.com/AdServer/usersync/usersync.html?predirect=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid=466%26dpuuid=PM_UID&userIdMacro=PM_UID HTTP 302
  • https://dpm.demdex.net/ibs:dpid=466&dpuuid=%s
Request Chain 174
  • https://cm.g.doubleclick.net/pixel?google_nid=adobe_dmp&google_cm&gdpr=0&gdpr_consent=&google_hm=NjQ3NjQ2NjE5NDk0NDY0MDE0NDM3OTUyNTAxMTY5ODg4NzY5Njg= HTTP 302
  • https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESEJgCGiSM-fyc1NeijqFyNAI&google_cver=1?gdpr=0&gdpr_consent=
Request Chain 176
  • https://pixel.everesttech.net/1/gr?url=https%3A%2F%2Fpixel.everesttech.net%2F1x1%3F HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=everest&google_cm&google_sc&ev_rs=1&google_hm=WldkY0F3QUFCU0BaQzIzOA&url=/1/gr%3furl=https%253A%252F%252Fpixel.everesttech.net%252F1x1%253F HTTP 302
  • https://cm.everesttech.net/cm/ax?cookieid=&ev_rs=1&url=/1/gr%3Furl=https%253A%252F%252Fpixel.everesttech.net%252F1x1%253F&google_gid=CAESECle4u6JpXCWj2Cakk3fs6Y&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=everest&google_cm&google_sc&ev_rs=1&url=/1x1&google_hm=WldkY0F3QUFBTEt1WWdOLQ HTTP 302
  • https://cm.everesttech.net/cm/ax?cookieid=&ev_rs=1&url=/1x1&google_gid=CAESECle4u6JpXCWj2Cakk3fs6Y&google_cver=1 HTTP 302
  • https://pixel.everesttech.net/1x1
Request Chain 178
  • https://pixel.everesttech.net/1/gr?url=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537072980%26val%3D__EFGSURFER__.__EFGCK__ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=everest&google_cm&google_sc&ev_rs=1&google_hm=WldkYjh3QUFCWG9COWhOTQ&url=/1/gr%3furl=https%253A%252F%252Fus-u.openx.net%252Fw%252F1.0%252Fsd%253Fid%253D537072980%2526val%253D__EFGSURFER__.__EFGCK__ HTTP 302
  • https://cm.everesttech.net/cm/ax?cookieid=&ev_rs=1&url=/1/gr%3Furl=https%253A%252F%252Fus-u.openx.net%252Fw%252F1.0%252Fsd%253Fid%253D537072980%2526val%253D__EFGSURFER__.__EFGCK__&google_gid=CAESECle4u6JpXCWj2Cakk3fs6Y&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=everest&google_cm&google_sc&ev_rs=1&url=/1x1&google_hm=WldkY0F3QUFBTjNDQXdObg HTTP 302
  • https://cm.everesttech.net/cm/ax?cookieid=&ev_rs=1&url=/1x1&google_gid=CAESECle4u6JpXCWj2Cakk3fs6Y&google_cver=1 HTTP 302
  • https://pixel.everesttech.net/1x1
Request Chain 180
  • https://pixel.everesttech.net/1/gr?url=https%3A%2F%2Fib.adnxs.com%2Fpxj%3Faction%3Dsetuid(%27__EFGSURFER__.__EFGCK__%27)%26bidder%3D51%26seg%3D2634060der%3D51%26seg%3D2634060 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=everest&google_cm&google_sc&ev_rs=1&google_hm=WldkY0F3QUFBSHFGOHh3Rg&url=/1/gr%3furl=https%253A%252F%252Fib.adnxs.com%252Fpxj%253Faction%253Dsetuid(%2527__EFGSURFER__.__EFGCK__%2527)%2526bidder%253D51%2526seg%253D2634060der%253D51%2526seg%253D2634060 HTTP 302
  • https://cm.everesttech.net/cm/ax?cookieid=&ev_rs=1&url=/1/gr%3Furl=https%253A%252F%252Fib.adnxs.com%252Fpxj%253Faction%253Dsetuid(%2527__EFGSURFER__.__EFGCK__%2527)%2526bidder%253D51%2526seg%253D2634060der%253D51%2526seg%253D2634060&google_gid=CAESECle4u6JpXCWj2Cakk3fs6Y&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=everest&google_cm&google_sc&ev_rs=1&url=/1x1&google_hm=WldkY0F3QUFBR3hLTWdONg HTTP 302
  • https://cm.everesttech.net/cm/ax?cookieid=&ev_rs=1&url=/1x1&google_gid=CAESECle4u6JpXCWj2Cakk3fs6Y&google_cver=1 HTTP 302
  • https://pixel.everesttech.net/1x1
Request Chain 181
  • https://pixel.everesttech.net/1/gr?url=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fexpires%3D30%26nid%3D2181%26put%3D__EFGSURFER__.__EFGCK__%26v%3D11782 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=everest&google_cm&google_sc&ev_rs=1&google_hm=WldkY0F3QUFBUWNQLVdGTQ&url=/1/gr%3furl=https%253A%252F%252Fpixel.rubiconproject.com%252Ftap.php%253Fexpires%253D30%2526nid%253D2181%2526put%253D__EFGSURFER__.__EFGCK__%2526v%253D11782 HTTP 302
  • https://cm.everesttech.net/cm/ax?cookieid=&ev_rs=1&url=/1/gr%3Furl=https%253A%252F%252Fpixel.rubiconproject.com%252Ftap.php%253Fexpires%253D30%2526nid%253D2181%2526put%253D__EFGSURFER__.__EFGCK__%2526v%253D11782&google_gid=CAESECle4u6JpXCWj2Cakk3fs6Y&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=everest&google_cm&google_sc&ev_rs=1&url=/1x1&google_hm=WldkY0F3QUFBRjd2MmdOZQ HTTP 302
  • https://cm.everesttech.net/cm/ax?cookieid=&ev_rs=1&url=/1x1&google_gid=CAESECle4u6JpXCWj2Cakk3fs6Y&google_cver=1 HTTP 302
  • https://pixel.everesttech.net/1x1
Request Chain 182
  • https://pixel.everesttech.net/1/gr?url=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI2NjgmdGw9NDMyMDA%3D%26piggybackCookie%3D__EFGSURFER__.__EFGCK__ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=everest&google_cm&google_sc&ev_rs=1&google_hm=WldkY0F3QUFCUFRxd1hUQw&url=/1/gr%3furl=https%253A%252F%252Fimage2.pubmatic.com%252FAdServer%252FPug%253Fvcode%253Dbz0yJnR5cGU9MSZjb2RlPTI2NjgmdGw9NDMyMDA%253D%2526piggybackCookie%253D__EFGSURFER__.__EFGCK__ HTTP 302
  • https://cm.everesttech.net/cm/ax?cookieid=&ev_rs=1&url=/1/gr%3Furl=https%253A%252F%252Fimage2.pubmatic.com%252FAdServer%252FPug%253Fvcode%253Dbz0yJnR5cGU9MSZjb2RlPTI2NjgmdGw9NDMyMDA%253D%2526piggybackCookie%253D__EFGSURFER__.__EFGCK__&google_gid=CAESECle4u6JpXCWj2Cakk3fs6Y&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=everest&google_cm&google_sc&ev_rs=1&url=/1x1&google_hm=WldkY0F3QUFBSXVpRUFOeA HTTP 302
  • https://cm.everesttech.net/cm/ax?cookieid=&ev_rs=1&url=/1x1&google_gid=CAESECle4u6JpXCWj2Cakk3fs6Y&google_cver=1 HTTP 302
  • https://pixel.everesttech.net/1x1
Request Chain 183
  • https://pixel.everesttech.net/1/gr?url=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D71%26external_user_id%3D__EFGSURFER__.__EFGCK__ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=everest&google_cm&google_sc&ev_rs=1&google_hm=WldkY0F3QUFCUm9UQ2wzbA&url=/1/gr%3furl=https%253A%252F%252Fdsum-sec.casalemedia.com%252Frum%253Fcm_dsp_id%253D71%2526external_user_id%253D__EFGSURFER__.__EFGCK__ HTTP 302
  • https://cm.everesttech.net/cm/ax?cookieid=&ev_rs=1&url=/1/gr%3Furl=https%253A%252F%252Fdsum-sec.casalemedia.com%252Frum%253Fcm_dsp_id%253D71%2526external_user_id%253D__EFGSURFER__.__EFGCK__&google_gid=CAESECle4u6JpXCWj2Cakk3fs6Y&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=everest&google_cm&google_sc&ev_rs=1&url=/1x1&google_hm=WldkY0F3QUFBSjFLUkFONg HTTP 302
  • https://cm.everesttech.net/cm/ax?cookieid=&ev_rs=1&url=/1x1&google_gid=CAESECle4u6JpXCWj2Cakk3fs6Y&google_cver=1 HTTP 302
  • https://pixel.everesttech.net/1x1
Request Chain 184
  • https://ps.eyeota.net/match?bid=6j5b2cv&uid=64764661949446401443795250116988876968&r=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D30064%26dpuuid%3D%7BUUID_6j5b2cv%7D HTTP 302
  • https://dpm.demdex.net/ibs:dpid=30064&dpuuid=%7BUUID_6j5b2cv%7D
Request Chain 185
  • https://cm.everesttech.net/cm/yh HTTP 302
  • https://ads.yahoo.com/cms/v1?nwid=10001117525&eid=ZWdcAwAAAFmh6wNx&sigv=1
Request Chain 186
  • https://sync.crwdcntrl.net/map/c=9828/tp=ADBE/gdpr=0/gdpr_consent=/tpid=64764661949446401443795250116988876968?https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D121998%26dpuuid%3D${profile_id} HTTP 302
  • https://dpm.demdex.net/ibs:dpid=121998&dpuuid=
Request Chain 187
  • https://synchroscript.deliveryengine.adswizz.com/getUID?curl=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D175765%26dpuuid%3D%24%7BUID%7D HTTP 302
  • https://dpm.demdex.net/ibs:dpid=175765&dpuuid=f2a9adf355ee9e811281f40bcb380e96
Request Chain 239
  • https://oajs.openx.net/esp?url=https%3A%2F%2Fgempak.com%2F%2F404&rid=esp HTTP 302
  • https://oajs.openx.net/esp?url=https%3A%2F%2Fgempak.com%2F%2F404&rid=esp&cc=1
Request Chain 275
  • https://gum.criteo.com/sid/json?origin=publishertagids&domain=gempak.com&sn=ChromeSyncframe&so=0&topUrl=gempak.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
  • https://mug.criteo.com/sid?cpp=EV08AXxVUmVEbkZnbDZUOXNaYlNhaFArcjZYUVlZTTUrQ0NBYXNRVjRXQUR2ODIyK0pDaVZEWGJVRGltam9UeTVtWmcrdXE3ME1CbkNYbkxTc1JKZ21ldm1HeFlHdzhwVDBWaUJONmRrV3NGWkx4M3EzRlZ6R0d2RjdFWlFFQmNSNk5NOXZvUmxLWkRUVWl4V1MrRnU3Mi9SUlplTUZuU3JBNGFNM2FabEp3cUx2bTY5VTFtYU9tclpRQ2dVMG9JTHZsNUlEdDNJZmVqRmxySS9lOXdaZTZiTDJjWGxFdWkzRWVuTUtWZVNIQlV2QlpWbEV4bDdoOHV2V0hWL25nTWVFVHlvUGppM3JXdmIxMlBhQU8yOE0ya3ljdz09fA&cppv=2
Request Chain 312
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOVFXV8y5O1xPlFRx05rvIM&google_cver=1 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOVFXV8y5O1xPlFRx05rvIM&google_cver=1&C=1
Request Chain 313
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZWdcBUtCWPWW8A49-h1MfwAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOVFXV8y5O1xPlFRx05rvIM&google_cver=1
Request Chain 314
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEH-uGm0Mw5W79YPyyBP8pZY&google_cver=1 HTTP 307
  • https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEH-uGm0Mw5W79YPyyBP8pZY%26google_cver%3D1
Request Chain 315
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODkwNDUxMTQxNjc3MzE5ODA0NQ%3D%3D
Request Chain 354
  • https://a.tribalfusion.com/i.match?p=b6&u=CAESEIhNixn0RCxyTMxdZUPIAfw&google_cver=1&google_push=AXcoOmSOKbTs9sr-FbHLE4JFNmkNgHhgkNgaLD-IWsMaZtiOsWHjLZwvTHWU_qciIIpE8SwR-065d1K4uxOZuysC4APOlxBzXq1juQ&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmSOKbTs9sr-FbHLE4JFNmkNgHhgkNgaLD-IWsMaZtiOsWHjLZwvTHWU_qciIIpE8SwR-065d1K4uxOZuysC4APOlxBzXq1juQ%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 HTTP 302
  • https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEIhNixn0RCxyTMxdZUPIAfw&google_cver=1&google_push=AXcoOmSOKbTs9sr-FbHLE4JFNmkNgHhgkNgaLD-IWsMaZtiOsWHjLZwvTHWU_qciIIpE8SwR-065d1K4uxOZuysC4APOlxBzXq1juQ&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmSOKbTs9sr-FbHLE4JFNmkNgHhgkNgaLD-IWsMaZtiOsWHjLZwvTHWU_qciIIpE8SwR-065d1K4uxOZuysC4APOlxBzXq1juQ%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Request Chain 357
  • https://d5p.de17a.com/cookies/google?google_gid=CAESEB1yI3lB8z0_g8ZUffyzhdA&google_cver=1&google_push=AXcoOmQwNQpPUei63rnKxxR3zPUhoJy-3C8wJyyZfJSA_2WHfUpmRy1i9ukC1RGK8opFYfkk9nvCjwFQLGeD6f3HMf_Vww6XTArJ2A HTTP 302
  • https://d5p.de17a.com/cookies/google;c?google_gid=CAESEB1yI3lB8z0_g8ZUffyzhdA&google_cver=1&google_push=AXcoOmQwNQpPUei63rnKxxR3zPUhoJy-3C8wJyyZfJSA_2WHfUpmRy1i9ukC1RGK8opFYfkk9nvCjwFQLGeD6f3HMf_Vww6XTArJ2A HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AXcoOmQwNQpPUei63rnKxxR3zPUhoJy-3C8wJyyZfJSA_2WHfUpmRy1i9ukC1RGK8opFYfkk9nvCjwFQLGeD6f3HMf_Vww6XTArJ2A
Request Chain 360
  • https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESEBVXp2VgYbdNoz_pIxsX2Hw&google_cver=1&google_push=AXcoOmRcIfMrZEfHhRQR05TDD9RRNiq_ME5uJMMb6NIz39dNuWBsy-QkIE_fyF_JMtcpiotS0PXyQxrDrB9cZeu_6O53pjoWY48o8Q HTTP 302
  • https://sync.1rx.io/usersync2/rmpssp?sub=google&zcc=1&google_push=AXcoOmRcIfMrZEfHhRQR05TDD9RRNiq_ME5uJMMb6NIz39dNuWBsy-QkIE_fyF_JMtcpiotS0PXyQxrDrB9cZeu_6O53pjoWY48o8Q&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&cb=1701272581754 HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-ba0268cc-3c37-4ea0-99bf-0c55379bd839-003?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DAXcoOmRcIfMrZEfHhRQR05TDD9RRNiq_ME5uJMMb6NIz39dNuWBsy-QkIE_fyF_JMtcpiotS0PXyQxrDrB9cZeu_6O53pjoWY48o8Q%26google_hm%3DA7oCaMw8N06gmb8MVTeb2Dk HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AXcoOmRcIfMrZEfHhRQR05TDD9RRNiq_ME5uJMMb6NIz39dNuWBsy-QkIE_fyF_JMtcpiotS0PXyQxrDrB9cZeu_6O53pjoWY48o8Q&google_hm=A7oCaMw8N06gmb8MVTeb2Dk
Request Chain 388
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESECIRMpvF2_ifHUEBaXKDWaw&google_cver=1
Request Chain 390
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm HTTP 302
  • https://sync.teads.tv/um?eid=3&uid=CAESEBVg_mTPoTMufdHPzPYPe00&google_cver=1
Request Chain 423
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEJ5VQ1vjurBx7TfZQB6MOvw&google_cver=1&google_push=AXcoOmSoion6L55lemDg5WcZMDX344O5udfADiSefjAllEkw-fzYeQlOskjdjPLVQhXcFdj5HVMysq_GMSKf7jHC7ax697BYzbGL1Q HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TFBKWFJQVEktMTctRTlZOA==&google_push=AXcoOmSoion6L55lemDg5WcZMDX344O5udfADiSefjAllEkw-fzYeQlOskjdjPLVQhXcFdj5HVMysq_GMSKf7jHC7ax697BYzbGL1Q
Request Chain 424
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESELzXXAGed9eST4mTEeEPsr8&google_cver=1&google_push=AXcoOmT0l94fF3exc9zVlsClpaU95YNNZKAVL8znxphlGma1TmN4iW7kB_f6UZzV3E1JYM2qSqbSCbuM-ErbWdrLpVYh4HkZPAOr HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESELzXXAGed9eST4mTEeEPsr8&google_hm=ZWdcBUtCWPWW8A49_h1MfwAAFC0AAAAB&google_nid=index&google_push=AXcoOmT0l94fF3exc9zVlsClpaU95YNNZKAVL8znxphlGma1TmN4iW7kB_f6UZzV3E1JYM2qSqbSCbuM-ErbWdrLpVYh4HkZPAOr
Request Chain 425
  • https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEBJrsgCeAygSjS5SaLfUOQc&google_cver=1&google_push=AXcoOmRYm6UFCReZq3Zr60f1fkHuAT8t4L3jSr4h8SLWprXpcmuy6OapPhZp05hUFkC-BZgUSY163kxN5fJgfd6BtWGQvcfeBanpig HTTP 302
  • https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=1&gdpr_consent=&us_privacy=&sync=1&google_push=AXcoOmRYm6UFCReZq3Zr60f1fkHuAT8t4L3jSr4h8SLWprXpcmuy6OapPhZp05hUFkC-BZgUSY163kxN5fJgfd6BtWGQvcfeBanpig&google_gid=CAESEBJrsgCeAygSjS5SaLfUOQc HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTk5NTQ1MTM1MTY0Mjc2Mjg3MDM3OQ%3D%3D&google_push=AXcoOmRYm6UFCReZq3Zr60f1fkHuAT8t4L3jSr4h8SLWprXpcmuy6OapPhZp05hUFkC-BZgUSY163kxN5fJgfd6BtWGQvcfeBanpig
Request Chain 438
  • https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_cm&google_dbm HTTP 302
  • https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESEAvmhzOp4cQysgLTJUcnCTw&google_cver=1
Request Chain 481
  • https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESECBJk1cTyYWaGV_DyjD9pR0&google_cver=1&google_push=AXcoOmSBDUD7jA24Zy5c_l21PjEsx16FXuaQSkl99gLu0MLijrwN49twPhlWovNcaC8tbQXg1BWwaCZcVJ0JKBjvFed63A1KXydK HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmSBDUD7jA24Zy5c_l21PjEsx16FXuaQSkl99gLu0MLijrwN49twPhlWovNcaC8tbQXg1BWwaCZcVJ0JKBjvFed63A1KXydK&google_hm=eS10eFRQUnhoRTJwRWk2cFhZZ1FqYkguVFhvOTlMZkcwbH5B
Request Chain 482
  • https://dis.criteo.com/dis/usersync.aspx?r=4&p=14&cp=google&cu=1&url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcjp%26google_hm%3D%40%40CRITEO_USERID%40%40%26google_push%3DAXcoOmTk4Fw-OxxubefF-uA-jpui91qLOJaEC7VgcQu-bQuXOzkatL4Ej0z8_T6wJmGzMj8VX90ixTT-3O6sWJcodN9lU1lqRX7r&google_gid=CAESEE89euh3-4xDZhT5jRWEFYU&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_hm=k-sTcG0mTRkSOukBPx2Y_auABiHqmEd-wGPZrj5A&google_push=AXcoOmTk4Fw-OxxubefF-uA-jpui91qLOJaEC7VgcQu-bQuXOzkatL4Ej0z8_T6wJmGzMj8VX90ixTT-3O6sWJcodN9lU1lqRX7r
Request Chain 483
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESELzXXAGed9eST4mTEeEPsr8&google_cver=1&google_push=AXcoOmT6QdkBut7wecnxwXrH3w1cBomPLiRlIvrvJLPZTYzlJzoyEZDkF7SFZnY3PvmGnpy8t23FXiEwG0pnGS2ri5Pghce37Hmg HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESELzXXAGed9eST4mTEeEPsr8&google_hm=ZWdcBUtCWPWW8A49_h1MfwAAFC0AAAAB&google_nid=index&google_push=AXcoOmT6QdkBut7wecnxwXrH3w1cBomPLiRlIvrvJLPZTYzlJzoyEZDkF7SFZnY3PvmGnpy8t23FXiEwG0pnGS2ri5Pghce37Hmg
Request Chain 484
  • https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEBJrsgCeAygSjS5SaLfUOQc&google_cver=1&google_push=AXcoOmTH5KznVhPI2O09FgZ9b_ClJbJdkpgwl_RrHqRmwnxMljKqjobCHE8MF9lg3-vYJA1ryW3fKWAfR7GZwcI3-ZoZKN5pltbD HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTk5NTQ1MTM1MTY0Mjc2Mjg3MDM3OQ%3D%3D&google_push=AXcoOmTH5KznVhPI2O09FgZ9b_ClJbJdkpgwl_RrHqRmwnxMljKqjobCHE8MF9lg3-vYJA1ryW3fKWAfR7GZwcI3-ZoZKN5pltbD
Request Chain 568
  • https://ads.aralego.com/cookiesync HTTP 301
  • https://cdn.aralego.net/ucfad/sdk/us-east/cookiesync

567 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
voting.astro.com.my/
Redirect Chain
  • http://voting.astro.com.my/
  • https://voting.astro.com.my/
5 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://voting.astro.com.my/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2240:7600:c:9855:b600:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
75a19e0f4b17cc211c54d0b882a5baddefe9ab6e4535bbd368eb9d18fb24efc7

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-encoding
gzip
content-type
text/html
date
Wed, 29 Nov 2023 15:42:53 GMT
etag
W/"2d546d0b0c80e29a3120c0e168862472"
last-modified
Mon, 26 Jun 2023 11:22:49 GMT
server
AmazonS3
vary
Accept-Encoding
via
1.1 5743d3ff81b625f69ad8b8e32fc9c412.cloudfront.net (CloudFront)
x-amz-cf-id
tMz8Mf1DkFRDCUB1W6_TSiLVqruzqtYnuUMCwzABAnftI6Y3vIfzSw==
x-amz-cf-pop
FRA60-P1
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront

Redirect headers

Connection
keep-alive
Content-Length
167
Content-Type
text/html
Date
Wed, 29 Nov 2023 15:42:51 GMT
Location
https://voting.astro.com.my/
Server
CloudFront
Via
1.1 b04a6cb0bde4a78c29099913e07f9056.cloudfront.net (CloudFront)
X-Amz-Cf-Id
OTzFVcLeNkXAn4tcy15PhJmHrlopypT-OIeuctf9s3jTlZik_XD-GQ==
X-Amz-Cf-Pop
FRA60-P1
X-Cache
Redirect from cloudfront
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		91 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: voting.astro.com.my
URL: https://voting.astro.com.my/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9f69cafbf765b3d08dbf7311af29392bb3a12235d932565e34994ce8e201e4bf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://voting.astro.com.my/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 29 Nov 2023 15:42:52 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29994
x-xss-protection
0
server
cafe
etag
668 / 19690 / m202311150101 / config-hash: 2176564774933884501
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Wed, 29 Nov 2023 15:42:52 GMT
loader.gif
voting.astro.com.my/images/ 		79 KB
79 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://voting.astro.com.my/images/loader.gif
Requested by
Host: voting.astro.com.my
URL: https://voting.astro.com.my/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2240:7600:c:9855:b600:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
766a45ec415e28fdddbcaecf2b36b6aaa6a31dd5326a5fcd3b75b6a34b46ccae

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://voting.astro.com.my/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 29 Nov 2023 15:42:54 GMT
via
1.1 5743d3ff81b625f69ad8b8e32fc9c412.cloudfront.net (CloudFront)
last-modified
Wed, 14 Jun 2023 05:51:48 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P1
etag
"e5479cc255dc703eb00eb8259d10e64d"
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
content-type
image/gif
accept-ranges
bytes
content-length
80711
x-amz-cf-id
Qfm9fSlQnKNix_-uxGy1SHSV-CXhb5H6tTg-an-pIFSCLkDfZFkA5Q==
1662813831-1662009476-banner.jpeg
voting.astro.com.my/public/images/vote-banner/ 		257 KB
257 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://voting.astro.com.my/public/images/vote-banner/1662813831-1662009476-banner.jpeg
Requested by
Host: voting.astro.com.my
URL: https://voting.astro.com.my/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2240:7600:c:9855:b600:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
2d8e760ea95920acc0a7e8d74d86beba9ac0e83766654c42f316e3eb7a9faf8e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://voting.astro.com.my/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 29 Nov 2023 15:42:54 GMT
via
1.1 5743d3ff81b625f69ad8b8e32fc9c412.cloudfront.net (CloudFront)
last-modified
Sat, 10 Sep 2022 12:43:52 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P1
etag
"28c45795b5e14749708511f14624c759"
x-cache
Miss from cloudfront
content-type
image/jpeg
accept-ranges
bytes
content-length
262700
x-amz-cf-id
2HuH8zXmwiwEwnqmDmYT7AB8TD9elmDfTw1VcmfEKgKoLhsUYiu-8w==
1662813835-1662009476-banner.jpeg
voting.astro.com.my/public/images/vote-banner/ 		257 KB
257 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://voting.astro.com.my/public/images/vote-banner/1662813835-1662009476-banner.jpeg
Requested by
Host: voting.astro.com.my
URL: https://voting.astro.com.my/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2240:7600:c:9855:b600:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
2d8e760ea95920acc0a7e8d74d86beba9ac0e83766654c42f316e3eb7a9faf8e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://voting.astro.com.my/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 29 Nov 2023 15:42:54 GMT
via
1.1 5743d3ff81b625f69ad8b8e32fc9c412.cloudfront.net (CloudFront)
last-modified
Sat, 10 Sep 2022 12:43:56 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P1
etag
"28c45795b5e14749708511f14624c759"
x-cache
Miss from cloudfront
content-type
image/jpeg
accept-ranges
bytes
content-length
262700
x-amz-cf-id
YGg8FKlii8yblAzAPhxfj9zdOjcXmcvn4h1p7N_Q6dM8e0feZgAdPA==
logo.svg
voting-service.eco.astro.com.my/images/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://voting-service.eco.astro.com.my/images/logo.svg
Requested by
Host: voting.astro.com.my
URL: https://voting.astro.com.my/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.138.19.42 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-138-19-42.ap-southeast-1.compute.amazonaws.com
Software
/
Resource Hash
ae7c001d6239fe40aaf2b30601eb2def5125339cbc93a5002b0e03beea354044
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://voting.astro.com.my/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 29 Nov 2023 15:42:53 GMT
strict-transport-security
max-age=15552000; includeSubDomains
x-content-type-options
nosniff
last-modified
Tue, 08 Aug 2023 05:39:53 GMT
etag
W/"2385-189d3a8ab3f"
x-download-options
noopen
x-dns-prefetch-control
off
x-frame-options
SAMEORIGIN
content-type
image/svg+xml
cache-control
public, max-age=0
accept-ranges
bytes
content-length
9093
x-xss-protection
1; mode=block
x-request-id
f3fe66ff-5c02-4182-9a57-d8df8017d2a9
1687102289-LAGU%20AUDIO%20-%20Sampai%20Bila%20Nak%20Jadi%20Munafik.png
voting.astro.com.my/public/images/vote-banner/ 		328 KB
329 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://voting.astro.com.my/public/images/vote-banner/1687102289-LAGU%20AUDIO%20-%20Sampai%20Bila%20Nak%20Jadi%20Munafik.png
Requested by
Host: voting.astro.com.my
URL: https://voting.astro.com.my/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2240:7600:c:9855:b600:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://voting.astro.com.my/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 29 Nov 2023 15:42:54 GMT
via
1.1 5743d3ff81b625f69ad8b8e32fc9c412.cloudfront.net (CloudFront)
last-modified
Sun, 18 Jun 2023 15:31:30 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P1
etag
"40f66e5ca36227484da04f7544a508fe"
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
336332
x-amz-cf-id
VP8Q42VwRvyotT-Ig70cIB2cXMV5Ftwqg5kydCXeltpU7yxZPnJnWQ==
1687102269-LAGU%20AUDIO%20-%20ASYIK%20CUTI%20CUTI%20CUTI.png
voting.astro.com.my/public/images/vote-banner/ 		327 KB
328 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://voting.astro.com.my/public/images/vote-banner/1687102269-LAGU%20AUDIO%20-%20ASYIK%20CUTI%20CUTI%20CUTI.png
Requested by
Host: voting.astro.com.my
URL: https://voting.astro.com.my/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2240:7600:c:9855:b600:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://voting.astro.com.my/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 29 Nov 2023 15:42:54 GMT
via
1.1 5743d3ff81b625f69ad8b8e32fc9c412.cloudfront.net (CloudFront)
last-modified
Sun, 18 Jun 2023 15:31:10 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P1
etag
"e5d411faebedd199ff7c5352615bec9e"
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
334818
x-amz-cf-id
wWSTMQmJ8Bqgr-JlgjLYy52C6ziuxCpTCmvMbAGDXcSE2oCZg7cv5w==
jquery.min.js
voting.astro.com.my/js/ 		86 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://voting.astro.com.my/js/jquery.min.js
Requested by
Host: voting.astro.com.my
URL: https://voting.astro.com.my/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2240:7600:c:9855:b600:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
05e901ea0028be5abc05c4848ae43c54636ca34ebf906de8eea96b1f721069b7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://voting.astro.com.my/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 29 Nov 2023 15:42:54 GMT
content-encoding
gzip
via
1.1 5743d3ff81b625f69ad8b8e32fc9c412.cloudfront.net (CloudFront)
last-modified
Wed, 14 Jun 2023 05:51:48 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P1
etag
W/"b12bc4f2a841a2085c43bd7c1c30b738"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/javascript
x-amz-cf-id
bTmSC1hwsrCSAJngx8rAADMs2FOgKfIx98_m_sELhuYQkyoGV9KfCQ==
popper.min.js
voting.astro.com.my/js/ 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://voting.astro.com.my/js/popper.min.js
Requested by
Host: voting.astro.com.my
URL: https://voting.astro.com.my/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2240:7600:c:9855:b600:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a749ae28e3ba47b2bec3dc1f613f1a6266ff6b007a3b1106a09b54ff0362242a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://voting.astro.com.my/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 29 Nov 2023 15:42:54 GMT
content-encoding
gzip
via
1.1 5743d3ff81b625f69ad8b8e32fc9c412.cloudfront.net (CloudFront)
last-modified
Wed, 14 Jun 2023 05:51:48 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P1
etag
W/"ff780e856ae3bfac781093a67b608201"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/javascript
x-amz-cf-id
o05Xn8lAIl2g5GuomZFb6tB4B0NaRzsI9F_O4oO2_u0DPIrotnSW5w==
bootstrap.min.js
voting.astro.com.my/js/ 		57 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://voting.astro.com.my/js/bootstrap.min.js
Requested by
Host: voting.astro.com.my
URL: https://voting.astro.com.my/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2240:7600:c:9855:b600:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
96f730c216303e7b314b05ddcaf416d14b09197b71e1c6b4f063cae4f4c430d6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://voting.astro.com.my/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 29 Nov 2023 15:42:54 GMT
content-encoding
gzip
via
1.1 5743d3ff81b625f69ad8b8e32fc9c412.cloudfront.net (CloudFront)
last-modified
Wed, 14 Jun 2023 05:51:48 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P1
etag
W/"ba2f0b8e79ee8323ad1e8d6dc34bc782"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/javascript
x-amz-cf-id
JZbL8FM_Lmrx3oabsTO7FzFh4v70JVqEAIsS3wfjC9oNg4Q279l5Zg==
angular.min.js
voting.astro.com.my/js/ 		172 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://voting.astro.com.my/js/angular.min.js
Requested by
Host: voting.astro.com.my
URL: https://voting.astro.com.my/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2240:7600:c:9855:b600:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
9e0033f4590f9c6acd5dadaa57cb1e9a4026f8c4c5ab8bac1f1c3b883260aaa0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://voting.astro.com.my/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 29 Nov 2023 15:42:54 GMT
content-encoding
gzip
via
1.1 5743d3ff81b625f69ad8b8e32fc9c412.cloudfront.net (CloudFront)
last-modified
Wed, 14 Jun 2023 05:51:48 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P1
etag
W/"dfffc35ea94d68ff812d1a5305ec02bb"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/javascript
x-amz-cf-id
Qfwme4QnajhdoE4ztRc59R_uJ0W4UIPwLYQogKIhh63gGl6wlSTEoQ==
angular-animate.min.js
voting.astro.com.my/js/ 		26 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://voting.astro.com.my/js/angular-animate.min.js
Requested by
Host: voting.astro.com.my
URL: https://voting.astro.com.my/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2240:7600:c:9855:b600:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
daef08274cc0cf1285278070175d965c2ea873a3ed6b279e51b3b9681d1272e3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://voting.astro.com.my/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 29 Nov 2023 15:42:54 GMT
content-encoding
gzip
via
1.1 5743d3ff81b625f69ad8b8e32fc9c412.cloudfront.net (CloudFront)
last-modified
Wed, 14 Jun 2023 05:51:48 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P1
etag
W/"8e70b6174f4e97826403da8308c3a227"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/javascript
x-amz-cf-id
wrIZN4HpwWd9T8ILGMrN3VQivpS9gvI8XNFyh6fKosRgEHiK9Z8-UA==
angular-sanitize.min.js
voting.astro.com.my/js/ 		7 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://voting.astro.com.my/js/angular-sanitize.min.js
Requested by
Host: voting.astro.com.my
URL: https://voting.astro.com.my/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2240:7600:c:9855:b600:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
70501f0933c5e5b1707402251ca4dbf3fe8b82edc7310bf3bb19b46254feb27d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://voting.astro.com.my/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 29 Nov 2023 15:42:54 GMT
content-encoding
gzip
via
1.1 5743d3ff81b625f69ad8b8e32fc9c412.cloudfront.net (CloudFront)
last-modified
Wed, 14 Jun 2023 05:51:48 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P1
etag
W/"9cd65a5db6ac46691210995f307f3433"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/javascript
x-amz-cf-id
gT1g_TjFBfCVIHi_1BYgzmsWQUnvmzN7C4zEAPSg_ML2DSB4MVn06g==
angular-cookies.min.js
voting.astro.com.my/js/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://voting.astro.com.my/js/angular-cookies.min.js
Requested by
Host: voting.astro.com.my
URL: https://voting.astro.com.my/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2240:7600:c:9855:b600:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
9a54bafa76694e249ef4055bdb2e2ecaf66508088c4749904b6ccb98c7d4e3b8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://voting.astro.com.my/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 29 Nov 2023 15:42:54 GMT
content-encoding
gzip
via
1.1 5743d3ff81b625f69ad8b8e32fc9c412.cloudfront.net (CloudFront)
last-modified
Wed, 14 Jun 2023 05:51:48 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P1
etag
W/"0e6a2bee5db08ec4ca6ce408cbe21c44"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/javascript
x-amz-cf-id
JNjJiMaQAYaJTMIOI1L3BDAfnYVosIDSNKXkKmBd2IENq3cAZZQdaA==
angular-translate.min.js
voting.astro.com.my/js/ 		24 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://voting.astro.com.my/js/angular-translate.min.js
Requested by
Host: voting.astro.com.my
URL: https://voting.astro.com.my/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2240:7600:c:9855:b600:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
77e2e2edd702ec91a3b942ed160daa624b6bf5c5bf05fb96c401b04fedfcc2b0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://voting.astro.com.my/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 29 Nov 2023 15:42:54 GMT
content-encoding
gzip
via
1.1 5743d3ff81b625f69ad8b8e32fc9c412.cloudfront.net (CloudFront)
last-modified
Wed, 14 Jun 2023 05:51:48 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P1
etag
W/"670f554f1ec0dd55b05b1dc31ebf37f1"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/javascript
x-amz-cf-id
Jq5fWSPZwosYxajYzlvUnTXSnuqOInWHbriUQzWfJAcDGuICNorxSw==
jquery-ui.min.js
voting.astro.com.my/js/ 		248 KB
68 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://voting.astro.com.my/js/jquery-ui.min.js
Requested by
Host: voting.astro.com.my
URL: https://voting.astro.com.my/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2240:7600:c:9855:b600:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
10541cb493220a5249f490488fc449d4580bde3a7d1923293f1b3aa2f636b0b1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://voting.astro.com.my/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 29 Nov 2023 15:42:54 GMT
content-encoding
gzip
via
1.1 5743d3ff81b625f69ad8b8e32fc9c412.cloudfront.net (CloudFront)
last-modified
Wed, 14 Jun 2023 05:51:48 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P1
etag
W/"489a0fc7a35a93b831feb240968bdf25"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/javascript
x-amz-cf-id
t7v-feSaK1UWkz0NEe5dyBIuQDasRqxeRljWbpEGTHAGzGed6TMGXA==
main.js
voting.astro.com.my/js/ 		10 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://voting.astro.com.my/js/main.js
Requested by
Host: voting.astro.com.my
URL: https://voting.astro.com.my/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2240:7600:c:9855:b600:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
75bacafffa45b1ed4d5752e229064adb519bbf2b0d49703d351b341b0babb355

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://voting.astro.com.my/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 29 Nov 2023 15:42:54 GMT
content-encoding
gzip
via
1.1 5743d3ff81b625f69ad8b8e32fc9c412.cloudfront.net (CloudFront)
last-modified
Wed, 14 Jun 2023 05:51:48 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P1
etag
W/"a852e57fe2cce1866b427ca52a5aa93b"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/javascript
x-amz-cf-id
dSfk1SEexaB2lLnnQjYGcdjy3hPGOgTS3Jt0evKLeS9FcsHWV52wkQ==
language.js
voting.astro.com.my/js/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://voting.astro.com.my/js/language.js
Requested by
Host: voting.astro.com.my
URL: https://voting.astro.com.my/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2240:7600:c:9855:b600:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
7c23b19c471ad7ca4de13063af7e15d02b7f10917a8e3446f69158927ccdc109

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://voting.astro.com.my/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 29 Nov 2023 15:42:54 GMT
content-encoding
gzip
via
1.1 5743d3ff81b625f69ad8b8e32fc9c412.cloudfront.net (CloudFront)
last-modified
Wed, 14 Jun 2023 05:51:48 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P1
etag
W/"1aea91fc752d86ae06aef541ba47a9f4"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/javascript
x-amz-cf-id
uSNk5TaUo00SmUm1M7ELjfT4Z5WiiK2cUPV5aGPWiaYCR53HXIHQBA==
bugsnag.min.js
voting.astro.com.my/js/ 		40 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://voting.astro.com.my/js/bugsnag.min.js
Requested by
Host: voting.astro.com.my
URL: https://voting.astro.com.my/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2240:7600:c:9855:b600:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a965579cd2f6be17535aaab42ee137b2f5fd53e6beb7c8c8f93707e14cc995f4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://voting.astro.com.my/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 29 Nov 2023 15:42:54 GMT
content-encoding
gzip
via
1.1 5743d3ff81b625f69ad8b8e32fc9c412.cloudfront.net (CloudFront)
last-modified
Wed, 14 Jun 2023 05:51:48 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P1
etag
W/"6f70531080c4cf84c6af375fe5faccf7"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/javascript
x-amz-cf-id
h4plbB6vPeizviRy-cpwJQDx9QXG4GogGEhy5NuMrTLM3aUt2Qrz2A==
font-awesome.min.css
stackpath.bootstrapcdn.com/font-awesome/4.7.0/css/ 		30 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://stackpath.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css
Requested by
Host: voting.astro.com.my
URL: https://voting.astro.com.my/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://voting.astro.com.my/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 29 Nov 2023 15:42:53 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
cdn-edgestorageid
722
age
1759271
cdn-cachedat
11/18/2022 06:18:29
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
last-modified
Mon, 25 Jan 2021 22:04:55 GMT
cdn-proxyver
1.03
cdn-requestpullcode
200
server
cloudflare
etag
W/"269550530cc127b6aa5a35925a7de6ce"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cache-control
public, max-age=31919000
cdn-requestid
b3a57c6aca414a3b87fe0638b631146d
timing-allow-origin
*
cdn-requestcountrycode
DE
cdn-status
200
cf-ray
82dbf68e0e961da0-FRA
cdn-requestpullsuccess
True
gtm.js
www.googletagmanager.com/ 		598 KB
126 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-8DGW
Requested by
Host: voting.astro.com.my
URL: https://voting.astro.com.my/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
162e61781cc277cc205866a2f434d4dddd1297f1d16c4840afe9eeb4d47a6a9b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://voting.astro.com.my/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 29 Nov 2023 15:42:53 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
128196
x-xss-protection
0
last-modified
Wed, 29 Nov 2023 15:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Wed, 29 Nov 2023 15:42:53 GMT
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311150101/ 		431 KB
135 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311150101/pubads_impl.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b033f59e4ffeaa6f3e4f2e839c035a14811d5469d3f772eda6056d7d5782c53f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://voting.astro.com.my/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date
Wed, 29 Nov 2023 12:39:26 GMT
content-encoding
br
x-content-type-options
nosniff
age
11006
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
138149
x-xss-protection
0
server
cafe
etag
11558412289700915514
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Thu, 28 Nov 2024 12:39:26 GMT
js
www.googletagmanager.com/gtag/ 		277 KB
91 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-4Q9DLDY2BM&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-8DGW
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
1c8edc950fc2dacac5d7767c22d20ad999a18a6961351193ba6de539c333a41f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://voting.astro.com.my/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 29 Nov 2023 15:42:53 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
92705
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Wed, 29 Nov 2023 15:42:53 GMT
js
www.googletagmanager.com/gtag/ 		243 KB
84 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-K6Q5ED8R4T&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-8DGW
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
99472e40113fa5b178733c2f0376bfd1aa5d1dc5802dc09b536dd98512c43077
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://voting.astro.com.my/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 29 Nov 2023 15:42:53 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
85954
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Wed, 29 Nov 2023 15:42:53 GMT
js
www.googletagmanager.com/gtag/ 		252 KB
86 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-3EV8LLM8NY&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-8DGW
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
afa3499787b58f95f29d7e25ba545ab0307cf3380097a4ce7c4bccf9474427e9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://voting.astro.com.my/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 29 Nov 2023 15:42:53 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
87577
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Wed, 29 Nov 2023 15:42:53 GMT
analytics.js
www.google-analytics.com/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-8DGW
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://voting.astro.com.my/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Wed, 29 Nov 2023 13:49:38 GMT
last-modified
Mon, 12 Jun 2023 18:23:07 GMT
server
Golfe2
age
6795
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Wed, 29 Nov 2023 15:49:38 GMT
b
sb.scorecardresearch.com/ 		0
227 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sb.scorecardresearch.com/b?c1=2&c2=38465268&ns__t=1701272573308&ns_c=UTF-8&c8=Lagu%20Trending%20Tergempak&c7=https%3A%2F%2Fvoting.astro.com.my%2F&c9=
Requested by
Host: voting.astro.com.my
URL: https://voting.astro.com.my/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.26.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-26-18.fra56.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://voting.astro.com.my/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 29 Nov 2023 15:42:53 GMT
via
1.1 62e7b24ca032b612bb93fa7f3437469c.cloudfront.net (CloudFront)
accept-ch
UA, Platform, Arch, Model, Mobile
x-amz-cf-pop
FRA56-P7
x-amz-cf-id
NQPZuHDjd0hNbgIByxEXPQk8hk7y2mBT1DFkQcTzNf5tiQFq2pDRZA==
x-cache
Miss from cloudfront
collect
region1.analytics.google.com/g/ 		0
257 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-K6Q5ED8R4T&gtm=45je3b81v884855698&_p=1701272572756&_gaz=1&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=434321360.1701272573&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AEA&_s=1&sid=1701272573&sct=1&seg=0&dl=https%3A%2F%2Fvoting.astro.com.my%2F&dt=Lagu%20Trending%20Tergempak&en=scroll&_fv=1&_nsi=1&_ss=1&ep.cookieFlags=samesite%3Dlax%3Bsecure&epn.percent_scrolled=90&tfd=1910
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-K6Q5ED8R4T&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://voting.astro.com.my/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 29 Nov 2023 15:42:53 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://voting.astro.com.my
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/ 		0
257 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-K6Q5ED8R4T&cid=434321360.1701272573&gtm=45je3b81v884855698&aip=1&dma=1&dma_cps=sypham&gcd=11l1l1l1l1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-K6Q5ED8R4T&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c07::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://voting.astro.com.my/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 29 Nov 2023 15:42:53 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://voting.astro.com.my
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
408 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-K6Q5ED8R4T&cid=434321360.1701272573&gtm=45je3b81v884855698&aip=1&dma=1&dma_cps=sypham&gcd=11l1l1l1l1&z=1185543712
Requested by
Host: voting.astro.com.my
URL: https://voting.astro.com.my/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://voting.astro.com.my/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 29 Nov 2023 15:42:53 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
region1.analytics.google.com/g/ 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-4Q9DLDY2BM&gtm=45je3b81v875107886z86139462&_p=1701272572756&_gaz=1&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=434321360.1701272573&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1701272573&sct=1&seg=0&dl=https%3A%2F%2Fvoting.astro.com.my%2F&dt=Lagu%20Trending%20Tergempak&en=page_view&_fv=1&_ss=1&ep.page=%2F&ep.location=https%3A%2F%2Fvoting.astro.com.my%2F&ep.cookieFlags=samesite%3Dlax%3Bsecure&tfd=2033
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-4Q9DLDY2BM&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://voting.astro.com.my/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 29 Nov 2023 15:42:53 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://voting.astro.com.my
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/ 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-4Q9DLDY2BM&cid=434321360.1701272573&gtm=45je3b81v875107886z86139462&aip=1&dma=1&dma_cps=sypham&gcd=11l1l1l1l1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-4Q9DLDY2BM&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c07::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://voting.astro.com.my/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 29 Nov 2023 15:42:53 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://voting.astro.com.my
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-4Q9DLDY2BM&cid=434321360.1701272573&gtm=45je3b81v875107886z86139462&aip=1&dma=1&dma_cps=sypham&gcd=11l1l1l1l1&z=1817386659
Requested by
Host: voting.astro.com.my
URL: https://voting.astro.com.my/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://voting.astro.com.my/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 29 Nov 2023 15:42:53 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
region1.analytics.google.com/g/ 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-3EV8LLM8NY&gtm=45je3b81v881506662&_p=1701272572756&_gaz=1&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=434321360.1701272573&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AEA&_s=1&sid=1701272573&sct=1&seg=0&dl=https%3A%2F%2Fvoting.astro.com.my%2F&dt=Lagu%20Trending%20Tergempak&en=scroll&_fv=1&_ss=2&epn.percent_scrolled=90&tfd=2067
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-3EV8LLM8NY&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://voting.astro.com.my/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 29 Nov 2023 15:42:53 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://voting.astro.com.my
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/ 		0
45 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-3EV8LLM8NY&cid=434321360.1701272573&gtm=45je3b81v881506662&aip=1&dma=1&dma_cps=sypham&gcd=11l1l1l1l1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-3EV8LLM8NY&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c07::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://voting.astro.com.my/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 29 Nov 2023 15:42:53 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://voting.astro.com.my
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-3EV8LLM8NY&cid=434321360.1701272573&gtm=45je3b81v881506662&aip=1&dma=1&dma_cps=sypham&gcd=11l1l1l1l1&z=48721941
Requested by
Host: voting.astro.com.my
URL: https://voting.astro.com.my/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://voting.astro.com.my/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 29 Nov 2023 15:42:53 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/j/ 		4 B
212 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=688276427&t=pageview&_s=1&dl=https%3A%2F%2Fvoting.astro.com.my%2F&ul=en-us&de=UTF-8&dt=Lagu%20Trending%20Tergempak&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAEABAAAAACAAIC~&jid=61879498&gjid=2114290600&cid=434321360.1701272573&tid=UA-20278225-1&_gid=1177818959.1701272574&_r=1&_slc=1&gtm=45He3b81n518DGWv6139462&cd64=gtm.js&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&z=1916892563
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://voting.astro.com.my/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 29 Nov 2023 15:42:53 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://voting.astro.com.my
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/j/ 		16 B
84 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=688276427&t=pageview&_s=1&dl=https%3A%2F%2Fvoting.astro.com.my%2F&ul=en-us&de=UTF-8&dt=Lagu%20Trending%20Tergempak&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAEABAAAAACAAIC~&jid=1262454914&gjid=1714680844&cid=434321360.1701272573&tid=UA-20278225-84&_gid=1177818959.1701272574&_r=1&_slc=1&gtm=45He3b81n518DGWv6139462&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&z=1499123572
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
ed0858d30b5cfcc282757e0078c8f9c3b7711cf86be5f5934ece6a9d47e28ae8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://voting.astro.com.my/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 29 Nov 2023 15:42:53 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://voting.astro.com.my
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
16
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/ 		4 B
25 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-20278225-1&cid=434321360.1701272573&jid=61879498&gjid=2114290600&_gid=1177818959.1701272574&_u=YADAAEAAAAAAACAAIC~&z=554598329
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400c:c07::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://voting.astro.com.my/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Wed, 29 Nov 2023 15:42:53 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://voting.astro.com.my
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/ 		4 B
25 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-20278225-84&cid=434321360.1701272573&jid=1262454914&gjid=1714680844&_gid=1177818959.1701272574&_u=YADAAEABAAAAACAAIC~&z=133508694
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400c:c07::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://voting.astro.com.my/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Wed, 29 Nov 2023 15:42:53 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://voting.astro.com.my
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
js
www.googletagmanager.com/gtag/ 		239 KB
83 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-21E37QQT0R&cx=c&_slc=1
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
35032c53d5d52b8c8ff55a244c6f3d0f9c0be4f22670fb61f48995ca5e463515
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://voting.astro.com.my/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 29 Nov 2023 15:42:53 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
85444
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Wed, 29 Nov 2023 15:42:53 GMT
ga-audiences
www.google.com/ads/ 		42 B
408 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-20278225-1&cid=434321360.1701272573&jid=61879498&_u=YADAAEAAAAAAACAAIC~&z=726158568
Requested by
Host: voting.astro.com.my
URL: https://voting.astro.com.my/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://voting.astro.com.my/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 29 Nov 2023 15:42:53 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-20278225-1&cid=434321360.1701272573&jid=61879498&_u=YADAAEAAAAAAACAAIC~&z=726158568
Requested by
Host: voting.astro.com.my
URL: https://voting.astro.com.my/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://voting.astro.com.my/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 29 Nov 2023 15:42:53 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.com/ads/ 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-20278225-84&cid=434321360.1701272573&jid=1262454914&_u=YADAAEABAAAAACAAIC~&z=584025478
Requested by
Host: voting.astro.com.my
URL: https://voting.astro.com.my/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://voting.astro.com.my/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 29 Nov 2023 15:42:53 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-20278225-84&cid=434321360.1701272573&jid=1262454914&_u=YADAAEABAAAAACAAIC~&z=584025478
Requested by
Host: voting.astro.com.my
URL: https://voting.astro.com.my/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://voting.astro.com.my/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 29 Nov 2023 15:42:53 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
region1.analytics.google.com/g/ 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-21E37QQT0R&gtm=45je3b81v9136593986&_p=1701272572756&_gaz=1&gcd=11l1l1l1l2&dma_cps=sypham&dma=1&ul=en-us&sr=1600x1200&cid=434321360.1701272573&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=EBAI&_s=1&dl=https%3A%2F%2Fvoting.astro.com.my%2F&dt=Lagu%20Trending%20Tergempak&sid=1701272573&sct=1&seg=0&en=page_view&_fv=1&_ss=1&_ee=1&tfd=2284
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-21E37QQT0R&cx=c&_slc=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://voting.astro.com.my/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 29 Nov 2023 15:42:53 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://voting.astro.com.my
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/ 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-21E37QQT0R&cid=434321360.1701272573&gtm=45je3b81v9136593986&aip=1&dma=1&dma_cps=sypham&gcd=11l1l1l1l2
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-21E37QQT0R&cx=c&_slc=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400c:c07::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://voting.astro.com.my/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 29 Nov 2023 15:42:53 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://voting.astro.com.my
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-21E37QQT0R&cid=434321360.1701272573&gtm=45je3b81v9136593986&aip=1&dma=1&dma_cps=sypham&gcd=11l1l1l1l2&z=2115146382
Requested by
Host: voting.astro.com.my
URL: https://voting.astro.com.my/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://voting.astro.com.my/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 29 Nov 2023 15:42:53 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
sessions.bugsnag.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://sessions.bugsnag.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:0:7a0b:: Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
bugsnag-api-key,bugsnag-payload-version,bugsnag-sent-at,content-type
Access-Control-Request-Method
POST
Origin
https://voting.astro.com.my
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

access-control-allow-headers
Origin, Content-Type, Accept, Authorization, User-Agent, Referer, X-Forwarded-For, Bugsnag-Api-Key, Bugsnag-Payload-Version, Bugsnag-Sent-At
access-control-allow-methods
POST
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
date
Wed, 29 Nov 2023 15:42:54 GMT
via
1.1 google
/
sessions.bugsnag.com/ 		21 B
97 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://sessions.bugsnag.com/
Requested by
Host: voting.astro.com.my
URL: https://voting.astro.com.my/js/bugsnag.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:0:7a0b:: Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Bugsnag-Payload-Version
1
Referer
https://voting.astro.com.my/
Bugsnag-Sent-At
2023-11-29T15:42:54.273Z
accept-language
de-DE,de;q=0.9
Bugsnag-Api-Key
e6d82f8190d2fc6c37472d2b67228718
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
*
date
Wed, 29 Nov 2023 15:42:54 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
21
content-type
application/json
fbevents.js
connect.facebook.net/en_US/ 		202 KB
54 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: voting.astro.com.my
URL: https://voting.astro.com.my/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://voting.astro.com.my/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Wed, 29 Nov 2023 15:42:54 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
54273
x-xss-protection
0
reporting-endpoints
pragma
public
x-fb-debug
YCxsZLPZluRlgawxHUqHHw7N43t1hw9dC7hBw4gUSatOVj2wyVyAzjS79C623xlUHtuBsBAaF+R4bUOQsu6CuQ==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
voting-service.eco.astro.com.my/api/v1/vote/ 		0
0
521834491322983
connect.facebook.net/signals/config/ 		133 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/521834491322983?v=2.9.138&r=stable&domain=voting.astro.com.my
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://voting.astro.com.my/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Wed, 29 Nov 2023 15:42:54 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
reporting-endpoints
pragma
public
x-fb-debug
ng/GkLxWuWGbKaqDJjohz2+tNhI92AsIPK0hSTQfz90kO6gpiLM6Hwwwnv/37ytk9db3J9r3NL7MC4BHlw0+Lg==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
Primary Request 404
gempak.com// 		80 KB
25 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gempak.com//404
Requested by
Host: voting.astro.com.my
URL: https://voting.astro.com.my/js/main.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:8274 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
41dfcf76c1f62a043a2b529fc68562d353cf8dfbef9d845267ebba3166c2809f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://voting.astro.com.my/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cf-cache-status
DYNAMIC
cf-ray
82dbf697b8605d5b-FRA
content-encoding
br
content-type
text/html
date
Wed, 29 Nov 2023 15:42:56 GMT
last-modified
Wed, 04 Oct 2023 07:05:03 GMT
referrer-policy
no-referrer-when-downgrade
server
cloudflare
strict-transport-security
max-age=31536000; includeSubdomains; preload
vary
Accept-Encoding
via
1.1 eb99f1f32a184a8c9c9c920381a7576a.cloudfront.net (CloudFront)
x-amz-cf-id
rh0ZzaDVk8OKmwObX2O0mpRrlad_zDeZ9C1_aaE6d1kShES0WfA0qQ==
x-amz-cf-pop
FRA60-P5
x-amz-server-side-encryption
AES256
x-cache
Error from cloudfront
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block
/
notify.bugsnag.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://notify.bugsnag.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:0:a5e4:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
bugsnag-api-key,bugsnag-payload-version,bugsnag-sent-at,content-type
Access-Control-Request-Method
POST
Origin
https://voting.astro.com.my
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

access-control-allow-headers
Origin, Content-Type, Accept, Authorization, User-Agent, Referer, X-Forwarded-For, Bugsnag-Api-Key, Bugsnag-Sent-At, Bugsnag-Payload-Version, Bugsnag-Integrity
access-control-allow-methods
POST
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
date
Wed, 29 Nov 2023 15:42:54 GMT
via
1.1 google
/
notify.bugsnag.com/ 		2 B
113 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://notify.bugsnag.com/
Requested by
Host: voting.astro.com.my
URL: https://voting.astro.com.my/js/bugsnag.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:0:a5e4:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Bugsnag-Payload-Version
4
Referer
https://voting.astro.com.my/
Bugsnag-Sent-At
2023-11-29T15:42:54.596Z
accept-language
de-DE,de;q=0.9
Bugsnag-Api-Key
e6d82f8190d2fc6c37472d2b67228718
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
*
date
Wed, 29 Nov 2023 15:42:54 GMT
via
1.1 google
bugsnag-event-id
65675bfe00cda594acd20000
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2
content-type
text/plain; charset=utf-8
/
www.facebook.com/tr/ 		0
185 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=521834491322983&ev=PageView&dl=https%3A%2F%2Fvoting.astro.com.my%2F&rl=&if=false&ts=1701272574749&sw=1600&sh=1200&v=2.9.138&r=stable&ec=0&o=4126&fbp=fb.2.1701272574739.670966841&ler=empty&it=1701272574430&coo=false&rqm=GET
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f176:84:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://voting.astro.com.my/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Wed, 29 Nov 2023 15:42:54 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
collect
region1.analytics.google.com/g/ 		0
0
collect
region1.analytics.google.com/g/ 		0
0
collect
region1.analytics.google.com/g/ 		0
0
collect
region1.analytics.google.com/g/ 		0
0
css
fonts.googleapis.com/ 		10 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Arimo:400,400i,700,700i&display=swap
Requested by
Host: client
URL: about:client
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
cd6bc8bd03109f348ef0bb41349b8afc8199d99eee8ece2074f4d501941111f8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gempak.com//404
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Wed, 29 Nov 2023 15:42:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Wed, 29 Nov 2023 15:39:30 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 29 Nov 2023 15:42:56 GMT
css
fonts.googleapis.com/ 		2 KB
658 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto&display=swap
Requested by
Host: client
URL: about:client
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
c87b7f745cfb4a994801488584e6e0e78d6c4f0ad567e985a781fc0b86074724
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gempak.com//404
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Wed, 29 Nov 2023 15:42:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Wed, 29 Nov 2023 14:30:50 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 29 Nov 2023 15:42:56 GMT
css
fonts.googleapis.com/ 		6 KB
790 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Open+Sans:400,700&display=swap
Requested by
Host: client
URL: about:client
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
f8adb8b0c5e7880cf2c66137533bfeea4e96040bb2c7edcb9e5c6373d78a5d0a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gempak.com//404
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Wed, 29 Nov 2023 15:42:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Wed, 29 Nov 2023 14:33:55 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 29 Nov 2023 15:42:56 GMT
rocket-loader.min.js
gempak.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://gempak.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Requested by
Host: gempak.com
URL: https://gempak.com//404
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:8274 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gempak.com//404
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 29 Nov 2023 15:42:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 27 Nov 2023 12:56:29 GMT
server
cloudflare
etag
W/"656491fd-302c"
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/javascript
cache-control
max-age=172800, public
cf-ray
82dbf6a27d255d5b-FRA
expires
Fri, 01 Dec 2023 15:42:56 GMT
main.dd5f32e67ccd0cc20896.chunk.js
gempak.com/ 		0
0
npm.browserify-sign.09b7f1af3a490d3b55aa.chunk.js
gempak.com/ 		0
0
npm.formatjs.aba37cb5cf1b2892771e.chunk.js
gempak.com/ 		0
0
npm.react-redux.e671e33d8ba6bee2d2c8.chunk.js
gempak.com/ 		0
0
npm.react-app-polyfill.0fbf524a000065589bb8.chunk.js
gempak.com/ 		0
0
npm.core-js.c3b3e2c24d3a1fbc80b0.chunk.js
gempak.com/ 		0
0
npm.react-responsive-carousel.808d5cf7e4f016035eb0.chunk.js
gempak.com/ 		0
0
npm.astro-my.63d4bc39fe5949184cb4.chunk.js
gempak.com/ 		0
0
npm.tanstack.17c1f4d67f7645ef4680.chunk.js
gempak.com/ 		0
0
npm.uuid.57688f56173adcb2d14b.chunk.js
gempak.com/ 		0
0
runtime.a04a2cb89411aa044b02.js
gempak.com/ 		0
0
gpt.js
www.googletagservices.com/tag/js/ 		92 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/tag/js/gpt.js
Requested by
Host: gempak.com
URL: https://gempak.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f2885a83e514c105bec4685c7226d166b2884009d0eefe7a2999567c53e4459b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gempak.com//404
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 29 Nov 2023 15:42:56 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
30347
x-xss-protection
0
server
cafe
etag
904 / 19690 / m202311150101 / config-hash: 2176564774933884501
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Wed, 29 Nov 2023 15:42:56 GMT
gtm.js
www.googletagmanager.com/ 		349 KB
102 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-N7MCZVS
Requested by
Host: voting.astro.com.my
URL: https://voting.astro.com.my/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
a3cda672877794b17401e61057febdfc48938bd56e4c660c5b570603a0f87d6e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gempak.com//404
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 29 Nov 2023 15:42:56 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
104632
x-xss-protection
0
last-modified
Wed, 29 Nov 2023 15:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Wed, 29 Nov 2023 15:42:56 GMT
loader.js
cdn.taboola.com/libtrc/astromediasolutions-gempak/ 		276 KB
50 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/astromediasolutions-gempak/loader.js
Requested by
Host: voting.astro.com.my
URL: https://voting.astro.com.my/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
ab82784200027747d61a26a3bb2e4d6ce3f4e37f083f1057c6fe8e27c3d43681

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gempak.com//404
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-amz-version-id
OE7TURF0jZlaUFvUvBZZOAv6nJolV41g
content-encoding
gzip
via
1.1 varnish
date
Wed, 29 Nov 2023 15:42:56 GMT
x-amz-request-id
YQ60NHKKAB4ARSH0
age
0
x-amz-server-side-encryption
AES256
x-cache
MISS
x-from-cache
1
x-envoy-upstream-service-time
21
x-amz-replication-status
FAILED
content-length
50584
x-amz-id-2
3l4rsqxuEjDD+f3BehKmBsoEvLonQDtv15F/JbiGfXfR697d1gAyopCNcdgTlNa6MPHRcBrGPwk=
x-served-by
cache-cph2320056-CPH
last-modified
Wed, 29 Nov 2023 15:42:56 UTC
server
nginx
x-timer
S1701272577.622967,VS0,VE47
etag
"3b8ef4c1c14db1a6561cd47355e00cb5f49081eb"
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
abp
14
cache-control
private,max-age=14400
accept-ranges
bytes
x-cache-hits
0
js
www.googletagmanager.com/gtag/ 		242 KB
84 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-0GC2LF80F2&l=dataLayer&cx=c
Requested by
Host: voting.astro.com.my
URL: https://voting.astro.com.my/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
0389894e2d6d914ff2fba91d4f437e8ceccc65b9928c4e081afc1068383fb0aa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gempak.com//404
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 29 Nov 2023 15:42:56 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
85685
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Wed, 29 Nov 2023 15:42:56 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/970602211/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/970602211/?random=1701272576593&cv=11&fst=1701272576593&bg=ffffff&guid=ON&async=1&gtm=45He3b81v831823618&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fgempak.com%2F%2F404&ref=https%3A%2F%2Fvoting.astro.com.my%2F&hn=www.googleadservices.com&frm=0&auid=2100602728.1701272577&uamb=0&uaw=0&rfmt=3&fmt=4
Requested by
Host: voting.astro.com.my
URL: https://voting.astro.com.my/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
85aa934009e7ffa8115fa2c3b5b8efbee7d760e80aff3cdfef749e1710e0c6d5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gempak.com//404
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 29 Nov 2023 15:42:56 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1230
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
chartbeat.js
static.chartbeat.com/js/ 		37 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.chartbeat.com/js/chartbeat.js
Requested by
Host: voting.astro.com.my
URL: https://voting.astro.com.my/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2646:6000:18:1fcd:353:c61 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
2241d391f10f461a915b6ef47bc0c8103bf0e7289aff47e1bcfed5ff2a84d119

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gempak.com//404
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 20:48:49 GMT
content-encoding
gzip
via
1.1 4d156fc02c81ad97b906c107779265e2.cloudfront.net (CloudFront)
last-modified
Thu, 16 Nov 2023 01:59:58 GMT
server
nginx
x-amz-cf-pop
FRA60-P5
age
68047
etag
W/"6555779e-94a1"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/x-javascript
cache-control
max-age=86400
cross-origin-resource-policy
cross-origin
x-amz-cf-id
DbblRw-cWUvWUqQDXnNWxI0ANeJeX4fsCOG-DcCB_VMftvVcTGGVBw==
expires
Wed, 29 Nov 2023 20:48:49 GMT
dil.js
d2aujjfcidxgdj.cloudfront.net/adobe/ 		38 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d2aujjfcidxgdj.cloudfront.net/adobe/dil.js
Requested by
Host: voting.astro.com.my
URL: https://voting.astro.com.my/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
143.204.205.86 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-205-86.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ceb6f7c93b3c2454eec6ff10589da6881fc9452037dacf469c0ae41cdcc9cd65

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gempak.com//404
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date
Wed, 29 Nov 2023 07:40:50 GMT
Content-Encoding
gzip
Via
1.1 c714e4f593454d65f62cf3fecf756a4c.cloudfront.net (CloudFront)
Last-Modified
Tue, 24 Oct 2017 04:03:14 GMT
Server
AmazonS3
X-Amz-Cf-Pop
FRA53-C1
Age
28928
ETag
W/"13c9ccc7fc1e4a0e277bcc30ea56f4a5"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/javascript
X-Cache
Hit from cloudfront
Connection
keep-alive
X-Amz-Cf-Id
-AlD61p5DWTkVzsMUxxpXEJHy1XSSQyet2cq8OWui0X0jNoQd7K3kQ==
fbevents.js
connect.facebook.net/en_US/ 		202 KB
53 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: voting.astro.com.my
URL: https://voting.astro.com.my/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
3e136e77083bfc6ef14ffc5abd19da89a82bf12fc0cda3c603e01582b93303c8
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gempak.com//404
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Wed, 29 Nov 2023 15:42:56 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
54273
x-xss-protection
0
reporting-endpoints
pragma
public
x-fb-debug
8z5dO7c13IP46elW9D7V+sDAx+yW0rRzuFm4hKipexf8ssEYn5twLCF91uaDaa0ADDd0zcb7Ojla4fTMBAVZkQ==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
prod-global-549813.js
rtbcdn.andbeyond.media/ 		391 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rtbcdn.andbeyond.media/prod-global-549813.js
Requested by
Host: voting.astro.com.my
URL: https://voting.astro.com.my/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.3.52 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
bfe84806e4b5ffbdd053eac9b99de72b5325e547548f53e41e2032772498f389

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gempak.com//404
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-amz-version-id
null
content-encoding
gzip
via
1.1 varnish
date
Wed, 29 Nov 2023 15:42:57 GMT
x-amz-request-id
S0N4HD02JG6K9PMW
age
0
x-amz-server-side-encryption
AES256
x-cache
HIT
content-length
28365
x-amz-id-2
IKvJ2sb07p+kHKPIyj0gQWMpqBDDKQ8iF6PsAA+9uzh1tCUf45b2aURgPyN4dcr+lVHA78+/zblQWZtZ644eoQ==
x-served-by
cache-cph2320034-CPH
last-modified
Tue, 14 Nov 2023 09:29:53 GMT
server
AmazonS3
x-timer
S1701272577.062664,VS0,VE710
etag
"27d77e4369f5d906cbe4085d20bafbb7"
vary
Accept-Encoding
content-type
text/javascript
accept-ranges
bytes
x-cache-hits
1
BannerModeDirectToHTML-awani.js
api.vodus.com/MediaPartners/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://api.vodus.com/MediaPartners/BannerModeDirectToHTML-awani.js?v=2310231557
Requested by
Host: voting.astro.com.my
URL: https://voting.astro.com.my/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.212.64.10 Singapore, Singapore, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
ecf0f2b7f270b19fdef46f701420c4e6eaf3ca34f8077574e6d63dad87f466e7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gempak.com//404
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date
Wed, 29 Nov 2023 15:42:57 GMT
Content-Encoding
gzip
Last-Modified
Fri, 27 Oct 2023 03:12:37 GMT
Server
Microsoft-IIS/10.0
ETag
"1da08836fc89187"
X-Powered-By
ASP.NET
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/javascript
Accept-Ranges
bytes
g1we31mxbr
www.clarity.ms/tag/ 		650 B
1013 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.clarity.ms/tag/g1we31mxbr
Requested by
Host: voting.astro.com.my
URL: https://voting.astro.com.my/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:46::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
ece57bec2c1d6f99d361e52c1e23904b6177200583d66027cb4e8958f63ae846

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gempak.com//404
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

expires
-1
date
Wed, 29 Nov 2023 15:42:57 GMT
x-azure-ref
20231129T154257Z-h05supha4h3vd5148k5uvrr9480000000b4g00000000107x
x-cache
CONFIG_NOCACHE
content-type
application/x-javascript
cache-control
no-cache, no-store
accept-ranges
bytes
content-length
650
request-context
appId=cid-v1:dfa4d45a-f309-4181-9ede-77e6e6c0ecf0
pixel
ps.eyeota.net/ 		0
344 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ps.eyeota.net/pixel?pid=3gd9gd0&t=ajs&cat=news
Requested by
Host: voting.astro.com.my
URL: https://voting.astro.com.my/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
3.120.214.218 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-120-214-218.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gempak.com//404
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date
Wed, 29 Nov 2023 15:42:56 GMT
Content-Length
0
P3P
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"
uwt.js
static.ads-twitter.com/ 		56 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.ads-twitter.com/uwt.js
Requested by
Host: voting.astro.com.my
URL: https://voting.astro.com.my/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.75.120.157 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
cf7fcc9f75c8717897bfaef72f303fab423ce1b70c98512aeb3677e4af988dee

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gempak.com//404
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 29 Nov 2023 15:42:57 GMT
content-encoding
gzip
last-modified
Thu, 27 Oct 2022 16:56:53 GMT
etag
"32ad004436155ec972bc50e6238b5b67+gzip+gzip"
vary
Accept-Encoding,Host
x-cache
HIT, HIT
content-type
application/javascript; charset=utf-8
p3p
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
x-tw-cdn
FT
cache-control
no-cache
accept-ranges
bytes
content-length
15375
x-served-by
cache-iad-kjyo7100081-IAD, cache-fra-etou8220049-FRA
b
sb.scorecardresearch.com/ 		0
225 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sb.scorecardresearch.com/b?c1=2&c2=38465268&ns__t=1701272576591&ns_c=UTF-8&c8=&c7=https%3A%2F%2Fgempak.com%2F%2F404&c9=https%3A%2F%2Fvoting.astro.com.my%2F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.26.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-26-18.fra56.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gempak.com//404
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 29 Nov 2023 15:42:56 GMT
via
1.1 62e7b24ca032b612bb93fa7f3437469c.cloudfront.net (CloudFront)
accept-ch
UA, Platform, Arch, Model, Mobile
x-amz-cf-pop
FRA56-P7
x-amz-cf-id
q83a8Mmrghw1gayVMuJE-CxpOf7U5jWYglhWJcEuhfmcFhFLl-lAJg==
x-cache
Miss from cloudfront
partner
sync.search.spotxchange.com/ 		0
0
collect
region1.analytics.google.com/g/ 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-0GC2LF80F2&gtm=45je3b81v877875055&_p=1701272576497&_gaz=1&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=1730769388.1701272577&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AEA&_s=1&sid=1701272576&sct=1&seg=0&dl=https%3A%2F%2Fgempak.com%2F%2F404&dr=https%3A%2F%2Fvoting.astro.com.my%2F&dt=&en=scroll&_fv=1&_nsi=1&_ss=1&epn.percent_scrolled=90&tfd=2120
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-0GC2LF80F2&l=dataLayer&cx=c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gempak.com//404
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 29 Nov 2023 15:42:56 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://gempak.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/ 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-0GC2LF80F2&cid=1730769388.1701272577&gtm=45je3b81v877875055&aip=1&dma=1&dma_cps=sypham&gcd=11l1l1l1l1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-0GC2LF80F2&l=dataLayer&cx=c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400c:c07::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gempak.com//404
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 29 Nov 2023 15:42:56 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://gempak.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-0GC2LF80F2&cid=1730769388.1701272577&gtm=45je3b81v877875055&aip=1&dma=1&dma_cps=sypham&gcd=11l1l1l1l1&z=801172024
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gempak.com//404
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 29 Nov 2023 15:42:56 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
521834491322983
connect.facebook.net/signals/config/ 		133 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/521834491322983?v=2.9.138&r=stable&domain=gempak.com
Requested by
Host: voting.astro.com.my
URL: https://voting.astro.com.my/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
7cb4a1da6cb5eff01426d6a258c9f99aa9105457498ec75890be9791c1b9ea43
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gempak.com//404
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Wed, 29 Nov 2023 15:42:57 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
reporting-endpoints
pragma
public
x-fb-debug
iAXTx8aCcxvky5Rkr1CwwcBMHjL/UqGPkz+fkjg9ycXeL843C8s5voeRl7kX4Exd7yS9armDwXPOdJ9gtpJaUA==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311150101/ 		431 KB
135 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311150101/pubads_impl.js
Requested by
Host: voting.astro.com.my
URL: https://voting.astro.com.my/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b033f59e4ffeaa6f3e4f2e839c035a14811d5469d3f772eda6056d7d5782c53f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gempak.com//404
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 29 Nov 2023 12:39:26 GMT
content-encoding
br
x-content-type-options
nosniff
age
11010
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
138149
x-xss-protection
0
server
cafe
etag
11558412289700915514
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Thu, 28 Nov 2024 12:39:26 GMT
runtime.a04a2cb89411aa044b02.js
gempak.com/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://gempak.com/runtime.a04a2cb89411aa044b02.js
Requested by
Host: voting.astro.com.my
URL: https://voting.astro.com.my/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:8274 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a39027104de91d1f4394f8b02ae4ae5125af75032fe444b7cb1b4ce4682ffa81
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gempak.com//404
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 29 Nov 2023 15:42:56 GMT
strict-transport-security
max-age=31536000; includeSubdomains; preload
via
1.1 bd96095bb3c15c742ab4d72d1fecba6c.cloudfront.net (CloudFront)
cf-cache-status
HIT
content-encoding
br
x-content-type-options
nosniff
age
109489
x-amz-cf-pop
FRA60-P5
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 26 Sep 2023 05:58:43 GMT
server
cloudflare
etag
W/"cb1f653d0610340be3444f5be3840991"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/javascript
cache-control
public, max-age=31536000
cf-ray
82dbf6a4c85b5d5b-FRA
x-amz-cf-id
HSeSxXh4JA7n5aFZv3vHrVocgKmJgr8zvW02p9OfUopEBTN2QXnhgQ==
expires
Thu, 28 Nov 2024 15:42:56 GMT
impl.20231129-9-RELEASE.js
cdn.taboola.com/libtrc/ 		819 KB
170 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/impl.20231129-9-RELEASE.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/astromediasolutions-gempak/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3-br /
Resource Hash
038235bd3cb8315d2a638e0dcb856d9aabbce9db44f08914cbb89cddb4e1ee15

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gempak.com//404
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-amz-version-id
JKvyJ6oeTAccktRWwE6TuGca2nQqz7nt
content-encoding
br
via
1.1 varnish
date
Wed, 29 Nov 2023 15:42:56 GMT
x-amz-request-id
YHSAPFR7XK2BZSP3
age
19026
x-amz-server-side-encryption
AES256
x-cache
HIT
content-length
173807
x-amz-id-2
xdw+VOIw6X8Ah8JEU1P3a1gT33n32ABSxVWBNBljrVRFMxRDdxF0vuYfluPXqe/36/91XHpXlaE=
x-served-by
cache-cph2320056-CPH
last-modified
Wed, 29 Nov 2023 10:21:28 GMT
server
AmazonS3-br
x-timer
S1701272577.807184,VS0,VE0
etag
"512d11c41cc7a064e1c4ce90b1cb9be5"
vary
Accept-Encoding
content-type
application/javascript
abp
82
access-control-allow-origin
*
cache-control
private,max-age=31536000
accept-ranges
bytes
x-cache-hits
9391
/
www.google.com/pagead/1p-user-list/970602211/ 		42 B
154 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/970602211/?random=1701272576593&cv=11&fst=1701270000000&bg=ffffff&guid=ON&async=1&gtm=45He3b81v831823618&u_w=1600&u_h=1200&url=https%3A%2F%2Fgempak.com%2F%2F404&ref=https%3A%2F%2Fvoting.astro.com.my%2F&frm=0&fmt=3&is_vtc=1&cid=CAQSGwDICaaNIRCKFaaVgdCC_YK18CYW3TqiN1WKaA&random=1199465653&rmt_tld=0&ipr=y
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gempak.com//404
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 29 Nov 2023 15:42:56 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/970602211/ 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-user-list/970602211/?random=1701272576593&cv=11&fst=1701270000000&bg=ffffff&guid=ON&async=1&gtm=45He3b81v831823618&u_w=1600&u_h=1200&url=https%3A%2F%2Fgempak.com%2F%2F404&ref=https%3A%2F%2Fvoting.astro.com.my%2F&frm=0&fmt=3&is_vtc=1&cid=CAQSGwDICaaNIRCKFaaVgdCC_YK18CYW3TqiN1WKaA&random=1199465653&rmt_tld=1&ipr=y
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gempak.com//404
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 29 Nov 2023 15:42:56 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
1912425448986851
connect.facebook.net/signals/config/ 		140 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/1912425448986851?v=2.9.138&r=stable&domain=gempak.com
Requested by
Host: voting.astro.com.my
URL: https://voting.astro.com.my/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
0e9556ab104436e4eda52d8591d6d50247d4578feb26723a3e2585b488e9cc7c
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gempak.com//404
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Wed, 29 Nov 2023 15:42:57 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
reporting-endpoints
pragma
public
x-fb-debug
+QV6l7+mmfEk4nac3lJClAK4N2niFZBIQBzZGOn8CE9zVDMkprGLDLwMdg87SdXpjEz3K1EJO04ZLqgp+zxuzA==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
sync
gum.criteo.com/ 		46 B
288 B 		Script
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sync?c=72&r=2&j=TRC.getRTUS
Requested by
Host: voting.astro.com.my
URL: https://voting.astro.com.my/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
189b8ed64093b12937354b2ef71ccf1df59690d90432241a10fe1cb25000acba
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gempak.com//404
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 29 Nov 2023 15:42:56 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
cache-control
private, max-age=3600
server-processing-duration-in-ticks
276593
expires
60
firstevent
astro.demdex.net/
Redirect Chain
  • https://astro.demdex.net/event?d_nsid=0&d_ld=_ts%3D1701272577121&d_rtbd=json&d_jsonv=1&d_dst=1&d_cb=demdexRequestCallback_0_1701272577121&c_hash=&c_host=gempak.com&c_hostname=gempak.com&c_pathname=...
  • https://astro.demdex.net/firstevent?d_nsid=0&d_ld=_ts%3D1701272577121&d_rtbd=json&d_jsonv=1&d_dst=1&d_cb=demdexRequestCallback_0_1701272577121&c_hash=&c_host=gempak.com&c_hostname=gempak.com&c_path...
3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://astro.demdex.net/firstevent?d_nsid=0&d_ld=_ts%3D1701272577121&d_rtbd=json&d_jsonv=1&d_dst=1&d_cb=demdexRequestCallback_0_1701272577121&c_hash=&c_host=gempak.com&c_hostname=gempak.com&c_pathname=%2F404&c_protocol=https%3A&d_referer=https%3A%2F%2Fvoting.astro.com.my%2F&d_URL=https%3A%2F%2Fgempak.com%2F%2F404
Protocol
H2
Server
54.170.72.30 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-170-72-30.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
046f97a5c1ec5d9b78b93f2818ae57a5257d32f684c5515025b96212e149f5f1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gempak.com//404
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

dcs
dcs-prod-irl1-1-v054-037a2ac12.edge-irl1.demdex.com 10 ms
pragma
no-cache
date
Wed, 29 Nov 2023 15:42:57 GMT
strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
x-tid
zJJTqA1PRGA=
content-type
application/javascript;charset=utf-8
p3p
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
cache-control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-length
1034
expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

dcs
dcs-prod-irl1-2-v054-005ca7536.edge-irl1.demdex.com 0 ms
pragma
no-cache
date
Wed, 29 Nov 2023 15:42:57 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-tid
Jz8KgVM3RBE=
p3p
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
location
https://astro.demdex.net/firstevent?d_nsid=0&d_ld=_ts%3D1701272577121&d_rtbd=json&d_jsonv=1&d_dst=1&d_cb=demdexRequestCallback_0_1701272577121&c_hash=&c_host=gempak.com&c_hostname=gempak.com&c_pathname=%2F404&c_protocol=https%3A&d_referer=https%3A%2F%2Fvoting.astro.com.my%2F&d_URL=https%3A%2F%2Fgempak.com%2F%2F404
cache-control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-length
0
expires
Thu, 01 Jan 1970 00:00:00 UTC
ping
ping.chartbeat.net/ 		43 B
201 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ping.chartbeat.net/ping?h=gempak.com&p=%2F%2F404&u=DRFz3yCPpQWY2rTRD&d=gempak.com&g=34455&g0=No%20Section&g1=No%20Author&n=1&f=00001&c=0&x=0&m=0&y=1200&o=1600&w=1200&j=45&R=1&W=0&I=0&E=0&e=0&r=https%3A%2F%2Fvoting.astro.com.my%2F&PA=https%3A%2F%2Fgempak.com%2F%2F404&b=1891&t=BNlNEEDo-9ASCFScbCDfXwb6BBYoO9&V=141&tz=-60&sn=1&sv=DdvhhSCDJL2ACveC_ZD0TaHFBvtnF-&sr=https%3A%2F%2Fvoting.astro.com.my%2F&sd=1&im=0602000f&_
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.237.54.211 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-237-54-211.compute-1.amazonaws.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gempak.com//404
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Wed, 29 Nov 2023 15:42:57 GMT
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-length
43
expires
0
adsct
t.co/1/i/ 		43 B
378 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.co/1/i/adsct?bci=4&eci=3&event=%7B%7D&event_id=e8ec339d-76cb-4167-8646-5daa62d46b92&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=b6c3ddc7-1520-4b8b-a510-5843fc0e514b&tw_document_href=https%3A%2F%2Fgempak.com%2F%2F404&tw_iframe_status=0&txn_id=of53i&type=javascript&version=2.3.29
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.5 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_o /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gempak.com//404
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-response-time
158
date
Wed, 29 Nov 2023 15:42:56 GMT
strict-transport-security
max-age=0
server
tsa_o
content-type
image/gif;charset=utf-8
x-transaction-id
649f19b322620799
cache-control
no-cache, no-store, max-age=0
perf
7626143928
x-connection-hash
13c9fc6f2648100731ae101921cb74f7312af03577d7b802b33d6028917d215d
content-length
43
adsct
analytics.twitter.com/1/i/ 		43 B
725 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://analytics.twitter.com/1/i/adsct?bci=4&eci=3&event=%7B%7D&event_id=e8ec339d-76cb-4167-8646-5daa62d46b92&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=b6c3ddc7-1520-4b8b-a510-5843fc0e514b&tw_document_href=https%3A%2F%2Fgempak.com%2F%2F404&tw_iframe_status=0&txn_id=of53i&type=javascript&version=2.3.29
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.3 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_o /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=631138519

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gempak.com//404
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-response-time
160
date
Wed, 29 Nov 2023 15:42:56 GMT
strict-transport-security
max-age=631138519
server
tsa_o
content-type
image/gif;charset=utf-8
x-transaction-id
0e15373a4c9fc193
cache-control
no-cache, no-store, max-age=0
perf
7626143928
x-connection-hash
6e29df572617bf053dae14c1639d05515f940e723d171e67ad8263105d2068ac
content-length
43
clarity.js
www.clarity.ms/s/0.7.18/ 		59 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.clarity.ms/s/0.7.18/clarity.js
Requested by
Host: voting.astro.com.my
URL: https://voting.astro.com.my/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:46::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
f4e16c137bfcf443839c20e1038b9ee2dec570f047ae3b1c8f9378e9176750dd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gempak.com//404
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 29 Nov 2023 15:42:57 GMT
content-encoding
br
last-modified
Fri, 17 Nov 2023 13:41:44 GMT
etag
W/"0x8DBE772F014B026"
vary
Accept-Encoding
x-azure-ref
20231129T154257Z-h05supha4h3vd5148k5uvrr9480000000b4g00000000108k
content-type
application/javascript;charset=utf-8
access-control-allow-origin
*
x-ms-request-id
d03fba59-b01e-0043-2a37-1dc887000000
cache-control
public, max-age=86400
x-cache
TCP_HIT
x-ms-version
2018-03-28
253743629279293
connect.facebook.net/signals/config/ 		133 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/253743629279293?v=2.9.138&r=stable&domain=gempak.com
Requested by
Host: voting.astro.com.my
URL: https://voting.astro.com.my/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
00271de682c3fb32f96d6ee4ac3a4a19efe56e4a73f3511d41df1fbe03b82268
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gempak.com//404
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Wed, 29 Nov 2023 15:42:57 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
reporting-endpoints
pragma
public
x-fb-debug
b/Nmeu5G7A2UAtisNscKxDg4zkru41/mRmGQs1fqn+e73lM1Y3/mpHDnXqKZ3OJtMAOMAw3w4Wef4USMH4CGFw==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
www.facebook.com/tr/ 		0
54 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=521834491322983&ev=PageView&dl=https%3A%2F%2Fgempak.com%2F%2F404&rl=https%3A%2F%2Fvoting.astro.com.my%2F&if=false&ts=1701272577236&sw=1600&sh=1200&v=2.9.138&r=stable&ec=0&o=4126&fbp=fb.1.1701272577235.1531192217&ler=other&it=1701272576719&coo=false&rqm=GET
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f176:84:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gempak.com//404
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Wed, 29 Nov 2023 15:42:57 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
/
www.facebook.com/tr/ 		0
31 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=1912425448986851&ev=PageView&dl=https%3A%2F%2Fgempak.com%2F%2F404&rl=https%3A%2F%2Fvoting.astro.com.my%2F&if=false&ts=1701272577239&sw=1600&sh=1200&v=2.9.138&r=stable&ec=0&o=4126&fbp=fb.1.1701272577235.1531192217&ler=other&cs_est=true&it=1701272576719&coo=false&rqm=GET
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f176:84:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gempak.com//404
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Wed, 29 Nov 2023 15:42:57 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
jquery.min.js
cdnjs.cloudflare.com/ajax/libs/jquery/3.6.1/ 		88 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/jquery/3.6.1/jquery.min.js
Requested by
Host: voting.astro.com.my
URL: https://voting.astro.com.my/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a3cf00c109d907e543bc4f6dbc85eb31068f94515251347e9e57509b52ee3d74
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gempak.com//404
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 29 Nov 2023 15:42:57 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
1636019
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
27990
last-modified
Fri, 26 Aug 2022 18:34:13 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"63091225-6d56"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pDSibs16a7%2FNQkgt7URnHrAfcwaYnK3IaHxUj9%2FAW818z5hSO0WkEhhaKlOTbRdre%2B9GXOlk7xFbL7aKI47K8yo4nrlXxrVpUy2uPB03pJs7maPJ7ti2uv4SrvehGsev3pGDu%2Fm0DROovZpoXtqa0OMQ"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
82dbf6a9ceec9125-FRA
expires
Mon, 18 Nov 2024 15:42:57 GMT
collect
u.clarity.ms/ 		0
290 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://u.clarity.ms/collect
Requested by
Host: voting.astro.com.my
URL: https://voting.astro.com.my/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
4.227.249.197 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/x-clarity-gzip
Referer
https://gempak.com//404
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Access-Control-Allow-Origin
https://gempak.com
Date
Wed, 29 Nov 2023 15:42:57 GMT
Access-Control-Allow-Credentials
true
Server
nginx/1.18.0 (Ubuntu)
Connection
keep-alive
Vary
Origin
Request-Context
appId=cid-v1:9c7c879b-c51a-427e-9701-218438da5f81
event
astro.demdex.net/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://astro.demdex.net/event?d_nsid=0&d_ld=_ts%3D1701272577122&d_rtbd=json&d_jsonv=1&d_dst=1&d_cb=demdexRequestCallback_0_1701272577122&c_web_site_name=Astro%20Awani&c_web_site_page=undefined&c_web_content_language=undefined&c_web_content_title=&c_web_content_format=undefined
Requested by
Host: voting.astro.com.my
URL: https://voting.astro.com.my/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.170.72.30 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-170-72-30.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
b67e965ff661459516a2d4a79e31e9f8768bb622871adf1dc3ce7a800c22bad3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gempak.com//404
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

dcs
dcs-prod-irl1-1-v054-06164c850.edge-irl1.demdex.com 6 ms
pragma
no-cache
date
Wed, 29 Nov 2023 15:42:57 GMT
strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
x-tid
oYpU2pxtTc8=
content-type
application/javascript;charset=utf-8
p3p
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
cache-control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-length
1033
expires
Thu, 01 Jan 1970 00:00:00 UTC
285731900110233
connect.facebook.net/signals/config/ 		133 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/285731900110233?v=2.9.138&r=stable&domain=gempak.com
Requested by
Host: voting.astro.com.my
URL: https://voting.astro.com.my/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
8daabc8d037b051f50861554a0190c2261fa6f6854cbe843d6bac8576a6d4ab7
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gempak.com//404
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Wed, 29 Nov 2023 15:42:57 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
reporting-endpoints
pragma
public
x-fb-debug
5BdRQipZ7GpAuUI91vxOZzkgHTpdNWvpYkxBbAKL9Oq7Q3WAjJ8GnCnrHM8CXL6hXbh+y7N/ycKCMQnvW83vNQ==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
www.facebook.com/tr/ 		0
17 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=253743629279293&ev=PageView&dl=https%3A%2F%2Fgempak.com%2F%2F404&rl=https%3A%2F%2Fvoting.astro.com.my%2F&if=false&ts=1701272577426&sw=1600&sh=1200&v=2.9.138&r=stable&ec=0&o=4126&fbp=fb.1.1701272577235.1531192217&ler=other&it=1701272576719&coo=false&rqm=GET
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f176:84:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gempak.com//404
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Wed, 29 Nov 2023 15:42:57 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
priority
u=3,i
/
www.facebook.com/tr/ 		0
15 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=285731900110233&ev=PageView&dl=https%3A%2F%2Fgempak.com%2F%2F404&rl=https%3A%2F%2Fvoting.astro.com.my%2F&if=false&ts=1701272577604&sw=1600&sh=1200&v=2.9.138&r=stable&ec=0&o=4126&fbp=fb.1.1701272577235.1531192217&ler=other&it=1701272576719&coo=false&rqm=GET
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f176:84:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gempak.com//404
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Wed, 29 Nov 2023 15:42:57 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
priority
u=3,i
check
rtbdemand.apiip.net/api/ 		1 KB
991 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://rtbdemand.apiip.net/api/check?accessKey=7ef45bac-167a-4aa8-8c99-bc8a28f80bc5
Requested by
Host: voting.astro.com.my
URL: https://voting.astro.com.my/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
69f806fe455926c54639bcc9997bd5f9d1699c825c516a2646a6b419af85a357

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gempak.com//404
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 29 Nov 2023 15:42:58 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
Express
etag
W/"4f9-ITMmlOiiut+2Gqd35YF+nh5P9tA"
content-type
application/json; charset=utf-8
access-control-allow-origin
*
cf-ray
82dbf6ad5b4a65d3-FRA
alt-svc
h3=":443"; ma=86400
apstag.js
c.amazon-adsystem.com/aax2/ 		267 KB
65 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: voting.astro.com.my
URL: https://voting.astro.com.my/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.1.25 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-1-25.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
4c8fe936e012d2d229577704c34c41a451d7a98aa5c2566ea5c3930aa7e3f40f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gempak.com//404
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 29 Nov 2023 14:43:57 GMT
content-encoding
gzip
via
1.1 a300dbfb49a2eb50edb83038642c9f82.cloudfront.net (CloudFront), 1.1 bfb5bffe90e3b0e760933a7a07d850ba.cloudfront.net (CloudFront)
last-modified
Mon, 13 Nov 2023 20:18:45 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P1, FRA56-P6
age
3541
x-amz-server-side-encryption
AES256
etag
W/"2d08dd94de483579c1dc3f3783c06f6e"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=3600
x-amz-cf-id
aUMVr01pdF4JWr2hMhrosfZy3dN49AvVZ77Co2gf-2jFX1kG-qo1ZQ==
pixel
ps.eyeota.net/ 		0
344 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ps.eyeota.net/pixel?pid=3gd9gd0&t=ajs&cat=arts_entertainment
Requested by
Host: voting.astro.com.my
URL: https://voting.astro.com.my/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
3.120.214.218 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-120-214-218.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gempak.com//404
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date
Wed, 29 Nov 2023 15:42:57 GMT
Content-Length
0
P3P
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"
npm.uuid.57688f56173adcb2d14b.chunk.js
gempak.com/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://gempak.com/npm.uuid.57688f56173adcb2d14b.chunk.js
Requested by
Host: voting.astro.com.my
URL: https://voting.astro.com.my/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:8274 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9ff05cdc1a0607a9818fa522b9206273070b9d7f2a1fa2934a255833f5af0dee
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gempak.com//404
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 29 Nov 2023 15:42:57 GMT
strict-transport-security
max-age=31536000; includeSubdomains; preload
via
1.1 14b30c40b56ef4c9699e1ca92d5cdc08.cloudfront.net (CloudFront)
cf-cache-status
HIT
content-encoding
br
x-content-type-options
nosniff
age
215557
x-amz-cf-pop
FRA60-P5
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 26 Sep 2023 05:58:43 GMT
server
cloudflare
etag
W/"454816abca3397dfa4c14aee2c04fc9d"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/javascript
cache-control
public, max-age=31536000
cf-ray
82dbf6ab68575d5b-FRA
x-amz-cf-id
GNdXYE6BzbyNDW7rAn0TYeNRbqtZZea6PKzzNmUwgq_KPjU2jobOxA==
expires
Thu, 28 Nov 2024 15:42:57 GMT
pixel
ps.eyeota.net/ 		0
344 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ps.eyeota.net/pixel?pid=3gd9gd0&t=ajs&cat=geny_millennials_25_40
Requested by
Host: voting.astro.com.my
URL: https://voting.astro.com.my/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
3.120.214.218 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-120-214-218.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gempak.com//404
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date
Wed, 29 Nov 2023 15:42:57 GMT
Content-Length
0
P3P
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"
npm.tanstack.17c1f4d67f7645ef4680.chunk.js
gempak.com/ 		38 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://gempak.com/npm.tanstack.17c1f4d67f7645ef4680.chunk.js
Requested by
Host: voting.astro.com.my
URL: https://voting.astro.com.my/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:8274 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
31208ecc48df16a8aa26e3b96143fabef05748dc39f8d2e9d75a014574c3789d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gempak.com//404
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 29 Nov 2023 15:42:57 GMT
strict-transport-security
max-age=31536000; includeSubdomains; preload
via
1.1 7dbea139a5c4f501bc4b0e9d19a50c9a.cloudfront.net (CloudFront)
cf-cache-status
HIT
content-encoding
br
x-content-type-options
nosniff
age
215556
x-amz-cf-pop
FRA60-P5
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 26 Sep 2023 05:58:43 GMT
server
cloudflare
etag
W/"3a17b4859a44e90a7297c11c36df61c0"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/javascript
cache-control
public, max-age=31536000
cf-ray
82dbf6abd8d65d5b-FRA
x-amz-cf-id
JCalRL1gps3Ac0rpzHBgXH1lapFrEYaZKYTBEZ-YCZnGpK_5DMPQ2g==
expires
Thu, 28 Nov 2024 15:42:57 GMT
pixel
ps.eyeota.net/ 		0
344 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ps.eyeota.net/pixel?pid=3gd9gd0&t=ajs&cat=genz_9_24
Requested by
Host: voting.astro.com.my
URL: https://voting.astro.com.my/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
3.120.214.218 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-120-214-218.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gempak.com//404
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date
Wed, 29 Nov 2023 15:42:57 GMT
Content-Length
0
P3P
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"
cd6cddc5-4dca-4d77-9a65-8b894400e772
config.aps.amazon-adsystem.com/configs/ 		537 B
801 B 		Script
General
Check archive.org
Download Go to
Full URL
https://config.aps.amazon-adsystem.com/configs/cd6cddc5-4dca-4d77-9a65-8b894400e772
Requested by
Host: voting.astro.com.my
URL: https://voting.astro.com.my/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.71 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-71.fra6.r.cloudfront.net
Software
CloudFront /
Resource Hash
313d7bad01577d169a368d471264cd2228b145a183fba42679f41e1d2b2a9f27

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gempak.com//404
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 29 Nov 2023 15:26:57 GMT
via
1.1 df86e917220bc08caa68b0eb8ddabe90.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
FRA6-C1
age
960
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=3600
content-length
537
x-amz-cf-id
s7PyiktQStAzipydVvqserRfsMJLlaRqlQ-HjYdjtZm0HY0pskIqJg==
config
c.amazon-adsystem.com/cdn/prod/ 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fgempak.com&pubid=cd6cddc5-4dca-4d77-9a65-8b894400e772
Requested by
Host: voting.astro.com.my
URL: https://voting.astro.com.my/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.1.25 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-1-25.fra56.r.cloudfront.net
Software
Server /
Resource Hash
c86d792f85479bc941b4eb8e817e461f88e5b57097f65c48529b509857bda2ea

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gempak.com//404
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 29 Nov 2023 15:42:57 GMT
via
1.1 bfb5bffe90e3b0e760933a7a07d850ba.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA56-P6
x-cache
Miss from cloudfront
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://gempak.com
cache-control
max-age=21550, s-maxage=21600
access-control-allow-credentials
true
content-length
2196
x-amz-cf-id
sp1nbb-pIvMH85RdXnAE2jD-XBh9sLVzQazwp8qbLrfM0UFdF3xxpw==
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: voting.astro.com.my
URL: https://voting.astro.com.my/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.1.25 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-1-25.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gempak.com//404
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-amz-version-id
9yABOonr2HqHtwbarUcdbIqN0f4A8Qog
content-encoding
gzip
via
1.1 0e37105a96e87c22ff4981659a6dc176.cloudfront.net (CloudFront)
date
Wed, 29 Nov 2023 12:25:25 GMT
x-amz-cf-pop
FRA56-P6
age
11853
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Tue, 29 Aug 2023 08:30:37 GMT
server
AmazonS3
etag
W/"a4d296427fc806b21335359e398c025c"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
vary
Accept-Encoding,Origin
x-amz-cf-id
XjMIyTc4788B2qRGDNINpI3mJDtGGLVeh_He8ZjEfM2KzWfEu-KJXA==
npm.astro-my.63d4bc39fe5949184cb4.chunk.js
gempak.com/ 		299 KB
72 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://gempak.com/npm.astro-my.63d4bc39fe5949184cb4.chunk.js
Requested by
Host: voting.astro.com.my
URL: https://voting.astro.com.my/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:8274 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
418fd2688311ce0b84e51500509b9cb2dde3ef4fa2eb32bebd388be7ca52a121
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gempak.com//404
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 29 Nov 2023 15:42:57 GMT
strict-transport-security
max-age=31536000; includeSubdomains; preload
via
1.1 98559aba51e0c88c6e74c88152fb63ae.cloudfront.net (CloudFront)
cf-cache-status
HIT
content-encoding
br
x-content-type-options
nosniff
age
215553
x-amz-cf-pop
FRA60-P5
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 26 Sep 2023 05:58:43 GMT
server
cloudflare
etag
W/"fd49463753a72995eee0092cbdcb8e66"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/javascript
cache-control
public, max-age=31536000
cf-ray
82dbf6ac29365d5b-FRA
x-amz-cf-id
XYpntxHT0qEpDAoEROgmOPauaGUftjx-rmugCLPetNTKW4FKGi8puQ==
expires
Thu, 28 Nov 2024 15:42:57 GMT
prebid-regular.js
rtbpass-us.andbeyond.media/ 		610 KB
189 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rtbpass-us.andbeyond.media/prebid-regular.js
Requested by
Host: voting.astro.com.my
URL: https://voting.astro.com.my/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.3.52 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
030680d4f2f00af04f0833dfb31ddf08490896150ddd89c1bc547e10a21ad4bc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gempak.com//404
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 29 Nov 2023 15:42:58 GMT
content-encoding
br
via
1.1 varnish
x-amz-request-id
JMM906J4AHASBP3Z
age
0
x-amz-server-side-encryption
AES256
x-cache
HIT
content-length
193081
x-amz-id-2
e6aMbWIa7jjl5QlNSPaqIul29R8NMYVcXyE4hm9qitCux5dmdd8tIFXVdUiKxikl+fTU80xOiUs=
x-served-by
cache-cph2320034-CPH
last-modified
Tue, 14 Nov 2023 03:54:27 GMT
server
AmazonS3
x-timer
S1701272578.034906,VS0,VE724
etag
"8a38c6b4939f2b15897e5a491ddac313"
vary
Accept-Encoding
content-type
text/javascript
cache-control
max-age=86400
accept-ranges
bytes
x-cache-hits
1
a.js
p.adlooxtracking.com/gpt/ 		8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://p.adlooxtracking.com/gpt/a.js
Requested by
Host: voting.astro.com.my
URL: https://voting.astro.com.my/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.231.31 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
31.231.107.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
7ca7a1e30027e42d510cd253b29f1b9f505c04b9af48c9ed20804d9d8006faff
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gempak.com//404
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 29 Nov 2023 14:57:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
via
1.1 google
server
nginx
age
2744
etag
W/"81c857a6c52da1ca7444f198bd33b2ea"
last-modified
Tue, 22 Nov 2022 17:41:01 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public,max-age=3600
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3703
npm.react-responsive-carousel.808d5cf7e4f016035eb0.chunk.js
gempak.com/ 		33 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://gempak.com/npm.react-responsive-carousel.808d5cf7e4f016035eb0.chunk.js
Requested by
Host: voting.astro.com.my
URL: https://voting.astro.com.my/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:8274 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7edbf476ee03931dd8190c5f24df7be362379b175dc55fe3ed1be9ccb922299e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gempak.com//404
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 29 Nov 2023 15:42:58 GMT
strict-transport-security
max-age=31536000; includeSubdomains; preload
via
1.1 bd96095bb3c15c742ab4d72d1fecba6c.cloudfront.net (CloudFront)
cf-cache-status
HIT
content-encoding
br
x-content-type-options
nosniff
age
207975
x-amz-cf-pop
FRA60-P5
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 26 Sep 2023 05:58:43 GMT
server
cloudflare
etag
W/"8b86545d53144ba3b07d7b4d229d661a"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/javascript
cache-control
public, max-age=31536000
cf-ray
82dbf6aca9cd5d5b-FRA
x-amz-cf-id
ZxN0YNY_TRCODeZnOkPF1bTmh0xasmgHYcZUvbwuDemQbmllatCoUQ==
expires
Thu, 28 Nov 2024 15:42:58 GMT
pubcid.min.js
secure.cdn.fastclick.net/js/pubcid/latest/ 		54 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.cdn.fastclick.net/js/pubcid/latest/pubcid.min.js
Requested by
Host: voting.astro.com.my
URL: https://voting.astro.com.my/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.57.19.78 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-57-19-78.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
43f804d38a294c6df1ce8ee64fb95ad0ff5a8d6d5685d9537df02212668a1dff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gempak.com//404
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 29 Nov 2023 15:42:58 GMT
content-encoding
gzip
last-modified
Mon, 23 Jan 2023 19:40:17 GMT
server
Apache
etag
"d734-5f2f3919e751f-gzip"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=900
accept-ranges
bytes
content-length
17407
expires
Wed, 29 Nov 2023 15:57:58 GMT
sync.min.js
tags.crwdcntrl.net/lt/c/16576/ 		39 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.crwdcntrl.net/lt/c/16576/sync.min.js
Requested by
Host: voting.astro.com.my
URL: https://voting.astro.com.my/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.66.97 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-66-97.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
7713183ba1a38b1ea2be2d5f7d3d49dab7b8d468cf78a603e6517ffbd1f33d59

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gempak.com//404
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 29 Nov 2023 06:08:51 GMT
content-encoding
gzip
via
1.1 a618edcb8ddcdae59a3a61a6c82ff54c.cloudfront.net (CloudFront)
last-modified
Wed, 06 Sep 2023 15:56:42 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-C1
age
34448
x-amz-server-side-encryption
AES256
etag
W/"6e8b1f94eaf615b7d0953ad4e8d8bb85"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
public, max-age=86400
x-amz-cf-id
V3q2UAwAfYi5AE_PRRPZ9P7Gr9tifCYx5HYoBVYmu_5L3_fpCKwLsQ==
hadron.js
cdn.hadronid.net/ 		55 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.hadronid.net/hadron.js?url=https%3A%2F%2Fgempak.com%2F%2F404&ref=https%3A%2F%2Fvoting.astro.com.my%2F&_it=amazon&partner_id=632
Requested by
Host: voting.astro.com.my
URL: https://voting.astro.com.my/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:246e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2365cc11ef3d43f265b848c7164e5487c7a49d6af06c2938ac9272c8d91fc1a2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gempak.com//404
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 29 Nov 2023 15:42:58 GMT
content-encoding
gzip
cf-cache-status
HIT
cf-bgj
minify
last-modified
Wed, 29 Nov 2023 15:31:45 GMT
server
cloudflare
x-amz-request-id
01CADRK6PEVBEZB5
age
670
etag
W/"13043c1bbaf21ccc6e8ed474a744d3f2"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=3600
cf-ray
82dbf6ad3a243737-FRA
x-amz-id-2
flKA/w3j/xi2gJ65jogAIT1IJi47Xyyg7sUYQQ2R7nOR/7B5jvPTNgJSLJ3NwqiCDc6W3Pg1WdM=
id5-api.js
cdn.id5-sync.com/api/1.0/ 		151 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.id5-sync.com/api/1.0/id5-api.js
Requested by
Host: voting.astro.com.my
URL: https://voting.astro.com.my/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:3556 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7571db16348512fc55b35102ce3699733cf0882f4b4fb3e652fa8db700c07fb5
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gempak.com//404
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 29 Nov 2023 15:42:58 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-encoding
gzip
cf-cache-status
HIT
last-modified
Tue, 28 Nov 2023 11:19:25 GMT
server
cloudflare
x-amz-request-id
EZ1PSDERW218FAFW
age
605
etag
W/"53159e4ae3ffbda2ff6c0204350035be"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
text/javascript;charset=utf-8
cache-control
public, max-age=3600
cf-ray
82dbf6ad2f935d86-FRA
x-amz-id-2
oVMb9IMEvqTWZ9GB/BWAm8aRsH+Zcvpp191pIn1JsRaQpy0cXvIAvv0GANwtze044P3BZQDZL2E=
npm.core-js.c3b3e2c24d3a1fbc80b0.chunk.js
gempak.com/ 		105 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://gempak.com/npm.core-js.c3b3e2c24d3a1fbc80b0.chunk.js
Requested by
Host: voting.astro.com.my
URL: https://voting.astro.com.my/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:8274 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
85cb90674ad0b183074290b7f775faa663e26255436f804e8f62f7c9a39bedf3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gempak.com//404
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 29 Nov 2023 15:42:58 GMT
strict-transport-security
max-age=31536000; includeSubdomains; preload
via
1.1 765a91ad9951d0108fc1de53e348bac4.cloudfront.net (CloudFront)
cf-cache-status
HIT
content-encoding
br
x-content-type-options
nosniff
age
210508
x-amz-cf-pop
FRA60-P5
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 26 Sep 2023 05:58:43 GMT
server
cloudflare
etag
W/"7d7c60db1ef24372f81e4ce03824b894"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/javascript
cache-control
public, max-age=31536000
cf-ray
82dbf6acfa385d5b-FRA
x-amz-cf-id
XzA9f0EhpdktlQgJaS-fpTBwe9YLcoRri-zoE-b29TCoMZ7-9RNVWQ==
expires
Thu, 28 Nov 2024 15:42:58 GMT
map
bcp.crwdcntrl.net/6/ 		60 B
330 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bcp.crwdcntrl.net/6/map
Requested by
Host: voting.astro.com.my
URL: https://voting.astro.com.my/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.241.138.233 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-241-138-233.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
b55894081269b1da4de31586fecb047557fd5bfac9e0e71ca633baef2244a2ff

Request headers

Referer
https://gempak.com//404
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Wed, 29 Nov 2023 15:42:58 GMT
server
Jetty(9.4.38.v20210224)
content-type
application/json;charset=utf-8
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
https://gempak.com
cache-control
no-cache
x-server
10.45.22.88
access-control-allow-credentials
true
content-length
60
expires
0
npm.react-app-polyfill.0fbf524a000065589bb8.chunk.js
gempak.com/ 		20 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://gempak.com/npm.react-app-polyfill.0fbf524a000065589bb8.chunk.js
Requested by
Host: voting.astro.com.my
URL: https://voting.astro.com.my/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:8274 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7ef11b187e8806e28e33f2973d57038ecb89b2aa4e20cf774a6491cb727d0853
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gempak.com//404
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 29 Nov 2023 15:42:58 GMT
strict-transport-security
max-age=31536000; includeSubdomains; preload
via
1.1 765a91ad9951d0108fc1de53e348bac4.cloudfront.net (CloudFront)
cf-cache-status
HIT
content-encoding
br
x-content-type-options
nosniff
age
207974
x-amz-cf-pop
FRA60-P5
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 26 Sep 2023 05:58:43 GMT
server
cloudflare
etag
W/"99f645725d18b63ef47d22b164bd4940"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/javascript
cache-control
public, max-age=31536000
cf-ray
82dbf6ad6ac45d5b-FRA
x-amz-cf-id
sy6AY5xacF9SHPGcLyUlt3RbY4bhvNjUZ9TbYcNGLMvUw-SapIYo3Q==
expires
Thu, 28 Nov 2024 15:42:58 GMT
hadron.json
id.hadron.ad.gt/v1/ 		95 B
287 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id.hadron.ad.gt/v1/hadron.json?_it=amazon&partner_id=632&sync=0&domain=gempak.com&url=https://gempak.com//404
Requested by
Host: voting.astro.com.my
URL: https://voting.astro.com.my/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:445 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
549a14b0d3b9fe0d43c01ae0e475e8cd91c78cf2562ce5200854adb09f574516

Request headers

Referer
https://gempak.com//404
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type
application/json

Response headers

date
Wed, 29 Nov 2023 15:42:58 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
server
cloudflare
access-control-allow-methods
HEAD,GET,POST,PUT,DELETE,OPTIONS
content-type
application/json
access-control-allow-origin
*
cache-control
private,max-age=30
access-control-allow-credentials
true
debug
NON-OPTIONS
access-control-allow-headers
authorization
cf-ray
82dbf6aecbd0bbe6-FRA
hadron.json
id.hadron.ad.gt/v1/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://id.hadron.ad.gt/v1/hadron.json?_it=amazon&partner_id=632&sync=0&domain=gempak.com&url=https://gempak.com//404
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:445 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://gempak.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
access-control-allow-origin
*
allow
POST, OPTIONS, GET
cache-control
max-age=31536000 public, no-transform
cf-cache-status
DYNAMIC
cf-ray
82dbf6adfa51bbe6-FRA
content-length
0
content-type
application/json
date
Wed, 29 Nov 2023 15:42:58 GMT
debug
OPTIONS block
expires
Thu, 28 Nov 2024 15:42:58 GMT
server
cloudflare
npm.react-redux.e671e33d8ba6bee2d2c8.chunk.js
gempak.com/ 		12 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://gempak.com/npm.react-redux.e671e33d8ba6bee2d2c8.chunk.js
Requested by
Host: voting.astro.com.my
URL: https://voting.astro.com.my/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:8274 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
79424d3878d92040e2f971460d2b565662bc6a73d5c8411f88ddd86da2931ee8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gempak.com//404
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 29 Nov 2023 15:42:58 GMT
strict-transport-security
max-age=31536000; includeSubdomains; preload
via
1.1 b99111dfd026a3c99d0e66063beb0544.cloudfront.net (CloudFront)
cf-cache-status
HIT
content-encoding
br
x-content-type-options
nosniff
age
207974
x-amz-cf-pop
FRA60-P5
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 26 Sep 2023 05:58:43 GMT
server
cloudflare
etag
W/"bffc3cf24e942640b86bca8ca0911ed9"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/javascript
cache-control
public, max-age=31536000
cf-ray
82dbf6adcb535d5b-FRA
x-amz-cf-id
Ev8RSTCw6lAo9DeVBumYLWzxKxhLyDVeeyDSEMaFKSLuGlf6mzpDbg==
expires
Thu, 28 Nov 2024 15:42:58 GMT
npm.formatjs.aba37cb5cf1b2892771e.chunk.js
gempak.com/ 		47 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://gempak.com/npm.formatjs.aba37cb5cf1b2892771e.chunk.js
Requested by
Host: voting.astro.com.my
URL: https://voting.astro.com.my/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:8274 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
33a38095eeb8a778a21895df75b075f20c35621c7091f789f3e44976d763782f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gempak.com//404
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 29 Nov 2023 15:42:58 GMT
strict-transport-security
max-age=31536000; includeSubdomains; preload
via
1.1 671c13f54b1ad36c801a07e5c548b1c8.cloudfront.net (CloudFront)
cf-cache-status
HIT
content-encoding
br
x-content-type-options
nosniff
age
216862
x-amz-cf-pop
FRA60-P5
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 26 Sep 2023 05:58:43 GMT
server
cloudflare
etag
W/"4a3b17a633ab807178c38d0caacd1e99"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/javascript
cache-control
public, max-age=31536000
cf-ray
82dbf6ae1bd35d5b-FRA
x-amz-cf-id
39x1Lx60QZ2uQ0P723nOTme9AFURfUvdPLt3Ul9y-GVoeVFGTppouA==
expires
Thu, 28 Nov 2024 15:42:58 GMT
npm.browserify-sign.09b7f1af3a490d3b55aa.chunk.js
gempak.com/ 		86 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://gempak.com/npm.browserify-sign.09b7f1af3a490d3b55aa.chunk.js
Requested by
Host: voting.astro.com.my
URL: https://voting.astro.com.my/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:8274 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
390a8fa5be78483bda80212a6cf1cdbf0007b1f294926b501db50beab7c684d2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gempak.com//404
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 29 Nov 2023 15:42:58 GMT
strict-transport-security
max-age=31536000; includeSubdomains; preload
via
1.1 79a075303cab256e952b4b0679e1182c.cloudfront.net (CloudFront)
cf-cache-status
HIT
content-encoding
br
x-content-type-options
nosniff
age
216862
x-amz-cf-pop
FRA60-P5
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 26 Sep 2023 05:58:43 GMT
server
cloudflare
etag
W/"ee36519f71adf0b4b5106dce070de2f4"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/javascript
cache-control
public, max-age=31536000
cf-ray
82dbf6ae8c435d5b-FRA
x-amz-cf-id
SW3da9Mt24VsAvN26Bfic-_cBjtpUEWR9M-0TKKAyqqNFxzNSXeTkw==
expires
Thu, 28 Nov 2024 15:42:58 GMT
main.dd5f32e67ccd0cc20896.chunk.js
gempak.com/ 		1 MB
341 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://gempak.com/main.dd5f32e67ccd0cc20896.chunk.js
Requested by
Host: voting.astro.com.my
URL: https://voting.astro.com.my/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:8274 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9f0f1985b9a8c619904ab04f25673c021c716d7b1827479127980c629408a824
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gempak.com//404
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 29 Nov 2023 15:42:58 GMT
strict-transport-security
max-age=31536000; includeSubdomains; preload
via
1.1 7dbea139a5c4f501bc4b0e9d19a50c9a.cloudfront.net (CloudFront)
cf-cache-status
HIT
content-encoding
br
x-content-type-options
nosniff
age
198246
x-amz-cf-pop
FRA60-P5
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 26 Sep 2023 05:58:43 GMT
server
cloudflare
etag
W/"65b925438adb43351c8238d0b30738f7"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/javascript
cache-control
public, max-age=31536000
cf-ray
82dbf6aeecb85d5b-FRA
x-amz-cf-id
0Qz4KKgC6cuj8fgVG46xIyE9708Cjt4TyJikJnnZo5fHbUCFXPKoFg==
expires
Thu, 28 Nov 2024 15:42:58 GMT
async-api.737e0ca6-1227.min.js
js-agent.newrelic.com/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js-agent.newrelic.com/async-api.737e0ca6-1227.min.js
Requested by
Host: voting.astro.com.my
URL: https://voting.astro.com.my/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.2.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a731c3e7e5a97ed0db1a5539f732ce8d7aa8dd4498712783ce7bf971c0343862
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gempak.com//404
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-amz-version-id
xxD3n5WkgAIcsBKQc6rOyJMq0iQP1imY
content-encoding
br
via
1.1 varnish
date
Wed, 29 Nov 2023 15:42:58 GMT
strict-transport-security
max-age=300
x-amz-request-id
JFE9QG1JV5C19WEV
x-amz-server-side-encryption
AES256
x-cache
HIT
cross-origin-resource-policy
cross-origin
content-length
1173
x-amz-id-2
tcxoaZdzHc5tSj6D1w2TVkEopmpya07UyPsX8OxCCBRaBt2mtgZJ0sPKpIPyu/Pvm079lGXCZEM=
x-served-by
cache-cph2320059-CPH
last-modified
Wed, 18 Oct 2023 20:57:46 GMT
server
AmazonS3
x-timer
S1701272579.688650,VS0,VE0
etag
"d12e5c859f6125ad9fcfab27abe9d60a"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=86400, stale-if-error=86400
accept-ranges
bytes
x-cache-hits
34
lazy-loader.540ab0d1-1227.min.js
js-agent.newrelic.com/ 		928 B
910 B 		Script
General
Check archive.org
Download Go to
Full URL
https://js-agent.newrelic.com/lazy-loader.540ab0d1-1227.min.js
Requested by
Host: voting.astro.com.my
URL: https://voting.astro.com.my/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.2.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
51df0d8aebbf2a09eec21bb89998d92349b04f4f91db6044169a6f8d214bf22d
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gempak.com//404
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-amz-version-id
nXnQM8hUORGu9xmXH6U5nb_4xQadm0j7
content-encoding
br
via
1.1 varnish
date
Wed, 29 Nov 2023 15:42:58 GMT
strict-transport-security
max-age=300
x-amz-request-id
7K79V71X1Z6CTCHY
x-amz-server-side-encryption
AES256
x-cache
HIT
cross-origin-resource-policy
cross-origin
content-length
399
x-amz-id-2
AFBCdzWudRrygxOfNx0X7rdzAFpUx8q1igEmbXZ/2beH6byvJ+hHwXxIc8mDrMcK0E9Ir/LZ8k4=
x-served-by
cache-cph2320059-CPH
last-modified
Wed, 18 Oct 2023 20:58:29 GMT
server
AmazonS3
x-timer
S1701272579.688543,VS0,VE0
etag
"a041a84a662929211a210e7b10cc82d0"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=86400, stale-if-error=86400
accept-ranges
bytes
x-cache-hits
53
dest4.html
astro.demdex.net/ Frame FFB7 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://astro.demdex.net/dest4.html?d_nsid=0
Requested by
Host: voting.astro.com.my
URL: https://voting.astro.com.my/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.170.72.30 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-170-72-30.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
3e98bec19d091d0ce45f1cf5c29df8ecdab774b0fd7de3437d7c627e17ade349
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://gempak.com//404
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-encoding
gzip
content-type
text/html;charset=UTF-8
date
Wed, 29 Nov 2023 15:42:58 GMT
dcs
dcs-prod-irl1-2-v054-0036c8079.edge-irl1.demdex.com 0 ms
expires
Thu, 01 Jan 1970 00:00:00 UTC
last-modified
Wed, 8 Nov 2023 17:04:14 GMT
p3p
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
pragma
no-cache
strict-transport-security
max-age=31536000; includeSubDomains
vary
accept-encoding
x-tid
Z3TBbvszTwo=
c.gif
c.clarity.ms/
Redirect Chain
  • https://c.clarity.ms/c.gif
  • https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=27486D69EFB84A6098568CB07B73A916&RedC=c.clarity.ms&MXFR=3F104F5A20236419332B5C8224236AE5
  • https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=27486D69EFB84A6098568CB07B73A916&MUID=25254C39A008605013DD5FE1A1086112
42 B
442 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=27486D69EFB84A6098568CB07B73A916&MUID=25254C39A008605013DD5FE1A1086112
Protocol
H2
Server
68.219.88.97 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gempak.com//404
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 29 Nov 2023 15:42:58 GMT
last-modified
Wed, 30 Aug 2023 19:01:41 GMT
server
Microsoft-IIS/10.0
etag
"8d59566974dbd91:0"
x-powered-by
ASP.NET
content-type
image/gif
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
private, no-cache, proxy-revalidate, no-store
accept-ranges
bytes
content-length
42

Redirect headers

pragma
no-cache
date
Wed, 29 Nov 2023 15:42:58 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 828E3894A0B5419FA9237C16DBF9BF87 Ref B: FRAEDGE1717 Ref C: 2023-11-29T15:42:58Z
x-powered-by
ASP.NET
x-cache
CONFIG_NOCACHE
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=27486D69EFB84A6098568CB07B73A916&MUID=25254C39A008605013DD5FE1A1086112
cache-control
private, no-cache, proxy-revalidate, no-store
content-length
0
632
a.ad.gt/api/v1/u/matches/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a.ad.gt/api/v1/u/matches/632?_it=amazon
Requested by
Host: voting.astro.com.my
URL: https://voting.astro.com.my/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:545 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3b859b50e9c18c4f387eb45ff0f7888ff58d5920acaa646bedadf94b48b570d2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gempak.com//404
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 29 Nov 2023 15:42:58 GMT
content-encoding
gzip
cf-cache-status
EXPIRED
last-modified
Wed, 29 Nov 2023 15:36:44 GMT
server
cloudflare
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=14400
cross-origin-resource-policy
cross-origin
cf-ray
82dbf6b10d632c2e-FRA
1.2de93ed168e853acbdbe.chunk.js
gempak.com/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://gempak.com/1.2de93ed168e853acbdbe.chunk.js
Requested by
Host: voting.astro.com.my
URL: https://voting.astro.com.my/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:8274 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fef25a2b6e39201daf72e8cc609e3f8876af67bc761eede56da99270ea3c6774
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gempak.com//404
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 29 Nov 2023 15:42:58 GMT
strict-transport-security
max-age=31536000; includeSubdomains; preload
via
1.1 628e5146add9b3daeb91ab8792398818.cloudfront.net (CloudFront)
cf-cache-status
HIT
content-encoding
br
x-content-type-options
nosniff
age
220770
x-amz-cf-pop
FRA60-P5
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 26 Sep 2023 05:58:41 GMT
server
cloudflare
etag
W/"998af7472d9ee2e66325d786c27ec795"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/javascript
cache-control
public, max-age=31536000
cf-ray
82dbf6b09ec65d5b-FRA
x-amz-cf-id
_LNZHu2NA40iS1Q1qOtVlMOCPh8sUN_GwC8QsWKNGTbau5enzHcxpg==
expires
Thu, 28 Nov 2024 15:42:58 GMT
2.8fcfb5719b2c5d87b1d3.chunk.js
gempak.com/ 		1 KB
879 B 		Script
General
Check archive.org
Download Go to
Full URL
https://gempak.com/2.8fcfb5719b2c5d87b1d3.chunk.js
Requested by
Host: voting.astro.com.my
URL: https://voting.astro.com.my/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:8274 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
34be0ac88bec325e6c47361e342cdc3c7cf87aa61f429bb67e791a1c9f242c3d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gempak.com//404
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 29 Nov 2023 15:42:58 GMT
strict-transport-security
max-age=31536000; includeSubdomains; preload
via
1.1 bd96095bb3c15c742ab4d72d1fecba6c.cloudfront.net (CloudFront)
cf-cache-status
HIT
content-encoding
br
x-content-type-options
nosniff
age
43423
x-amz-cf-pop
FRA60-P5
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 26 Sep 2023 05:58:41 GMT
server
cloudflare
etag
W/"0c9f209ef3f1579cfeb9413e7c3ab033"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/javascript
cache-control
public, max-age=31536000
cf-ray
82dbf6b09eca5d5b-FRA
x-amz-cf-id
fEQS2UwSeFYJ4tJUr3dOuP4eUPJcEOPUPTJoIMIafqIqnTdOvbSIWw==
expires
Thu, 28 Nov 2024 15:42:58 GMT
10.2b90f9da759f7d31e27f.chunk.js
gempak.com/ 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://gempak.com/10.2b90f9da759f7d31e27f.chunk.js
Requested by
Host: voting.astro.com.my
URL: https://voting.astro.com.my/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:8274 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0b87b7d1b44eecca2e7eeb98975dc31ed574b8ec8502f549c7693495f0bb0c8d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gempak.com//404
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 29 Nov 2023 15:42:58 GMT
strict-transport-security
max-age=31536000; includeSubdomains; preload
via
1.1 765a91ad9951d0108fc1de53e348bac4.cloudfront.net (CloudFront)
cf-cache-status
HIT
content-encoding
br
x-content-type-options
nosniff
age
198245
x-amz-cf-pop
FRA60-P5
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 26 Sep 2023 05:58:41 GMT
server
cloudflare
etag
W/"3ee54b90a35016582cd709fae0a5b727"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/javascript
cache-control
public, max-age=31536000
cf-ray
82dbf6b09ecb5d5b-FRA
x-amz-cf-id
hwjjpu0MdX8Wegec2xXAihPzgfkOVC7AKsgwmprxc9UFiZxMiVnJww==
expires
Thu, 28 Nov 2024 15:42:58 GMT
28.8d2382a46758ae5243a5.chunk.js
gempak.com/ 		138 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://gempak.com/28.8d2382a46758ae5243a5.chunk.js
Requested by
Host: voting.astro.com.my
URL: https://voting.astro.com.my/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:8274 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa46eaab9fb219a9b500df37f8a5ca28fa77665d0fa7f4101d6a7fbda566b61a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gempak.com//404
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 29 Nov 2023 15:42:58 GMT
strict-transport-security
max-age=31536000; includeSubdomains; preload
via
1.1 79a075303cab256e952b4b0679e1182c.cloudfront.net (CloudFront)
cf-cache-status
HIT
content-encoding
br
x-content-type-options
nosniff
age
198245
x-amz-cf-pop
FRA60-P5
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 26 Sep 2023 05:58:42 GMT
server
cloudflare
etag
W/"5370b41f5b1cdeec82d3882bfc81a990"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/javascript
cache-control
public, max-age=31536000
cf-ray
82dbf6b09ecf5d5b-FRA
x-amz-cf-id
cfPlmJCuoC4rRuhXHqpE1dcekl-9NK1hzawDqFLpaQupaajkTOnc9g==
expires
Thu, 28 Nov 2024 15:42:58 GMT
cs.js
sb.scorecardresearch.com/internal-c2/default/
Redirect Chain
  • https://sb.scorecardresearch.com/c2/38465268/cs.js
  • https://sb.scorecardresearch.com/internal-c2/default/cs.js
0
384 B 		Script
General
Check archive.org
Download Go to
Full URL
https://sb.scorecardresearch.com/internal-c2/default/cs.js
Protocol
H2
Server
108.138.26.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-26-18.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gempak.com//404
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 29 Nov 2023 15:04:06 GMT
via
1.1 62e7b24ca032b612bb93fa7f3437469c.cloudfront.net (CloudFront)
last-modified
Mon, 03 Jul 2023 14:48:48 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P7
age
24115
x-amz-server-side-encryption
AES256
etag
"d41d8cd98f00b204e9800998ecf8427e"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=86400
accept-ranges
bytes
content-length
0
x-amz-cf-id
t4HBZImCgMzz-mPIzAAUctABlkYdgxtaGJFjPJqLcOKSB0FhD7UVZw==

Redirect headers

date
Wed, 29 Nov 2023 15:42:58 GMT
via
1.1 62e7b24ca032b612bb93fa7f3437469c.cloudfront.net (CloudFront)
accept-ch
UA, Platform, Arch, Model, Mobile
x-amz-cf-pop
FRA56-P7
x-cache
Miss from cloudfront
location
/internal-c2/default/cs.js
content-length
0
x-amz-cf-id
o3BLNQVb0fgy58qzPyTO_raQXKmpkW_KUVeX65lTgUGx1vCUVp3yyA==
collect
u.clarity.ms/ 		0
290 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://u.clarity.ms/collect
Requested by
Host: voting.astro.com.my
URL: https://voting.astro.com.my/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
4.227.249.197 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/x-clarity-gzip
Referer
https://gempak.com//404
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Access-Control-Allow-Origin
https://gempak.com
Date
Wed, 29 Nov 2023 15:42:58 GMT
Access-Control-Allow-Credentials
true
Server
nginx/1.18.0 (Ubuntu)
Connection
keep-alive
Vary
Origin
Request-Context
appId=cid-v1:9c7c879b-c51a-427e-9701-218438da5f81
config.json
digital-fortress-assets.eco.astro.com.my/prod/config/6JVBazv73Q/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://digital-fortress-assets.eco.astro.com.my/prod/config/6JVBazv73Q/config.json
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:c400:3:d4b:fac0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
cache-control
Access-Control-Request-Method
GET
Origin
https://gempak.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

access-control-allow-headers
cache-control
access-control-allow-methods
GET, HEAD
access-control-allow-origin
*
access-control-expose-headers
ETag
content-length
0
date
Wed, 29 Nov 2023 15:43:00 GMT
server
AmazonS3
vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method
via
1.1 24475cc722041223cf99f56b55432566.cloudfront.net (CloudFront)
x-amz-cf-id
eUnfpQomhIt3rNhZWe3swLgfHVxseoSU1vOf0kyDZDeOGKcssX5lvQ==
x-amz-cf-pop
FRA50-C1
x-cache
Miss from cloudfront
config.json
digital-fortress-assets.eco.astro.com.my/prod/config/6JVBazv73Q/ 		86 KB
17 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://digital-fortress-assets.eco.astro.com.my/prod/config/6JVBazv73Q/config.json
Requested by
Host: voting.astro.com.my
URL: https://voting.astro.com.my/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:c400:3:d4b:fac0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
9b056a512decad006747f1ad10be4c3a04350a3bf50d1d7e5d64ed3a6b8e7f49

Request headers

cache-control
no-cache
Referer
https://gempak.com//404
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-amz-version-id
RaXXd5KLFxOTu5WSl2wLYMXPekPJKhON
content-encoding
gzip
via
1.1 24475cc722041223cf99f56b55432566.cloudfront.net (CloudFront)
date
Wed, 29 Nov 2023 15:43:01 GMT
x-amz-cf-pop
FRA50-C1
x-amz-server-side-encryption
AES256
x-cache
RefreshHit from cloudfront
last-modified
Wed, 29 Nov 2023 09:30:36 GMT
server
AmazonS3
etag
W/"4bd6c191e3c8526d0f15730c294232f8"
vary
Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods
GET, HEAD
content-type
application/json
access-control-allow-origin
*
access-control-expose-headers
ETag
x-amz-cf-id
PW9UmHFcd0rEH5VQ1ZSQwS2uzw4Bd4h4mjrvcqevRBZGF_h59jYsyw==
analytics.js
www.google-analytics.com/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: voting.astro.com.my
URL: https://voting.astro.com.my/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gempak.com//404
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Wed, 29 Nov 2023 13:49:38 GMT
last-modified
Mon, 12 Jun 2023 18:23:07 GMT
server
Golfe2
age
6800
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Wed, 29 Nov 2023 15:49:38 GMT
destination
www.googletagmanager.com/gtag/ 		243 KB
84 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/destination?id=G-K6Q5ED8R4T&l=dataLayer&cx=c
Requested by
Host: voting.astro.com.my
URL: https://voting.astro.com.my/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
933c64091a7be6134b742dcf952eea56adad38f9aa0ffc5f07fb1786cfdb5b25
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gempak.com//404
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 29 Nov 2023 15:42:58 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
85973
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Wed, 29 Nov 2023 15:42:58 GMT
ibs:dpid=359&dpuuid=MDL1Q4sC1R8mIi5
dpm.demdex.net/ Frame FFB7
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?st=dmx&rurl=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D359%26dpuuid%3D_wfivefivec_
  • https://pm.w55c.net/ping_match.gif?scc=1&st=dmx&rurl=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D359%26dpuuid%3D_wfivefivec_
  • https://dpm.demdex.net/ibs:dpid=359&dpuuid=MDL1Q4sC1R8mIi5
42 B
720 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=359&dpuuid=MDL1Q4sC1R8mIi5
Protocol
H2
Server
54.170.72.30 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-170-72-30.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://astro.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

dcs
dcs-prod-irl1-2-v054-09f0ac7a1.edge-irl1.demdex.com 8 ms
pragma
no-cache
date
Wed, 29 Nov 2023 15:42:58 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
content-encoding
gzip
x-tid
D2DZ+Om7Sf0=
content-type
image/gif
p3p
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
cache-control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-length
59
expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Pragma
no-cache
Date
Wed, 29 Nov 2023 15:42:58 GMT
Strict-Transport-Security
max-age=2592000; includeSubDomains
Server
PingMatch/v2.0.30-795-gb641a57#rel-ec2-master i-0f7f5cc7c951f6e61@eu-central-1b@dxedge-app-eu-central-1-prod-asg
Location
https://dpm.demdex.net/ibs:dpid=359&dpuuid=MDL1Q4sC1R8mIi5
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
178.52056f28-1227.min.js
js-agent.newrelic.com/ 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js-agent.newrelic.com/178.52056f28-1227.min.js
Requested by
Host: voting.astro.com.my
URL: https://voting.astro.com.my/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.2.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
96884203ea0efacd55e8a8a17d91081a6b74c1bae49f8cfb241a84386478f990
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gempak.com//404
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-amz-version-id
XXnPamRscOfwAdxyJ.Xag79c6x.nTIWH
content-encoding
br
via
1.1 varnish
date
Wed, 29 Nov 2023 15:42:58 GMT
strict-transport-security
max-age=300
x-amz-request-id
996KHR12PPFCX2AX
x-amz-server-side-encryption
AES256
x-cache
HIT
cross-origin-resource-policy
cross-origin
content-length
3984
x-amz-id-2
cJiA1e/y7gvze9rjh8IEiIvCRFSiVZCehP1WuhFgNUQt6uoDFTC4sBZaF5TSXUQzuVKCIFjLa8g=
x-served-by
cache-cph2320059-CPH
last-modified
Wed, 18 Oct 2023 20:56:07 GMT
server
AmazonS3
x-timer
S1701272579.731388,VS0,VE0
etag
"b21a67c8e50dcceef0405ebb063eca96"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=86400, stale-if-error=86400
accept-ranges
bytes
x-cache-hits
55
page_view_event-aggregate.2ae3c96c-1227.min.js
js-agent.newrelic.com/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js-agent.newrelic.com/page_view_event-aggregate.2ae3c96c-1227.min.js
Requested by
Host: voting.astro.com.my
URL: https://voting.astro.com.my/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.2.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
20809e367d9088cdf13745d0cf95e750bdce002aa479bdd3fd1b90e455bf44db
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gempak.com//404
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-amz-version-id
oDmL7xg6aLtfbytYPI2kResXpvF1e_1T
content-encoding
br
via
1.1 varnish
date
Wed, 29 Nov 2023 15:42:58 GMT
strict-transport-security
max-age=300
x-amz-request-id
Z8RDTJPDB89307WD
x-amz-server-side-encryption
AES256
x-cache
HIT
cross-origin-resource-policy
cross-origin
content-length
1754
x-amz-id-2
ODKWzcGDtBeGqdaL62qYLlqwPWsAGs6cyz1Gv6F5MLwZUlhXvVVxPxyPYj4w1hyGGyQeoBXVmFU=
x-served-by
cache-cph2320059-CPH
last-modified
Wed, 18 Oct 2023 21:34:32 GMT
server
AmazonS3
x-timer
S1701272579.731418,VS0,VE0
etag
"f768d3f0fb8ea163c644cfa4a536676d"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=86400, stale-if-error=86400
accept-ranges
bytes
x-cache-hits
36
page_view_timing-aggregate.a7d9d7be-1227.min.js
js-agent.newrelic.com/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js-agent.newrelic.com/page_view_timing-aggregate.a7d9d7be-1227.min.js
Requested by
Host: voting.astro.com.my
URL: https://voting.astro.com.my/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.2.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
7e81c0026102621c4adc2770334c4a933286676ece8f0e5e9ac91e0c54a16945
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gempak.com//404
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-amz-version-id
rW3Ut6Zm833_MNYzGO6LVQiN6Gb46OgL
content-encoding
br
via
1.1 varnish
date
Wed, 29 Nov 2023 15:42:58 GMT
strict-transport-security
max-age=300
x-amz-request-id
Z8R05WK5FPQ1934Q
x-amz-server-side-encryption
AES256
x-cache
HIT
cross-origin-resource-policy
cross-origin
content-length
2302
x-amz-id-2
hbQepk++UTB1eBW7TITJcGLMsw61kSYXxgl6y77ZQYWSEQyzlzy3iDMauTJsFkYcbe2kROc+viM=
x-served-by
cache-cph2320059-CPH
last-modified
Wed, 18 Oct 2023 21:34:58 GMT
server
AmazonS3
x-timer
S1701272579.734060,VS0,VE0
etag
"eb3b7aaf78edc0a629532c28a1c06b8a"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=86400, stale-if-error=86400
accept-ranges
bytes
x-cache-hits
55
metrics-aggregate.28086cfb-1227.min.js
js-agent.newrelic.com/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js-agent.newrelic.com/metrics-aggregate.28086cfb-1227.min.js
Requested by
Host: voting.astro.com.my
URL: https://voting.astro.com.my/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.2.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
7f4f3336e0e35f086435f2037ee0a52abf3ced5e386c74a5ccc2f18edd1c3207
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gempak.com//404
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-amz-version-id
otJN54R23Iz1Vd9LakxTIwxalt8BTvuV
content-encoding
br
via
1.1 varnish
date
Wed, 29 Nov 2023 15:42:58 GMT
strict-transport-security
max-age=300
x-amz-request-id
400GVF39T3MG6W53
x-amz-server-side-encryption
AES256
x-cache
HIT
cross-origin-resource-policy
cross-origin
content-length
1822
x-amz-id-2
1G+G3TC7WFwMDzP0mN+8/Ods0zS1smFFg4gTRkjDn5o4hSVGSOKQyO1QrxjucPsY+1gyAeaGGvQ=
x-served-by
cache-cph2320059-CPH
last-modified
Wed, 18 Oct 2023 20:58:38 GMT
server
AmazonS3
x-timer
S1701272579.734052,VS0,VE0
etag
"fd7ae418fde6eab067f9005c5dccc62b"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=86400, stale-if-error=86400
accept-ranges
bytes
x-cache-hits
53
jserrors-aggregate.941c6e17-1227.min.js
js-agent.newrelic.com/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js-agent.newrelic.com/jserrors-aggregate.941c6e17-1227.min.js
Requested by
Host: voting.astro.com.my
URL: https://voting.astro.com.my/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.2.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
69b32d756292121e2117de2a537e21b4904552251a9e1e26e702d679f7663526
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gempak.com//404
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-amz-version-id
3qCb10uDuaHjFJQAJQJz3qxIJpAfaMso
content-encoding
br
via
1.1 varnish
date
Wed, 29 Nov 2023 15:42:58 GMT
strict-transport-security
max-age=300
x-amz-request-id
Z8R506ZWBAKYTC2J
x-amz-server-side-encryption
AES256
x-cache
HIT
cross-origin-resource-policy
cross-origin
content-length
3073
x-amz-id-2
3LZaMPsCwODnu/EfWohIcmDCby2MQQjJO2SbKHcKGCaRkQLzwoxdOhwf8y95/5+nUO0d/A/21N0=
x-served-by
cache-cph2320059-CPH
last-modified
Wed, 18 Oct 2023 20:58:12 GMT
server
AmazonS3
x-timer
S1701272579.734270,VS0,VE0
etag
"8a0b3cc73395206dfac178f98f412980"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=86400, stale-if-error=86400
accept-ranges
bytes
x-cache-hits
54
ajax-aggregate.52cc993d-1227.min.js
js-agent.newrelic.com/ 		5 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js-agent.newrelic.com/ajax-aggregate.52cc993d-1227.min.js
Requested by
Host: voting.astro.com.my
URL: https://voting.astro.com.my/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.2.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f025516815a6f6cebe8eecae606c07df1144a6776a8773909ec484a7bc00d9e3
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gempak.com//404
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-amz-version-id
N3yNKoOBGvUf2dAWBg1iio7SS069y93f
content-encoding
br
via
1.1 varnish
date
Wed, 29 Nov 2023 15:42:58 GMT
strict-transport-security
max-age=300
x-amz-request-id
996ZT0FYT61SWQH4
x-amz-server-side-encryption
AES256
x-cache
HIT
cross-origin-resource-policy
cross-origin
content-length
2458
x-amz-id-2
HspLgVyX3vSZ/v5rv0R5rlxSydUdEIkPWpNkEOheffimH6biZ1BnfzMaUEoTl5tt86LGOO4O6Q4=
x-served-by
cache-cph2320059-CPH
last-modified
Wed, 18 Oct 2023 20:57:24 GMT
server
AmazonS3
x-timer
S1701272579.735258,VS0,VE0
etag
"02a285136a56fd1bcf1e6bf9df3ce3f5"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=86400, stale-if-error=86400
accept-ranges
bytes
x-cache-hits
37
session_trace-aggregate.545db67a-1227.min.js
js-agent.newrelic.com/ 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js-agent.newrelic.com/session_trace-aggregate.545db67a-1227.min.js
Requested by
Host: voting.astro.com.my
URL: https://voting.astro.com.my/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.2.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
2e385f33cc0f04ff34640fd671e218e34ab359a851f4aaf0e368543ca71eb91f
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gempak.com//404
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-amz-version-id
IX9ai9FgwteB3A3UPKezS28gbL8RSLqb
content-encoding
br
via
1.1 varnish
date
Wed, 29 Nov 2023 15:42:58 GMT
strict-transport-security
max-age=300
x-amz-request-id
Z8R38RM55VAKSYB9
x-amz-server-side-encryption
AES256
x-cache
HIT
cross-origin-resource-policy
cross-origin
content-length
3931
x-amz-id-2
VBWHgsq1yu/Tey/CluEwS7flFYTBwkRrfnsKaZyazMQogPyROfz4EqyDs6zmivmdtE2PrQAl2c8=
x-served-by
cache-cph2320059-CPH
last-modified
Wed, 18 Oct 2023 21:36:03 GMT
server
AmazonS3
x-timer
S1701272579.735730,VS0,VE0
etag
"00f1a92b2eb88dcbd4684c44ca621600"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=86400, stale-if-error=86400
accept-ranges
bytes
x-cache-hits
4018
page_action-aggregate.2f41aaf7-1227.min.js
js-agent.newrelic.com/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js-agent.newrelic.com/page_action-aggregate.2f41aaf7-1227.min.js
Requested by
Host: voting.astro.com.my
URL: https://voting.astro.com.my/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.2.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
7eeb8f5fe5d1db1f669d2f96afec846928617ee6bb6d597c698c7da61ff29f13
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gempak.com//404
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-amz-version-id
I2lCsOZrN.Kkd9qicdUbhnWgny7yGInC
content-encoding
br
via
1.1 varnish
date
Wed, 29 Nov 2023 15:42:58 GMT
strict-transport-security
max-age=300
x-amz-request-id
Z8R0X0GADQV0NRSG
x-amz-server-side-encryption
AES256
x-cache
HIT
cross-origin-resource-policy
cross-origin
content-length
1248
x-amz-id-2
5xQKUwnhnUYLi49tJQ68qCxKs4hP2Bvhxhvm4ACPJaoZj2OGud5bm9uKiyBUgRQ3yDffR1QtaW8=
x-served-by
cache-cph2320059-CPH
last-modified
Wed, 18 Oct 2023 21:34:16 GMT
server
AmazonS3
x-timer
S1701272579.735674,VS0,VE0
etag
"92a020a299ca63b75917d615a52d026c"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=86400, stale-if-error=86400
accept-ranges
bytes
x-cache-hits
53
spa-aggregate.494130b7-1227.min.js
js-agent.newrelic.com/ 		18 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js-agent.newrelic.com/spa-aggregate.494130b7-1227.min.js
Requested by
Host: voting.astro.com.my
URL: https://voting.astro.com.my/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.2.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
8610d116c02bfa0c447943a326878b3e8e51a46192a18f70589c22bf7b5a1193
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gempak.com//404
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-amz-version-id
vQ3elkESakdrjnhq00lo0PPUgB0Gj4.e
content-encoding
br
via
1.1 varnish
date
Wed, 29 Nov 2023 15:42:58 GMT
strict-transport-security
max-age=300
x-amz-request-id
5Q1Q5N1TT7C740F6
x-amz-server-side-encryption
AES256
x-cache
HIT
cross-origin-resource-policy
cross-origin
content-length
7008
x-amz-id-2
q1iKSvXZ8xbSeYxqRYRHXXFUrWA/Q5bj+10fUVe2ygSTrsuT9dzf4QLGwHGZ05K/pwTeG16otU4=
x-served-by
cache-cph2320059-CPH
last-modified
Wed, 18 Oct 2023 21:36:22 GMT
server
AmazonS3
x-timer
S1701272579.735816,VS0,VE0
etag
"c9a85289539a80c3ce75d510ee52f0c6"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=86400, stale-if-error=86400
accept-ranges
bytes
x-cache-hits
55
ibs:dpid=466&dpuuid=%s
dpm.demdex.net/ Frame FFB7
Redirect Chain
  • https://image5.pubmatic.com/AdServer/usersync/usersync.html?predirect=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid=466%26dpuuid=PM_UID&userIdMacro=PM_UID
  • https://dpm.demdex.net/ibs:dpid=466&dpuuid=%s
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=466&dpuuid=%s
Protocol
H2
Server
54.170.72.30 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-170-72-30.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://astro.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Redirect headers

pragma
no-cache
date
Wed, 29 Nov 2023 15:42:59 GMT
server
nginx
etag
"60b842b2-cde"
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
location
https://dpm.demdex.net/ibs:dpid=466&dpuuid=%s
content-type
text/html
cache-control
max-age=0, no-cache, no-store
content-length
154
expires
Wed, 29 Nov 2023 15:42:59 GMT
collect
www.google-analytics.com/j/ 		3 B
23 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1490772153&t=event&ni=1&_s=1&dl=https%3A%2F%2Fgempak.com%2F%2F404&dr=https%3A%2F%2Fvoting.astro.com.my%2F&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Web%20Vitals&ea=FCP&el=v1-1701272578675-9634740737611&ev=1796&_u=YADAAEABAAAAACAAI~&jid=308514679&gjid=1738571353&cid=1730769388.1701272577&tid=UA-20278225-157&_gid=2138228162.1701272579&_r=1&_slc=1&gtm=45He3b81n81N7MCZVSv831823618&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&z=1630666748
Requested by
Host: voting.astro.com.my
URL: https://voting.astro.com.my/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://gempak.com//404
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 29 Nov 2023 15:42:58 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://gempak.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j101&a=1490772153&t=event&ni=1&_s=1&dl=https%3A%2F%2Fgempak.com%2F%2F404&dr=https%3A%2F%2Fvoting.astro.com.my%2F&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Web%20Vitals&ea=TTFB&el=v1-1701272578680-9225181963992&ev=1513&_u=YADAAEABAAAAACAAI~&jid=&gjid=&cid=1730769388.1701272577&tid=UA-20278225-157&_gid=2138228162.1701272579&gtm=45He3b81n81N7MCZVSv831823618&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&z=400971599
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gempak.com//404
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 29 Nov 2023 14:13:02 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
5396
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
region1.analytics.google.com/g/ 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-K6Q5ED8R4T&gtm=45je3b81v884855698z8831823618&_p=1701272576497&_gaz=1&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=1730769388.1701272577&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1701272578&sct=1&seg=0&dl=https%3A%2F%2Fgempak.com%2F%2F404&dr=https%3A%2F%2Fvoting.astro.com.my%2F&dt=&en=web_vitals&_fv=1&_ss=1&ep.event_category=Web%20Vitals&ep.event_action=FCP&ep.event_label=v1-1701272578675-9634740737611&epn.event_value=1796&tfd=4205
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=G-K6Q5ED8R4T&l=dataLayer&cx=c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gempak.com//404
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 29 Nov 2023 15:42:58 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://gempak.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/ 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-K6Q5ED8R4T&cid=1730769388.1701272577&gtm=45je3b81v884855698z8831823618&aip=1&dma=1&dma_cps=sypham&gcd=11l1l1l1l1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=G-K6Q5ED8R4T&l=dataLayer&cx=c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400c:c07::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gempak.com//404
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 29 Nov 2023 15:42:58 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://gempak.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-K6Q5ED8R4T&cid=1730769388.1701272577&gtm=45je3b81v884855698z8831823618&aip=1&dma=1&dma_cps=sypham&gcd=11l1l1l1l1&z=1893008994
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gempak.com//404
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 29 Nov 2023 15:42:58 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ibs:dpid=771&dpuuid=CAESEJgCGiSM-fyc1NeijqFyNAI&google_cver=1
dpm.demdex.net/ Frame FFB7
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=adobe_dmp&google_cm&gdpr=0&gdpr_consent=&google_hm=NjQ3NjQ2NjE5NDk0NDY0MDE0NDM3OTUyNTAxMTY5ODg4NzY5Njg=
  • https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESEJgCGiSM-fyc1NeijqFyNAI&google_cver=1?gdpr=0&gdpr_consent=
42 B
719 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESEJgCGiSM-fyc1NeijqFyNAI&google_cver=1?gdpr=0&gdpr_consent=
Protocol
H2
Server
54.170.72.30 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-170-72-30.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://astro.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

dcs
dcs-prod-irl1-2-v054-089284889.edge-irl1.demdex.com 2 ms
pragma
no-cache
date
Wed, 29 Nov 2023 15:42:58 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
content-encoding
gzip
x-tid
Q/LR1QryT3U=
content-type
image/gif
p3p
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
cache-control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-length
59
expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

pragma
no-cache
date
Wed, 29 Nov 2023 15:42:58 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESEJgCGiSM-fyc1NeijqFyNAI&google_cver=1?gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
314
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
region1.analytics.google.com/g/ 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-K6Q5ED8R4T&gtm=45je3b81v884855698z8831823618&_p=1701272576497&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=1730769388.1701272577&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=2&sid=1701272578&sct=1&seg=0&dl=https%3A%2F%2Fgempak.com%2F%2F404&dr=https%3A%2F%2Fvoting.astro.com.my%2F&dt=&en=web_vitals&ep.event_category=Web%20Vitals&ep.event_action=TTFB&ep.event_label=v1-1701272578680-9225181963992&epn.event_value=1513&_et=5&tfd=4239
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=G-K6Q5ED8R4T&l=dataLayer&cx=c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gempak.com//404
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 29 Nov 2023 15:42:58 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://gempak.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
1x1
pixel.everesttech.net/ Frame FFB7
Redirect Chain
  • https://pixel.everesttech.net/1/gr?url=https%3A%2F%2Fpixel.everesttech.net%2F1x1%3F
  • https://cm.g.doubleclick.net/pixel?google_nid=everest&google_cm&google_sc&ev_rs=1&google_hm=WldkY0F3QUFCU0BaQzIzOA&url=/1/gr%3furl=https%253A%252F%252Fpixel.everesttech.net%252F1x1%253F
  • https://cm.everesttech.net/cm/ax?cookieid=&ev_rs=1&url=/1/gr%3Furl=https%253A%252F%252Fpixel.everesttech.net%252F1x1%253F&google_gid=CAESECle4u6JpXCWj2Cakk3fs6Y&google_cver=1
  • https://cm.g.doubleclick.net/pixel?google_nid=everest&google_cm&google_sc&ev_rs=1&url=/1x1&google_hm=WldkY0F3QUFBTEt1WWdOLQ
  • https://cm.everesttech.net/cm/ax?cookieid=&ev_rs=1&url=/1x1&google_gid=CAESECle4u6JpXCWj2Cakk3fs6Y&google_cver=1
  • https://pixel.everesttech.net/1x1
128 B
796 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.everesttech.net/1x1
Protocol
HTTP/1.1
Server
54.77.160.81 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-77-160-81.eu-west-1.compute.amazonaws.com
Software
Apache /
Resource Hash
bf94db5c7d218f9a2a2edfff6c01bf65f5946a32000cd41835fee5b564efa62f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://astro.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date
Wed, 29 Nov 2023 15:42:59 GMT
Last-Modified
Mon, 19 Jul 2021 07:56:25 GMT
Server
Apache
ETag
"b3b521-80-5c775461d9c40"
P3P
CP="NOI DEVa TAIa PSAa PSDa OUR IND UNI COM NAV INT", CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"
Content-Type
image/png
Cache-Control
no-cache, no-cache
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
128

Redirect headers

Location
https://pixel.everesttech.net/1x1
Date
Wed, 29 Nov 2023 15:42:59 GMT
Cache-Control
no-cache
Server
AMO-cookiemap/1.1
Connection
keep-alive
Content-Length
0
P3P
CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"
NRJS-1ffcf877306be2999e8
bam.nr-data.net/1/ 		56 B
402 B 		Script
General
Check archive.org
Download Go to
Full URL
https://bam.nr-data.net/1/NRJS-1ffcf877306be2999e8?a=594400617&sa=1&v=1227.PROD&t=Unnamed%20Transaction&rst=4253&ck=0&s=f02d3676ca99dcde&ref=https://gempak.com//404&be=1894&fe=2103&dc=2102&af=err,xhr,stn,ins,spa&perf=%7B%22timing%22:%7B%22of%22:1701272574590,%22n%22:0,%22f%22:1,%22dn%22:23,%22dne%22:23,%22c%22:23,%22s%22:45,%22ce%22:77,%22rq%22:77,%22rp%22:1513,%22rpe%22:1791,%22dl%22:1547,%22di%22:1886,%22ds%22:1890,%22de%22:1890,%22dc%22:1891,%22l%22:1891,%22le%22:1908%7D,%22navigation%22:%7B%7D%7D&fp=1796&fcp=1796&jsonp=NREUM.setToken
Requested by
Host: voting.astro.com.my
URL: https://voting.astro.com.my/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.247.243.29 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
f9745c48d0b4c918d466da4acdb3f786ef5cda4c69ac0b6009d76cff67e6325d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gempak.com//404
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 29 Nov 2023 15:42:59 GMT
access-control-allow-methods
GET, POST, PUT, HEAD, OPTIONS
content-type
text/javascript
access-control-allow-origin
*
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
Connection
keep-alive
Content-Length
56
x-served-by
cache-fra-eddf8230116-FRA
1x1
pixel.everesttech.net/ Frame FFB7
Redirect Chain
  • https://pixel.everesttech.net/1/gr?url=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537072980%26val%3D__EFGSURFER__.__EFGCK__
  • https://cm.g.doubleclick.net/pixel?google_nid=everest&google_cm&google_sc&ev_rs=1&google_hm=WldkYjh3QUFCWG9COWhOTQ&url=/1/gr%3furl=https%253A%252F%252Fus-u.openx.net%252Fw%252F1.0%252Fsd%253Fid%253...
  • https://cm.everesttech.net/cm/ax?cookieid=&ev_rs=1&url=/1/gr%3Furl=https%253A%252F%252Fus-u.openx.net%252Fw%252F1.0%252Fsd%253Fid%253D537072980%2526val%253D__EFGSURFER__.__EFGCK__&google_gid=CAESEC...
  • https://cm.g.doubleclick.net/pixel?google_nid=everest&google_cm&google_sc&ev_rs=1&url=/1x1&google_hm=WldkY0F3QUFBTjNDQXdObg
  • https://cm.everesttech.net/cm/ax?cookieid=&ev_rs=1&url=/1x1&google_gid=CAESECle4u6JpXCWj2Cakk3fs6Y&google_cver=1
  • https://pixel.everesttech.net/1x1
128 B
796 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.everesttech.net/1x1
Protocol
HTTP/1.1
Server
54.77.160.81 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-77-160-81.eu-west-1.compute.amazonaws.com
Software
Apache /
Resource Hash
bf94db5c7d218f9a2a2edfff6c01bf65f5946a32000cd41835fee5b564efa62f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://astro.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date
Wed, 29 Nov 2023 15:42:59 GMT
Last-Modified
Mon, 19 Jul 2021 07:56:25 GMT
Server
Apache
ETag
"36b521-80-5c775461d9c40"
P3P
CP="NOI DEVa TAIa PSAa PSDa OUR IND UNI COM NAV INT", CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"
Content-Type
image/png
Cache-Control
no-cache, no-cache
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
128

Redirect headers

Location
https://pixel.everesttech.net/1x1
Date
Wed, 29 Nov 2023 15:42:59 GMT
Cache-Control
no-cache
Server
AMO-cookiemap/1.1
Connection
keep-alive
Content-Length
0
P3P
CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"
wrapper.html
wrappers.geoedge.be/ 		3 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://wrappers.geoedge.be/wrapper.html
Requested by
Host: voting.astro.com.my
URL: https://voting.astro.com.my/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:236e:1000:2:d490:4d80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
8265c5aec9ae3882691303cec1b6993e75b12e8071fe6710826f7fc6b5cbccdb

Request headers

Referer
https://gempak.com//404
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type
text/plain

Response headers

x-amz-version-id
gVDFxbxIIKkKTV40SMjG._OTMed_.wGK
date
Wed, 29 Nov 2023 05:59:23 GMT
via
1.1 ec85113c6ed859938b3fcfa19bc035f8.cloudfront.net (CloudFront)
last-modified
Mon, 12 Apr 2021 12:46:04 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P1
age
35015
etag
"4a6c546fe449447f2a620613c0655458"
access-control-allow-methods
GET
content-type
text/html
access-control-allow-origin
*
x-cache
Hit from cloudfront
accept-ranges
bytes
content-length
3121
x-amz-cf-id
_Z6Rw2-1e4iiKgmnqt8ov08wPHm07BcwX067fp_YuY_5kY2NlxAx6Q==
1x1
pixel.everesttech.net/ Frame FFB7
Redirect Chain
  • https://pixel.everesttech.net/1/gr?url=https%3A%2F%2Fib.adnxs.com%2Fpxj%3Faction%3Dsetuid(%27__EFGSURFER__.__EFGCK__%27)%26bidder%3D51%26seg%3D2634060der%3D51%26seg%3D2634060
  • https://cm.g.doubleclick.net/pixel?google_nid=everest&google_cm&google_sc&ev_rs=1&google_hm=WldkY0F3QUFBSHFGOHh3Rg&url=/1/gr%3furl=https%253A%252F%252Fib.adnxs.com%252Fpxj%253Faction%253Dsetuid(%25...
  • https://cm.everesttech.net/cm/ax?cookieid=&ev_rs=1&url=/1/gr%3Furl=https%253A%252F%252Fib.adnxs.com%252Fpxj%253Faction%253Dsetuid(%2527__EFGSURFER__.__EFGCK__%2527)%2526bidder%253D51%2526seg%253D26...
  • https://cm.g.doubleclick.net/pixel?google_nid=everest&google_cm&google_sc&ev_rs=1&url=/1x1&google_hm=WldkY0F3QUFBR3hLTWdONg
  • https://cm.everesttech.net/cm/ax?cookieid=&ev_rs=1&url=/1x1&google_gid=CAESECle4u6JpXCWj2Cakk3fs6Y&google_cver=1
  • https://pixel.everesttech.net/1x1
128 B
796 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.everesttech.net/1x1
Protocol
HTTP/1.1
Server
54.77.160.81 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-77-160-81.eu-west-1.compute.amazonaws.com
Software
Apache /
Resource Hash
bf94db5c7d218f9a2a2edfff6c01bf65f5946a32000cd41835fee5b564efa62f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://astro.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date
Wed, 29 Nov 2023 15:42:59 GMT
Last-Modified
Mon, 19 Jul 2021 07:56:25 GMT
Server
Apache
ETag
"b3b521-80-5c775461d9c40"
P3P
CP="NOI DEVa TAIa PSAa PSDa OUR IND UNI COM NAV INT", CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"
Content-Type
image/png
Cache-Control
no-cache, no-cache
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
128

Redirect headers

Location
https://pixel.everesttech.net/1x1
Date
Wed, 29 Nov 2023 15:42:59 GMT
Cache-Control
no-cache
Server
AMO-cookiemap/1.1
Connection
keep-alive
Content-Length
0
P3P
CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"
1x1
pixel.everesttech.net/ Frame FFB7
Redirect Chain
  • https://pixel.everesttech.net/1/gr?url=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fexpires%3D30%26nid%3D2181%26put%3D__EFGSURFER__.__EFGCK__%26v%3D11782
  • https://cm.g.doubleclick.net/pixel?google_nid=everest&google_cm&google_sc&ev_rs=1&google_hm=WldkY0F3QUFBUWNQLVdGTQ&url=/1/gr%3furl=https%253A%252F%252Fpixel.rubiconproject.com%252Ftap.php%253Fexpir...
  • https://cm.everesttech.net/cm/ax?cookieid=&ev_rs=1&url=/1/gr%3Furl=https%253A%252F%252Fpixel.rubiconproject.com%252Ftap.php%253Fexpires%253D30%2526nid%253D2181%2526put%253D__EFGSURFER__.__EFGCK__%2...
  • https://cm.g.doubleclick.net/pixel?google_nid=everest&google_cm&google_sc&ev_rs=1&url=/1x1&google_hm=WldkY0F3QUFBRjd2MmdOZQ
  • https://cm.everesttech.net/cm/ax?cookieid=&ev_rs=1&url=/1x1&google_gid=CAESECle4u6JpXCWj2Cakk3fs6Y&google_cver=1
  • https://pixel.everesttech.net/1x1
128 B
796 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.everesttech.net/1x1
Protocol
HTTP/1.1
Server
54.77.160.81 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-77-160-81.eu-west-1.compute.amazonaws.com
Software
Apache /
Resource Hash
bf94db5c7d218f9a2a2edfff6c01bf65f5946a32000cd41835fee5b564efa62f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://astro.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date
Wed, 29 Nov 2023 15:42:59 GMT
Last-Modified
Mon, 19 Jul 2021 07:56:25 GMT
Server
Apache
ETag
"36b51f-80-5c775461d9c40"
P3P
CP="NOI DEVa TAIa PSAa PSDa OUR IND UNI COM NAV INT", CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"
Content-Type
image/png
Cache-Control
no-cache, no-cache
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
128

Redirect headers

Location
https://pixel.everesttech.net/1x1
Date
Wed, 29 Nov 2023 15:42:59 GMT
Cache-Control
no-cache
Server
AMO-cookiemap/1.1
Connection
keep-alive
Content-Length
0
P3P
CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"
1x1
pixel.everesttech.net/ Frame FFB7
Redirect Chain
  • https://pixel.everesttech.net/1/gr?url=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI2NjgmdGw9NDMyMDA%3D%26piggybackCookie%3D__EFGSURFER__.__EFGCK__
  • https://cm.g.doubleclick.net/pixel?google_nid=everest&google_cm&google_sc&ev_rs=1&google_hm=WldkY0F3QUFCUFRxd1hUQw&url=/1/gr%3furl=https%253A%252F%252Fimage2.pubmatic.com%252FAdServer%252FPug%253Fv...
  • https://cm.everesttech.net/cm/ax?cookieid=&ev_rs=1&url=/1/gr%3Furl=https%253A%252F%252Fimage2.pubmatic.com%252FAdServer%252FPug%253Fvcode%253Dbz0yJnR5cGU9MSZjb2RlPTI2NjgmdGw9NDMyMDA%253D%2526piggyb...
  • https://cm.g.doubleclick.net/pixel?google_nid=everest&google_cm&google_sc&ev_rs=1&url=/1x1&google_hm=WldkY0F3QUFBSXVpRUFOeA
  • https://cm.everesttech.net/cm/ax?cookieid=&ev_rs=1&url=/1x1&google_gid=CAESECle4u6JpXCWj2Cakk3fs6Y&google_cver=1
  • https://pixel.everesttech.net/1x1
128 B
796 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.everesttech.net/1x1
Protocol
HTTP/1.1
Server
54.77.160.81 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-77-160-81.eu-west-1.compute.amazonaws.com
Software
Apache /
Resource Hash
bf94db5c7d218f9a2a2edfff6c01bf65f5946a32000cd41835fee5b564efa62f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://astro.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date
Wed, 29 Nov 2023 15:42:59 GMT
Last-Modified
Mon, 19 Jul 2021 07:56:25 GMT
Server
Apache
ETag
"b3b521-80-5c775461d9c40"
P3P
CP="NOI DEVa TAIa PSAa PSDa OUR IND UNI COM NAV INT", CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"
Content-Type
image/png
Cache-Control
no-cache, no-cache
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
128

Redirect headers

Location
https://pixel.everesttech.net/1x1
Date
Wed, 29 Nov 2023 15:42:59 GMT
Cache-Control
no-cache
Server
AMO-cookiemap/1.1
Connection
keep-alive
Content-Length
0
P3P
CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"
1x1
pixel.everesttech.net/ Frame FFB7
Redirect Chain
  • https://pixel.everesttech.net/1/gr?url=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D71%26external_user_id%3D__EFGSURFER__.__EFGCK__
  • https://cm.g.doubleclick.net/pixel?google_nid=everest&google_cm&google_sc&ev_rs=1&google_hm=WldkY0F3QUFCUm9UQ2wzbA&url=/1/gr%3furl=https%253A%252F%252Fdsum-sec.casalemedia.com%252Frum%253Fcm_dsp_id...
  • https://cm.everesttech.net/cm/ax?cookieid=&ev_rs=1&url=/1/gr%3Furl=https%253A%252F%252Fdsum-sec.casalemedia.com%252Frum%253Fcm_dsp_id%253D71%2526external_user_id%253D__EFGSURFER__.__EFGCK__&google_...
  • https://cm.g.doubleclick.net/pixel?google_nid=everest&google_cm&google_sc&ev_rs=1&url=/1x1&google_hm=WldkY0F3QUFBSjFLUkFONg
  • https://cm.everesttech.net/cm/ax?cookieid=&ev_rs=1&url=/1x1&google_gid=CAESECle4u6JpXCWj2Cakk3fs6Y&google_cver=1
  • https://pixel.everesttech.net/1x1
128 B
796 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.everesttech.net/1x1
Protocol
HTTP/1.1
Server
54.77.160.81 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-77-160-81.eu-west-1.compute.amazonaws.com
Software
Apache /
Resource Hash
bf94db5c7d218f9a2a2edfff6c01bf65f5946a32000cd41835fee5b564efa62f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://astro.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date
Wed, 29 Nov 2023 15:42:59 GMT
Last-Modified
Mon, 19 Jul 2021 07:56:25 GMT
Server
Apache
ETag
"b3b521-80-5c775461d9c40"
P3P
CP="NOI DEVa TAIa PSAa PSDa OUR IND UNI COM NAV INT", CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"
Content-Type
image/png
Cache-Control
no-cache, no-cache
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
128

Redirect headers

Location
https://pixel.everesttech.net/1x1
Date
Wed, 29 Nov 2023 15:42:59 GMT
Cache-Control
no-cache
Server
AMO-cookiemap/1.1
Connection
keep-alive
Content-Length
0
P3P
CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"
ibs:dpid=30064&dpuuid=%7BUUID_6j5b2cv%7D
dpm.demdex.net/ Frame FFB7
Redirect Chain
  • https://ps.eyeota.net/match?bid=6j5b2cv&uid=64764661949446401443795250116988876968&r=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D30064%26dpuuid%3D%7BUUID_6j5b2cv%7D
  • https://dpm.demdex.net/ibs:dpid=30064&dpuuid=%7BUUID_6j5b2cv%7D
42 B
734 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=30064&dpuuid=%7BUUID_6j5b2cv%7D
Protocol
H2
Server
54.170.72.30 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-170-72-30.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://astro.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

dcs
dcs-prod-irl1-2-v054-0a46f06a9.edge-irl1.demdex.com 0 ms
pragma
no-cache
date
Wed, 29 Nov 2023 15:42:59 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
content-encoding
gzip
x-tid
2SlvFvkOSAI=
content-type
image/gif
p3p
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
cache-control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
x-error
104,303
content-length
59
expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Location
https://dpm.demdex.net/ibs:dpid=30064&dpuuid={UUID_6j5b2cv}
Date
Wed, 29 Nov 2023 15:42:58 GMT
Content-Length
0
P3P
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"
v1
ads.yahoo.com/cms/ Frame FFB7
Redirect Chain
  • https://cm.everesttech.net/cm/yh
  • https://ads.yahoo.com/cms/v1?nwid=10001117525&eid=ZWdcAwAAAFmh6wNx&sigv=1
0
194 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.yahoo.com/cms/v1?nwid=10001117525&eid=ZWdcAwAAAFmh6wNx&sigv=1
Protocol
H2
Server
2a00:1288:80:807::2 , United Kingdom, ASN203220 (YAHOO-DEB, GB),
Reverse DNS
Software
ATS /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://astro.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 29 Nov 2023 15:42:59 GMT
strict-transport-security
max-age=31536000
cache-control
no-store
x-content-type-options
nosniff
server
ATS
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-xss-protection
1; mode=block

Redirect headers

Location
https://ads.yahoo.com/cms/v1?nwid=10001117525&eid=ZWdcAwAAAFmh6wNx&sigv=1
Date
Wed, 29 Nov 2023 15:42:59 GMT
Cache-Control
no-cache
Server
AMO-cookiemap/1.1
Connection
keep-alive
Content-Length
0
P3P
CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"
ibs:dpid=121998&dpuuid=
dpm.demdex.net/ Frame FFB7
Redirect Chain
  • https://sync.crwdcntrl.net/map/c=9828/tp=ADBE/gdpr=0/gdpr_consent=/tpid=64764661949446401443795250116988876968?https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D121998%26dpuuid%3D${profile_id}
  • https://dpm.demdex.net/ibs:dpid=121998&dpuuid=
42 B
733 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=121998&dpuuid=
Protocol
H2
Server
54.170.72.30 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-170-72-30.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://astro.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

dcs
dcs-prod-irl1-2-v054-0d41b9f76.edge-irl1.demdex.com 0 ms
pragma
no-cache
date
Wed, 29 Nov 2023 15:42:59 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
content-encoding
gzip
x-tid
r/fQK0Z/RyQ=
content-type
image/gif
p3p
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
cache-control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
x-error
104,300
content-length
59
expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

pragma
no-cache
date
Wed, 29 Nov 2023 15:42:59 GMT
server
Jetty(9.4.38.v20210224)
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
location
https://dpm.demdex.net/ibs:dpid=121998&dpuuid=
cache-control
no-cache
x-server
10.45.16.208
content-length
0
expires
0
ibs:dpid=175765&dpuuid=f2a9adf355ee9e811281f40bcb380e96
dpm.demdex.net/ Frame FFB7
Redirect Chain
  • https://synchroscript.deliveryengine.adswizz.com/getUID?curl=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D175765%26dpuuid%3D%24%7BUID%7D
  • https://dpm.demdex.net/ibs:dpid=175765&dpuuid=f2a9adf355ee9e811281f40bcb380e96
42 B
719 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=175765&dpuuid=f2a9adf355ee9e811281f40bcb380e96
Protocol
H2
Server
54.170.72.30 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-170-72-30.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://astro.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

dcs
dcs-prod-irl1-2-v054-0772673a5.edge-irl1.demdex.com 5 ms
pragma
no-cache
date
Wed, 29 Nov 2023 15:42:59 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
content-encoding
gzip
x-tid
nqxMmfF2Sy0=
content-type
image/gif
p3p
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
cache-control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-length
59
expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

location
https://dpm.demdex.net/ibs:dpid=175765&dpuuid=f2a9adf355ee9e811281f40bcb380e96
date
Wed, 29 Nov 2023 15:42:58 GMT
x-clacks-overhead
GNU Terry Pratchett
x-adswizz-request-id
bd1f87a9-9919-4b1b-b2da-93f614f9adad
Connection
keep-alive
Content-Length
0
x-application-context
application:production
v1
lb.eu-1-id5-sync.com/lb/ 		0
0
NRJS-1ffcf877306be2999e8
bam.nr-data.net/events/1/ 		24 B
337 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bam.nr-data.net/events/1/NRJS-1ffcf877306be2999e8?a=594400617&sa=1&v=1227.PROD&t=Unnamed%20Transaction&rst=4631&ck=0&s=f02d3676ca99dcde&ref=https://gempak.com//404
Requested by
Host: voting.astro.com.my
URL: https://voting.astro.com.my/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.247.243.29 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
0c9cf152a0ad00d4f102c93c613c104914be5517ac8f8e0831727f8bfbe8b300

Request headers

Referer
https://gempak.com//404
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
content-type
text/plain

Response headers

date
Wed, 29 Nov 2023 15:42:59 GMT
access-control-allow-methods
GET, POST, PUT, HEAD, OPTIONS
content-type
image/gif
access-control-allow-origin
https://gempak.com
access-control-allow-credentials
true
Connection
keep-alive
Content-Length
24
x-served-by
cache-fra-eddf8230116-FRA
404
dce-gempak-api-prd.eco.astro.com.my/v1/articles/ 		300 B
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://dce-gempak-api-prd.eco.astro.com.my/v1/articles/404?siteId=1
Requested by
Host: voting.astro.com.my
URL: https://voting.astro.com.my/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20b4:4a00:19:769a:2440:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
2b8486df2e61ffd6bd29e50df1ac76ee92c1876fe1b5e6853dc17e7c0dc30747
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gempak.com//404
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 29 Nov 2023 15:43:00 GMT
strict-transport-security
max-age=15552000; includeSubDomains
x-content-type-options
nosniff
x-amzn-remapped-content-length
300
access-control-request-method
GET,OPTIONS
via
1.1 df7c0ba7857d5300ae11e7566c926f16.cloudfront.net (CloudFront), 1.1 6fe2d3277e4f5f1aafe45d46bdc36cf0.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-C1, AMS58-P4
x-amzn-requestid
d118c1ed-4045-4b4c-9864-7571e230cfc8
x-amzn-remapped-connection
keep-alive
x-dns-prefetch-control
off
x-cache
Error from cloudfront
x-amz-apigw-id
PKtQvExMSQ0EVGw=
content-length
300
x-xss-protection
1; mode=block
x-response-time
16.328ms
etag
W/"12c-k3MWIjlNhxNyYu+8Ujtwpm1PSbo"
x-download-options
noopen
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gempak.com
access-control-allow-headers
*,Origin,Content-Type,Accept,Content-Length,Accept-Encoding,Authorization
x-amzn-remapped-date
Wed, 29 Nov 2023 15:43:00 GMT
x-amz-cf-id
bKFQibXocb2S-8rtOIEHFHaUTQp31Hl6EQdo68pUm8Uz_4OHE9cJ7Q==
9e20060db47ad6c836a4c3eebb62a5de.otf
gempak.com/ 		191 KB
192 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://gempak.com/9e20060db47ad6c836a4c3eebb62a5de.otf
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:8274 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a82b357d90f03942ee9e812efd229264ff27c7e03f06acd2efa2fa9f98b7e78e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://gempak.com//404
Origin
https://gempak.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 29 Nov 2023 15:43:00 GMT
content-encoding
identity
via
1.1 297dc74786919df7ba1867fc37f80bb6.cloudfront.net (CloudFront)
cf-cache-status
HIT
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubdomains; preload
age
83633
x-amz-cf-pop
AMS58-P6
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
content-length
195572
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 26 Sep 2023 05:58:46 GMT
server
cloudflare
etag
"9e20060db47ad6c836a4c3eebb62a5de"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
font/otf
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
82dbf6ba2a045d5b-FRA
x-amz-cf-id
jngy0azdoFgQDT1cYaRtacoCInFhV05119tb_ESKr2JeMsm0bVxThA==
expires
Thu, 28 Nov 2024 15:43:00 GMT
ddc475f03cbf1a879bff656575fea310.otf
gempak.com/ 		187 KB
187 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://gempak.com/ddc475f03cbf1a879bff656575fea310.otf
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:8274 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e29fdaaa72532cf073043684b894027d655f4f252383c475c1f3347d51696392
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://gempak.com//404
Origin
https://gempak.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 29 Nov 2023 15:43:00 GMT
content-encoding
identity
via
1.1 628e5146add9b3daeb91ab8792398818.cloudfront.net (CloudFront)
cf-cache-status
HIT
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubdomains; preload
age
220772
x-amz-cf-pop
FRA60-P5
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
content-length
191548
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 26 Sep 2023 05:58:46 GMT
server
cloudflare
etag
"ddc475f03cbf1a879bff656575fea310"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
font/otf
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
82dbf6ba2a095d5b-FRA
x-amz-cf-id
b0t-2k1pDKtblXkZPj7RjFRnlWEprhUgrJH6PoNtoo6Lkpt16MpAdA==
expires
Thu, 28 Nov 2024 15:43:00 GMT
sync
gum.criteo.com/ 		46 B
287 B 		Script
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sync?c=72&r=2&j=TRC.getRTUS
Requested by
Host: voting.astro.com.my
URL: https://voting.astro.com.my/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
189b8ed64093b12937354b2ef71ccf1df59690d90432241a10fe1cb25000acba
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gempak.com//404
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 29 Nov 2023 15:42:59 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
cache-control
private, max-age=3600
server-processing-duration-in-ticks
219391
expires
60
json
trc.taboola.com/astromediasolutions-gempak/trc/3/ 		52 KB
15 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://trc.taboola.com/astromediasolutions-gempak/trc/3/json?tim=16%3A43%3A00.187&lti=deflated&data=%7B%22id%22%3A544%2C%22ii%22%3A%22%2F%2F404%22%2C%22it%22%3A%22text%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22uifp%22%3Anull%2C%22lbt%22%3A1701255432564%2C%22vi%22%3A1701272580184%2C%22cv%22%3A%2220231129-9-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fgempak.com%2F%2F404%22%2C%22bv%22%3A%220%22%2C%22wc%22%3Atrue%2C%22ul%22%3A%5B%22en-US%22%2C%22en%22%5D%2C%22uad%22%3A%7B%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%2C%22uaFullVersion%22%3A%22%22%7D%2C%22btv%22%3A%220%22%2C%22cos%22%3A%224g%22%2C%22bu%22%3A%22https%3A%2F%2Fgempak.com%2F%2F404%22%2C%22vpi%22%3A%22%2F%2F404%22%2C%22e%22%3A%22https%3A%2F%2Fvoting.astro.com.my%2F%22%2C%22bad%22%3A-1%2C%22sw%22%3A1600%2C%22sh%22%3A1200%2C%22bw%22%3A1600%2C%22sde%22%3A%221.000%22%2C%22bh%22%3A1200%2C%22dw%22%3A1600%2C%22dh%22%3A1200%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-t2m%22%2C%22s%22%3A6%2C%22uim%22%3A%22alternating-thumbnails-a%3Aabp%3D0%22%2C%22uip%22%3A%22Below%20Article%20Thumbnails%22%2C%22orig_uip%22%3A%22Below%20Article%20Thumbnails%22%2C%22cd%22%3A96%2C%22mw%22%3A1280%7D%5D%2C%22cacheKey%22%3A%22text%3D%2F%2F404%2CBelow%20Article%20Thumbnails%3Dalternating-thumbnails-a%3Aabp%3D0%22%2C%22cb%22%3A%22TRC.callbacks.recommendations_1%22%2C%22lt%22%3A%22deflated%22%7D&llvl=2
Requested by
Host: voting.astro.com.my
URL: https://voting.astro.com.my/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
d0047705a09f6ad63d4c5ca4cb994ce3c585c148dad026e07976ba9d49afb965

Request headers

Referer
https://gempak.com//404
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type
text/plain

Response headers

x-vcl-time-ms
380
date
Wed, 29 Nov 2023 15:43:00 GMT
content-encoding
gzip
via
1.1 varnish
cpu
1.1697916666666666
x-fastly-to-nlb-rtt
13572
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
x-service-version
v1
x-served-by
cache-cph2320056-CPH
x-log-content-encoding
gzip
server
nginx
x-timer
S1701272580.217236,VS0,VE380
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
https://gempak.com
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
0
a2ff99f6a6e88cc5e2a8b5f7be2a039f.svg
de-digital-fortress-stg-assets.eco.astro.com.my/staging/ 		640 B
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://de-digital-fortress-stg-assets.eco.astro.com.my/staging/a2ff99f6a6e88cc5e2a8b5f7be2a039f.svg
Requested by
Host: voting.astro.com.my
URL: https://voting.astro.com.my/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2490:ba00:0:b903:6380:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
6070e9aa5ba81f4fe38452317022d88209bf594275e5835683c302df31db0704

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gempak.com//404
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 29 Nov 2023 10:32:41 GMT
via
1.1 a2eae5bb517678c9d6b43a2731b4462e.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P6
age
18945
x-cache
Hit from cloudfront
content-length
640
last-modified
Wed, 16 Dec 2020 08:11:34 GMT
server
AmazonS3
etag
"a103230573dc8915b6829e95d3829f5f"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD
content-type
image/svg+xml
access-control-allow-origin
*
access-control-expose-headers
ETag
vary
Accept-Encoding
accept-ranges
bytes
x-amz-cf-id
yhgLm9Za4BfUfv2KHhGWbZW355t1a-MNTmeg9t8mM7-Vir_LGt0OVg==
f63f777a554e87e471848d0e06d02949.svg
de-digital-fortress-stg-assets.eco.astro.com.my/staging/ 		0
0
ce376fa545c197940ebd837096f19782.svg
de-digital-fortress-stg-assets.eco.astro.com.my/staging/ 		910 B
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://de-digital-fortress-stg-assets.eco.astro.com.my/staging/ce376fa545c197940ebd837096f19782.svg
Requested by
Host: voting.astro.com.my
URL: https://voting.astro.com.my/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2490:ba00:0:b903:6380:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
33df335c6b870c371177e3f70e3c0c2280a75af996a04ea34a0869986f9066d3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gempak.com//404
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 29 Nov 2023 05:58:12 GMT
via
1.1 a2eae5bb517678c9d6b43a2731b4462e.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P6
age
35089
x-cache
Hit from cloudfront
content-length
910
last-modified
Sat, 23 Apr 2022 06:18:42 GMT
server
AmazonS3
etag
"7a2e7622362e74fc2bb93cabb8da32fb"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD
content-type
image/svg+xml
access-control-allow-origin
*
access-control-expose-headers
ETag
vary
Accept-Encoding
accept-ranges
bytes
x-amz-cf-id
yiArExDp_uuIuPqBHz5zobtoqH_Wl0cJaFbYMaCurnpmSuIcAwxt1A==
bulk-metrics
trc-events.taboola.com/astromediasolutions-gempak/log/3/ 		0
243 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://trc-events.taboola.com/astromediasolutions-gempak/log/3/bulk-metrics?lti=deflated&bulkSize=1
Requested by
Host: voting.astro.com.my
URL: https://voting.astro.com.my/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://gempak.com//404
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
https://gempak.com
pragma
no-cache
date
Wed, 29 Nov 2023 15:43:00 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
30.88f210595d687b83e0b1.chunk.js
gempak.com/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://gempak.com/30.88f210595d687b83e0b1.chunk.js
Requested by
Host: voting.astro.com.my
URL: https://voting.astro.com.my/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:8274 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e18d236964106571c1d4549b9527ec39f5d73fa64bbbeccc73bc6fd5ef40dfb7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gempak.com//404
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 29 Nov 2023 15:43:00 GMT
strict-transport-security
max-age=31536000; includeSubdomains; preload
via
1.1 765a91ad9951d0108fc1de53e348bac4.cloudfront.net (CloudFront)
cf-cache-status
HIT
content-encoding
br
x-content-type-options
nosniff
age
213135
x-amz-cf-pop
FRA60-P5
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 26 Sep 2023 05:58:42 GMT
server
cloudflare
etag
W/"fab2a2ec41e252d246c8fafee783025c"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/javascript
cache-control
public, max-age=31536000
cf-ray
82dbf6ba5a415d5b-FRA
x-amz-cf-id
AHzDRgP2z9F97O-KGABhcAgpbo4bpdXgjGryPipwqYDJdWEazvg_YQ==
expires
Thu, 28 Nov 2024 15:43:00 GMT
5c77071a37cef919aeda470166c564a4.svg
de-digital-fortress-stg-assets.eco.astro.com.my/staging/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://de-digital-fortress-stg-assets.eco.astro.com.my/staging/5c77071a37cef919aeda470166c564a4.svg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2490:ba00:0:b903:6380:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
66e61ea89dc6311915d3069feb9bba1e773bbf1d2525ff86eaa81ec3d4ebb961

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gempak.com//404
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 29 Nov 2023 08:15:32 GMT
content-encoding
gzip
via
1.1 def5acc189db6e2856a956225d5cd100.cloudfront.net (CloudFront)
last-modified
Fri, 02 Jun 2023 02:52:46 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P6
age
26849
x-amz-server-side-encryption
AES256
etag
W/"4581f55bcc042cafc8821c93b84b70d8"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/svg+xml
x-amz-cf-id
4OHlZPK6EzOmXg0p-27yyXtIBKCY9epElhPjn3ePgTIyzFMTuar-4w==
js
www.googletagmanager.com/gtag/ 		173 KB
63 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-20278225-9&l=dataLayer&cx=c
Requested by
Host: voting.astro.com.my
URL: https://voting.astro.com.my/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
4ddd140d75faae2937f73cb04e8f2a855f1aa967b2fd25163ff2a34050c58b42
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gempak.com//404
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 29 Nov 2023 15:43:00 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
64638
x-xss-protection
0
last-modified
Wed, 29 Nov 2023 15:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Wed, 29 Nov 2023 15:43:00 GMT
P5sMzZCDf9_T_10ZxCE.woff2
fonts.gstatic.com/s/arimo/v29/ 		20 KB
20 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/arimo/v29/P5sMzZCDf9_T_10ZxCE.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Arimo:400,400i,700,700i&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a4f5230d39a7a21971fe62ccde2443345638d2beaa369b752820390a687b91b6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://gempak.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 18:25:29 GMT
x-content-type-options
nosniff
age
508651
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20040
x-xss-protection
0
last-modified
Thu, 14 Sep 2023 00:51:46 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 22 Nov 2024 18:25:29 GMT
publishertag.ids.js
static.criteo.net/js/ld/ 		42 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.ids.js
Requested by
Host: voting.astro.com.my
URL: https://voting.astro.com.my/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a1a256244f073b9ed474c52d16f8b7d0ed5d92ca4129042d6ee150817671bcd9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gempak.com//404
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 29 Nov 2023 15:43:00 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Fri, 27 Oct 2023 06:43:26 GMT
server
nginx
etag
W/"653b5c0e-a9a7"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Thu, 30 Nov 2023 15:43:00 GMT
sync.min.js
tags.crwdcntrl.net/lt/c/16589/ 		39 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Requested by
Host: voting.astro.com.my
URL: https://voting.astro.com.my/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.66.97 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-66-97.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e885badff253144e188588b5657e13cfa1135d4cd682053c9cca02b83baf1ef2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gempak.com//404
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 29 Nov 2023 07:38:20 GMT
content-encoding
gzip
via
1.1 a618edcb8ddcdae59a3a61a6c82ff54c.cloudfront.net (CloudFront)
last-modified
Wed, 06 Sep 2023 15:56:57 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-C1
age
29081
x-amz-server-side-encryption
AES256
etag
W/"e073e71ed7a44e6f9cdd72904fda5940"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
public, max-age=86400
x-amz-cf-id
-AeGsQlAcdql8SJs5iGGan9UuMXD_VvUZu5gY1ONQZEVMoNnrNyL1w==
uid2SecureSignal.js
cdn.prod.uidapi.com/ 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.prod.uidapi.com/uid2SecureSignal.js
Requested by
Host: voting.astro.com.my
URL: https://voting.astro.com.my/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2250:7800:a:e047:753:a221 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
72e960baa80ec819264a604f2f8a8e5c21f81b785ebc17595211ad170d8b1bdc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gempak.com//404
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-amz-version-id
KP_OVZMS6roEW_XJdOd.KnSEmM8GWiP3
Date
Wed, 29 Nov 2023 10:03:28 GMT
Via
1.1 3072267d18c4d0ed9e535752800364e0.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
FRA60-P2
Age
20373
x-amz-server-side-encryption
AES256
X-Cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
Connection
keep-alive
Content-Length
2776
Last-Modified
Thu, 19 Oct 2023 06:40:11 GMT
Server
AmazonS3
ETag
"a3a9a9ee8e72db69d54e805f0586c651"
Content-Type
text/javascript
Accept-Ranges
bytes
X-Amz-Cf-Id
zBJuCPJ_z5Kk0tl62Rwrj29ZbU9YhexVqPBZfM1UqF67sFojg65hHQ==
esp.js
oa.openxcdn.net/ 		24 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://oa.openxcdn.net/esp.js
Requested by
Host: voting.astro.com.my
URL: https://voting.astro.com.my/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.102.146.192 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
192.146.102.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gempak.com//404
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 17:41:49 GMT
content-encoding
gzip
age
511271
x-guploader-uploadid
ABPtcPomD9PwI-x1w_qV94tV1ozSRGR8ZeUKPfmAcHMXugM_rapxZCGwrYNwQRfVOUUs3oMWA37p8xfLMlvY-C9eeSMu
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7927
last-modified
Thu, 27 May 2021 18:30:51 GMT
server
UploadServer
etag
"df5542b88bc0e368c6999754a5b9e2ba"
x-goog-generation
1622140251693895
x-goog-hash
crc32c=f21hYg==, md5=31VCuIvA42jGmZdUpbniug==
content-type
application/javascript
cache-control
no-transform
x-goog-stored-content-length
7927
accept-ranges
bytes
expires
Fri, 22 Nov 2024 17:41:49 GMT
esp.js
cdn.id5-sync.com/api/1.0/ 		152 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.id5-sync.com/api/1.0/esp.js
Requested by
Host: voting.astro.com.my
URL: https://voting.astro.com.my/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:3556 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d050c56b76cb2dae10e3eadd8e8f5e83594db0916d25946bec2f662f69dd776d
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gempak.com//404
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 29 Nov 2023 15:43:00 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-encoding
gzip
cf-cache-status
HIT
last-modified
Tue, 28 Nov 2023 11:19:25 GMT
server
cloudflare
x-amz-request-id
THF1B04JGHSEFPSQ
age
2057
etag
W/"d12fc51ceb66081fc72dabad6e4e0ded"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
text/javascript;charset=utf-8
cache-control
public, max-age=3600
cf-ray
82dbf6bd5e2c5d86-FRA
x-amz-id-2
qGAOmLb1vwuTdhUs3EjmPZfg+BBSDsFFzIuSRs6mOWJmNa/P3zuGt0YImEWovPnzvXlKjrTolDQ=
pubcid.min.js
cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/ 		732 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/pubcid.min.js
Requested by
Host: voting.astro.com.my
URL: https://voting.astro.com.my/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5814 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gempak.com//404
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 29 Nov 2023 15:43:00 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
38254
x-jsd-version
master
content-encoding
br
x-cache
HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230058-FRA
x-jsd-version-type
branch
server
cloudflare
etag
W/"2dc-IrZxm/sP4aqtIfs1EfEw6Dg5q1Y"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OSKoM5XlBMoYbC1uOI92wI5eCPn3hHzoGHi5ESERu5v4FkkcamHELZrc87ypNQyLHWbijSz379nNEyVRghy4PlMqXondLu250lNgL%2B5hwEN3ucALehJehXXw%2FyLYDYGHCT9Hewg5r%2BYQHTwTAuc%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
timing-allow-origin
*
cf-ray
82dbf6bdad889bfe-FRA
ads
securepubads.g.doubleclick.net/gampad/ 		113 KB
46 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1617186540678678&correlator=3654033511026368&eid=31079527&output=ldjh&gdfp_req=1&vrg=202311150101&ptt=17&impl=fifs&iu_parts=142680780%2CMBNS_Gempak%2CMBNS_Gempak_ROS_Masthead_970x250_300x300&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=970x250&ifi=1&sfv=1-0-40&sc=1&cookie_enabled=1&abxe=1&dt=1701272580657&lmt=1696403103&adxs=-12245933&adys=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fgempak.com%2F%2F404&ref=https%3A%2F%2Fvoting.astro.com.my%2F&vis=1&psz=1600x-1&msz=0x-1&fws=644&ohw=1600&ga_vid=1730769388.1701272577&ga_sid=1701272581&ga_hid=1490772153&ga_fc=true&dlt=1701272576137&idt=957&cust_params=amznbid%3D0%26amznp%3D0%26environment%3Dproduction%26site%3Dgempak%26language%3Dbm%26articleid%3D%26category%3D%26page%3Darticle&adks=1833563596&frm=20
Requested by
Host: voting.astro.com.my
URL: https://voting.astro.com.my/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
28d8af512e3c593dd70e0d19515abbb497e304d3cbf6ec11ef82fc5c789ad62f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gempak.com//404
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 29 Nov 2023 15:43:01 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
47417
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://gempak.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		94 KB
44 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1617186540678678&correlator=3654033511026368&eid=31079527&output=ldjh&gdfp_req=1&vrg=202311150101&ptt=17&impl=fifs&iu_parts=142680780%2CMBNS_Gempak%2CMBNS_Gempak_ROS_Leaderboard_728x90_970x90_900x90_320x50_TOP&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=970x90&ifi=2&sfv=1-0-40&sc=1&cookie_enabled=1&abxe=1&dt=1701272580667&lmt=1696403103&adxs=-12245933&adys=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fgempak.com%2F%2F404&ref=https%3A%2F%2Fvoting.astro.com.my%2F&vis=1&psz=1600x0&msz=0x0&fws=132&ohw=1600&ga_vid=1730769388.1701272577&ga_sid=1701272581&ga_hid=1490772153&ga_fc=true&dlt=1701272576137&idt=957&cust_params=amznbid%3D0%26amznp%3D0%26environment%3Dproduction%26site%3Dgempak%26language%3Dbm%26articleid%3D%26category%3D%26page%3Darticle&adks=3619616653&frm=20
Requested by
Host: voting.astro.com.my
URL: https://voting.astro.com.my/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8348e9255ab81e0c27d41eaea349637c36629ea06b9e8f52273df14d827be269
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gempak.com//404
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 29 Nov 2023 15:43:01 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
44845
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://gempak.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		31 KB
14 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1617186540678678&correlator=3654033511026368&eid=31079527&output=ldjh&gdfp_req=1&vrg=202311150101&ptt=17&impl=fifs&iu_parts=142680780%2CMBNS_Gempak%2CMBNS_Gempak_ROS_Interstitial_800x600_320x480&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=800x600&ifi=3&sfv=1-0-40&sc=1&cookie_enabled=1&abxe=1&dt=1701272580672&lmt=1696403103&adxs=-12245933&adys=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fgempak.com%2F%2F404&ref=https%3A%2F%2Fvoting.astro.com.my%2F&vis=1&psz=1600x-1&msz=0x-1&fws=644&ohw=1600&ga_vid=1730769388.1701272577&ga_sid=1701272581&ga_hid=1490772153&ga_fc=true&dlt=1701272576137&idt=957&cust_params=amznbid%3D0%26amznp%3D0%26environment%3Dproduction%26site%3Dgempak%26language%3Dbm%26articleid%3D%26category%3D%26page%3Darticle&adks=228371592&frm=20
Requested by
Host: voting.astro.com.my
URL: https://voting.astro.com.my/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f3f286e42d6cf5abf69e6a06088976b1348bf3ef5623bb0ffdf7dc4f4d6b1d7a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gempak.com//404
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 29 Nov 2023 15:43:00 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13849
x-xss-protection
0
google-lineitem-id
6417968295
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138455646540
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://gempak.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		569 B
313 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1617186540678678&correlator=3654033511026368&eid=31079527&output=ldjh&gdfp_req=1&vrg=202311150101&ptt=17&impl=fifs&iu_parts=142680780%2CMBNS_Gempak%2CMBNS_Gempak_ROS_Interstitial_OOP&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=1x1&ifi=4&sfv=1-0-40&ists=1&sc=1&cookie_enabled=1&abxe=1&dt=1701272580676&lmt=1696403103&adxs=160&adys=325&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=4&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fgempak.com%2F%2F404&ref=https%3A%2F%2Fvoting.astro.com.my%2F&vis=1&psz=1280x-1&msz=1280x-1&fws=4&ohw=1600&ga_vid=1730769388.1701272577&ga_sid=1701272581&ga_hid=1490772153&ga_fc=true&dlt=1701272576137&idt=957&cust_params=amznbid%3D0%26amznp%3D0%26environment%3Dproduction%26site%3Dgempak%26language%3Dbm%26articleid%3D%26category%3D%26page%3Darticle&adks=584129154&frm=20
Requested by
Host: voting.astro.com.my
URL: https://voting.astro.com.my/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2078801d05da0c3385ee7006bc0080299b45d322c631dca81dedb0dc2261d83b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gempak.com//404
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 29 Nov 2023 15:43:00 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
284
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://gempak.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		636 B
312 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1617186540678678&correlator=3654033511026368&eid=31079527&output=ldjh&gdfp_req=1&vrg=202311150101&ptt=17&impl=fifs&iu_parts=142680780%2CMBNS_Gempak%2CMBNS_Gempak_ROS_Catfish_OOP&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=1x1&ifi=5&sfv=1-0-40&ists=1&sc=1&cookie_enabled=1&abxe=1&dt=1701272580678&lmt=1696403103&adxs=160&adys=325&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=5&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fgempak.com%2F%2F404&ref=https%3A%2F%2Fvoting.astro.com.my%2F&vis=1&psz=1280x-1&msz=1280x-1&fws=4&ohw=1600&ga_vid=1730769388.1701272577&ga_sid=1701272581&ga_hid=1490772153&ga_fc=true&dlt=1701272576137&idt=957&cust_params=amznbid%3D0%26amznp%3D0%26environment%3Dproduction%26site%3Dgempak%26language%3Dbm%26articleid%3D%26category%3D%26page%3Darticle&adks=3201420363&frm=20
Requested by
Host: voting.astro.com.my
URL: https://voting.astro.com.my/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
70901f71c6cbe86f94bfc95478a343238c5ce3477e504d46e72330a1d2bbd676
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gempak.com//404
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 29 Nov 2023 15:43:00 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
282
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://gempak.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/getconfig/ 		16 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202311150101&st=env
Requested by
Host: voting.astro.com.my
URL: https://voting.astro.com.my/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
481c9a3142fba0d8327f830809163b0118de497b848da9a7b26a9dfec135f23f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gempak.com//404
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 29 Nov 2023 15:43:00 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12337
x-xss-protection
0
container.html
ed82c412a1d0517c38d808cdf80f705f.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame C674 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ed82c412a1d0517c38d808cdf80f705f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: voting.astro.com.my
URL: https://voting.astro.com.my/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://gempak.com//404
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 29 Nov 2023 15:43:00 GMT
expires
Thu, 28 Nov 2024 15:43:00 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
UnitFeedManagerDesktop.min.js
vidstat.taboola.com/lite-unit/4.6.2/ 		121 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vidstat.taboola.com/lite-unit/4.6.2/UnitFeedManagerDesktop.min.js
Requested by
Host: voting.astro.com.my
URL: https://voting.astro.com.my/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
0e9739b0f1901b8ef6c7c0ee5706a335a3871326f008a60675962ea3a1c5e884

Request headers

Referer
https://gempak.com//404
Origin
https://gempak.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 29 Nov 2023 15:43:00 GMT
via
1.1 054609fe51831eb8825d39133f1a4c84.cloudfront.net (CloudFront), 1.1 varnish
content-encoding
gzip
x-amz-cf-pop
AMS1-P3
age
94162
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront, HIT
content-length
34234
x-served-by
cache-cph2320025-CPH
last-modified
Tue, 28 Nov 2023 13:32:59 GMT
server
AmazonS3
x-timer
S1701272581.799794,VS0,VE0
etag
"e834d2f0b1451076b0305f89e7279d49"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
access-control-allow-headers
*
x-amz-cf-id
wmXnX5H46hX_JOcwxoqIf5Ot5WgEVoZ-wO8_8OSwQyyLyen9FS7qYA==
x-cache-hits
2716
feed-card-placeholder.20231129-9-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/feed-card-placeholder.20231129-9-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/astromediasolutions-gempak/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
80ba56e5fab4d8e6199f3b33643962f1438e290143106b9b136cab890c568453

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gempak.com//404
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-amz-version-id
Sn2tfZDoy69O8aGADwexSJYtoqhaneFM
content-encoding
gzip
via
1.1 varnish
date
Wed, 29 Nov 2023 15:43:00 GMT
x-amz-request-id
DV5BN95ZWHAVG4BA
age
19027
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
1262
x-amz-id-2
OUtIv8w2udUbP1vP2Dqf35gggwIScg1ijHPEiWFxzXAVdl86OTWqo5maOsdq0Am8isNeDWJEB9k=
x-served-by
cache-cph2320056-CPH
last-modified
Wed, 29 Nov 2023 10:22:18 GMT
server
AmazonS3
x-timer
S1701272581.732086,VS0,VE0
etag
"303da6cf7ed04e6466301390524bc177"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
91
access-control-allow-origin
*
cache-control
private,max-age=2629743
accept-ranges
bytes
x-cache-hits
6819
userx.20231129-9-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/userx.20231129-9-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/astromediasolutions-gempak/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
7e469a101940a00ed2e1f5c7899d0395443153626ca120f4c5bfaec3c299f353

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gempak.com//404
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-amz-version-id
C3qXVSV_6aujZV179stqWfwuO04tcOwU
content-encoding
gzip
via
1.1 varnish
date
Wed, 29 Nov 2023 15:43:00 GMT
x-amz-request-id
T197C7X9P7VQJ67K
age
18813
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
5398
x-amz-id-2
iUjfYKLVtMeGKMx6jb5GwirfLP9Vk5qlyb8351bqsZiYMC2TtuzfXv14TLZQVT780Y+H+KfHhno=
x-served-by
cache-cph2320056-CPH
last-modified
Wed, 29 Nov 2023 10:21:30 GMT
server
AmazonS3
x-timer
S1701272581.743420,VS0,VE0
etag
"eab52243f34f070136303de0dd9ebcdf"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
29
access-control-allow-origin
*
cache-control
private,max-age=2629743
accept-ranges
bytes
x-cache-hits
1407
distance-from-article.20231129-9-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/distance-from-article.20231129-9-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/astromediasolutions-gempak/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a0abf6fcfc0bf653c6841b9e80691ddb1cf908320e7253d01ab1231271fb016e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gempak.com//404
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-amz-version-id
M6TiDNfBy8EVaVToZRuMQKaK0GNjT1FQ
content-encoding
gzip
via
1.1 varnish
date
Wed, 29 Nov 2023 15:43:00 GMT
x-amz-request-id
DV56X9T0BVG3FAXH
age
19027
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
1132
x-amz-id-2
ENfi8CB/E8zgGcNBFypsho4z+8x6GOqX6do/4V+qZZT+nkwKSZZa/GLe3iRB/BGTA52AiJiK8hQ=
x-served-by
cache-cph2320056-CPH
last-modified
Wed, 29 Nov 2023 10:22:28 GMT
server
AmazonS3
x-timer
S1701272581.743690,VS0,VE0
etag
"60e8cb8918c9cef791d0ddd2d4d60e0e"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
58
access-control-allow-origin
*
cache-control
private,max-age=2629743
accept-ranges
bytes
x-cache-hits
7729
article-detection.20231129-9-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/article-detection.20231129-9-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/astromediasolutions-gempak/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
26a9dd9419f02a8f6848f783ccda3f24d24a085bb0aaf384181e7701127e9ffb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gempak.com//404
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-amz-version-id
xjJ_OSrgYWEjfrj0F8O1tg.WhbCmGk6X
content-encoding
gzip
via
1.1 varnish
date
Wed, 29 Nov 2023 15:43:00 GMT
x-amz-request-id
DV55J595N386HNDK
age
19027
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
1291
x-amz-id-2
DJoqST0PrlzhyrwBNCvGwdtt4ST7hIRYzFMjesCbJLOdLWnKuth0aLafEwumQQ3iSoxV72AIgTY=
x-served-by
cache-cph2320056-CPH
last-modified
Wed, 29 Nov 2023 10:22:47 GMT
server
AmazonS3
x-timer
S1701272581.744019,VS0,VE0
etag
"2a55a7366207fba30aff775a80e2a33e"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
46
access-control-allow-origin
*
cache-control
private,max-age=2629743
accept-ranges
bytes
x-cache-hits
7741
article-and-feed-area-scanner.20231129-9-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/article-and-feed-area-scanner.20231129-9-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/astromediasolutions-gempak/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
0f7ae9cb587ad740740e9db71b09406569d088f3d64a8ebf5d6e95894f47853e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gempak.com//404
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-amz-version-id
OthbcERwOPaFD7Nv.lC3ZWW9qdq.plve
content-encoding
gzip
via
1.1 varnish
date
Wed, 29 Nov 2023 15:43:00 GMT
x-amz-request-id
DV5B3DQ2CZ0VGZVE
age
19028
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
1147
x-amz-id-2
k5s5cdr9afFC2YycfczMUBF/4SjeHIZIATn9zvUVB9GOROfBC0dshY1E7KDh/zY8GkV8pwWbhVY=
x-served-by
cache-cph2320056-CPH
last-modified
Wed, 29 Nov 2023 10:22:48 GMT
server
AmazonS3
x-timer
S1701272581.744353,VS0,VE0
etag
"29d49a22ab85c54548527f3a3927c180"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
84
access-control-allow-origin
*
cache-control
private,max-age=2629743
accept-ranges
bytes
x-cache-hits
1831
abtests
am-trc-events.taboola.com/astromediasolutions-gempak/log/3/ 		0
230 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://am-trc-events.taboola.com/astromediasolutions-gempak/log/3/abtests?route=AM:AM:V&tvi2=14111&tvi48=10638&lti=deflated&ri=59356f5b35678d494b487b4619aa1531&sd=v2_e65d556915af69f6f3b522af66468171_ba57726b-eb8f-4269-8afc-b3b4aca83f50-tuctc60e184_1701272580_1701272580_CJK00wEQwIFYGNjg_d3BMSABKAEwODib4wlAhIoQSNTJ2QNQ____________AVgAYABo5-D4sc3qn58xcAA&ui=ba57726b-eb8f-4269-8afc-b3b4aca83f50-tuctc60e184&pi=//404&wi=-3422900815001796584&pt=text&vi=1701272580184&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22block_clicks_init%22%2C%22type%22%3A%22block-clicks-manager%22%2C%22eventTime%22%3A1701272580716%7D&tim=16%3A43%3A00.716&id=1413&llvl=2&cv=20231129-9-RELEASE&
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gempak.com//404
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Wed, 29 Nov 2023 15:43:00 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
f89e1763-220d-4e09-ba69-9e040548fb7a.svg
cdn.taboola.com/static/f8/ 		4 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.taboola.com/static/f8/f89e1763-220d-4e09-ba69-9e040548fb7a.svg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
39b076e4bb4fab9b8a142499cf6155f8c128464974691a04de7e764f71b72618

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gempak.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-amz-version-id
cMrDKn.emLmm9kiiOOF64ulDT4DRy6LK
content-encoding
gzip
via
1.1 varnish
date
Wed, 29 Nov 2023 15:43:00 GMT
x-amz-request-id
QHZC3B8ZJ54QXXGE
age
65
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
1758
x-amz-id-2
5ZsPjSMI8DSQWbAZ2pWBYqYs3Uo9Ozp1eIqlI2UsrvVexYYWgayjFQNDgl60Y1oMNtOcbsYd7Ds=
x-served-by
cache-cph2320056-CPH
last-modified
Wed, 07 Feb 2018 11:15:52 GMT
server
AmazonS3
x-timer
S1701272581.790429,VS0,VE0
etag
"b8b410e4b18d45aa2f3d9bc09cd335fb"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
image/svg+xml
access-control-allow-origin
*
abp
34
cache-control
private,max-age=31536000
accept-ranges
bytes
access-control-allow-headers
*
x-cache-hits
18
page.php
www.facebook.com/plugins/ Frame 0B36 		89 KB
23 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FPortalAstroGempak%2F&width=340&height=214&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId
Requested by
Host: voting.astro.com.my
URL: https://voting.astro.com.my/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f176:84:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
60685c8cc482cf049eab0dc1da9f78da62de825e8edb1a0fb3cc2a43af5f88cc
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://gempak.com//404
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
private, no-cache, no-store, must-revalidate
content-encoding
br
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-type
text/html; charset="utf-8"
cross-origin-opener-policy
unsafe-none
cross-origin-resource-policy
cross-origin
date
Wed, 29 Nov 2023 15:43:00 GMT
document-policy
force-load-at-top
expires
Sat, 01 Jan 2000 00:00:00 GMT
origin-agent-cluster
?0
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(self), geolocation=(self), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), payment=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), usb=(), window-management=()
pragma
no-cache
priority
u=0,i
report-to
{"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
reporting-endpoints
default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown"
strict-transport-security
max-age=15552000; preload
vary
Accept-Encoding
x-content-type-options
nosniff
x-fb-debug
Bs4g7yhz/IzVdAJ/pRCC6D05TC0hqyo/FCDB+QXTbmJ1HsSKho+Vfd2rPcBzGJUs52tD3bS0qVBZ8EuJ8lRwYQ==
x-xss-protection
0
collect
u.clarity.ms/ 		0
290 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://u.clarity.ms/collect
Requested by
Host: voting.astro.com.my
URL: https://voting.astro.com.my/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
4.227.249.197 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/x-clarity-gzip
Referer
https://gempak.com//404
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Access-Control-Allow-Origin
https://gempak.com
Date
Wed, 29 Nov 2023 15:43:00 GMT
Access-Control-Allow-Credentials
true
Server
nginx/1.18.0 (Ubuntu)
Connection
keep-alive
Vary
Origin
Request-Context
appId=cid-v1:9c7c879b-c51a-427e-9701-218438da5f81
json
trc.taboola.com/astromediasolutions-gempak/trc/3/ 		25 KB
8 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://trc.taboola.com/astromediasolutions-gempak/trc/3/json?tim=16%3A43%3A00.794&route=AM:AM:V&tvi2=14111&tvi48=10638&lti=deflated&data=%7B%22id%22%3A875%2C%22ii%22%3A%22%2F%2F404%22%2C%22it%22%3A%22text%22%2C%22sd%22%3A%22v2_e65d556915af69f6f3b522af66468171_ba57726b-eb8f-4269-8afc-b3b4aca83f50-tuctc60e184_1701272580_1701272580_CJK00wEQwIFYGNjg_d3BMSABKAEwODib4wlAhIoQSNTJ2QNQ____________AVgAYABo5-D4sc3qn58xcAA%22%2C%22ui%22%3A%22ba57726b-eb8f-4269-8afc-b3b4aca83f50-tuctc60e184%22%2C%22uifp%22%3A%22ba57726b-eb8f-4269-8afc-b3b4aca83f50-tuctc60e184%22%2C%22lbt%22%3A1701255432564%2C%22vi%22%3A1701272580184%2C%22cv%22%3A%2220231129-9-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fgempak.com%2F%2F404%22%2C%22bv%22%3A%220%22%2C%22wc%22%3Atrue%2C%22ul%22%3A%5B%22en-US%22%2C%22en%22%5D%2C%22uad%22%3A%7B%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%2C%22uaFullVersion%22%3A%22%22%7D%2C%22btv%22%3A%220%22%2C%22cos%22%3A%224g%22%2C%22plf%22%3A%7B%22stop_tslt%22%3Atrue%7D%2C%22bu%22%3A%22https%3A%2F%2Fgempak.com%2F%2F404%22%2C%22vpi%22%3A%22%2F%2F404%22%2C%22e%22%3A%22https%3A%2F%2Fvoting.astro.com.my%2F%22%2C%22bad%22%3A-1%2C%22sw%22%3A1600%2C%22sh%22%3A1200%2C%22bw%22%3A1600%2C%22sde%22%3A%221.000%22%2C%22bh%22%3A1200%2C%22dw%22%3A1600%2C%22dh%22%3A2921%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-t2m%22%2C%22s%22%3A6%2C%22uim%22%3A%22alternating-thumbnails-a%3Aabp%3D0%22%2C%22uip%22%3A%22Below%20Article%20Thumbnails%22%2C%22orig_uip%22%3A%22Below%20Article%20Thumbnails%22%2C%22cd%22%3A337%2C%22mw%22%3A1280%2C%22fi%22%3A5%2C%22fb%22%3A2%2C%22fti%22%3A%22delta-override%3A10635806%3APUBLISHED%22%7D%5D%2C%22cacheKey%22%3A%22text%3D%2F%2F404%2CBelow%20Article%20Thumbnails%3Dalternating-thumbnails-a%3Aabp%3D0%22%2C%22cb%22%3A%22TRC.callbacks.recommendations_2%22%2C%22lt%22%3A%22deflated%22%7D&llvl=2
Requested by
Host: voting.astro.com.my
URL: https://voting.astro.com.my/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
4dbf3b55079aab49fd1b19ce1547a10b60122b34046b6d89b5d8ab18dccb85f0

Request headers

Referer
https://gempak.com//404
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type
text/plain

Response headers

x-vcl-time-ms
555
date
Wed, 29 Nov 2023 15:43:01 GMT
content-encoding
gzip
via
1.1 varnish
cpu
1.0254166666666666
x-fastly-to-nlb-rtt
13904
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
x-service-version
v1
x-served-by
cache-cph2320056-CPH
x-log-content-encoding
gzip
server
nginx
x-timer
S1701272581.816801,VS0,VE555
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
https://gempak.com
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
0
bulk-metrics
am-trc-events.taboola.com/astromediasolutions-gempak/log/3/ 		0
242 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://am-trc-events.taboola.com/astromediasolutions-gempak/log/3/bulk-metrics?tvi2=14111&tvi48=10638&route=AM%3AAM%3AV&lti=deflated&bulkSize=5
Requested by
Host: voting.astro.com.my
URL: https://voting.astro.com.my/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://gempak.com//404
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
https://gempak.com
pragma
no-cache
date
Wed, 29 Nov 2023 15:43:00 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
7c4382bb0d05657b5da5a5532284a104.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_750%2Cw_1500%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		91 KB
92 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_750%2Cw_1500%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/7c4382bb0d05657b5da5a5532284a104.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
7945ac533997310952de7ea4993a3145ccd8753222940b91791bf6e0aa1ffa28

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gempak.com//404
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-vcl-time-ms
3
date
Wed, 29 Nov 2023 15:43:00 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_750%2Cw_1500%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/7c4382bb0d05657b5da5a5532284a104.jpg
age
1912634
edge-cache-tag
528326198749591602514369199879795052580,618870499114759607638041997254694977048,29ecf9b93bbf306179626feeda1fab70
cache-tag
528326198749591602514369199879795052580,618870499114759607638041997254694977048,29ecf9b93bbf306179626feeda1fab70
x-cache
Miss from cloudfront, MISS, MISS, HIT, HIT, HIT
x-envoy-upstream-service-time
506
expiration
expiry-date="Mon, 27 Nov 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://24.hu/
content-length
92922
x-backend-name
LA_nlb203
x-served-by
cache-iad-kcgs7200064-IAD, cache-iad-kiad7000175-IAD, cache-lax-kwhp1940043-LAX, cache-iad-kcgs7200079-IAD, cache-cph2320056-CPH
last-modified
Fri, 27 Oct 2023 14:01:35 GMT
server
nginx
surrogate-reporting
width=1071,height=535,bytes=78158,owidth=1071,oheight=659,obytes=898016
x-timer
S1701272581.840582,VS0,VE3
etag
"a32a8b5a25f77d49123be6966b688e51"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 1, 17, 1
40a130b827e3a4aab9b0c29f82abd4b0.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_423%2Cw_760%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		48 KB
49 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_423%2Cw_760%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/40a130b827e3a4aab9b0c29f82abd4b0.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
f992ef717c41ea0f59eb313449f7561ff6ea24d60a0ba146b31036449750ae4b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gempak.com//404
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-vcl-time-ms
86
date
Wed, 29 Nov 2023 15:43:00 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_423%2Cw_760%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/40a130b827e3a4aab9b0c29f82abd4b0.png
age
2417866
edge-cache-tag
512739054568143007550823833219498929802,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
cache-tag
512739054568143007550823833219498929802,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
x-cache
MISS, HIT, HIT, HIT, MISS
x-envoy-upstream-service-time
303
expiration
expiry-date="Mon, 23 Oct 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://www.giga.de/
content-length
48788
x-backend-name
US_nlb102
x-served-by
cache-iad-kjyo7100140-IAD, cache-iad-kjyo7100140-IAD, cache-lga21939-LGA, cache-iad-kiad7000159-IAD, cache-cph2320056-CPH
last-modified
Fri, 22 Sep 2023 14:18:03 GMT
server
nginx
surrogate-reporting
width=1000,height=555,bytes=110471,owidth=1000,oheight=600,obytes=843554
x-timer
S1701272581.840667,VS0,VE86
etag
"cb1aef2620eeb2aa1ce0dcb852f2510a"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 33, 1, 14, 0
ckjsuigb6gmtqyagrovl.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_423%2Cw_760%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//c3.taboola.com/libtrc/static/thumbnails/so_auto/f_jpg/v1698032951/ 		14 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_423%2Cw_760%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//c3.taboola.com/libtrc/static/thumbnails/so_auto/f_jpg/v1698032951/ckjsuigb6gmtqyagrovl.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
0fdd62dadc4b24ef29ab25fda195eedeb7345107e26c1e65e2fa4badbd151d80

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gempak.com//404
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Wed, 29 Nov 2023 15:43:00 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_423%2Cw_760%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//c3.taboola.com/libtrc/static/thumbnails/so_auto/f_jpg/v1698032951/ckjsuigb6gmtqyagrovl.jpg
age
1982593
edge-cache-tag
385271977118036872208746654679625337693,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
cache-tag
385271977118036872208746654679625337693,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
x-cache
Miss from cloudfront, MISS, HIT, HIT, HIT, HIT
x-envoy-upstream-service-time
281
expiration
expiry-date="Thu, 23 Nov 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://www.mopo.de/
content-length
14490
x-backend-name
LA_nlb204
x-served-by
cache-iad-kjyo7100170-IAD, cache-iad-kjyo7100148-IAD, cache-lax-kwhp1940041-LAX, cache-iad-kjyo7100051-IAD, cache-cph2320056-CPH
last-modified
Mon, 23 Oct 2023 03:58:42 GMT
server
nginx
surrogate-reporting
width=800,height=444,bytes=21721,owidth=800,oheight=450,obytes=19642
x-timer
S1701272581.842204,VS0,VE0
etag
"ab9186798628b0d9392ff82cc5c7f441"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 1, 3714, 113
b14ece108ff25cddbcc46079312f9877.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_750%2Cw_1500%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		112 KB
113 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_750%2Cw_1500%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/b14ece108ff25cddbcc46079312f9877.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
3bddcab031ae76b1b42900840d46b5a03c0fd556e286c17d9dd934292883f76f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gempak.com//404
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-vcl-time-ms
6
date
Wed, 29 Nov 2023 15:43:00 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_750%2Cw_1500%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/b14ece108ff25cddbcc46079312f9877.jpg
age
1404774
edge-cache-tag
533022399904098135448809622611966953881,588110943443000055148103821789501219624,29ecf9b93bbf306179626feeda1fab70
cache-tag
533022399904098135448809622611966953881,588110943443000055148103821789501219624,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
Miss from cloudfront, MISS, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time
1305
req-referer
https://www.lkz.de/
content-length
115042
x-request-id
124464fef5bde69aecd1cf2ecc3dab38
x-backend-name
CH_nlb803
x-served-by
cache-iad-kcgs7200080-IAD, cache-iad-kiad7000074-IAD, cache-chi-klot8100125-CHI, cache-iad-kcgs7200091-IAD, cache-cph2320056-CPH
last-modified
Fri, 10 Nov 2023 19:36:06 GMT
server
nginx
surrogate-reporting
width=1500,height=750,bytes=174878,owidth=4032,oheight=3024,obytes=2214521
x-timer
S1701272581.842268,VS0,VE6
etag
"15b501c24b78ae6e2c4e5f7da22ee3d2"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 0, 7, 1
s6eq7xv817cyf0q3dhyz.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_423%2Cw_760%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//c3.taboola.com/libtrc/static/thumbnails/so_auto/f_jpg/v1696455962/ 		15 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_423%2Cw_760%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//c3.taboola.com/libtrc/static/thumbnails/so_auto/f_jpg/v1696455962/s6eq7xv817cyf0q3dhyz.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
ef8935acbc35ec745965c0d7149de04e09b991d30b3586887165480cee202fa5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gempak.com//404
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Wed, 29 Nov 2023 15:43:00 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_423%2Cw_760%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//c3.taboola.com/libtrc/static/thumbnails/so_auto/f_jpg/v1696455962/s6eq7xv817cyf0q3dhyz.jpg
age
4816600
edge-cache-tag
399410518928596127609236110978288009217,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
cache-tag
399410518928596127609236110978288009217,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
Miss from cloudfront, MISS, HIT, HIT, HIT, HIT
x-envoy-upstream-service-time
150
req-referer
https://www.mopo.de/
content-length
15746
x-request-id
a3f72b5b5b79829d33fd9c4e30473852
x-backend-name
CH_nlb803
x-served-by
cache-iad-kjyo7100043-IAD, cache-iad-kjyo7100043-IAD, cache-chi-kigq8000115-CHI, cache-iad-kiad7000088-IAD, cache-cph2320056-CPH
last-modified
Wed, 04 Oct 2023 21:46:20 GMT
server
nginx
surrogate-reporting
width=800,height=444,bytes=20603,owidth=800,oheight=450,obytes=19400
x-timer
S1701272581.842616,VS0,VE1
etag
"ab42907bd86d826c0e3fc6fe5637da74"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 72, 1, 243, 1
0d9b92bffa60f41338e32c57b3cd3ec1.jpg
images.taboola.com/taboola/image/fetch/h_423,w_760,c_pad,b_auto/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		16 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/h_423,w_760,c_pad,b_auto/http%3A//cdn.taboola.com/libtrc/static/thumbnails/0d9b92bffa60f41338e32c57b3cd3ec1.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
2d9b55eebc9b1af96c1e6f6d9937736cd1ec8e87315887fe68ef5cdc44496494

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gempak.com//404
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Wed, 29 Nov 2023 15:43:00 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/h_423,w_760,c_pad,b_auto/http%3A//cdn.taboola.com/libtrc/static/thumbnails/0d9b92bffa60f41338e32c57b3cd3ec1.jpg
age
3518547
edge-cache-tag
424673378597492686946214083941920236861,361339568627806578574169180252383295844,29ecf9b93bbf306179626feeda1fab70
cache-tag
424673378597492686946214083941920236861,361339568627806578574169180252383295844,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
Miss from cloudfront, MISS, HIT, HIT, HIT, HIT
x-envoy-upstream-service-time
144
req-referer
https://www.mopo.de/
content-length
16660
x-request-id
6187a726fa7976ede63c8b1392184ae4
x-backend-name
LA_nlb202
x-served-by
cache-iad-kiad7000038-IAD, cache-iad-kiad7000038-IAD, cache-lax-kwhp1940039-LAX, cache-iad-kcgs7200111-IAD, cache-cph2320056-CPH
last-modified
Wed, 18 Oct 2023 12:57:35 GMT
server
nginx
surrogate-reporting
width=1080,height=600,bytes=75509,owidth=1067,oheight=600,obytes=42725
x-timer
S1701272581.843154,VS0,VE0
etag
"97d4463b8509baf01f7eedcc918439fb"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 63, 1, 13, 2
ads
securepubads.g.doubleclick.net/gampad/ 		27 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1617186540678678&correlator=3654033511026368&eid=31079527&output=ldjh&gdfp_req=1&vrg=202311150101&ptt=17&impl=fifs&iu_parts=142680780%2CMBNS_Gempak%2CMBNS_Gempak_ROS_MREC_300x250_300x600_TOP&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=300x250&ifi=6&sfv=1-0-40&sc=1&cookie_enabled=1&abxe=1&dt=1701272580837&lmt=1696403103&adxs=-12245933&adys=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=6&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fgempak.com%2F%2F404&ref=https%3A%2F%2Fvoting.astro.com.my%2F&vis=1&psz=1600x0&msz=0x0&fws=132&ohw=1600&ga_vid=1730769388.1701272577&ga_sid=1701272581&ga_hid=1490772153&ga_fc=true&dlt=1701272576137&idt=957&cust_params=amznbid%3D0%26amznp%3D0%26environment%3Dproduction%26site%3Dgempak%26language%3Dbm%26articleid%3D%26category%3D%26page%3Darticle&adks=1052546453&frm=20
Requested by
Host: voting.astro.com.my
URL: https://voting.astro.com.my/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
252b2f10581698d9b321920fd01e1b80aaed9e8c5669877723e6b0c234d4bec1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gempak.com//404
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 29 Nov 2023 15:43:01 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12663
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://gempak.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: voting.astro.com.my
URL: https://voting.astro.com.my/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gempak.com//404
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 29 Nov 2023 15:43:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 29 Nov 2023 15:43:00 GMT
analytics.js
www.google-analytics.com/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: voting.astro.com.my
URL: https://voting.astro.com.my/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gempak.com//404
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Wed, 29 Nov 2023 13:49:38 GMT
last-modified
Mon, 12 Jun 2023 18:23:07 GMT
server
Golfe2
age
6802
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Wed, 29 Nov 2023 15:49:38 GMT
ckjsuigb6gmtqyagrovl.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_423%2Cw_760%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//c3.taboola.com/libtrc/static/thumbnails/so_auto/f_jpg/v1698032951/ 		14 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_423%2Cw_760%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//c3.taboola.com/libtrc/static/thumbnails/so_auto/f_jpg/v1698032951/ckjsuigb6gmtqyagrovl.jpg
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20231129-9-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
0fdd62dadc4b24ef29ab25fda195eedeb7345107e26c1e65e2fa4badbd151d80

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gempak.com//404
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Wed, 29 Nov 2023 15:43:00 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_423%2Cw_760%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//c3.taboola.com/libtrc/static/thumbnails/so_auto/f_jpg/v1698032951/ckjsuigb6gmtqyagrovl.jpg
age
1982593
edge-cache-tag
385271977118036872208746654679625337693,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
cache-tag
385271977118036872208746654679625337693,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
x-cache
Miss from cloudfront, MISS, HIT, HIT, HIT, HIT
x-envoy-upstream-service-time
281
expiration
expiry-date="Thu, 23 Nov 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://www.mopo.de/
content-length
14490
x-backend-name
LA_nlb204
x-served-by
cache-iad-kjyo7100170-IAD, cache-iad-kjyo7100148-IAD, cache-lax-kwhp1940041-LAX, cache-iad-kjyo7100051-IAD, cache-cph2320056-CPH
last-modified
Mon, 23 Oct 2023 03:58:42 GMT
server
nginx
surrogate-reporting
width=800,height=444,bytes=21721,owidth=800,oheight=450,obytes=19642
x-timer
S1701272581.905862,VS0,VE0
etag
"ab9186798628b0d9392ff82cc5c7f441"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 1, 3714, 114
increment
id5-sync.com/api/esp/ 		0
226 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/api/esp/increment?counter=no-config
Requested by
Host: voting.astro.com.my
URL: https://voting.astro.com.my/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.82 Frankfurt am Main, Germany, ASN16276 (OVH, FR),
Reverse DNS
ns31532337.ip-162-19-138.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://gempak.com//404
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://gempak.com
date
Wed, 29 Nov 2023 15:43:00 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
esp
oajs.openx.net/
Redirect Chain
  • https://oajs.openx.net/esp?url=https%3A%2F%2Fgempak.com%2F%2F404&rid=esp
  • https://oajs.openx.net/esp?url=https%3A%2F%2Fgempak.com%2F%2F404&rid=esp&cc=1
85 B
203 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://oajs.openx.net/esp?url=https%3A%2F%2Fgempak.com%2F%2F404&rid=esp&cc=1
Protocol
H2
Server
34.120.107.143 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
143.107.120.34.bc.googleusercontent.com
Software
/ Express
Resource Hash
6b733d841288a3cd0a0362eab6213def6bda9af70cab46a4bfe5a26870d8a1a8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gempak.com//404
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 29 Nov 2023 15:43:01 GMT
via
1.1 google
x-powered-by
Express
etag
W/"55-xQlN+U6I64Wg0HsXEOmU3vxc1vA"
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gempak.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
85

Redirect headers

date
Wed, 29 Nov 2023 15:43:01 GMT
via
1.1 google
x-powered-by
Express
vary
Origin
access-control-allow-origin
https://gempak.com
location
/esp?url=https%3A%2F%2Fgempak.com%2F%2F404&rid=esp&cc=1
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
map
bcp.crwdcntrl.net/6/ 		60 B
329 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bcp.crwdcntrl.net/6/map
Requested by
Host: voting.astro.com.my
URL: https://voting.astro.com.my/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.241.138.233 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-241-138-233.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
a3f75b6029afca74376dc86b33ce875dc9e5bfc7df7133c56660a9dd2315045a

Request headers

Referer
https://gempak.com//404
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Wed, 29 Nov 2023 15:43:00 GMT
server
Jetty(9.4.38.v20210224)
content-type
application/json;charset=utf-8
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
https://gempak.com
cache-control
no-cache
x-server
10.45.23.95
access-control-allow-credentials
true
content-length
60
expires
0
https%3A%2F%2Fcdn.taboola.com%2Flibtrc%2Fstatic%2Fvideo%2Fv1698032951%2Fckjsuigb6gmtqyagrovl.mp4
videos.taboola.com/taboola/video/fetch/q_auto:low/ 		69 KB
70 KB 		Media
General
Check archive.org
Download Go to
Full URL
https://videos.taboola.com/taboola/video/fetch/q_auto:low/https%3A%2F%2Fcdn.taboola.com%2Flibtrc%2Fstatic%2Fvideo%2Fv1698032951%2Fckjsuigb6gmtqyagrovl.mp4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Cloudinary /
Resource Hash
1735dc7d9457fadc0a3ca783a76a0c19f073c4e2ee94f68bfaa3c7433d7e7c96
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

Referer
https://gempak.com//404
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Range
bytes=0-

Response headers

strict-transport-security
max-age=604800
via
1.1 varnish, 1.1 varnish
x-content-type-options
nosniff
date
Wed, 29 Nov 2023 15:43:00 GMT
age
96336
x-cache
HIT, HIT
Content-Range
bytes 0-70457/70458
server-timing
cld-akam;mitm=f;dur=1485;cpu=1455;start=2023-10-23T17:20:13.863Z;desc=miss,rtt;dur=0,content-info;desc="width=800,height=450,abps=13726,fps=30.0,du=5.133,vc=\"h264\",bytes=70458,owidth=800,oheight=450,oabps=19966,ofps=30.0,odu=5.133,ovc=\"h264\",obytes=102493,oformat=\"mp4\"",cloudinary;dur=20;start=2023-10-23T17:20:15.318Z
Content-Length
70458
x-backend-name
fastlyshield--shield_cache_iad_kjyo7100120_IAD
x-served-by
cache-iad-kjyo7100120-IAD, cache-cph2320056-CPH
last-modified
Mon, 23 Oct 2023 17:20:16 GMT
server
Cloudinary
x-timer
S1701272581.959169,VS0,VE1
etag
"85f17315d94e15a292d075777955c02d"
vary
/video/fetch/q_auto:low/https%3A%2F%2Fcdn.taboola.com%2Flibtrc%2Fstatic%2Fvideo%2Fv1698032951%2Fckjsuigb6gmtqyagrovl.mp4
content-type
video/mp4;codecs=avc1
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Disposition,Content-Range,Etag,Server-Timing,Vary,X-Cld-Error,X-Content-Type-Options
cache-control
public, max-age=2592000
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
165958, 0
s6eq7xv817cyf0q3dhyz.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_423%2Cw_760%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//c3.taboola.com/libtrc/static/thumbnails/so_auto/f_jpg/v1696455962/ 		15 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_423%2Cw_760%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//c3.taboola.com/libtrc/static/thumbnails/so_auto/f_jpg/v1696455962/s6eq7xv817cyf0q3dhyz.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
ef8935acbc35ec745965c0d7149de04e09b991d30b3586887165480cee202fa5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gempak.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Wed, 29 Nov 2023 15:43:00 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_423%2Cw_760%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//c3.taboola.com/libtrc/static/thumbnails/so_auto/f_jpg/v1696455962/s6eq7xv817cyf0q3dhyz.jpg
age
4816600
edge-cache-tag
399410518928596127609236110978288009217,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
cache-tag
399410518928596127609236110978288009217,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
Miss from cloudfront, MISS, HIT, HIT, HIT, HIT
x-envoy-upstream-service-time
150
req-referer
https://www.mopo.de/
content-length
15746
x-request-id
a3f72b5b5b79829d33fd9c4e30473852
x-backend-name
CH_nlb803
x-served-by
cache-iad-kjyo7100043-IAD, cache-iad-kjyo7100043-IAD, cache-chi-kigq8000115-CHI, cache-iad-kiad7000088-IAD, cache-cph2320056-CPH
last-modified
Wed, 04 Oct 2023 21:46:20 GMT
server
nginx
surrogate-reporting
width=800,height=444,bytes=20603,owidth=800,oheight=450,obytes=19400
x-timer
S1701272581.941288,VS0,VE0
etag
"ab42907bd86d826c0e3fc6fe5637da74"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 72, 1, 243, 2
0d9b92bffa60f41338e32c57b3cd3ec1.jpg
images.taboola.com/taboola/image/fetch/h_423,w_760,c_pad,b_auto/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		16 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/h_423,w_760,c_pad,b_auto/http%3A//cdn.taboola.com/libtrc/static/thumbnails/0d9b92bffa60f41338e32c57b3cd3ec1.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
2d9b55eebc9b1af96c1e6f6d9937736cd1ec8e87315887fe68ef5cdc44496494

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gempak.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Wed, 29 Nov 2023 15:43:00 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/h_423,w_760,c_pad,b_auto/http%3A//cdn.taboola.com/libtrc/static/thumbnails/0d9b92bffa60f41338e32c57b3cd3ec1.jpg
age
3518547
edge-cache-tag
424673378597492686946214083941920236861,361339568627806578574169180252383295844,29ecf9b93bbf306179626feeda1fab70
cache-tag
424673378597492686946214083941920236861,361339568627806578574169180252383295844,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
Miss from cloudfront, MISS, HIT, HIT, HIT, HIT
x-envoy-upstream-service-time
144
req-referer
https://www.mopo.de/
content-length
16660
x-request-id
6187a726fa7976ede63c8b1392184ae4
x-backend-name
LA_nlb202
x-served-by
cache-iad-kiad7000038-IAD, cache-iad-kiad7000038-IAD, cache-lax-kwhp1940039-LAX, cache-iad-kcgs7200111-IAD, cache-cph2320056-CPH
last-modified
Wed, 18 Oct 2023 12:57:35 GMT
server
nginx
surrogate-reporting
width=1080,height=600,bytes=75509,owidth=1067,oheight=600,obytes=42725
x-timer
S1701272581.941275,VS0,VE0
etag
"97d4463b8509baf01f7eedcc918439fb"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 63, 1, 13, 3
view
securepubads.g.doubleclick.net/pcs/ Frame C850 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsu4FvUaWrq8t2uqiuhIpcCpBlPYwWx89LVS8Y2CfSpSAeiNVke8jGIq7wPaPA6hYUhXo2SK8sLegsy3sWGvTT-eRl22sjOYAv2sypIVPQxM0ry3Nilf-hL5vXiXb26ng15eQhYVxlJ0nuTm-IPctNmgo_eUC46P8iTrEi2b9DUWfFECUKmnrFxXrzz9YeR2qedhYWcq6N7suDqINnBuChr9IsINev0tYEYZtL5zRtXYgbaQiXOnQ7uTW4IQUXSIAKe5az-rBfV-SdNCatqrVSAHEMuE4SLKDkPyv-9DgxISMfauwKMu9SAkBsgALVDOnpciEIQysrGx0wSpPjIqG9EgkxbTPMlFEl_DAGjakONfcFgHsk5f4gdkG2rxPZwkmPHNEEOt4bju30ze08N_cnq1ZMWIHrc-N8qBNXcNnUu9GpXPCi8EFgQ&sai=AMfl-YRTzP2iOsajG1ghhEVnCX1G95-Xh4mEtykESFuLphZlZ7dJU5ejnF1fX-K5gLS1-NEEsm7jyb1XGbSneBovFn2RjMFh9C6vQ-2ryBEEQYarJiFdA2iKltB_VubzXiMvEvpD7BIqsH7Y1A&sig=Cg0ArKJSzHWgOC5NaxwxEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=
Requested by
Host: voting.astro.com.my
URL: https://voting.astro.com.my/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gempak.com//404
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 29 Nov 2023 15:43:00 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
xd17s.js
geo.dailymotion.com/libs/player/ Frame C850 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://geo.dailymotion.com/libs/player/xd17s.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311150101/pubads_impl.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
188.65.124.90 Paris, France, ASN41690 (DAILYMOTION For peering related business, please mail peering@dailymotion.com, FR),
Reverse DNS
fp.dc3.dailymotion.com
Software
DMS/1.0.42 /
Resource Hash
00390d42c88f9316e53dbb853786cdc00fd3890197de721058d4f03352af1f44
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31708800; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gempak.com//404
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Security-Policy
upgrade-insecure-requests
Content-Encoding
gzip
Referrer-Policy
strict-origin-when-cross-origin
Date
Wed, 29 Nov 2023 15:43:01 GMT
Server
DMS/1.0.42
Strict-Transport-Security
max-age=31708800; includeSubDomains; preload
Expect-Ct
max-age=0, report-uri="https://www.dailymotion.com/content_security_policy_report_uri"
Content-Security-Policy-Report-Only
default-src https: blob: wss: data: android-webview-video-poster: android-webview: chrome-extension: safari-extension: 'unsafe-eval' 'unsafe-inline'; report-uri https://www.dailymotion.com/content_security_policy_report_uri
Vary
X-DM-SSL, Accept-Encoding
Content-Type
application/javascript; charset=utf-8
Cache-Control
no-cache, no-store
Server-Timing
total;dur=20, dc;desc="dc3"
Timing-Allow-Origin
*
Link
<https://www.dailymotion.com>; rel="preconnect"; crossorigin="use-credentials", <https://static1.dmcdn.net>; rel="preconnect"; crossorigin="anonymous"
Content-Length
13345
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame C850 		202 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311150101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d00881661ce5e766ce98430f69d6d217ab80bdfa98811e039afc92a327d57a68
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gempak.com//404
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 29 Nov 2023 15:43:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
65070
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1700193896630564"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 29 Nov 2023 15:43:00 GMT
7c4382bb0d05657b5da5a5532284a104.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_750%2Cw_1500%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		91 KB
92 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_750%2Cw_1500%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/7c4382bb0d05657b5da5a5532284a104.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
7945ac533997310952de7ea4993a3145ccd8753222940b91791bf6e0aa1ffa28

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gempak.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Wed, 29 Nov 2023 15:43:00 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_750%2Cw_1500%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/7c4382bb0d05657b5da5a5532284a104.jpg
age
1912634
edge-cache-tag
528326198749591602514369199879795052580,618870499114759607638041997254694977048,29ecf9b93bbf306179626feeda1fab70
cache-tag
528326198749591602514369199879795052580,618870499114759607638041997254694977048,29ecf9b93bbf306179626feeda1fab70
x-cache
Miss from cloudfront, MISS, MISS, HIT, HIT, HIT
x-envoy-upstream-service-time
506
expiration
expiry-date="Mon, 27 Nov 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://24.hu/
content-length
92922
x-backend-name
LA_nlb203
x-served-by
cache-iad-kcgs7200064-IAD, cache-iad-kiad7000175-IAD, cache-lax-kwhp1940043-LAX, cache-iad-kcgs7200079-IAD, cache-cph2320056-CPH
last-modified
Fri, 27 Oct 2023 14:01:35 GMT
server
nginx
surrogate-reporting
width=1071,height=535,bytes=78158,owidth=1071,oheight=659,obytes=898016
x-timer
S1701272581.995141,VS0,VE0
etag
"a32a8b5a25f77d49123be6966b688e51"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 1, 17, 2
b14ece108ff25cddbcc46079312f9877.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_750%2Cw_1500%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		112 KB
113 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_750%2Cw_1500%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/b14ece108ff25cddbcc46079312f9877.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
3bddcab031ae76b1b42900840d46b5a03c0fd556e286c17d9dd934292883f76f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gempak.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Wed, 29 Nov 2023 15:43:00 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_750%2Cw_1500%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/b14ece108ff25cddbcc46079312f9877.jpg
age
1404774
edge-cache-tag
533022399904098135448809622611966953881,588110943443000055148103821789501219624,29ecf9b93bbf306179626feeda1fab70
cache-tag
533022399904098135448809622611966953881,588110943443000055148103821789501219624,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
Miss from cloudfront, MISS, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time
1305
req-referer
https://www.lkz.de/
content-length
115042
x-request-id
124464fef5bde69aecd1cf2ecc3dab38
x-backend-name
CH_nlb803
x-served-by
cache-iad-kcgs7200080-IAD, cache-iad-kiad7000074-IAD, cache-chi-klot8100125-CHI, cache-iad-kcgs7200091-IAD, cache-cph2320056-CPH
last-modified
Fri, 10 Nov 2023 19:36:06 GMT
server
nginx
surrogate-reporting
width=1500,height=750,bytes=174878,owidth=4032,oheight=3024,obytes=2214521
x-timer
S1701272581.995158,VS0,VE0
etag
"15b501c24b78ae6e2c4e5f7da22ee3d2"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 0, 7, 2
supply-feature
am-trc-events.taboola.com/astromediasolutions-gempak/log/3/ 		0
230 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://am-trc-events.taboola.com/astromediasolutions-gempak/log/3/supply-feature?route=AM:AM:V&tvi2=14111&tvi48=10638&lti=deflated&ri=59356f5b35678d494b487b4619aa1531&sd=v2_e65d556915af69f6f3b522af66468171_ba57726b-eb8f-4269-8afc-b3b4aca83f50-tuctc60e184_1701272580_1701272580_CJK00wEQwIFYGNjg_d3BMSABKAEwODib4wlAhIoQSNTJ2QNQ____________AVgAYABo5-D4sc3qn58xcAA&ui=ba57726b-eb8f-4269-8afc-b3b4aca83f50-tuctc60e184&pi=//404&wi=-3422900815001796584&pt=text&vi=1701272580184&d=%7B%22event_type%22%3A%22distance_from_article%22%2C%22event_state%22%3A%22reported%22%2C%22event_value%22%3A%22370.125%22%2C%22event_msg%22%3A%22%22%2C%22event_key%22%3A%22%22%7D&tim=16%3A43%3A00.981&id=84&llvl=2&cv=20231129-9-RELEASE&
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gempak.com//404
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Wed, 29 Nov 2023 15:43:00 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
syncframe
gum.criteo.com/ Frame 16D0 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=gempak.com
Requested by
Host: voting.astro.com.my
URL: https://voting.astro.com.my/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
08106c7bf341e3850ac42fe1844e6a66013f726e6927a91c2b965a6861c97121
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://gempak.com//404
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
private, max-age=3600
content-encoding
gzip
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Wed, 29 Nov 2023 15:43:00 GMT
server
Kestrel
server-processing-duration-in-ticks
260035
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
40a130b827e3a4aab9b0c29f82abd4b0.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_423%2Cw_760%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		48 KB
49 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_423%2Cw_760%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/40a130b827e3a4aab9b0c29f82abd4b0.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
f992ef717c41ea0f59eb313449f7561ff6ea24d60a0ba146b31036449750ae4b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gempak.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Wed, 29 Nov 2023 15:43:01 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_423%2Cw_760%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/40a130b827e3a4aab9b0c29f82abd4b0.png
age
2417866
edge-cache-tag
512739054568143007550823833219498929802,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
cache-tag
512739054568143007550823833219498929802,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
x-cache
MISS, HIT, HIT, HIT, HIT
x-envoy-upstream-service-time
303
expiration
expiry-date="Mon, 23 Oct 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://www.giga.de/
content-length
48788
x-backend-name
US_nlb102
x-served-by
cache-iad-kjyo7100140-IAD, cache-iad-kjyo7100140-IAD, cache-lga21939-LGA, cache-iad-kiad7000159-IAD, cache-cph2320056-CPH
last-modified
Fri, 22 Sep 2023 14:18:03 GMT
server
nginx
surrogate-reporting
width=1000,height=555,bytes=110471,owidth=1000,oheight=600,obytes=843554
x-timer
S1701272581.054953,VS0,VE0
etag
"cb1aef2620eeb2aa1ce0dcb852f2510a"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 33, 1, 14, 1
GSwcapvLrEq.css
static.xx.fbcdn.net/rsrc.php/v3/yx/l/0,cross/ Frame 0B36 		20 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yx/l/0,cross/GSwcapvLrEq.css?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FPortalAstroGempak%2F&width=340&height=214&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
13e64e2153618f475e94e0e85fa68c9ce910cfc9b24ca9d44fa546a7d2020a24
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 29 Nov 2023 15:43:01 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
xXCq6/qryia0kWXvm23HIA==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
5237
reporting-endpoints
x-fb-debug
m8jC6j85iCVzBohDrkPASbR6irlm/BmH0GOCqulNrAqFZ6F+kg5U6wNAYPHKOyMTT9w0RiB8JnQ7iTpzzyBVbQ==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
text/css; charset=utf-8
access-control-allow-origin
https://www.facebook.com
origin-agent-cluster
?0
cache-control
public,max-age=31536000,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
expires
Mon, 18 Nov 2024 16:46:31 GMT
3-b-uOZP-xr.css
static.xx.fbcdn.net/rsrc.php/v3/yP/l/0,cross/ Frame 0B36 		21 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yP/l/0,cross/3-b-uOZP-xr.css?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FPortalAstroGempak%2F&width=340&height=214&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
371efc0115ad875d3c13d4949c769a620a7e3281360130b1213394ea3a076591
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 29 Nov 2023 15:43:01 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
jRfVbDVk7GDyS7cYEB9/Hw==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
4900
reporting-endpoints
x-fb-debug
aC9X7kZRcJySlg82awxsBmL2iUVdgxGV+Azw6NWihvaElmeoUeV7XluIuT8FIVcsKXzY8KQnbq92eduaV4wpOw==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
text/css; charset=utf-8
access-control-allow-origin
https://www.facebook.com
origin-agent-cluster
?0
cache-control
public,max-age=31536000,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
expires
Tue, 26 Nov 2024 15:34:17 GMT
V-GL57iHfEB.css
static.xx.fbcdn.net/rsrc.php/v3/y9/l/0,cross/ Frame 0B36 		33 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/y9/l/0,cross/V-GL57iHfEB.css?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FPortalAstroGempak%2F&width=340&height=214&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
d1ea19a19ec8d6220550ff2184b4c0b90caae3b46865454cc42f803d52d2562e
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 29 Nov 2023 15:43:01 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
wItLblWsAEMAkZNj3Qggsw==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
6438
reporting-endpoints
x-fb-debug
aS4JTCQtbzQf3kI6Ehfd6+V8StDAfKVVry4KnfoJdoItvFGercbDkhNgNpvW+8QbW5eZiwugvfkbNPuVf4k9Sg==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
text/css; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
expires
Sat, 23 Nov 2024 18:21:18 GMT
cH_K1_w2EdK.js
static.xx.fbcdn.net/rsrc.php/v3/yW/r/ Frame 0B36 		354 KB
92 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yW/r/cH_K1_w2EdK.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FPortalAstroGempak%2F&width=340&height=214&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
e6bc44b365258db3749115c394eb2793bcb8ebaa55c10e8ff8dce79751e4c669
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 29 Nov 2023 15:43:01 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
7aKf4CiyT4d8pqHnl4MdLA==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
93675
reporting-endpoints
x-fb-debug
ljk512nvIRj6Ij2w8LL9jjmqf++tP8CAHifn1MWPGYLrWGiNxvrQQCUgMvPVh6U5dPd1jApP51sjXV9b6RrUAQ==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
expires
Wed, 27 Nov 2024 21:55:50 GMT
H8MPoQ5frc4.js
static.xx.fbcdn.net/rsrc.php/v3/yF/r/ Frame 0B36 		94 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yF/r/H8MPoQ5frc4.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FPortalAstroGempak%2F&width=340&height=214&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
a829be17a754656d432e07ca56e9bc8c952d019afc6f7086a28cb51ef7f5c9cc
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 29 Nov 2023 15:43:01 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
3EHqDPjTL8H3q3WerHsCoQ==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
27461
reporting-endpoints
x-fb-debug
StEjx6jFC/pAftWeRfYuGrQqd+A0278u83I5++hODW+97We8LWdthqgK/OA3rhnasFo4Uz6aCNZ88z/rYh5quQ==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
expires
Sat, 23 Nov 2024 18:20:15 GMT
tbb6w30TkDN.js
static.xx.fbcdn.net/rsrc.php/v3/yz/r/ Frame 0B36 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yz/r/tbb6w30TkDN.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FPortalAstroGempak%2F&width=340&height=214&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
baa47cb028f5878356baacb8c2760dbc85b3695c4fe1c346e26b4b978eb0100f
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 29 Nov 2023 15:43:01 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
HCL+u+2LMSrM7ELnarU2bQ==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
2226
reporting-endpoints
x-fb-debug
Fj9lcin1Oce5p0T3zP36C/8x3+lWqWfSZy+4sNcCZqpVyFAKNaFfrA8yJMUpXWnczcft+c0ivm4i6A7jubgzDg==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
expires
Thu, 21 Nov 2024 19:40:39 GMT
uK1oiHJVa8d.js
static.xx.fbcdn.net/rsrc.php/v3/yv/r/ Frame 0B36 		52 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yv/r/uK1oiHJVa8d.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FPortalAstroGempak%2F&width=340&height=214&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
20eb692d7e54b1992776015beb0cc19aa121ebbcc37f6e5ee59d5b0f03a6b558
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 29 Nov 2023 15:43:01 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
mTTo/RpDZavyXbvvIYyIzA==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
16769
reporting-endpoints
x-fb-debug
Z0UXQ49D1Uvn0FZZDKyo/uWRBoSSx/ijoobu1Ct0c57D9mLM3djZtfOmi771AeY4U4M70FG7A0ZF28CP3dJRyA==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
expires
Sat, 23 Nov 2024 18:20:15 GMT
BdZkwffUSJu.js
static.xx.fbcdn.net/rsrc.php/v3iAxA4/yb/l/de_DE/ Frame 0B36 		71 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3iAxA4/yb/l/de_DE/BdZkwffUSJu.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FPortalAstroGempak%2F&width=340&height=214&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
9aa6501ff5395d8b36bfb5dd589c2c94fb6e4b04fadac7be66b754d103563412
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 29 Nov 2023 15:43:01 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
rrf4dM+FJD2HRlMrbGU0kQ==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
20129
reporting-endpoints
x-fb-debug
Et3Sz3/lTSuu5XC7ATnFXpGfrdPdrqoINlpzpUPq2cPvtWD+7BnU5LDV/xs1gKkiX2EXPNUt3vsz5R94hG7a4w==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
expires
Sat, 23 Nov 2024 18:21:07 GMT
p55HfXW__mM.js
static.xx.fbcdn.net/rsrc.php/v3/yF/r/ Frame 0B36 		507 B
487 B 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yF/r/p55HfXW__mM.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FPortalAstroGempak%2F&width=340&height=214&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
9e57fedb96b3686621bccd5521f43a2037a823c74f062176952890b179b3955b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 29 Nov 2023 15:43:01 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
L5E9gSgR735vyjAzTFly4g==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
293
reporting-endpoints
x-fb-debug
bWbp8fFw5ss0iCB/Akml/DZU0LJuxjizBHP/heZeLGlcpDqtYQJXJmzcTVG52u6GpiUWWOXnk2Hxzlbz4RYMOg==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
origin-agent-cluster
?0
cache-control
public,max-age=31536000,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
expires
Thu, 14 Nov 2024 20:40:50 GMT
sGzZqRL36h3.js
static.xx.fbcdn.net/rsrc.php/v3iLNf4/yC/l/de_DE/ Frame 0B36 		28 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3iLNf4/yC/l/de_DE/sGzZqRL36h3.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FPortalAstroGempak%2F&width=340&height=214&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
37b893dfec13d26539039f00896a600a18ebdb784aaa1f1e76d7d63b212d141b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 29 Nov 2023 15:43:01 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
3SluPgNFl+i+g2JgY+wfSw==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
7893
reporting-endpoints
x-fb-debug
QSYM5O3jTLSLMvrH/c41C4/L5Sy+ySanQfUPSa4vpBMt69Tn4HM82HPxAv5t3nLjRRfIPt0iV22LkGUfXXS+Zw==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
expires
Sat, 23 Nov 2024 18:23:28 GMT
YA7WT2G7ZR2.js
static.xx.fbcdn.net/rsrc.php/v3izqU4/ya/l/de_DE/ Frame 0B36 		342 KB
81 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3izqU4/ya/l/de_DE/YA7WT2G7ZR2.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FPortalAstroGempak%2F&width=340&height=214&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
34418a5009e659880a3c224f48402005bffc18192e85078c210d2f4f3ef0d28c
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 29 Nov 2023 15:43:01 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
3RZFOyRn8b39yjyM0mVciw==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
82968
reporting-endpoints
x-fb-debug
ptymMTnmhJqO1dPMuF7NT+QB99KhFmZLK6dDvEDoGl38SoSX+M66YId1C8qc4RMq0y+fla4RNV8+gw2HqFhMIA==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
origin-agent-cluster
?0
cache-control
public,max-age=31536000,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
expires
Thu, 28 Nov 2024 03:14:28 GMT
skKduFMcNuW.js
static.xx.fbcdn.net/rsrc.php/v3iUWb4/yU/l/de_DE/ Frame 0B36 		397 KB
94 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3iUWb4/yU/l/de_DE/skKduFMcNuW.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FPortalAstroGempak%2F&width=340&height=214&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
fdcc8d709256b4d58647ad5d3e9521ea3aed9800f0f46887c1b5317cb947a664
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 29 Nov 2023 15:43:01 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
3B9/VlUvaFqppTlP2WbB1A==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
95664
reporting-endpoints
x-fb-debug
G78fRjBmpTF5bighA9Mxlq4r7KZPn53wO5yw4gFmC17kJWDqdC4O+un8+z6joyKq77/3fSs75YB+XpqKhSM/+A==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
expires
Sat, 23 Nov 2024 18:23:28 GMT
MLuTw97ZSck.js
static.xx.fbcdn.net/rsrc.php/v3iUY_4/yk/l/de_DE/ Frame 0B36 		41 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3iUY_4/yk/l/de_DE/MLuTw97ZSck.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FPortalAstroGempak%2F&width=340&height=214&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
c69cb3df5cd5efdfbc75c2812c6b7bbf922d6ee5a8f8a2064d4f25425f83aec1
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 29 Nov 2023 15:43:01 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
fTNMJeSXGS5OgHgmfq9Zgw==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
12447
reporting-endpoints
x-fb-debug
ucAC8sv55syKm8TD5elfpf6QEHLV4exHZgnGM5zi8wRCIaonkFNU4FCUSBaePGVat/V97H6WHcXv2HLLhA1DmQ==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
expires
Sat, 23 Nov 2024 18:23:28 GMT
mUA2p0QgzeA.js
static.xx.fbcdn.net/rsrc.php/v3/yh/r/ Frame 0B36 		211 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yh/r/mUA2p0QgzeA.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FPortalAstroGempak%2F&width=340&height=214&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
05e2289387e41a8d87e84984bd1d669baf85bf781c50b6da3499e188570ba15b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 29 Nov 2023 15:43:01 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
CR/3cMB3HbX6NtM3Q4krwg==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
61388
reporting-endpoints
x-fb-debug
oTuleEx08QmBO6mAlZS4c0JoWwURrfum/k1gFf+9toWzHOLfmiQHSQBGLhcrjDzKNDHafeT9RsG7iiA2bZgv7g==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
origin-agent-cluster
?0
cache-control
public,max-age=31536000,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
expires
Wed, 27 Nov 2024 19:19:34 GMT
EjdAug5mQIB.js
static.xx.fbcdn.net/rsrc.php/v3/yf/r/ Frame 0B36 		28 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yf/r/EjdAug5mQIB.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FPortalAstroGempak%2F&width=340&height=214&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
dce3a7d75903f3a00ff7b72c2b3f3e34c786c0867a1398caa5212977e721d1b0
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 29 Nov 2023 15:43:01 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
QpoZNtNrb1RRm+1fPhnrPA==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
7378
reporting-endpoints
x-fb-debug
AQaQIPk4YquCql71mxMhGUilGejIwOSPLDqZVBgEY9woEI4z0EjpKlCKNpTDX3AmQJgCpwIj79KsA0vYipvYMw==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
expires
Sat, 23 Nov 2024 18:20:46 GMT
ymPOj9IRSmU.js
static.xx.fbcdn.net/rsrc.php/v3/yt/r/ Frame 0B36 		31 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yt/r/ymPOj9IRSmU.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FPortalAstroGempak%2F&width=340&height=214&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
2c6202ad1e81feacd09034c590746c9bcf0c589452ae1fe072d0aaf75132004b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 29 Nov 2023 15:43:01 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
OuoOb6KYkl0wKsQO75g4dA==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
10271
reporting-endpoints
x-fb-debug
iiGNkqaJr2xPQOf2bTYTP8oh2HIv5COH3Hj2IpevJNF/w+rjgWgAczYFsZ7El21qrSnGinzPQFXSQgF+qRuR+Q==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
expires
Sat, 23 Nov 2024 18:20:40 GMT
HzxD9aAXSyD.js
static.xx.fbcdn.net/rsrc.php/v3/yV/r/ Frame 0B36 		55 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yV/r/HzxD9aAXSyD.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FPortalAstroGempak%2F&width=340&height=214&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
c7d5594f3a599ccd0b1a336bb68a24d59882f394bb0b9c9a29c5200cd2b48468
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 29 Nov 2023 15:43:01 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
oRcNmPqvdkv3ysBSBC5rSQ==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
15157
reporting-endpoints
x-fb-debug
FQ9TMjQFaKZGlHJwACPBblYl9Ye66IFgk0jLOQtLQc+ULgpvzHcx9cTW8fAniw3iFtFyOEU2Dt5TfFaZkA93ZQ==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
expires
Fri, 15 Nov 2024 21:26:16 GMT
405435912_751022633719998_725076823269078081_n.jpg
scontent.xx.fbcdn.net/v/t39.30808-6/ Frame 0B36 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://scontent.xx.fbcdn.net/v/t39.30808-6/405435912_751022633719998_725076823269078081_n.jpg?stp=dst-jpg_p130x130&_nc_cat=103&ccb=1-7&_nc_sid=081abc&_nc_ohc=XdvxFPYxxHUAX_PRydR&_nc_ht=scontent.xx&edm=ADwHzz8EAAAA&oh=00_AfCSUfVmPd71L9P9IaAz1u_Nyw-Rr1WO4SisgbNXAR4iYw&oe=656BE0F6
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FPortalAstroGempak%2F&width=340&height=214&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
4274bccef7a6366901f0d2b17a944224c9a926b8ebcd566c63a5b1f5e938b7e1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.facebook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 29 Nov 2023 15:43:01 GMT
x-storage-error-category
dfs:none;sc_p:200:WSE_NOT_SET
last-modified
Wed, 29 Nov 2023 15:24:28 GMT
content-type
image/jpeg
access-control-allow-origin
*
content-digest
adler32=163044562
thrift_fmhk
GBCR6J56gqfBE/TlXWrB87lNFfDr4Z0EAA==
cache-control
max-age=1209600, no-transform
x-fb-edge-debug
snm1qS7ynwnekL4klRP4xTAstm5VjRlTC1NUop4VA5uwQek3EKx_D8cFoNLHC7JOf7e3DJwQOq5Ym13SmFyaNKLfZjXMgcEFTb7sHvD3LXv8ndmOngR8j2d2NYgszzkh
cross-origin-resource-policy
cross-origin
x-needle-checksum
2129247309
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3=":443"; ma=86400
content-length
17130
399267024_735745755247686_1706631016963331356_n.jpg
scontent.xx.fbcdn.net/v/t39.30808-1/ Frame 0B36 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://scontent.xx.fbcdn.net/v/t39.30808-1/399267024_735745755247686_1706631016963331356_n.jpg?stp=cp0_dst-jpg_p50x50&_nc_cat=1&ccb=1-7&_nc_sid=4da83f&_nc_ohc=A0yoAx1Axu0AX_DJLZ7&_nc_ht=scontent.xx&edm=ADwHzz8EAAAA&oh=00_AfCxPNwThxNHL3j20eSlEil7ZNF00hRsK5geC0mxwWtnXA&oe=656BC6F4
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FPortalAstroGempak%2F&width=340&height=214&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
53efd5e6385bcc5e2602651064d8a5ae758024aaaaeac1f18dbdb824fa249df4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.facebook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 29 Nov 2023 15:43:01 GMT
x-storage-error-category
dfs:none;sc_p:200:WSE_NOT_SET
last-modified
Fri, 03 Nov 2023 07:54:42 GMT
content-type
image/jpeg
access-control-allow-origin
*
content-digest
adler32=2355570401
thrift_fmhk
GBCqhDzSgjO+4vpnWnHeeJsiFfDr4Z0EAA==
cache-control
max-age=1209600, no-transform
cross-origin-resource-policy
cross-origin
x-needle-checksum
2886037075
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3=":443"; ma=86400
content-length
1626
priority
u=3,i
impstats.php
prebid.andbeyond.media/ 		69 B
312 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.andbeyond.media/impstats.php?aff=549813&type=pv
Requested by
Host: voting.astro.com.my
URL: https://voting.astro.com.my/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.1.39.24 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-1-39-24.ap-southeast-1.compute.amazonaws.com
Software
Apache/2.4.56 (Amazon Linux) OpenSSL/3.0.8 /
Resource Hash
6f15ecb3768464c2791734b2d4950cebfc13789e4e796ad1216c31d93d585c0c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gempak.com//404
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Wed, 29 Nov 2023 15:43:01 GMT
Server
Apache/2.4.56 (Amazon Linux) OpenSSL/3.0.8
Connection
keep-alive
transfer-encoding
chunked
Content-Type
text/html; charset=UTF-8
debug
am-trc-events.taboola.com/astromediasolutions-gempak/log/2/ 		0
89 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://am-trc-events.taboola.com/astromediasolutions-gempak/log/2/debug?tim=16%3A43%3A00.988&type=warn&msg=TRC.TranslationsManager%20-%20missing%20feature%20in%20translationMap%3A%20userx.&llvl=2&id=7630&cv=20231129-9-RELEASE&lt=deflated&uuid=5062d8fe57c59335c71d045a83b96b004a8e48551665cfc58d12ea96452faaf5&dcc=1&pct=1
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gempak.com//404
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 29 Nov 2023 15:43:01 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
30696
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame F97C 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: voting.astro.com.my
URL: https://voting.astro.com.my/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://gempak.com//404
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
10053
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 29 Nov 2023 12:55:28 GMT
expires
Thu, 28 Nov 2024 12:55:28 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 82CE 		829 B
560 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: voting.astro.com.my
URL: https://voting.astro.com.my/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
0972f989586d3e33b045041775032c53df377380e64d58bd0f00917c4f26fab8
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-K2B8OcUgwP3QcnfNpPGfUQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://gempak.com//404
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-K2B8OcUgwP3QcnfNpPGfUQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Wed, 29 Nov 2023 15:43:01 GMT
expires
Wed, 29 Nov 2023 15:43:01 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
sid
mug.criteo.com/ Frame 16D0
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=publishertagids&domain=gempak.com&sn=ChromeSyncframe&so=0&topUrl=gempak.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0
  • https://mug.criteo.com/sid?cpp=EV08AXxVUmVEbkZnbDZUOXNaYlNhaFArcjZYUVlZTTUrQ0NBYXNRVjRXQUR2ODIyK0pDaVZEWGJVRGltam9UeTVtWmcrdXE3ME1CbkNYbkxTc1JKZ21ldm1HeFlHdzhwVDBWaUJONmRrV3NGWkx4M3EzRlZ6R0d2RjdFWl...
438 B
656 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=EV08AXxVUmVEbkZnbDZUOXNaYlNhaFArcjZYUVlZTTUrQ0NBYXNRVjRXQUR2ODIyK0pDaVZEWGJVRGltam9UeTVtWmcrdXE3ME1CbkNYbkxTc1JKZ21ldm1HeFlHdzhwVDBWaUJONmRrV3NGWkx4M3EzRlZ6R0d2RjdFWlFFQmNSNk5NOXZvUmxLWkRUVWl4V1MrRnU3Mi9SUlplTUZuU3JBNGFNM2FabEp3cUx2bTY5VTFtYU9tclpRQ2dVMG9JTHZsNUlEdDNJZmVqRmxySS9lOXdaZTZiTDJjWGxFdWkzRWVuTUtWZVNIQlV2QlpWbEV4bDdoOHV2V0hWL25nTWVFVHlvUGppM3JXdmIxMlBhQU8yOE0ya3ljdz09fA&cppv=2
Protocol
H2
Server
2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4a891a0d7276c66d24a0e50d1a4e5d70db8c8c3d50ceb6f119c533a78212f946
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gum.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 29 Nov 2023 15:43:00 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gum.criteo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
1250043
expires
0

Redirect headers

pragma
no-cache
date
Wed, 29 Nov 2023 15:43:00 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
location
https://mug.criteo.com/sid?cpp=EV08AXxVUmVEbkZnbDZUOXNaYlNhaFArcjZYUVlZTTUrQ0NBYXNRVjRXQUR2ODIyK0pDaVZEWGJVRGltam9UeTVtWmcrdXE3ME1CbkNYbkxTc1JKZ21ldm1HeFlHdzhwVDBWaUJONmRrV3NGWkx4M3EzRlZ6R0d2RjdFWlFFQmNSNk5NOXZvUmxLWkRUVWl4V1MrRnU3Mi9SUlplTUZuU3JBNGFNM2FabEp3cUx2bTY5VTFtYU9tclpRQ2dVMG9JTHZsNUlEdDNJZmVqRmxySS9lOXdaZTZiTDJjWGxFdWkzRWVuTUtWZVNIQlV2QlpWbEV4bDdoOHV2V0hWL25nTWVFVHlvUGppM3JXdmIxMlBhQU8yOE0ya3ljdz09fA&cppv=2
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
320512
content-length
0
expires
0
sodar
pagead2.googlesyndication.com/pagead/ Frame 82CE 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202311150101&jk=1617186540678678&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers
GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js
pagead2.googlesyndication.com/bg/ Frame F97C 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
18e6b664af7bc55ab0f963920f0da5a86e15f25fea4e223924d8f4b6723a37cf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 29 Nov 2023 12:42:36 GMT
content-encoding
br
x-content-type-options
nosniff
age
10825
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15296
x-xss-protection
0
last-modified
Mon, 06 Nov 2023 16:38:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 28 Nov 2024 12:42:36 GMT
/
pebed.dm-event.net/ Frame C850 		15 B
363 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pebed.dm-event.net/
Requested by
Host: geo.dailymotion.com
URL: https://geo.dailymotion.com/libs/player/xd17s.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
188.65.124.59 Paris, France, ASN41690 (DAILYMOTION For peering related business, please mail peering@dailymotion.com, FR),
Reverse DNS
ebed2.dm.gg
Software
edward-ed/2.2.1 /
Resource Hash
a29ee2b15c494311c52521766e44af56a3ad2248e7a8ab465e5206463c13d288

Request headers

Referer
https://gempak.com//404
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
content-type
text/plain; charset=UTF-8

Response headers

Date
Wed, 29 Nov 2023 15:43:01 GMT
Server
edward-ed/2.2.1
Access-Control-Max-Age
604800
Access-Control-Allow-Methods
POST
Content-Type
application/json
Access-Control-Allow-Origin
*
Access-Control-Allow-Headers
Content-Encoding, X-Dm-EventBus-Compression-Duration, X-Dm-EventBus-Worker-Duration
Content-Length
15
pes.pip.ddfa230c.js
static1.dmcdn.net/playerv5/ Frame C850 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static1.dmcdn.net/playerv5/pes.pip.ddfa230c.js
Requested by
Host: geo.dailymotion.com
URL: https://geo.dailymotion.com/libs/player/xd17s.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
178.79.242.181 Frankfurt am Main, Germany, ASN22822 (LLNW, US),
Reverse DNS
https-178-79-242-181.fra.llnw.net
Software
DMS/1.0.42 /
Resource Hash
28ee36cc9b548242f916cfcc81196ebf465c8885c0e0228b96fc4907788cb613

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gempak.com//404
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 29 Nov 2023 15:43:01 GMT
content-encoding
gzip
age
94319
server-timing
total;dur=2, dc;desc="dc3"
content-length
3772
last-modified
Tue, 28 Nov 2023 13:28:46 GMT
server
DMS/1.0.42
etag
"6565eb0e-2e7f"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=2592000
accept-ranges
bytes
timing-allow-origin
*
x-llid
3aa2b252a428e076c8157e7c266c8f3b
expires
Thu, 28 Dec 2023 13:31:02 GMT
/
pebed.dm-event.net/ Frame C850 		15 B
363 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pebed.dm-event.net/
Requested by
Host: geo.dailymotion.com
URL: https://geo.dailymotion.com/libs/player/xd17s.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
188.65.124.59 Paris, France, ASN41690 (DAILYMOTION For peering related business, please mail peering@dailymotion.com, FR),
Reverse DNS
ebed2.dm.gg
Software
edward-ed/2.2.1 /
Resource Hash
a29ee2b15c494311c52521766e44af56a3ad2248e7a8ab465e5206463c13d288

Request headers

Referer
https://gempak.com//404
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
content-type
text/plain; charset=UTF-8

Response headers

Date
Wed, 29 Nov 2023 15:43:01 GMT
Server
edward-ed/2.2.1
Access-Control-Max-Age
604800
Access-Control-Allow-Methods
POST
Content-Type
application/json
Access-Control-Allow-Origin
*
Access-Control-Allow-Headers
Content-Encoding, X-Dm-EventBus-Compression-Duration, X-Dm-EventBus-Worker-Duration
Content-Length
15
cookie.js
geo.dailymotion.com/ Frame C850 		38 B
977 B 		Script
General
Check archive.org
Download Go to
Full URL
https://geo.dailymotion.com/cookie.js
Requested by
Host: geo.dailymotion.com
URL: https://geo.dailymotion.com/libs/player/xd17s.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
188.65.124.90 Paris, France, ASN41690 (DAILYMOTION For peering related business, please mail peering@dailymotion.com, FR),
Reverse DNS
fp.dc3.dailymotion.com
Software
DMS/1.0.42 /
Resource Hash
407c0ea74212ba3a966ae1d7cf3c8ecf68e6071c8b6194fa830e4560ec13635b
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31708800; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gempak.com//404
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Security-Policy
upgrade-insecure-requests
Date
Wed, 29 Nov 2023 15:43:01 GMT
Referrer-Policy
strict-origin-when-cross-origin
Strict-Transport-Security
max-age=31708800; includeSubDomains; preload
Server
DMS/1.0.42
Expect-Ct
max-age=0, report-uri="https://www.dailymotion.com/content_security_policy_report_uri"
Content-Security-Policy-Report-Only
default-src https: blob: wss: data: android-webview-video-poster: android-webview: chrome-extension: safari-extension: 'unsafe-eval' 'unsafe-inline'; report-uri https://www.dailymotion.com/content_security_policy_report_uri
Vary
X-DM-SSL
Content-Type
application/javascript; charset=utf-8
Cache-Control
no-cache, no-store
Server-Timing
total;dur=10, dc;desc="dc3"
Timing-Allow-Origin
*
Content-Length
38
truncated
/ Frame C850 		212 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
6e3f4e85ed3bbab63a9a45fa92f3ad985dfea6478acc1890d8f42ebb4989bc54

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type
image/png
container.html
ed82c412a1d0517c38d808cdf80f705f.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 936E 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ed82c412a1d0517c38d808cdf80f705f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: voting.astro.com.my
URL: https://voting.astro.com.my/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://gempak.com//404
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 29 Nov 2023 15:43:00 GMT
expires
Thu, 28 Nov 2024 15:43:00 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
st
imprammp.taboola.com/ Frame 192B 		439 B
390 B 		Document
General
Check archive.org
Download Go to
Full URL
https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V8VUECLAa4rDSk9sQwThJwWWlI7YlhnCwAAABgYID-AElOZs7FcLdySwaDmVu0MbncEodt41ZZZrvBZOSwOFy-ISDJycy5GO5WbslgMHOLNiaXW-Kwbdwqy2w3mIwcFofLNwUfxnKZDGqBhGX2-w4KyunpMbsMoqLrbbE7nGbPG1yg6XT4XPd6nctteHjtGr_brxcNRnMAAAAA8OD___8fAgAAAEAEAAAAAAkAAAAAFAIq_FsQuAAAAACA4f___18DABQHg3V4Pi-zPwAAAACAAAAAACABgDCUUQLgRez_xP________9_jAH6zBsZ_____zcMegA8-AB4EAIAAPAxBHb1I2QP2T6PSEFvEUYAAAAAsuW0KY5M0gkqFlX-___7rQBcAQAIYNz4hbPOojso8RYGAABAQIyWvY0QNOG15ZgFelj8frPDrvG7Xeb_________38z_mX80Qk0zM2mCMPTC1fwCAgCs-QUEAGCjbgAA3gjACTkcaDodPte9XvY3Pe0-u8JzuvztGr_brnb-RYegFYPB6gTE7AAAAADc-f___8ejZW8jBE14bakHpGyrkWs1Wy5WC5ttObPNPBPXZLKw2Waj2XCxW2zPEOSn9Wp4AnufEGGZ_b6DgnJ6eswug6joelvsDqfZcxAfNAzLySCYnwlbjFaTyWY5nC0Xk8FwNByN9mcgFssBmojBcjmZLCa71Wg12gx3o9lggQRiMEEULRpMVqPRZDEZrkaT1Wy52O02iKJVq9loMxiuZpPZbrcaDobL0QhN2GK0mkw2y-FsuZgMhqPhaDREMOJw7XaT2cStshhnbtFktlwLFzaPW-KZmBYeh3Ezcw3WotfH9LENVo7haIsEA1L2InlapBPVcrOazVwTz2q2G45My9HENNxNTLPFcuFwrDaLiViiOVmkE9ll37KtRq7VbLlYLWy25cw280xck8nCZpuNZsPFbrGvOFy73WQ2cassxplbNJkt18KFzeOWeCamhcdh3Mxcg7Xo9TF9bIOVYzjaN3aDxWQ3WQ0H-8ZusJjsJqvhYN-hcgmD3YvRe9KYPTrV5y95JmxOg8JlsHh_EtNi2p0dRCff0amTqpRFndHv9_v9fr_f7_f7DVrPwWxQ-K61iLT5eBZ313D4cTAoYongIp0oPKfL3-0yOR2ev9l1evrtnrfO5TY8vBaxRGm6SCd6vWgwmoglgtNFOhG9jKeL-o8cZLGbKxajuWQxnEsGqwQAAAAAAAAAYAmmmW4CAAAA4GRQo8Votlqng1kMVqvNarkALACAdQGDAAAAAAAA7IL-S8OmYAPCKNbYYxrhOV3-bpfJ6fD8za7T02_3vHUut-HhtTIACwBfZpt9RhBrtVrWAAAABLABAAAEcNONNwFkUdz_____OAAAADJy6AEAANDvA8oCAAAAAAD4B6BCrNVqdbuxVqsVsGCGo8lwAv____8B!&cmcv=&pix=undefined&cb=1701272581264&uv=3362&tms=1701272581264&abt=adxLoadDist7-out_vC!adxsub-out_vA!adxsub-out_vB!ufm_vD&ru=https://voting.astro.com.my/&ft=0&su=3&unm=FEED_MANAGER&aure=false&agl=1&cirid=92f9187e-200f-4cde-ba6c-e26702dabae7&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Requested by
Host: voting.astro.com.my
URL: https://voting.astro.com.my/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
a277606779ea42ad5beb00131f348541bed0a70faa4c1e1d09b6b5819cb5dcc4

Request headers

Referer
https://gempak.com//404
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
content-encoding
gzip
content-type
text/html;charset=ISO-8859-1
date
Wed, 29 Nov 2023 15:43:01 GMT
server
nginx
vary
Accept-Encoding
via
1.1 varnish
x-cache
MISS
x-cache-hits
0
x-served-by
cache-cph2320056-CPH
x-timer
S1701272581.289683,VS0,VE16
sync
am-match.taboola.com/ Frame 963D 		439 B
524 B 		Document
General
Check archive.org
Download Go to
Full URL
https://am-match.taboola.com/sync?dast=V8VUECLAa4rDSk9sQwThJwWWlI7YlhnCwAAABgYID-AElOZs7FcLdySwaDmVu0MbncEodt41ZZZrvBZOSwOFy-ISDJycy5GO5WbslgMHOLNiaXW-Kwbdwqy2w3mIwcFofLNwUfxnKZDGqBhGX2-w4KyunpMbsMoqLrbbE7nGbPG1yg6XT4XPd6nctteHjtGr_brxcNRnMAAAAA8OD___8fAgAAAEAEAAAAAAkAAAAAFAIq_FsQuAAAAACA4f___18DABQHg3V4Pi-zPwAAAACAAAAAACABgDCUUQLgRez_xP________9_jAH6zBsZ_____zcMegA8-AB4EAIAAPAxBHb1I2QP2T6PSEFvEUYAAAAAsuW0KY5M0gkqFlX-___7rQBcAQAIYNz4hbPOojso8RYGAABAQIyWvY0QNOG15ZgFelj8frPDrvG7Xeb_________38z_mX80Qk0zM2mCMPTC1fwCAgCs-QUEAGCjbgAA3gjACTkcaDodPte9XvY3Pe0-u8JzuvztGr_brnb-RYegFYPB6gTE7AAAAADc-f___8ejZW8jBE14bakHpGyrkWs1Wy5WC5ttObPNPBPXZLKw2Waj2XCxW2zPEOSn9Wp4AnufEGGZ_b6DgnJ6eswug6joelvsDqfZcxAfNAzLySCYnwlbjFaTyWY5nC0Xk8FwNByN9mcgFssBmojBcjmZLCa71Wg12gx3o9lggQRiMEEULRpMVqPRZDEZrkaT1Wy52O02iKJVq9loMxiuZpPZbrcaDobL0QhN2GK0mkw2y-FsuZgMhqPhaDREMOJw7XaT2cStshhnbtFktlwLFzaPW-KZmBYeh3Ezcw3WotfH9LENVo7haIsEA1L2InlapBPVcrOazVwTz2q2G45My9HENNxNTLPFcuFwrDaLiViiOVmkE9ll37KtRq7VbLlYLWy25cw280xck8nCZpuNZsPFbrGvOFy73WQ2cassxplbNJkt18KFzeOWeCamhcdh3Mxcg7Xo9TF9bIOVYzjaN3aDxWQ3WQ0H-8ZusJjsJqvhYN-hcgmD3YvRe9KYPTrV5y95JmxOg8JlsHh_EtNi2p0dRCff0amTqpRFndHv9_v9fr_f7_f7DVrPwWxQ-K61iLT5eBZ313D4cTAoYongIp0oPKfL3-0yOR2ev9l1evrtnrfO5TY8vBaxRGm6SCd6vWgwmoglgtNFOhG9jKeL-o8cZLGbKxajuWQxnEsGqwQAAAAAAAAAYAmmmW4CAAAA4GRQo8Votlqng1kMVqvNarkALACAdQGDAAAAAAAA7IL-S8OmYAPCKNbYYxrhOV3-bpfJ6fD8za7T02_3vHUut-HhtTIACwBfZpt9RhBrtVrWAAAABLABAAAEcNONNwFkUdz_____OAAAADJy6AEAANDvA8oCAAAAAAD4B6BCrNVqdbuxVqsVsGCGo8lwAv____8B!&excid=22&docw=0&cijs=1&nlb=false
Requested by
Host: voting.astro.com.my
URL: https://voting.astro.com.my/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
a277606779ea42ad5beb00131f348541bed0a70faa4c1e1d09b6b5819cb5dcc4

Request headers

Referer
https://gempak.com//404
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-type
text/html;charset=ISO-8859-1
date
Wed, 29 Nov 2023 15:43:01 GMT
machineid
3406
server
nginx
VideoBidRequestHandlerServlet
wf.taboola.com/ 		2 KB
853 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://wf.taboola.com/VideoBidRequestHandlerServlet?oid=15&width=700&height=393&pubid=169497&tagid=953497&crid=-1&noaop=3&sortOrderType=0&cb=1701272581275&mimes=5,10,11,12&isvideo=0&plmd=2&mindur=1&maxdur=210&minbr=1&maxbr=10000&st=0&seq=1&pv=1578&pt=997259025&tz=60&viewable=true&ddast=V8VUECLAa4rDSk9sQwThJwWWlI7YlhnCwAAABgYID-AElOZs7FcLdySwaDmVu0MbncEodt41ZZZrvBZOSwOFy-ISDJycy5GO5WbslgMHOLNiaXW-Kwbdwqy2w3mIwcFofLNwUfxnKZDGqBhGX2-w4KyunpMbsMoqLrbbE7nGbPG1yg6XT4XPd6nctteHjtGr_brxcNRnMAAAAA8OD___8fAgAAAEAEAAAAAAkAAAAAFAIq_FsQuAAAAACA4f___18DABQHg3V4Pi-zPwAAAACAAAAAACABgDCUUQLgRez_xP________9_jAH6zBsZ_____zcMegA8-AB4EAIAAPAxBHb1I2QP2T6PSEFvEUYAAAAAsuW0KY5M0gkqFlX-___7rQBcAQAIYNz4hbPOojso8RYGAABAQIyWvY0QNOG15ZgFelj8frPDrvG7Xeb_________38z_mX80Qk0zM2mCMPTC1fwCAgCs-QUEAGCjbgAA3gjACTkcaDodPte9XvY3Pe0-u8JzuvztGr_brnb-RYegFYPB6gTE7AAAAADc-f___8ejZW8jBE14bakHpGyrkWs1Wy5WC5ttObPNPBPXZLKw2Waj2XCxW2zPEOSn9Wp4AnufEGGZ_b6DgnJ6eswug6joelvsDqfZcxAfNAzLySCYnwlbjFaTyWY5nC0Xk8FwNByN9mcgFssBmojBcjmZLCa71Wg12gx3o9lggQRiMEEULRpMVqPRZDEZrkaT1Wy52O02iKJVq9loMxiuZpPZbrcaDobL0QhN2GK0mkw2y-FsuZgMhqPhaDREMOJw7XaT2cStshhnbtFktlwLFzaPW-KZmBYeh3Ezcw3WotfH9LENVo7haIsEA1L2InlapBPVcrOazVwTz2q2G45My9HENNxNTLPFcuFwrDaLiViiOVmkE9ll37KtRq7VbLlYLWy25cw280xck8nCZpuNZsPFbrGvOFy73WQ2cassxplbNJkt18KFzeOWeCamhcdh3Mxcg7Xo9TF9bIOVYzjaN3aDxWQ3WQ0H-8ZusJjsJqvhYN-hcgmD3YvRe9KYPTrV5y95JmxOg8JlsHh_EtNi2p0dRCff0amTqpRFndHv9_v9fr_f7_f7DVrPwWxQ-K61iLT5eBZ313D4cTAoYongIp0oPKfL3-0yOR2ev9l1evrtnrfO5TY8vBaxRGm6SCd6vWgwmoglgtNFOhG9jKeL-o8cZLGbKxajuWQxnEsGqwQAAAAAAAAAYAmmmW4CAAAA4GRQo8Votlqng1kMVqvNarkALACAdQGDAAAAAAAA7IL-S8OmYAPCKNbYYxrhOV3-bpfJ6fD8za7T02_3vHUut-HhtTIACwBfZpt9RhBrtVrWAAAABLABAAAEcNONNwFkUdz_____OAAAADJy6AEAANDvA8oCAAAAAAD4B6BCrNVqdbuxVqsVsGCGo8lwAv____8B!&proto=2,3,5,6&encoded=1&pstn=1&callback=&wfv=1&amp=0&qsz=6&ft=0&pb=0&pagg=1&sd=undefined&ctsldr=0&dtagid=3105535&dpubid=541465&abtst=adxLoadDist7-out_vC!adxsub-out_vA!adxsub-out_vB!ufm_vD&mPre=0.033&cirf=https%3A%2F%2Fgempak.com&en=1&subu=3
Requested by
Host: voting.astro.com.my
URL: https://voting.astro.com.my/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
91b9f10b554122072dd8f441b2b965285c2a2e9f687aed2bf6ca83eff50cd375

Request headers

Referer
https://gempak.com//404
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-type
text/plain

Response headers

x-cache-hits
0
date
Wed, 29 Nov 2023 15:43:01 GMT
content-encoding
gzip
via
1.1 varnish
machineid
1407
x-cache
MISS
x-served-by
cache-cph2320056-CPH
pragma
no-cache
server
nginx
x-timer
S1701272581.298967,VS0,VE94
vary
Accept-Encoding
content-type
application/json;charset=utf-8
access-control-allow-origin
https://gempak.com
cache-control
no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
access-control-allow-credentials
true
accept-ranges
bytes
expires
Sat, 26 Jul 1997 05:00:00 GMT
https%3A%2F%2Fcdn.taboola.com%2Flibtrc%2Fstatic%2Fvideo%2Fv1698032951%2Fckjsuigb6gmtqyagrovl.mp4
videos.taboola.com/taboola/video/fetch/q_auto:low/ 		69 KB
70 KB 		Media
General
Check archive.org
Download Go to
Full URL
https://videos.taboola.com/taboola/video/fetch/q_auto:low/https%3A%2F%2Fcdn.taboola.com%2Flibtrc%2Fstatic%2Fvideo%2Fv1698032951%2Fckjsuigb6gmtqyagrovl.mp4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Cloudinary /
Resource Hash
1735dc7d9457fadc0a3ca783a76a0c19f073c4e2ee94f68bfaa3c7433d7e7c96
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

Referer
https://gempak.com//404
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Range
bytes=0-

Response headers

strict-transport-security
max-age=604800
via
1.1 varnish, 1.1 varnish
x-content-type-options
nosniff
date
Wed, 29 Nov 2023 15:43:01 GMT
age
96336
x-cache
HIT, HIT
Content-Range
bytes 0-70457/70458
server-timing
cld-akam;mitm=f;dur=1485;cpu=1455;start=2023-10-23T17:20:13.863Z;desc=miss,rtt;dur=0,content-info;desc="width=800,height=450,abps=13726,fps=30.0,du=5.133,vc=\"h264\",bytes=70458,owidth=800,oheight=450,oabps=19966,ofps=30.0,odu=5.133,ovc=\"h264\",obytes=102493,oformat=\"mp4\"",cloudinary;dur=20;start=2023-10-23T17:20:15.318Z
Content-Length
70458
x-backend-name
fastlyshield--shield_cache_iad_kjyo7100120_IAD
x-served-by
cache-iad-kjyo7100120-IAD, cache-cph2320056-CPH
last-modified
Mon, 23 Oct 2023 17:20:16 GMT
server
Cloudinary
x-timer
S1701272581.323505,VS0,VE1
etag
"85f17315d94e15a292d075777955c02d"
vary
/video/fetch/q_auto:low/https%3A%2F%2Fcdn.taboola.com%2Flibtrc%2Fstatic%2Fvideo%2Fv1698032951%2Fckjsuigb6gmtqyagrovl.mp4
content-type
video/mp4;codecs=avc1
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Disposition,Content-Range,Etag,Server-Timing,Vary,X-Cld-Error,X-Content-Type-Options
cache-control
public, max-age=2592000
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
165958, 0
vodus-astro.js
api.vodus.com/cc/scripts/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://api.vodus.com/cc/scripts/vodus-astro.js?v=1701272581311
Requested by
Host: voting.astro.com.my
URL: https://voting.astro.com.my/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.212.64.10 Singapore, Singapore, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
d5591cf564a1e2cddacd30fe4a0ece9902037e8014d33a7782cf88a7a262a247

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gempak.com//404
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date
Wed, 29 Nov 2023 15:43:01 GMT
Content-Encoding
gzip
Last-Modified
Fri, 08 Sep 2023 15:23:21 GMT
Server
Microsoft-IIS/10.0
ETag
"1d9e268669a325a"
X-Powered-By
ASP.NET
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/javascript
Accept-Ranges
bytes
pixel
googleads.g.doubleclick.net/xbbe/ Frame 2F1B 		624 B
307 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CKvU5fQCEMaIsIIEGK3o7vgBMAE&v=APEucNX_V6J0CsrA0CbE1gNiVLhrInJmTUu6zEhcrzL6B2ZwkgPDGokmQ7h34is8ktlcDbsq9FPeu0l-92H3z_POcB5u3OiXUxtWV4hFIJI6IAT39sjNho6GEVQ8b4dY7IgAa0u2Jd_MWOMHhxkN6njShGsz-MtwFAiHyb9eemz8yi-l48pEodw
Requested by
Host: ed82c412a1d0517c38d808cdf80f705f.safeframe.googlesyndication.com
URL: https://ed82c412a1d0517c38d808cdf80f705f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ed82c412a1d0517c38d808cdf80f705f.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
222
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 29 Nov 2023 15:43:01 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
abg_lite_fy2021.js
pagead2.googlesyndication.com/pagead/js/r20231109/r20110914/ Frame 936E 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20231109/r20110914/abg_lite_fy2021.js
Requested by
Host: voting.astro.com.my
URL: https://voting.astro.com.my/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8f665ba5c27890ebed553836dee5572ad583c0a65374373741ec0a5309df2b5a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ed82c412a1d0517c38d808cdf80f705f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 29 Nov 2023 07:40:28 GMT
content-encoding
br
x-content-type-options
nosniff
age
28953
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9282
x-xss-protection
0
server
cafe
etag
14645652906762492339
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 13 Dec 2023 07:40:28 GMT
omrhp_fy2021.js
pagead2.googlesyndication.com/pagead/js/r20231109/r20110914/elements/html/ Frame 936E 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20231109/r20110914/elements/html/omrhp_fy2021.js
Requested by
Host: voting.astro.com.my
URL: https://voting.astro.com.my/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c4b813f7aa04eca20be469b259cca2779799f58e280d73488bd7386940d2d146
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ed82c412a1d0517c38d808cdf80f705f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 29 Nov 2023 07:40:28 GMT
content-encoding
br
x-content-type-options
nosniff
age
28953
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3071
x-xss-protection
0
server
cafe
etag
10674441169935035545
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 13 Dec 2023 07:40:28 GMT
view
ad.doubleclick.net/pcs/ Frame 936E 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ad.doubleclick.net/pcs/view?xai=AKAOjst7hp1VhcYrqjWWxA83CRX89gyxHxD0L4xlEubZ6-xdl2eRg2Cnb3sz4x0WEdz9-eXUSoyBqrKv-gox2tlJhni-1hGYWOFHuTZG_j6DdZRGGlrFPgkhwhb9wWjnkbFO9TCxvviLDw3IvEEPYxyj7IIkANlZVOCWWKA69DrAMMgwAizbsKzVZHJhTnK_PVcKZnxqMdCo1MQ9MYkrgMiZK48U5Gh1BI8C0k0p8x0vSyIiIJwVKumiMsHzY8_bY4FzZWiblx-PpWfT_QeCqFMutB0jIs-PZJCkDYjzH4927xxpuVeoBW4wGgl5H1iTSUtbJEtGuMg_cPyjTaqD8CyOOlcbPbRAJ7SdJVx8hfWcBYbx3kaSBJzKnTQ8zpM6teL6Q9HPwHyl-Wb8idcszyaHw6dM-2YAUs57Sj3rDucY24QptUDYSFgmZFGhae1k1mxcI2xaf66kHTIccqXBpj3Kp3WFqwx-oU6R2esUINRnalfeJ2W6aBbPLWEI9FQl7PWjLwVPwOrFP21KQmVR1Jth4SFsCtg9ebOTYpsq8hMRSPK6zJYTc-J_M7MXJfgvN_hfSRjsaUAvLVSExO4Zw8dIlwAPmHHQCsIBkWeV63Q1uaVkMxWhn5uRiLp8MI2D5k2rSL1JzvPZ4Ftkj51gEaZJy3J24WCed120kNvjGuFzy8Via80X42ZOnW61dITq2sQr8TAAlKtQJO2Su-7Cp5OsGMB3LbH5tjKMQ4q9JLa2e8IeyJtwfkPhJkmvhc1r7o37O_l3PYa8g1VqDSjbpRkcixmhU1eP4usNEwsctf969-KKFGmf5fl54I7zu56LB0j6Lx64ONVhqCtHY_7lBNT2yucTYeYwgczyUlORBBskflKi-Ce-iDmco9CG35OPMnKsfPk4snXDo5HFb2Pl_lPioqJ3syBSPIJmZBxuNIPcKUZQ-tVDpK5AI0TBl7gXpUP4oHaNRUMYooNQxEzczVfDN7Lyx7JQp0XhjFrjM__oxrOXR_flfzPQN2R5Y9qrnHF5AF29MHDG3kaPY99w4NJBnYBMJL61fwjJD8WGlsCHriN3krty1MrkRihwONlm8zZZaEVyjHHEEHgKk1DghC3Eg5JeN9PaYxO4Qxi93aEFEDS8NSNFPOie_zTvsk_jE1r21U8nRw1FlRFByufRzH4JRHGN0aykFlVA1mitQ34Czq3KSz18B-5hWditvaJO2PGcyB0OPGjlZt4bRVMTdXFUV81zcoEGPWmNCCxirVk6uFVlC5tNGX9d_FPP43ec0FeOz2K6b6vSZz-6xS_1ys6MwDwznh8JR2wESOv71qAdxaJRRdduSIeWa0IYtADwvyfN1eKqj7hFYLrIDkBgMNQVr7Ky6R-zoWopPG5S5p1hq7PvYfIbCLN0AFW6mXSpFFXArg9vsxW61ecd3pPuiB8c9hDZHHVjwWlRZ5tqVfo8aAe5AME&sai=AMfl-YR21djLJMS16SokDb2zc5W2O41FZONVCiJRFK1K3inqZNPDGC2hSNbqJe65D5Izh2vHdO-qLRzRLMEKDlAfXm_j4-Hqb8lP0SzriahJFg8IXYgQVLxb82fKhdd7V8Y4Yw-Wwoh_EkaXL1QRNcOBxqiiqG32pTV-Zkn-uH0RkrudJuBgA9niBgwzPywJG6qKOzR8qG6GyPHpZWQZdwGBERZrhbkhrsngs2wRKKUGJg6LayF1kIIDf1BGZnPmD54_mAWaCFKV0cv07x7uZpwIJ3vxC6HzORo8uRc-JTU-Z71KouMr1O2KuPJp7GwMFfA5QCNk73F0DXCi7p5VyETd5I4v2JpRJLRSmdhj2O-7z_Ok7ld4-uKFkZElfTZdBtxrCwsv89BtS-sgpa0e_T0HZebK_tJ7X2eEPrJdVKAh&sig=Cg0ArKJSzOlkcENDhRYwEAE&uach_m=%5BUACH%5D&pr=missingexchangepricemacro&crd=aHR0cHM6Ly9xb250by5jb20&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cstd=0&cisv=r20231109.35358&arae=0&ftch=1&adurl=
Requested by
Host: voting.astro.com.my
URL: https://voting.astro.com.my/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.134 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f6.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ed82c412a1d0517c38d808cdf80f705f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Wed, 29 Nov 2023 15:43:01 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
content-type
image/gif
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
Q12zgMmT.js
tpc.googlesyndication.com/sodar/ Frame 936E 		41 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Requested by
Host: voting.astro.com.my
URL: https://voting.astro.com.my/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ed82c412a1d0517c38d808cdf80f705f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 18:05:08 GMT
content-encoding
br
x-content-type-options
nosniff
age
423473
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13937
x-xss-protection
0
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 23 Nov 2024 18:05:08 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame 936E 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/window_focus_fy2021.js
Requested by
Host: ed82c412a1d0517c38d808cdf80f705f.safeframe.googlesyndication.com
URL: https://ed82c412a1d0517c38d808cdf80f705f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ed82c412a1d0517c38d808cdf80f705f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 29 Nov 2023 12:41:19 GMT
content-encoding
br
x-content-type-options
nosniff
age
10902
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 13 Dec 2023 12:41:19 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 5AF5 		1 KB
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: ed82c412a1d0517c38d808cdf80f705f.safeframe.googlesyndication.com
URL: https://ed82c412a1d0517c38d808cdf80f705f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ed82c412a1d0517c38d808cdf80f705f.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
84291
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 28 Nov 2023 16:18:10 GMT
etag
48472445140208031
expires
Wed, 29 Nov 2023 16:18:10 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame 936E 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: ed82c412a1d0517c38d808cdf80f705f.safeframe.googlesyndication.com
URL: https://ed82c412a1d0517c38d808cdf80f705f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3c30eaaa059a466037880c18c01c2fe94183d8e67eaab42061d4d2a180114658
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ed82c412a1d0517c38d808cdf80f705f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 23:16:58 GMT
content-encoding
br
x-content-type-options
nosniff
age
59163
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8541
x-xss-protection
0
server
cafe
etag
737174102934380276
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 12 Dec 2023 23:16:58 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 936E 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-CqJJ3mJAsGuZF4mwnQSYYhLJkF6c7f54biep6lJXLuXPZAYXJdVU4nkGvRuNmOJF0DV-Fd8R18ufk-L0WtXuFBBK3ig87wNL996n2uBzoipZwx8A4
Requested by
Host: ed82c412a1d0517c38d808cdf80f705f.safeframe.googlesyndication.com
URL: https://ed82c412a1d0517c38d808cdf80f705f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ed82c412a1d0517c38d808cdf80f705f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 29 Nov 2023 15:43:01 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame 936E 		202 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: ed82c412a1d0517c38d808cdf80f705f.safeframe.googlesyndication.com
URL: https://ed82c412a1d0517c38d808cdf80f705f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d00881661ce5e766ce98430f69d6d217ab80bdfa98811e039afc92a327d57a68
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ed82c412a1d0517c38d808cdf80f705f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 29 Nov 2023 15:43:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
65070
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1700193896630564"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 29 Nov 2023 15:43:01 GMT
6419562279464366881
s0.2mdn.net/simgad/ Frame 936E 		39 KB
39 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/simgad/6419562279464366881?sqp=uqWu0g0HCFoQygdAZA&rs=AOga4qkFuuxwYnhlgeejrlas_0V4mHxKfw
Requested by
Host: ed82c412a1d0517c38d808cdf80f705f.safeframe.googlesyndication.com
URL: https://ed82c412a1d0517c38d808cdf80f705f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
02600a23c6f383880f5706af53e035423140c8b23c83025ccc780d53e29c4019
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ed82c412a1d0517c38d808cdf80f705f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sun, 26 Nov 2023 19:26:38 GMT
x-content-type-options
nosniff
age
245783
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
39886
x-xss-protection
0
last-modified
Wed, 27 Sep 2023 15:16:54 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 25 Nov 2024 19:26:38 GMT
xd17s.html
geo.dailymotion.com/player/ Frame 668F 		65 KB
22 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://geo.dailymotion.com/player/xd17s.html?video=x8q120x
Requested by
Host: geo.dailymotion.com
URL: https://geo.dailymotion.com/libs/player/xd17s.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
188.65.124.90 Paris, France, ASN41690 (DAILYMOTION For peering related business, please mail peering@dailymotion.com, FR),
Reverse DNS
fp.dc3.dailymotion.com
Software
DMS/1.0.42 /
Resource Hash
b204f32a3eb745dc41c39a6e0fdba21bc6ae4d1b709dfc743eede6c89a91a888
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31708800; includeSubDomains; preload

Request headers

Referer
https://gempak.com//404
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
no-cache, no-store
Content-Encoding
gzip
Content-Length
21511
Content-Security-Policy
upgrade-insecure-requests
Content-Security-Policy-Report-Only
default-src https: blob: wss: data: android-webview-video-poster: android-webview: chrome-extension: safari-extension: 'unsafe-eval' 'unsafe-inline'; report-uri https://www.dailymotion.com/content_security_policy_report_uri
Content-Type
text/html; charset=utf-8
Date
Wed, 29 Nov 2023 15:43:01 GMT
Expect-Ct
max-age=0, report-uri="https://www.dailymotion.com/content_security_policy_report_uri"
Referrer-Policy
strict-origin-when-cross-origin
Server
DMS/1.0.42
Server-Timing
total;dur=21, dc;desc="dc3"
Strict-Transport-Security
max-age=31708800; includeSubDomains; preload
Timing-Allow-Origin
*
Vary
X-DM-SSL,Accept-Encoding
generic
match.adsrvr.org/track/cmf/ Frame 192B 		70 B
148 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?gdpr=1&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1
Requested by
Host: imprammp.taboola.com
URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V8VUECLAa4rDSk9sQwThJwWWlI7YlhnCwAAABgYID-AElOZs7FcLdySwaDmVu0MbncEodt41ZZZrvBZOSwOFy-ISDJycy5GO5WbslgMHOLNiaXW-Kwbdwqy2w3mIwcFofLNwUfxnKZDGqBhGX2-w4KyunpMbsMoqLrbbE7nGbPG1yg6XT4XPd6nctteHjtGr_brxcNRnMAAAAA8OD___8fAgAAAEAEAAAAAAkAAAAAFAIq_FsQuAAAAACA4f___18DABQHg3V4Pi-zPwAAAACAAAAAACABgDCUUQLgRez_xP________9_jAH6zBsZ_____zcMegA8-AB4EAIAAPAxBHb1I2QP2T6PSEFvEUYAAAAAsuW0KY5M0gkqFlX-___7rQBcAQAIYNz4hbPOojso8RYGAABAQIyWvY0QNOG15ZgFelj8frPDrvG7Xeb_________38z_mX80Qk0zM2mCMPTC1fwCAgCs-QUEAGCjbgAA3gjACTkcaDodPte9XvY3Pe0-u8JzuvztGr_brnb-RYegFYPB6gTE7AAAAADc-f___8ejZW8jBE14bakHpGyrkWs1Wy5WC5ttObPNPBPXZLKw2Waj2XCxW2zPEOSn9Wp4AnufEGGZ_b6DgnJ6eswug6joelvsDqfZcxAfNAzLySCYnwlbjFaTyWY5nC0Xk8FwNByN9mcgFssBmojBcjmZLCa71Wg12gx3o9lggQRiMEEULRpMVqPRZDEZrkaT1Wy52O02iKJVq9loMxiuZpPZbrcaDobL0QhN2GK0mkw2y-FsuZgMhqPhaDREMOJw7XaT2cStshhnbtFktlwLFzaPW-KZmBYeh3Ezcw3WotfH9LENVo7haIsEA1L2InlapBPVcrOazVwTz2q2G45My9HENNxNTLPFcuFwrDaLiViiOVmkE9ll37KtRq7VbLlYLWy25cw280xck8nCZpuNZsPFbrGvOFy73WQ2cassxplbNJkt18KFzeOWeCamhcdh3Mxcg7Xo9TF9bIOVYzjaN3aDxWQ3WQ0H-8ZusJjsJqvhYN-hcgmD3YvRe9KYPTrV5y95JmxOg8JlsHh_EtNi2p0dRCff0amTqpRFndHv9_v9fr_f7_f7DVrPwWxQ-K61iLT5eBZ313D4cTAoYongIp0oPKfL3-0yOR2ev9l1evrtnrfO5TY8vBaxRGm6SCd6vWgwmoglgtNFOhG9jKeL-o8cZLGbKxajuWQxnEsGqwQAAAAAAAAAYAmmmW4CAAAA4GRQo8Votlqng1kMVqvNarkALACAdQGDAAAAAAAA7IL-S8OmYAPCKNbYYxrhOV3-bpfJ6fD8za7T02_3vHUut-HhtTIACwBfZpt9RhBrtVrWAAAABLABAAAEcNONNwFkUdz_____OAAAADJy6AEAANDvA8oCAAAAAAD4B6BCrNVqdbuxVqsVsGCGo8lwAv____8B!&cmcv=&pix=undefined&cb=1701272581264&uv=3362&tms=1701272581264&abt=adxLoadDist7-out_vC!adxsub-out_vA!adxsub-out_vB!ufm_vD&ru=https://voting.astro.com.my/&ft=0&su=3&unm=FEED_MANAGER&aure=false&agl=1&cirid=92f9187e-200f-4cde-ba6c-e26702dabae7&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imprammp.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 29 Nov 2023 15:43:01 GMT
server
Kestrel
content-length
70
content-type
image/gif
ba57726b-eb8f-4269-8afc-b3b4aca83f50-tuctc60e184
pr-bh.ybp.yahoo.com/sync/taboola/ Frame 192B 		43 B
426 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/taboola/ba57726b-eb8f-4269-8afc-b3b4aca83f50-tuctc60e184?gdpr=1&us_privacy=1---
Requested by
Host: imprammp.taboola.com
URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V8VUECLAa4rDSk9sQwThJwWWlI7YlhnCwAAABgYID-AElOZs7FcLdySwaDmVu0MbncEodt41ZZZrvBZOSwOFy-ISDJycy5GO5WbslgMHOLNiaXW-Kwbdwqy2w3mIwcFofLNwUfxnKZDGqBhGX2-w4KyunpMbsMoqLrbbE7nGbPG1yg6XT4XPd6nctteHjtGr_brxcNRnMAAAAA8OD___8fAgAAAEAEAAAAAAkAAAAAFAIq_FsQuAAAAACA4f___18DABQHg3V4Pi-zPwAAAACAAAAAACABgDCUUQLgRez_xP________9_jAH6zBsZ_____zcMegA8-AB4EAIAAPAxBHb1I2QP2T6PSEFvEUYAAAAAsuW0KY5M0gkqFlX-___7rQBcAQAIYNz4hbPOojso8RYGAABAQIyWvY0QNOG15ZgFelj8frPDrvG7Xeb_________38z_mX80Qk0zM2mCMPTC1fwCAgCs-QUEAGCjbgAA3gjACTkcaDodPte9XvY3Pe0-u8JzuvztGr_brnb-RYegFYPB6gTE7AAAAADc-f___8ejZW8jBE14bakHpGyrkWs1Wy5WC5ttObPNPBPXZLKw2Waj2XCxW2zPEOSn9Wp4AnufEGGZ_b6DgnJ6eswug6joelvsDqfZcxAfNAzLySCYnwlbjFaTyWY5nC0Xk8FwNByN9mcgFssBmojBcjmZLCa71Wg12gx3o9lggQRiMEEULRpMVqPRZDEZrkaT1Wy52O02iKJVq9loMxiuZpPZbrcaDobL0QhN2GK0mkw2y-FsuZgMhqPhaDREMOJw7XaT2cStshhnbtFktlwLFzaPW-KZmBYeh3Ezcw3WotfH9LENVo7haIsEA1L2InlapBPVcrOazVwTz2q2G45My9HENNxNTLPFcuFwrDaLiViiOVmkE9ll37KtRq7VbLlYLWy25cw280xck8nCZpuNZsPFbrGvOFy73WQ2cassxplbNJkt18KFzeOWeCamhcdh3Mxcg7Xo9TF9bIOVYzjaN3aDxWQ3WQ0H-8ZusJjsJqvhYN-hcgmD3YvRe9KYPTrV5y95JmxOg8JlsHh_EtNi2p0dRCff0amTqpRFndHv9_v9fr_f7_f7DVrPwWxQ-K61iLT5eBZ313D4cTAoYongIp0oPKfL3-0yOR2ev9l1evrtnrfO5TY8vBaxRGm6SCd6vWgwmoglgtNFOhG9jKeL-o8cZLGbKxajuWQxnEsGqwQAAAAAAAAAYAmmmW4CAAAA4GRQo8Votlqng1kMVqvNarkALACAdQGDAAAAAAAA7IL-S8OmYAPCKNbYYxrhOV3-bpfJ6fD8za7T02_3vHUut-HhtTIACwBfZpt9RhBrtVrWAAAABLABAAAEcNONNwFkUdz_____OAAAADJy6AEAANDvA8oCAAAAAAD4B6BCrNVqdbuxVqsVsGCGo8lwAv____8B!&cmcv=&pix=undefined&cb=1701272581264&uv=3362&tms=1701272581264&abt=adxLoadDist7-out_vC!adxsub-out_vA!adxsub-out_vB!ufm_vD&ru=https://voting.astro.com.my/&ft=0&su=3&unm=FEED_MANAGER&aure=false&agl=1&cirid=92f9187e-200f-4cde-ba6c-e26702dabae7&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d018:d29:3601:bf9c:a4a:22aa:bd3 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imprammp.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 29 Nov 2023 15:43:01 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
sync
ups.analytics.yahoo.com/ups/58785/ Frame 192B 		0
125 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/58785/sync?redir=true&gdpr=1&us_privacy=1---
Requested by
Host: imprammp.taboola.com
URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V8VUECLAa4rDSk9sQwThJwWWlI7YlhnCwAAABgYID-AElOZs7FcLdySwaDmVu0MbncEodt41ZZZrvBZOSwOFy-ISDJycy5GO5WbslgMHOLNiaXW-Kwbdwqy2w3mIwcFofLNwUfxnKZDGqBhGX2-w4KyunpMbsMoqLrbbE7nGbPG1yg6XT4XPd6nctteHjtGr_brxcNRnMAAAAA8OD___8fAgAAAEAEAAAAAAkAAAAAFAIq_FsQuAAAAACA4f___18DABQHg3V4Pi-zPwAAAACAAAAAACABgDCUUQLgRez_xP________9_jAH6zBsZ_____zcMegA8-AB4EAIAAPAxBHb1I2QP2T6PSEFvEUYAAAAAsuW0KY5M0gkqFlX-___7rQBcAQAIYNz4hbPOojso8RYGAABAQIyWvY0QNOG15ZgFelj8frPDrvG7Xeb_________38z_mX80Qk0zM2mCMPTC1fwCAgCs-QUEAGCjbgAA3gjACTkcaDodPte9XvY3Pe0-u8JzuvztGr_brnb-RYegFYPB6gTE7AAAAADc-f___8ejZW8jBE14bakHpGyrkWs1Wy5WC5ttObPNPBPXZLKw2Waj2XCxW2zPEOSn9Wp4AnufEGGZ_b6DgnJ6eswug6joelvsDqfZcxAfNAzLySCYnwlbjFaTyWY5nC0Xk8FwNByN9mcgFssBmojBcjmZLCa71Wg12gx3o9lggQRiMEEULRpMVqPRZDEZrkaT1Wy52O02iKJVq9loMxiuZpPZbrcaDobL0QhN2GK0mkw2y-FsuZgMhqPhaDREMOJw7XaT2cStshhnbtFktlwLFzaPW-KZmBYeh3Ezcw3WotfH9LENVo7haIsEA1L2InlapBPVcrOazVwTz2q2G45My9HENNxNTLPFcuFwrDaLiViiOVmkE9ll37KtRq7VbLlYLWy25cw280xck8nCZpuNZsPFbrGvOFy73WQ2cassxplbNJkt18KFzeOWeCamhcdh3Mxcg7Xo9TF9bIOVYzjaN3aDxWQ3WQ0H-8ZusJjsJqvhYN-hcgmD3YvRe9KYPTrV5y95JmxOg8JlsHh_EtNi2p0dRCff0amTqpRFndHv9_v9fr_f7_f7DVrPwWxQ-K61iLT5eBZ313D4cTAoYongIp0oPKfL3-0yOR2ev9l1evrtnrfO5TY8vBaxRGm6SCd6vWgwmoglgtNFOhG9jKeL-o8cZLGbKxajuWQxnEsGqwQAAAAAAAAAYAmmmW4CAAAA4GRQo8Votlqng1kMVqvNarkALACAdQGDAAAAAAAA7IL-S8OmYAPCKNbYYxrhOV3-bpfJ6fD8za7T02_3vHUut-HhtTIACwBfZpt9RhBrtVrWAAAABLABAAAEcNONNwFkUdz_____OAAAADJy6AEAANDvA8oCAAAAAAD4B6BCrNVqdbuxVqsVsGCGo8lwAv____8B!&cmcv=&pix=undefined&cb=1701272581264&uv=3362&tms=1701272581264&abt=adxLoadDist7-out_vC!adxsub-out_vA!adxsub-out_vB!ufm_vD&ru=https://voting.astro.com.my/&ft=0&su=3&unm=FEED_MANAGER&aure=false&agl=1&cirid=92f9187e-200f-4cde-ba6c-e26702dabae7&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.71.149.231 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-71-149-231.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.87 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imprammp.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 29 Nov 2023 15:43:01 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.87
age
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
qGoWo6gBwwP.png
static.xx.fbcdn.net/rsrc.php/v3/yy/r/ Frame 0B36 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yy/r/qGoWo6gBwwP.png
Requested by
Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yP/l/0,cross/3-b-uOZP-xr.css?_nc_x=Ij3Wp8lg5Kz
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
66efeaacbd90eba053bda6c0f17599873a6d2023a9408bd9ad2d414cf9813444
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://static.xx.fbcdn.net/rsrc.php/v3/yP/l/0,cross/3-b-uOZP-xr.css?_nc_x=Ij3Wp8lg5Kz
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 29 Nov 2023 15:43:01 GMT
x-content-type-options
nosniff
content-md5
iN31dShDArRt9ZikrDb13w==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
2616
reporting-endpoints
x-fb-debug
kDSkWdnd1RAjV6oqRyf36AbIixMSF3+Qf4PUyK+BqAJHDzCukzH/Xfitun8enQ/sMxXxLXdFUE3vSvBINB5ZAA==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
content-type
image/png
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
priority
u=3,i
expires
Fri, 15 Nov 2024 22:40:10 GMT
UXtr_j2Fwe-.png
static.xx.fbcdn.net/rsrc.php/v3/yw/r/ Frame 0B36 		573 B
708 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yw/r/UXtr_j2Fwe-.png
Requested by
Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yx/l/0,cross/GSwcapvLrEq.css?_nc_x=Ij3Wp8lg5Kz
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
96e3e8dfde6b1042514824bac1b44282d4a76bac028f2d767f6534dce2cf3db0
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://static.xx.fbcdn.net/rsrc.php/v3/yx/l/0,cross/GSwcapvLrEq.css?_nc_x=Ij3Wp8lg5Kz
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 29 Nov 2023 15:43:01 GMT
x-content-type-options
nosniff
content-md5
07aG/2AEtDHVAZ5LUajMDQ==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
573
reporting-endpoints
x-fb-debug
qWcSAI33ejnNI22TZL8tCQkK2WveaNdjwqNCvuZs2LFAmzyANjWb8N5v0Q6bYOzZpAIzVTX2zItcMI0HXroeAw==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
content-type
image/png
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
priority
u=3,i
expires
Wed, 27 Nov 2024 01:13:51 GMT
/
www.facebook.com/pages/call_to_action/fetch_dialog_data/ Frame 0B36 		844 B
597 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/pages/call_to_action/fetch_dialog_data/?id=649526101819933&surface=pagePlugin&unit_type=VIEWER
Requested by
Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3iAxA4/yb/l/de_DE/BdZkwffUSJu.js?_nc_x=Ij3Wp8lg5Kz
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f176:84:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
6aa4538ca3e0a157bf9dca196091b22b8f7c7817bd97cc0ddc16cc9a2fa6022d
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

X-FB-LSD
tQWdO4-bcVowpHw6DHmGUA
Referer
https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FPortalAstroGempak%2F&width=340&height=214&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId
X-ASBD-ID
129477
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

strict-transport-security
max-age=15552000; preload
content-encoding
br
x-content-type-options
nosniff
date
Wed, 29 Nov 2023 15:43:01 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
reporting-endpoints
default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown"
pragma
no-cache
x-fb-debug
hHb+9ASVZzJRb+c5MkqibDNYvxpQDvInuPHypXCq0ufIneq4uLbjPN85WoqkUKaouFQZTBUj3nGo/vDN1hpVuA==
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
report-to
{"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
origin-agent-cluster
?0
access-control-expose-headers
X-FB-Debug, X-Loader-Length
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-methods
OPTIONS
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(self), geolocation=(self), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), payment=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), usb=(), window-management=()
access-control-allow-credentials
true
vary
Origin, Accept-Encoding
priority
u=1,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
pd
google-bidout-d.openx.net/w/1.0/ Frame 20A3 		0
176 B 		Document
General
Check archive.org
Download Go to
Full URL
https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Requested by
Host: voting.astro.com.my
URL: https://voting.astro.com.my/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://gempak.com//404
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
20
content-type
text/html
date
Wed, 29 Nov 2023 15:43:01 GMT
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google
generic
match.adsrvr.org/track/cmf/ Frame 963D 		70 B
149 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?gdpr=1&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1
Requested by
Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V8VUECLAa4rDSk9sQwThJwWWlI7YlhnCwAAABgYID-AElOZs7FcLdySwaDmVu0MbncEodt41ZZZrvBZOSwOFy-ISDJycy5GO5WbslgMHOLNiaXW-Kwbdwqy2w3mIwcFofLNwUfxnKZDGqBhGX2-w4KyunpMbsMoqLrbbE7nGbPG1yg6XT4XPd6nctteHjtGr_brxcNRnMAAAAA8OD___8fAgAAAEAEAAAAAAkAAAAAFAIq_FsQuAAAAACA4f___18DABQHg3V4Pi-zPwAAAACAAAAAACABgDCUUQLgRez_xP________9_jAH6zBsZ_____zcMegA8-AB4EAIAAPAxBHb1I2QP2T6PSEFvEUYAAAAAsuW0KY5M0gkqFlX-___7rQBcAQAIYNz4hbPOojso8RYGAABAQIyWvY0QNOG15ZgFelj8frPDrvG7Xeb_________38z_mX80Qk0zM2mCMPTC1fwCAgCs-QUEAGCjbgAA3gjACTkcaDodPte9XvY3Pe0-u8JzuvztGr_brnb-RYegFYPB6gTE7AAAAADc-f___8ejZW8jBE14bakHpGyrkWs1Wy5WC5ttObPNPBPXZLKw2Waj2XCxW2zPEOSn9Wp4AnufEGGZ_b6DgnJ6eswug6joelvsDqfZcxAfNAzLySCYnwlbjFaTyWY5nC0Xk8FwNByN9mcgFssBmojBcjmZLCa71Wg12gx3o9lggQRiMEEULRpMVqPRZDEZrkaT1Wy52O02iKJVq9loMxiuZpPZbrcaDobL0QhN2GK0mkw2y-FsuZgMhqPhaDREMOJw7XaT2cStshhnbtFktlwLFzaPW-KZmBYeh3Ezcw3WotfH9LENVo7haIsEA1L2InlapBPVcrOazVwTz2q2G45My9HENNxNTLPFcuFwrDaLiViiOVmkE9ll37KtRq7VbLlYLWy25cw280xck8nCZpuNZsPFbrGvOFy73WQ2cassxplbNJkt18KFzeOWeCamhcdh3Mxcg7Xo9TF9bIOVYzjaN3aDxWQ3WQ0H-8ZusJjsJqvhYN-hcgmD3YvRe9KYPTrV5y95JmxOg8JlsHh_EtNi2p0dRCff0amTqpRFndHv9_v9fr_f7_f7DVrPwWxQ-K61iLT5eBZ313D4cTAoYongIp0oPKfL3-0yOR2ev9l1evrtnrfO5TY8vBaxRGm6SCd6vWgwmoglgtNFOhG9jKeL-o8cZLGbKxajuWQxnEsGqwQAAAAAAAAAYAmmmW4CAAAA4GRQo8Votlqng1kMVqvNarkALACAdQGDAAAAAAAA7IL-S8OmYAPCKNbYYxrhOV3-bpfJ6fD8za7T02_3vHUut-HhtTIACwBfZpt9RhBrtVrWAAAABLABAAAEcNONNwFkUdz_____OAAAADJy6AEAANDvA8oCAAAAAAD4B6BCrNVqdbuxVqsVsGCGo8lwAv____8B!&excid=22&docw=0&cijs=1&nlb=false
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://am-match.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 29 Nov 2023 15:43:01 GMT
server
Kestrel
content-length
70
content-type
image/gif
ba57726b-eb8f-4269-8afc-b3b4aca83f50-tuctc60e184
pr-bh.ybp.yahoo.com/sync/taboola/ Frame 963D 		43 B
425 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/taboola/ba57726b-eb8f-4269-8afc-b3b4aca83f50-tuctc60e184?gdpr=1&us_privacy=1---
Requested by
Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V8VUECLAa4rDSk9sQwThJwWWlI7YlhnCwAAABgYID-AElOZs7FcLdySwaDmVu0MbncEodt41ZZZrvBZOSwOFy-ISDJycy5GO5WbslgMHOLNiaXW-Kwbdwqy2w3mIwcFofLNwUfxnKZDGqBhGX2-w4KyunpMbsMoqLrbbE7nGbPG1yg6XT4XPd6nctteHjtGr_brxcNRnMAAAAA8OD___8fAgAAAEAEAAAAAAkAAAAAFAIq_FsQuAAAAACA4f___18DABQHg3V4Pi-zPwAAAACAAAAAACABgDCUUQLgRez_xP________9_jAH6zBsZ_____zcMegA8-AB4EAIAAPAxBHb1I2QP2T6PSEFvEUYAAAAAsuW0KY5M0gkqFlX-___7rQBcAQAIYNz4hbPOojso8RYGAABAQIyWvY0QNOG15ZgFelj8frPDrvG7Xeb_________38z_mX80Qk0zM2mCMPTC1fwCAgCs-QUEAGCjbgAA3gjACTkcaDodPte9XvY3Pe0-u8JzuvztGr_brnb-RYegFYPB6gTE7AAAAADc-f___8ejZW8jBE14bakHpGyrkWs1Wy5WC5ttObPNPBPXZLKw2Waj2XCxW2zPEOSn9Wp4AnufEGGZ_b6DgnJ6eswug6joelvsDqfZcxAfNAzLySCYnwlbjFaTyWY5nC0Xk8FwNByN9mcgFssBmojBcjmZLCa71Wg12gx3o9lggQRiMEEULRpMVqPRZDEZrkaT1Wy52O02iKJVq9loMxiuZpPZbrcaDobL0QhN2GK0mkw2y-FsuZgMhqPhaDREMOJw7XaT2cStshhnbtFktlwLFzaPW-KZmBYeh3Ezcw3WotfH9LENVo7haIsEA1L2InlapBPVcrOazVwTz2q2G45My9HENNxNTLPFcuFwrDaLiViiOVmkE9ll37KtRq7VbLlYLWy25cw280xck8nCZpuNZsPFbrGvOFy73WQ2cassxplbNJkt18KFzeOWeCamhcdh3Mxcg7Xo9TF9bIOVYzjaN3aDxWQ3WQ0H-8ZusJjsJqvhYN-hcgmD3YvRe9KYPTrV5y95JmxOg8JlsHh_EtNi2p0dRCff0amTqpRFndHv9_v9fr_f7_f7DVrPwWxQ-K61iLT5eBZ313D4cTAoYongIp0oPKfL3-0yOR2ev9l1evrtnrfO5TY8vBaxRGm6SCd6vWgwmoglgtNFOhG9jKeL-o8cZLGbKxajuWQxnEsGqwQAAAAAAAAAYAmmmW4CAAAA4GRQo8Votlqng1kMVqvNarkALACAdQGDAAAAAAAA7IL-S8OmYAPCKNbYYxrhOV3-bpfJ6fD8za7T02_3vHUut-HhtTIACwBfZpt9RhBrtVrWAAAABLABAAAEcNONNwFkUdz_____OAAAADJy6AEAANDvA8oCAAAAAAD4B6BCrNVqdbuxVqsVsGCGo8lwAv____8B!&excid=22&docw=0&cijs=1&nlb=false
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d018:d29:3601:bf9c:a4a:22aa:bd3 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://am-match.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 29 Nov 2023 15:43:01 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
sync
ups.analytics.yahoo.com/ups/58785/ Frame 963D 		0
15 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/58785/sync?redir=true&gdpr=1&us_privacy=1---
Requested by
Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V8VUECLAa4rDSk9sQwThJwWWlI7YlhnCwAAABgYID-AElOZs7FcLdySwaDmVu0MbncEodt41ZZZrvBZOSwOFy-ISDJycy5GO5WbslgMHOLNiaXW-Kwbdwqy2w3mIwcFofLNwUfxnKZDGqBhGX2-w4KyunpMbsMoqLrbbE7nGbPG1yg6XT4XPd6nctteHjtGr_brxcNRnMAAAAA8OD___8fAgAAAEAEAAAAAAkAAAAAFAIq_FsQuAAAAACA4f___18DABQHg3V4Pi-zPwAAAACAAAAAACABgDCUUQLgRez_xP________9_jAH6zBsZ_____zcMegA8-AB4EAIAAPAxBHb1I2QP2T6PSEFvEUYAAAAAsuW0KY5M0gkqFlX-___7rQBcAQAIYNz4hbPOojso8RYGAABAQIyWvY0QNOG15ZgFelj8frPDrvG7Xeb_________38z_mX80Qk0zM2mCMPTC1fwCAgCs-QUEAGCjbgAA3gjACTkcaDodPte9XvY3Pe0-u8JzuvztGr_brnb-RYegFYPB6gTE7AAAAADc-f___8ejZW8jBE14bakHpGyrkWs1Wy5WC5ttObPNPBPXZLKw2Waj2XCxW2zPEOSn9Wp4AnufEGGZ_b6DgnJ6eswug6joelvsDqfZcxAfNAzLySCYnwlbjFaTyWY5nC0Xk8FwNByN9mcgFssBmojBcjmZLCa71Wg12gx3o9lggQRiMEEULRpMVqPRZDEZrkaT1Wy52O02iKJVq9loMxiuZpPZbrcaDobL0QhN2GK0mkw2y-FsuZgMhqPhaDREMOJw7XaT2cStshhnbtFktlwLFzaPW-KZmBYeh3Ezcw3WotfH9LENVo7haIsEA1L2InlapBPVcrOazVwTz2q2G45My9HENNxNTLPFcuFwrDaLiViiOVmkE9ll37KtRq7VbLlYLWy25cw280xck8nCZpuNZsPFbrGvOFy73WQ2cassxplbNJkt18KFzeOWeCamhcdh3Mxcg7Xo9TF9bIOVYzjaN3aDxWQ3WQ0H-8ZusJjsJqvhYN-hcgmD3YvRe9KYPTrV5y95JmxOg8JlsHh_EtNi2p0dRCff0amTqpRFndHv9_v9fr_f7_f7DVrPwWxQ-K61iLT5eBZ313D4cTAoYongIp0oPKfL3-0yOR2ev9l1evrtnrfO5TY8vBaxRGm6SCd6vWgwmoglgtNFOhG9jKeL-o8cZLGbKxajuWQxnEsGqwQAAAAAAAAAYAmmmW4CAAAA4GRQo8Votlqng1kMVqvNarkALACAdQGDAAAAAAAA7IL-S8OmYAPCKNbYYxrhOV3-bpfJ6fD8za7T02_3vHUut-HhtTIACwBfZpt9RhBrtVrWAAAABLABAAAEcNONNwFkUdz_____OAAAADJy6AEAANDvA8oCAAAAAAD4B6BCrNVqdbuxVqsVsGCGo8lwAv____8B!&excid=22&docw=0&cijs=1&nlb=false
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.71.149.231 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-71-149-231.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.87 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://am-match.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 29 Nov 2023 15:43:01 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.87
age
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
1igfs7II_g6.png
static.xx.fbcdn.net/rsrc.php/v3/yd/r/ Frame 0B36 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yd/r/1igfs7II_g6.png
Requested by
Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/y9/l/0,cross/V-GL57iHfEB.css?_nc_x=Ij3Wp8lg5Kz
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
e13547eec8879c9b576c2e06837303ad06ea15905d4eb075291ff21686a5b3da
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://static.xx.fbcdn.net/rsrc.php/v3/y9/l/0,cross/V-GL57iHfEB.css?_nc_x=Ij3Wp8lg5Kz
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 29 Nov 2023 15:43:01 GMT
x-content-type-options
nosniff
content-md5
Bsv/k/2TeJemYEeLUt4www==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
12027
reporting-endpoints
x-fb-debug
UI3wifBVEuLzSZYQ0EwBuw3jbYllqY5AEeJL0pdVtVHnYeRvcKkOVMdgfLRedE7Oumw9HlumK/oMjRAw3DZz4w==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
content-type
image/png
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
priority
u=3,i
expires
Sat, 16 Nov 2024 04:15:28 GMT
rum
dsum-sec.casalemedia.com/ Frame 2F1B
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOVFXV8y5O1xPlFRx05rvIM&google_cver=1
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOVFXV8y5O1xPlFRx05rvIM&google_cver=1&C=1
43 B
337 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOVFXV8y5O1xPlFRx05rvIM&google_cver=1&C=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKvU5fQCEMaIsIIEGK3o7vgBMAE&v=APEucNX_V6J0CsrA0CbE1gNiVLhrInJmTUu6zEhcrzL6B2ZwkgPDGokmQ7h34is8ktlcDbsq9FPeu0l-92H3z_POcB5u3OiXUxtWV4hFIJI6IAT39sjNho6GEVQ8b4dY7IgAa0u2Jd_MWOMHhxkN6njShGsz-MtwFAiHyb9eemz8yi-l48pEodw
Protocol
H2
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 29 Nov 2023 15:43:01 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Oe4if%2F4Tty76GB0E48Tzo6Bm72RNICD%2F9rk0t95Vopz%2BmCgl630AIoVcYUg2k3NRTBmVcCgmmsEWkiiFClQUTVcf9Fw5SpsQ7%2FAWNWhjOwqUqUYoZkWGpK8lSozdZosgCUuX41M5afihDw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
82dbf6c36fec9104-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Wed, 29 Nov 2023 15:43:01 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RUl35H6U7EYHuYMqVqhN32inQzegzDC6YwJQSm3%2FRAoTulEIoxeSpqFfh1DeMaF54vFIIj2uYjQ0Ngcn2pHLPgKZaZeSTMfDb6%2BaGdrd6e%2BfBlP%2Fvo6Pjo2Q4I2El9keSDIySBNwkOsX6g%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location
/rum?cm_dsp_id=45&external_user_id=CAESEOVFXV8y5O1xPlFRx05rvIM&google_cver=1&C=1
cache-control
no-cache
cf-ray
82dbf6c2df5f9104-FRA
alt-svc
h3=":443"; ma=86400
content-length
0
expires
0
rum
dsum-sec.casalemedia.com/ Frame 2F1B
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZWdcBUtCWPWW8A49-h1MfwAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOVFXV8y5O1xPlFRx05rvIM&google_cver=1
43 B
773 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOVFXV8y5O1xPlFRx05rvIM&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKvU5fQCEMaIsIIEGK3o7vgBMAE&v=APEucNX_V6J0CsrA0CbE1gNiVLhrInJmTUu6zEhcrzL6B2ZwkgPDGokmQ7h34is8ktlcDbsq9FPeu0l-92H3z_POcB5u3OiXUxtWV4hFIJI6IAT39sjNho6GEVQ8b4dY7IgAa0u2Jd_MWOMHhxkN6njShGsz-MtwFAiHyb9eemz8yi-l48pEodw
Protocol
H3
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 29 Nov 2023 15:43:01 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=k9z5YfDqxMqVlUDIOjdy9KLVryPbBZgVL%2BktFM34Fm%2F0VfZBbRQOxlF3hcMrvx7UBVFjWtvVGczhyfsE%2BsaJWzySx4KKWvfKmcLhG%2B75d3n6HpbQJ33t2hMN6U9gw28BTMy4hV7%2F1gL0HA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
82dbf6c3fffc2bf1-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Wed, 29 Nov 2023 15:43:01 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOVFXV8y5O1xPlFRx05rvIM&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
bounce
ib.adnxs.com/ Frame 2F1B
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEH-uGm0Mw5W79YPyyBP8pZY&google_cver=1
  • https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEH-uGm0Mw5W79YPyyBP8pZY%26google_cver%3D1
43 B
895 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEH-uGm0Mw5W79YPyyBP8pZY%26google_cver%3D1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKvU5fQCEMaIsIIEGK3o7vgBMAE&v=APEucNX_V6J0CsrA0CbE1gNiVLhrInJmTUu6zEhcrzL6B2ZwkgPDGokmQ7h34is8ktlcDbsq9FPeu0l-92H3z_POcB5u3OiXUxtWV4hFIJI6IAT39sjNho6GEVQ8b4dY7IgAa0u2Jd_MWOMHhxkN6njShGsz-MtwFAiHyb9eemz8yi-l48pEodw
Protocol
H2
Server
37.252.171.52 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 29 Nov 2023 15:43:01 GMT
an-x-request-uuid
56eb4e02-4815-4bb9-92c7-ca541926be26
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
image/gif
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
217.114.218.20; 217.114.218.20; 1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
43
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 29 Nov 2023 15:43:01 GMT
an-x-request-uuid
8d33c008-40cb-4bd0-a1f2-61ef4c9adfec
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
location
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEH-uGm0Mw5W79YPyyBP8pZY%26google_cver%3D1
cache-control
no-store, no-cache, private
x-proxy-origin
217.114.218.20; 217.114.218.20; 1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 2F1B
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODkwNDUxMTQxNjc3MzE5ODA0NQ%3D%3D
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODkwNDUxMTQxNjc3MzE5ODA0NQ%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKvU5fQCEMaIsIIEGK3o7vgBMAE&v=APEucNX_V6J0CsrA0CbE1gNiVLhrInJmTUu6zEhcrzL6B2ZwkgPDGokmQ7h34is8ktlcDbsq9FPeu0l-92H3z_POcB5u3OiXUxtWV4hFIJI6IAT39sjNho6GEVQ8b4dY7IgAa0u2Jd_MWOMHhxkN6njShGsz-MtwFAiHyb9eemz8yi-l48pEodw
Protocol
H3
Server
172.217.16.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f194.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 29 Nov 2023 15:43:01 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 29 Nov 2023 15:43:01 GMT
an-x-request-uuid
44a7c7f9-10d7-45f3-936e-3dd9867c6d53
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODkwNDUxMTQxNjc3MzE5ODA0NQ%3D%3D
x-proxy-origin
217.114.218.20; 217.114.218.20; 1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
cmOsUnit.css
vidstat.taboola.com/vpaid/units/33_6_2/assets/css/ 		60 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://vidstat.taboola.com/vpaid/units/33_6_2/assets/css/cmOsUnit.css
Requested by
Host: voting.astro.com.my
URL: https://voting.astro.com.my/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3-br /
Resource Hash
83ecdfb76c38605f0e3538a0a9de0f1e57a457a2dfebe0654ee2f9b13c49a2ec

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gempak.com//404
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-amz-meta-mtime
1701243165
date
Wed, 29 Nov 2023 15:43:01 GMT
via
1.1 varnish
content-encoding
br
x-amz-request-id
YKK2E2AQ7TY86C16
age
29348
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-meta-ctime
1701243165
x-amz-meta-mode
33188
content-length
7924
x-amz-id-2
KpVJN86zuyzGyPEwwD+as4Tu4VE/eWugYzkzo4fY3LiczNrLYHuOkRlxSZKVhVE5k3nIOiP3iKk=
x-served-by
cache-cph2320056-CPH
last-modified
Wed, 29 Nov 2023 07:32:46 GMT
server
AmazonS3-br
x-timer
S1701272582.531508,VS0,VE0
etag
"a6067988de416f653559cce5285c7c1b"
x-amz-meta-uid
0
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, HEAD
x-amz-meta-gid
0
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
access-control-allow-headers
*
x-cache-hits
9613
cmTagFEED_MANAGER.js
vidstat.taboola.com/vpaid/units/33_6_2/infra/ 		603 KB
121 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vidstat.taboola.com/vpaid/units/33_6_2/infra/cmTagFEED_MANAGER.js
Requested by
Host: voting.astro.com.my
URL: https://voting.astro.com.my/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3-br /
Resource Hash
c795395f7438fa12e7baaee46d9e672b022ac76b62c4a932ad26c17bc9073b98

Request headers

Referer
https://gempak.com//404
Origin
https://gempak.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-amz-meta-mtime
1701243154
date
Wed, 29 Nov 2023 15:43:01 GMT
via
1.1 varnish
content-encoding
br
x-amz-request-id
YKK0J3S91NBGHWMN
age
29348
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-meta-ctime
1701243155
x-amz-meta-mode
33188
content-length
123336
x-amz-id-2
hkBJ7w9fLSOQ6rO9dNu5UnAsBMJKSRu/4kAtNzXWENazFTb2Cbk1ZntwFbwe+/m1XzWX6okHXxQ=
x-served-by
cache-cph2320025-CPH
last-modified
Wed, 29 Nov 2023 07:32:36 GMT
server
AmazonS3-br
x-timer
S1701272582.525123,VS0,VE0
etag
"a4e0f2b4eb57ff99a808e56a2a6149bc"
x-amz-meta-uid
0
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, HEAD
x-amz-meta-gid
0
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
access-control-allow-headers
*
x-cache-hits
5589
dmp.infopack.45cd87b822a902fefa88.js
static1.dmcdn.net/playerv5/ Frame 668F 		55 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static1.dmcdn.net/playerv5/dmp.infopack.45cd87b822a902fefa88.js
Requested by
Host: geo.dailymotion.com
URL: https://geo.dailymotion.com/player/xd17s.html?video=x8q120x
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
178.79.242.181 Frankfurt am Main, Germany, ASN22822 (LLNW, US),
Reverse DNS
https-178-79-242-181.fra.llnw.net
Software
DMS/1.0.42 /
Resource Hash
33342f4dc05d8d78b73a556268c204b766a15f85e04324801c6cb418bf9e2a75

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://geo.dailymotion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 29 Nov 2023 15:43:01 GMT
content-encoding
gzip
age
1228936
server-timing
total;dur=2, dc;desc="dc3"
content-length
14394
last-modified
Wed, 15 Nov 2023 10:16:02 GMT
server
DMS/1.0.42
etag
"65549a62-daad"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=2592000
accept-ranges
bytes
timing-allow-origin
*
x-llid
99e08deb64629558ddccb8e75772d4bb
expires
Fri, 15 Dec 2023 10:20:45 GMT
dmp.jq_flight.1d9782312a093aadb89f.js
static1.dmcdn.net/playerv5/ Frame 668F 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static1.dmcdn.net/playerv5/dmp.jq_flight.1d9782312a093aadb89f.js
Requested by
Host: geo.dailymotion.com
URL: https://geo.dailymotion.com/player/xd17s.html?video=x8q120x
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
178.79.242.181 Frankfurt am Main, Germany, ASN22822 (LLNW, US),
Reverse DNS
https-178-79-242-181.fra.llnw.net
Software
DMS/1.0.42 /
Resource Hash
5e24b61f7ae7a4e552208ab7eb54601da5fd5af5a24a5cf542839398a33a9630

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://geo.dailymotion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 29 Nov 2023 15:43:01 GMT
content-encoding
gzip
age
59888
server-timing
total;dur=0, dc;desc="dc3"
content-length
14946
last-modified
Tue, 28 Nov 2023 13:28:47 GMT
server
DMS/1.0.42
etag
"6565eb0f-a5e2"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=2592000
accept-ranges
bytes
timing-allow-origin
*
x-llid
02ce9ec0748f694b46a23de5eaaa33a0
expires
Thu, 28 Dec 2023 23:04:53 GMT
dmp.photon_vendor.3ce7557f0c4e78d46b63.js
static1.dmcdn.net/playerv5/ Frame 668F 		321 KB
96 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static1.dmcdn.net/playerv5/dmp.photon_vendor.3ce7557f0c4e78d46b63.js
Requested by
Host: geo.dailymotion.com
URL: https://geo.dailymotion.com/player/xd17s.html?video=x8q120x
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
178.79.242.181 Frankfurt am Main, Germany, ASN22822 (LLNW, US),
Reverse DNS
https-178-79-242-181.fra.llnw.net
Software
DMS/1.0.42 /
Resource Hash
45986891113c4ae3780f4974cd3facaf0146bf46605c1b9ef525896d75fa6aaa

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://geo.dailymotion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 29 Nov 2023 15:43:01 GMT
content-encoding
gzip
age
1146314
server-timing
total;dur=1, dc;desc="dc3"
content-length
97739
last-modified
Thu, 16 Nov 2023 09:12:49 GMT
server
DMS/1.0.42
etag
"6555dd11-503f9"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=2592000
accept-ranges
bytes
timing-allow-origin
*
x-llid
3a5fdb7193aa5930b36d956efd39d81d
expires
Sat, 16 Dec 2023 09:17:47 GMT
dmp.photon_boot.cb0b3660021c26364bd0.js
static1.dmcdn.net/playerv5/ Frame 668F 		121 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static1.dmcdn.net/playerv5/dmp.photon_boot.cb0b3660021c26364bd0.js
Requested by
Host: geo.dailymotion.com
URL: https://geo.dailymotion.com/player/xd17s.html?video=x8q120x
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
178.79.242.181 Frankfurt am Main, Germany, ASN22822 (LLNW, US),
Reverse DNS
https-178-79-242-181.fra.llnw.net
Software
DMS/1.0.42 /
Resource Hash
29fa531ef040a7dbaa846f635b842ae177be4af00332c8166cd1870f1a1be460

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://geo.dailymotion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 29 Nov 2023 15:43:01 GMT
content-encoding
gzip
age
94319
server-timing
total;dur=1, dc;desc="dc3"
content-length
39206
last-modified
Tue, 28 Nov 2023 13:28:39 GMT
server
DMS/1.0.42
etag
"6565eb07-1e51a"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=2592000
accept-ranges
bytes
timing-allow-origin
*
x-llid
721bfc99f83d689af5c4754d00e56254
expires
Thu, 28 Dec 2023 13:31:02 GMT
dmp.photon_app.e282e8762fba0008fdee.js
static1.dmcdn.net/playerv5/ Frame 668F 		167 KB
57 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static1.dmcdn.net/playerv5/dmp.photon_app.e282e8762fba0008fdee.js
Requested by
Host: geo.dailymotion.com
URL: https://geo.dailymotion.com/player/xd17s.html?video=x8q120x
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
178.79.242.181 Frankfurt am Main, Germany, ASN22822 (LLNW, US),
Reverse DNS
https-178-79-242-181.fra.llnw.net
Software
DMS/1.0.42 /
Resource Hash
79f3554e9863664eacf3f28e8bbbd6c350c80ae86c79e9d482667325583da9f6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://geo.dailymotion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 29 Nov 2023 15:43:01 GMT
content-encoding
gzip
age
456235
server-timing
total;dur=1, dc;desc="dc3"
content-length
57995
last-modified
Fri, 24 Nov 2023 08:56:49 GMT
server
DMS/1.0.42
etag
"65606551-29d99"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=2592000
accept-ranges
bytes
timing-allow-origin
*
x-llid
4e2cd6dcce8301443f4ad2b27fa82acd
expires
Sun, 24 Dec 2023 08:59:06 GMT
dmp.photon_player.ab7c06b86596301a2464.js
static1.dmcdn.net/playerv5/ Frame 668F 		68 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static1.dmcdn.net/playerv5/dmp.photon_player.ab7c06b86596301a2464.js
Requested by
Host: geo.dailymotion.com
URL: https://geo.dailymotion.com/player/xd17s.html?video=x8q120x
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
178.79.242.181 Frankfurt am Main, Germany, ASN22822 (LLNW, US),
Reverse DNS
https-178-79-242-181.fra.llnw.net
Software
DMS/1.0.42 /
Resource Hash
fa2f2c409ec8c3790f3a2824ff3644873de9ca6700b7b3add056837bb677ee9f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://geo.dailymotion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 29 Nov 2023 15:43:01 GMT
content-encoding
gzip
age
627758
server-timing
total;dur=0, dc;desc="dc3"
content-length
19936
last-modified
Wed, 22 Nov 2023 09:08:38 GMT
server
DMS/1.0.42
etag
"655dc516-10e8e"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=2592000
accept-ranges
bytes
timing-allow-origin
*
x-llid
a965f1ff648ea062a45a5c2865ffc076
expires
Fri, 22 Dec 2023 09:20:23 GMT
container.html
ed82c412a1d0517c38d808cdf80f705f.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 830C 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ed82c412a1d0517c38d808cdf80f705f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: voting.astro.com.my
URL: https://voting.astro.com.my/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://gempak.com//404
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 29 Nov 2023 15:43:00 GMT
expires
Thu, 28 Nov 2024 15:43:00 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
bulk-metrics
am-trc-events.taboola.com/astromediasolutions-gempak/log/3/ 		0
242 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://am-trc-events.taboola.com/astromediasolutions-gempak/log/3/bulk-metrics?tvi2=14111&tvi48=10638&route=AM%3AAM%3AV&lti=deflated&bulkSize=8
Requested by
Host: voting.astro.com.my
URL: https://voting.astro.com.my/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://gempak.com//404
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
https://gempak.com
pragma
no-cache
date
Wed, 29 Nov 2023 15:43:01 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
abtests
am-trc-events.taboola.com/astromediasolutions-gempak/log/3/ 		0
230 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://am-trc-events.taboola.com/astromediasolutions-gempak/log/3/abtests?route=AM:AM:V&tvi2=14111&tvi48=10638&lti=deflated&ri=d3eaf1a7bf71d1cc17cd6fff08578c0d&sd=v2_e65d556915af69f6f3b522af66468171_ba57726b-eb8f-4269-8afc-b3b4aca83f50-tuctc60e184_1701272580_1701272580_CJK00wEQwIFYGNjg_d3BMSABKAEwODib4wlAhIoQSNTJ2QNQ____________AVgAYABo5-D4sc3qn58xcAA&ui=ba57726b-eb8f-4269-8afc-b3b4aca83f50-tuctc60e184&pi=//404&wi=-3422900815001796584&pt=text&vi=1701272580184&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22recommendation-reel%22%2C%22type%22%3A%22available%22%2C%22eventTime%22%3A1701272581561%7D&tim=16%3A43%3A01.561&id=524&llvl=2&cv=20231129-9-RELEASE&
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gempak.com//404
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Wed, 29 Nov 2023 15:43:01 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
2f87776b3580b772c988979fccc36347.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_750%2Cw_1500%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		112 KB
113 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_750%2Cw_1500%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/2f87776b3580b772c988979fccc36347.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
a3c52fab288aedeba5055eb8f9e5f677d50c1f1be2972703f11bf1fff434e848

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gempak.com//404
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-vcl-time-ms
2
date
Wed, 29 Nov 2023 15:43:01 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_750%2Cw_1500%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/2f87776b3580b772c988979fccc36347.png
age
3740640
edge-cache-tag
539264722275397693898618951167535693130,618870499114759607638041997254694977048,29ecf9b93bbf306179626feeda1fab70
cache-tag
539264722275397693898618951167535693130,618870499114759607638041997254694977048,29ecf9b93bbf306179626feeda1fab70
x-cache
Miss from cloudfront, MISS, HIT, HIT, HIT, HIT
x-envoy-upstream-service-time
614
expiration
expiry-date="Sat, 07 Oct 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://www.comisarul.ro/
content-length
114940
x-backend-name
LA_nlb204
x-served-by
cache-iad-kiad7000162-IAD, cache-iad-kiad7000162-IAD, cache-lax-kwhp1940104-LAX, cache-iad-kiad7000068-IAD, cache-cph2320056-CPH
last-modified
Wed, 06 Sep 2023 09:56:00 GMT
server
nginx
surrogate-reporting
width=1200,height=600,owidth=1200,oheight=800,obytes=1756948
x-timer
S1701272582.591701,VS0,VE2
etag
"acd0bc56b0057258db7e148a76fe5165"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 30, 1, 9, 1
b995120125b940c60ed1c2beb6a62353.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_423%2Cw_760%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		42 KB
43 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_423%2Cw_760%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/b995120125b940c60ed1c2beb6a62353.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
62d2a3f860454fa6f4d6264bfa7cc7ece108cf85b60dbd5642004ab7824cfc8d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gempak.com//404
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-vcl-time-ms
85
date
Wed, 29 Nov 2023 15:43:01 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_423%2Cw_760%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/b995120125b940c60ed1c2beb6a62353.png
age
2510382
edge-cache-tag
375743649588577576758315705241312646771,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
cache-tag
375743649588577576758315705241312646771,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
Miss from cloudfront, HIT, HIT, HIT, HIT, MISS
x-envoy-upstream-service-time
328
req-referer
https://www.ynet.co.il/
content-length
42852
x-request-id
15145615f8d0d35bd20612592a3b1931
x-backend-name
CH_nlb802
x-served-by
cache-iad-kcgs7200165-IAD, cache-iad-kcgs7200165-IAD, cache-chi-kigq8000109-CHI, cache-iad-kiad7000031-IAD, cache-cph2320056-CPH
last-modified
Thu, 28 Sep 2023 13:24:32 GMT
server
nginx
surrogate-reporting
width=1000,height=555,bytes=82599,owidth=1000,oheight=600,obytes=1036744
x-timer
S1701272582.592054,VS0,VE85
etag
"4a3f5181b9c5893daf54d6926ae5ef0e"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 6, 1, 8, 0
5e3f639bfe54f9634c74692e5eaad563.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_423%2Cw_760%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		42 KB
43 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_423%2Cw_760%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/5e3f639bfe54f9634c74692e5eaad563.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
a5ffbfc9bcf3065f2eb7e6d7246d4c88d60df04f1797e0bc18bba16ecd25255b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gempak.com//404
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Wed, 29 Nov 2023 15:43:01 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_423%2Cw_760%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/5e3f639bfe54f9634c74692e5eaad563.png
age
1826382
edge-cache-tag
401276493238227410103747508992688257408,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
cache-tag
401276493238227410103747508992688257408,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
Miss from cloudfront, MISS, MISS, HIT, HIT, HIT
x-envoy-upstream-service-time
275
req-referer
https://www.calcalist.co.il/
content-length
42872
x-request-id
87cc18a977c29de2802c89154a62bbb1
x-backend-name
CH_nlb803
x-served-by
cache-iad-kcgs7200061-IAD, cache-iad-kiad7000132-IAD, cache-lga21944-LGA, cache-iad-kjyo7100035-IAD, cache-cph2320056-CPH
last-modified
Sun, 29 Oct 2023 08:04:29 GMT
server
nginx
surrogate-reporting
width=1067,height=592,bytes=80000,owidth=1067,oheight=600,obytes=953629
x-timer
S1701272582.592068,VS0,VE1
etag
"a5bca7dd6a78fac4529945f20154cdb6"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 2, 5, 1
yp1u5iywkdxfgcxlbtxr.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_750%2Cw_1500%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//c3.taboola.com/libtrc/static/thumbnails/so_auto/f_jpg/v1700645353/ 		76 KB
77 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_750%2Cw_1500%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//c3.taboola.com/libtrc/static/thumbnails/so_auto/f_jpg/v1700645353/yp1u5iywkdxfgcxlbtxr.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
8691e656de704c1d31b01fe36c4c9f397ea0b42c42fee43f8e6ef0fde3a86bc8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gempak.com//404
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Wed, 29 Nov 2023 15:43:01 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_750%2Cw_1500%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//c3.taboola.com/libtrc/static/thumbnails/so_auto/f_jpg/v1700645353/yp1u5iywkdxfgcxlbtxr.jpg
age
30467
edge-cache-tag
502972884924560909050702601173479892810,618870499114759607638041997254694977048,29ecf9b93bbf306179626feeda1fab70
cache-tag
502972884924560909050702601173479892810,618870499114759607638041997254694977048,29ecf9b93bbf306179626feeda1fab70
x-cache
Miss from cloudfront, MISS, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time
490
expiration
expiry-date="Sat, 30 Dec 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://mereja.com/
content-length
77898
x-backend-name
US_nlb103
x-served-by
cache-iad-kjyo7100038-IAD, cache-iad-kcgs7200031-IAD, cache-lga21924-LGA, cache-iad-kjyo7100121-IAD, cache-cph2320056-CPH
last-modified
Wed, 29 Nov 2023 07:11:57 GMT
server
nginx
surrogate-reporting
width=800,height=400,bytes=41796,owidth=800,oheight=450,obytes=42063
x-timer
S1701272582.593195,VS0,VE1
etag
"27e40d361337abf99aa9be70ca540e05"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 0, 5, 1
view
ad.doubleclick.net/pcs/ Frame 936E 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ad.doubleclick.net/pcs/view?xai=AKAOjst7hp1VhcYrqjWWxA83CRX89gyxHxD0L4xlEubZ6-xdl2eRg2Cnb3sz4x0WEdz9-eXUSoyBqrKv-gox2tlJhni-1hGYWOFHuTZG_j6DdZRGGlrFPgkhwhb9wWjnkbFO9TCxvviLDw3IvEEPYxyj7IIkANlZVOCWWKA69DrAMMgwAizbsKzVZHJhTnK_PVcKZnxqMdCo1MQ9MYkrgMiZK48U5Gh1BI8C0k0p8x0vSyIiIJwVKumiMsHzY8_bY4FzZWiblx-PpWfT_QeCqFMutB0jIs-PZJCkDYjzH4927xxpuVeoBW4wGgl5H1iTSUtbJEtGuMg_cPyjTaqD8CyOOlcbPbRAJ7SdJVx8hfWcBYbx3kaSBJzKnTQ8zpM6teL6Q9HPwHyl-Wb8idcszyaHw6dM-2YAUs57Sj3rDucY24QptUDYSFgmZFGhae1k1mxcI2xaf66kHTIccqXBpj3Kp3WFqwx-oU6R2esUINRnalfeJ2W6aBbPLWEI9FQl7PWjLwVPwOrFP21KQmVR1Jth4SFsCtg9ebOTYpsq8hMRSPK6zJYTc-J_M7MXJfgvN_hfSRjsaUAvLVSExO4Zw8dIlwAPmHHQCsIBkWeV63Q1uaVkMxWhn5uRiLp8MI2D5k2rSL1JzvPZ4Ftkj51gEaZJy3J24WCed120kNvjGuFzy8Via80X42ZOnW61dITq2sQr8TAAlKtQJO2Su-7Cp5OsGMB3LbH5tjKMQ4q9JLa2e8IeyJtwfkPhJkmvhc1r7o37O_l3PYa8g1VqDSjbpRkcixmhU1eP4usNEwsctf969-KKFGmf5fl54I7zu56LB0j6Lx64ONVhqCtHY_7lBNT2yucTYeYwgczyUlORBBskflKi-Ce-iDmco9CG35OPMnKsfPk4snXDo5HFb2Pl_lPioqJ3syBSPIJmZBxuNIPcKUZQ-tVDpK5AI0TBl7gXpUP4oHaNRUMYooNQxEzczVfDN7Lyx7JQp0XhjFrjM__oxrOXR_flfzPQN2R5Y9qrnHF5AF29MHDG3kaPY99w4NJBnYBMJL61fwjJD8WGlsCHriN3krty1MrkRihwONlm8zZZaEVyjHHEEHgKk1DghC3Eg5JeN9PaYxO4Qxi93aEFEDS8NSNFPOie_zTvsk_jE1r21U8nRw1FlRFByufRzH4JRHGN0aykFlVA1mitQ34Czq3KSz18B-5hWditvaJO2PGcyB0OPGjlZt4bRVMTdXFUV81zcoEGPWmNCCxirVk6uFVlC5tNGX9d_FPP43ec0FeOz2K6b6vSZz-6xS_1ys6MwDwznh8JR2wESOv71qAdxaJRRdduSIeWa0IYtADwvyfN1eKqj7hFYLrIDkBgMNQVr7Ky6R-zoWopPG5S5p1hq7PvYfIbCLN0AFW6mXSpFFXArg9vsxW61ecd3pPuiB8c9hDZHHVjwWlRZ5tqVfo8aAe5AME&sai=AMfl-YR21djLJMS16SokDb2zc5W2O41FZONVCiJRFK1K3inqZNPDGC2hSNbqJe65D5Izh2vHdO-qLRzRLMEKDlAfXm_j4-Hqb8lP0SzriahJFg8IXYgQVLxb82fKhdd7V8Y4Yw-Wwoh_EkaXL1QRNcOBxqiiqG32pTV-Zkn-uH0RkrudJuBgA9niBgwzPywJG6qKOzR8qG6GyPHpZWQZdwGBERZrhbkhrsngs2wRKKUGJg6LayF1kIIDf1BGZnPmD54_mAWaCFKV0cv07x7uZpwIJ3vxC6HzORo8uRc-JTU-Z71KouMr1O2KuPJp7GwMFfA5QCNk73F0DXCi7p5VyETd5I4v2JpRJLRSmdhj2O-7z_Ok7ld4-uKFkZElfTZdBtxrCwsv89BtS-sgpa0e_T0HZebK_tJ7X2eEPrJdVKAh&sig=Cg0ArKJSzOlkcENDhRYwEAE&uach_m=%5BUACH%5D&pr=missingexchangepricemacro&crd=aHR0cHM6Ly9xb250by5jb20&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=223&vt=11&dtpt=222&dett=2&cstd=0&cisv=r20231109.35358&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=
Requested by
Host: voting.astro.com.my
URL: https://voting.astro.com.my/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.134 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f6.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ed82c412a1d0517c38d808cdf80f705f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 29 Nov 2023 15:43:01 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
budakbersalin13ta.jpg%3Fext%3D.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_423%2Cw_760%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//d3avoj45mekucs.cloudfront.net/astrogempak/media/asbp/ 		17 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_423%2Cw_760%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//d3avoj45mekucs.cloudfront.net/astrogempak/media/asbp/budakbersalin13ta.jpg%3Fext%3D.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
35b5f9d1ca45b2ba3968a0a71012ccda3ea1c554229193e4bc82c0fb240e076a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gempak.com//404
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Wed, 29 Nov 2023 15:43:01 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_423%2Cw_760%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//d3avoj45mekucs.cloudfront.net/astrogempak/media/asbp/budakbersalin13ta.jpg%3Fext%3D.jpg
age
5452704
edge-cache-tag
324058617813921152438140298608431786769,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
cache-tag
324058617813921152438140298608431786769,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
x-cache
MISS, HIT, HIT, HIT, HIT
x-envoy-upstream-service-time
187
expiration
expiry-date="Sat, 30 Sep 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://gempak.com/berita-terkini/penampilan-jadi-perhatian-netizen-berat-badan-siti-bainun-susut-60-kg-ada-hikmah-jugalah-masuk-penja-84492
content-length
17064
x-backend-name
CH_nlb801
x-served-by
cache-iad-kiad7000060-IAD, cache-iad-kiad7000060-IAD, cache-chi-kigq8000083-CHI, cache-iad-kcgs7200054-IAD, cache-cph2320056-CPH
last-modified
Wed, 30 Aug 2023 15:03:25 GMT
server
nginx
surrogate-reporting
width=832,height=462,owidth=832,oheight=468,obytes=104094
x-timer
S1701272582.594161,VS0,VE1
etag
"70cf2312e6d335c0a9c468eb023c0fb6"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 33, 1, 17, 1
wanna-uzair-header.jpg%3Fext%3D.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_423%2Cw_760%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//d3avoj45mekucs.cloudfront.net/astrogempak/media/articleasset/2018/nov/ 		54 KB
55 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_423%2Cw_760%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//d3avoj45mekucs.cloudfront.net/astrogempak/media/articleasset/2018/nov/wanna-uzair-header.jpg%3Fext%3D.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
a930ab17af286c930110641f322e492caee1353b7484e403cc218f02a37487b3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gempak.com//404
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Wed, 29 Nov 2023 15:43:01 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_423%2Cw_760%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//d3avoj45mekucs.cloudfront.net/astrogempak/media/articleasset/2018/nov/wanna-uzair-header.jpg%3Fext%3D.jpg
age
3122342
edge-cache-tag
323288668404348673100174942879659232311,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
cache-tag
323288668404348673100174942879659232311,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
x-cache
Miss from cloudfront, MISS, HIT, HIT, HIT, HIT
x-envoy-upstream-service-time
163
expiration
expiry-date="Tue, 10 Oct 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://gempak.com/
content-length
55176
x-backend-name
LA_nlb203
x-served-by
cache-iad-kiad7000090-IAD, cache-iad-kiad7000032-IAD, cache-lax-kwhp1940023-LAX, cache-iad-kiad7000108-IAD, cache-cph2320056-CPH
last-modified
Sat, 09 Sep 2023 02:50:04 GMT
server
nginx
surrogate-reporting
width=900,height=500,owidth=900,oheight=560,obytes=569878
x-timer
S1701272582.594166,VS0,VE1
etag
"1b2c9a7b783dc2983f88490b871d7191"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 2, 1, 107, 1
590844923bc9471cd5d78447446db7b9.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_750%2Cw_1500%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		245 KB
246 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_750%2Cw_1500%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/590844923bc9471cd5d78447446db7b9.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
3c1edb36c3c20244658c0351dd612a84390fb12ffdb0ef2577b7e19a1d7bd043

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gempak.com//404
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-vcl-time-ms
3
date
Wed, 29 Nov 2023 15:43:01 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_750%2Cw_1500%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/590844923bc9471cd5d78447446db7b9.jpg
age
81579
edge-cache-tag
354154687395849500270112018496364566776,618870499114759607638041997254694977048,29ecf9b93bbf306179626feeda1fab70
cache-tag
354154687395849500270112018496364566776,618870499114759607638041997254694977048,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
Miss from cloudfront, MISS, HIT, MISS, HIT, HIT
x-envoy-upstream-service-time
544
req-referer
https://www.wionews.com/
content-length
250910
x-request-id
23d4eb449bb6f6a71bfb204e8ef25f66
x-backend-name
LA_nlb202
x-served-by
cache-iad-kcgs7200061-IAD, cache-iad-kjyo7100124-IAD, cache-lax-kwhp1940051-LAX, cache-iad-kiad7000157-IAD, cache-cph2320056-CPH
last-modified
Tue, 28 Nov 2023 13:21:17 GMT
server
nginx
surrogate-reporting
width=1160,height=580,bytes=340284,owidth=1160,oheight=1128,obytes=1292706
x-timer
S1701272582.677892,VS0,VE3
etag
"8e9c524cad8cf3c5ed2343af32aeefcd"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 0, 4, 1
6aee2a08-5b40-49f1-a744-aaf4fe7c54e8__qvJyy3lJ.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_423%2Cw_760%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/IMAGE_UPSCALER/EIU/ 		25 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_423%2Cw_760%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/IMAGE_UPSCALER/EIU/6aee2a08-5b40-49f1-a744-aaf4fe7c54e8__qvJyy3lJ.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
d739fafde9e18e966bf873500318ca59d954863cbfa9b0ea02a37916445dd416

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gempak.com//404
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Wed, 29 Nov 2023 15:43:01 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_423%2Cw_760%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/IMAGE_UPSCALER/EIU/6aee2a08-5b40-49f1-a744-aaf4fe7c54e8__qvJyy3lJ.jpg
age
1908859
edge-cache-tag
321194619511491062242132839077726262353,458819120031143973608810691998763911622,29ecf9b93bbf306179626feeda1fab70
cache-tag
321194619511491062242132839077726262353,458819120031143973608810691998763911622,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
Miss from cloudfront, MISS, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time
645
req-referer
https://mikehistory.com/
content-length
25552
x-request-id
d1f2fc547e4ba02fe8c457a948be91aa
x-backend-name
US_nlb103
x-served-by
cache-iad-kiad7000041-IAD, cache-iad-kjyo7100154-IAD, cache-lga21978-LGA, cache-iad-kjyo7100021-IAD, cache-cph2320056-CPH
last-modified
Thu, 02 Nov 2023 12:52:38 GMT
server
nginx
surrogate-reporting
width=760,height=423,bytes=39667,owidth=1999,oheight=1249,obytes=185477
x-timer
S1701272582.683970,VS0,VE1
etag
"a361bef900df8f8eb1cf80f62ae54ee8"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 0, 4, 1
e4bc001fd77f2f7760aec8406fe45e1a.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_423%2Cw_760%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		32 KB
33 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_423%2Cw_760%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/e4bc001fd77f2f7760aec8406fe45e1a.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
2e118e3a87948635da9f85c9a6e057cb81eeec4b513644ba907646ad3cf15fd0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gempak.com//404
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-vcl-time-ms
87
date
Wed, 29 Nov 2023 15:43:01 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_423%2Cw_760%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/e4bc001fd77f2f7760aec8406fe45e1a.jpg
age
20401
edge-cache-tag
382762201788583176124837611869097530604,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
cache-tag
382762201788583176124837611869097530604,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
Miss from cloudfront, MISS, MISS, HIT, HIT, MISS
x-envoy-upstream-service-time
157
req-referer
https://diariodonordeste.verdesmares.com.br/
content-length
32770
x-request-id
fc0329c721b36efac10e2c98ade2d617
x-backend-name
US_nlb104
x-served-by
cache-iad-kcgs7200077-IAD, cache-iad-kiad7000034-IAD, cache-lga21941-LGA, cache-iad-kcgs7200083-IAD, cache-cph2320056-CPH
last-modified
Wed, 29 Nov 2023 10:03:02 GMT
server
nginx
surrogate-reporting
width=1000,height=555,bytes=60120,owidth=1000,oheight=600,obytes=357985
x-timer
S1701272582.684743,VS0,VE87
etag
"ec94f9bf1d5ed488de51ea1cb35fd12d"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 2, 3, 0
hton8mgrx5elegnvuwal.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_750%2Cw_1500%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//c3.taboola.com/libtrc/static/thumbnails/so_auto/f_jpg/v1699522823/ 		81 KB
81 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_750%2Cw_1500%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//c3.taboola.com/libtrc/static/thumbnails/so_auto/f_jpg/v1699522823/hton8mgrx5elegnvuwal.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
00d9ce21f5c96c009aec03d7831142041321dde76668072a5207c753fd83b413

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gempak.com//404
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Wed, 29 Nov 2023 15:43:01 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_750%2Cw_1500%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//c3.taboola.com/libtrc/static/thumbnails/so_auto/f_jpg/v1699522823/hton8mgrx5elegnvuwal.jpg
age
1633114
edge-cache-tag
359241379207639601269701542440521179257,618870499114759607638041997254694977048,29ecf9b93bbf306179626feeda1fab70
cache-tag
359241379207639601269701542440521179257,618870499114759607638041997254694977048,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
Miss from cloudfront, MISS, HIT, HIT, HIT, HIT
x-envoy-upstream-service-time
1134
req-referer
https://happy-woman.com/
content-length
82492
x-request-id
79a884d06e6982b1abbf251479473d79
x-backend-name
US_nlb104
x-served-by
cache-iad-kcgs7200046-IAD, cache-iad-kjyo7100132-IAD, cache-ewr18131-EWR, cache-iad-kjyo7100040-IAD, cache-cph2320056-CPH
last-modified
Thu, 09 Nov 2023 09:47:59 GMT
server
nginx
surrogate-reporting
width=800,height=400,bytes=44387,owidth=800,oheight=450,obytes=41732
x-timer
S1701272582.710784,VS0,VE1
etag
"26b10e585157f560e4163c8131236e6f"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 4, 1, 1, 1
chepuankhaleeda.jpg%3Fext%3D.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_834%2Cw_1500%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//d3avoj45mekucs.cloudfront.net/astrogempak/media/aplikasi/ 		69 KB
70 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_834%2Cw_1500%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//d3avoj45mekucs.cloudfront.net/astrogempak/media/aplikasi/chepuankhaleeda.jpg%3Fext%3D.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
02c8d114c6d992ccda5a38ed8b69d20971c53937c37c9b3963315a74404b2548

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gempak.com//404
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-vcl-time-ms
89
date
Wed, 29 Nov 2023 15:43:01 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_834%2Cw_1500%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//d3avoj45mekucs.cloudfront.net/astrogempak/media/aplikasi/chepuankhaleeda.jpg%3Fext%3D.jpg
age
4870588
edge-cache-tag
522047026804042586756003130732754148281,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
cache-tag
522047026804042586756003130732754148281,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
HIT, HIT, HIT, HIT, MISS
x-envoy-upstream-service-time
488
req-referer
https://gempak.com/rojakdaily/news/finally-new-visit-malaysia-year-2020-logo-set-be-unveiled-soon-61923
content-length
71136
x-request-id
224cc12711107bca8e51b3652091899f
x-backend-name
CH_nlb803
x-served-by
cache-iad-kcgs7200042-IAD, cache-iad-kcgs7200042-IAD, cache-lga21968-LGA, cache-iad-kiad7000052-IAD, cache-cph2320056-CPH
last-modified
Thu, 21 Sep 2023 07:41:36 GMT
server
nginx
surrogate-reporting
width=900,height=500,bytes=57533,owidth=900,oheight=560,obytes=236798
x-timer
S1701272582.710958,VS0,VE89
etag
"9e0e634213a6f3a738ce073862fe1b66"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 18, 1, 2, 0
0e70ecb507b9928349ddc65f96ef10ea.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_834%2Cw_1500%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		89 KB
89 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_834%2Cw_1500%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/0e70ecb507b9928349ddc65f96ef10ea.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
2bb48debccdcb1093ccdd2f204378e28fd313f0fbc7b01ef4737832e519d5ada

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gempak.com//404
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-vcl-time-ms
2
date
Wed, 29 Nov 2023 15:43:01 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_834%2Cw_1500%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/0e70ecb507b9928349ddc65f96ef10ea.jpg
age
4423456
edge-cache-tag
547335859392245889569607457302178115007,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
cache-tag
547335859392245889569607457302178115007,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
Miss from cloudfront, MISS, HIT, HIT, HIT, HIT
x-envoy-upstream-service-time
431
req-referer
https://wortguru.com/
content-length
90742
x-request-id
bc032f9074aade6bf04de82323f61316
x-backend-name
LA_nlb202
x-served-by
cache-iad-kcgs7200141-IAD, cache-iad-kiad7000080-IAD, cache-lax10634-LGB, cache-iad-kiad7000105-IAD, cache-cph2320056-CPH
last-modified
Mon, 09 Oct 2023 10:58:46 GMT
server
nginx
surrogate-reporting
width=1067,height=592,bytes=85703,owidth=1067,oheight=600,obytes=723714
x-timer
S1701272582.767936,VS0,VE2
etag
"15ccdde6ac3b03c8046004c76a12dbf2"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 1, 31, 1
ekin-punya-42_1.png%3Fext%3D.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_834%2Cw_1500%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//d3avoj45mekucs.cloudfront.net/astrogempak/media/2019-flavettesglowingstar/ 		77 KB
78 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_834%2Cw_1500%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//d3avoj45mekucs.cloudfront.net/astrogempak/media/2019-flavettesglowingstar/ekin-punya-42_1.png%3Fext%3D.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
92c1fa9fa30c280eab7a6ca814e5160e303beb82d978289450630be654b42ab2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gempak.com//404
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-vcl-time-ms
91
date
Wed, 29 Nov 2023 15:43:01 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_834%2Cw_1500%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//d3avoj45mekucs.cloudfront.net/astrogempak/media/2019-flavettesglowingstar/ekin-punya-42_1.png%3Fext%3D.png
age
1934538
edge-cache-tag
397705751962934655371999192600156754988,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
cache-tag
397705751962934655371999192600156754988,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
x-cache
Miss from cloudfront, MISS, MISS, HIT, HIT, MISS
x-envoy-upstream-service-time
503
expiration
expiry-date="Sat, 25 Nov 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://gempak.com/rojakdaily/entertainment
content-length
78842
x-backend-name
LA_nlb204
x-served-by
cache-iad-kcgs7200079-IAD, cache-iad-kiad7000020-IAD, cache-lax-kwhp1940023-LAX, cache-iad-kjyo7100049-IAD, cache-cph2320056-CPH
last-modified
Wed, 25 Oct 2023 23:17:51 GMT
server
nginx
surrogate-reporting
width=1640,height=911,bytes=139559,owidth=1640,oheight=924,obytes=1773196
x-timer
S1701272582.776676,VS0,VE91
etag
"84bedf8bebb502de2463c9f2d0460ed8"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 1, 45, 0
ekin-punya-397.png%3Fext%3D.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_834%2Cw_1500%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//d3avoj45mekucs.cloudfront.net/astrogempak/media/articleasset/ 		66 KB
67 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_834%2Cw_1500%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//d3avoj45mekucs.cloudfront.net/astrogempak/media/articleasset/ekin-punya-397.png%3Fext%3D.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
1091c50cdf7bc4d7384fa194111c9da6673a5ade42976063c3b7a43a0db3c5ad

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gempak.com//404
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-vcl-time-ms
86
date
Wed, 29 Nov 2023 15:43:01 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_834%2Cw_1500%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//d3avoj45mekucs.cloudfront.net/astrogempak/media/articleasset/ekin-punya-397.png%3Fext%3D.png
age
2447558
edge-cache-tag
578838873718608023973366725004429312348,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
cache-tag
578838873718608023973366725004429312348,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
MISS, HIT, MISS, HIT, MISS
x-envoy-upstream-service-time
506
req-referer
https://gempak.com/rojakdaily/news/finally-new-visit-malaysia-year-2020-logo-set-be-unveiled-soon-61923
content-length
67814
x-request-id
1ee451d9ce83780a4c8ba6a607692228
x-backend-name
CH_nlb802
x-served-by
cache-iad-kcgs7200144-IAD, cache-iad-kcgs7200077-IAD, cache-lga21983-LGA, cache-iad-kiad7000164-IAD, cache-cph2320056-CPH
last-modified
Fri, 22 Sep 2023 00:11:27 GMT
server
nginx
surrogate-reporting
width=1640,height=911,bytes=125196,owidth=1640,oheight=924,obytes=1579691
x-timer
S1701272582.776875,VS0,VE86
etag
"c5a8321ba35862f32d045c6abfeaf778"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 18, 0, 6, 0
Zj4GuFghQl4.js
static.xx.fbcdn.net/rsrc.php/v3/yS/r/ Frame 0B36 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yS/r/Zj4GuFghQl4.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yW/r/cH_K1_w2EdK.js?_nc_x=Ij3Wp8lg5Kz
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
d8c52fe5bb662564ab7edf0abe01a2202dcc36eaa71ce6a465cd64210c4eb2c0
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 29 Nov 2023 15:43:01 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
dBSAisRg2e2k/EbKxbTt7g==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
3450
reporting-endpoints
x-fb-debug
oeTGVTDSJjiIj4iJiKGl97Fy6im3FwXNbWKI12EeE0VhtRTEGicj3O6a5E1UgfMUy7dvkXmwuYE77AuB+HtL2w==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
origin-agent-cluster
?0
cache-control
public,max-age=31536000,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
expires
Thu, 14 Nov 2024 16:56:21 GMT
3WIMXoQVmUP.js
static.xx.fbcdn.net/rsrc.php/v3/y3/r/ Frame 0B36 		339 KB
73 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/y3/r/3WIMXoQVmUP.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yW/r/cH_K1_w2EdK.js?_nc_x=Ij3Wp8lg5Kz
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
c5e1f0f3d1ac6d91fdc55942afc927a17154dc593732943c3bd158c89cb6b501
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 29 Nov 2023 15:43:01 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
KZ5O2gzU9nTrm07INnFUpQ==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
74669
reporting-endpoints
x-fb-debug
wd59TNuS9jGnhZZ+o5tQHnzrvLmYfCiLWb40uRSKdkd4+dviOBsWx8+jrTAyi7+95zCXZCKdPl76kjgSIHCGqA==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
origin-agent-cluster
?0
cache-control
public,max-age=31536000,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
expires
Wed, 27 Nov 2024 12:16:18 GMT
-i8UN0SvtdH.js
static.xx.fbcdn.net/rsrc.php/v3/yw/r/ Frame 0B36 		336 B
391 B 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yw/r/-i8UN0SvtdH.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yW/r/cH_K1_w2EdK.js?_nc_x=Ij3Wp8lg5Kz
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
70372ad11f283f5513872e74332be66f24911ba675a939297ef3dce427337892
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 29 Nov 2023 15:43:01 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
yWXo8LEU6qjlU6WBuWezJQ==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
222
reporting-endpoints
x-fb-debug
f1lQv/yVa4y94SuNiLuvibxpjCmWGossO1tNx9DzY3ZIjY2D9SAGqXflmqH2wY4uWxPKKzISd+yh527gSTyj6Q==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
origin-agent-cluster
?0
cache-control
public,max-age=31536000,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
expires
Wed, 27 Nov 2024 10:34:28 GMT
EGazYBdPN-h.js
static.xx.fbcdn.net/rsrc.php/v3iFpC4/yL/l/de_DE/ Frame 0B36 		68 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3iFpC4/yL/l/de_DE/EGazYBdPN-h.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yW/r/cH_K1_w2EdK.js?_nc_x=Ij3Wp8lg5Kz
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
81db4f627f83bad24d74c6a441f5dc4c0da76e2b60326ee815afc82f141941d7
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 29 Nov 2023 15:43:01 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
Vp1xNzvsCFlbfswFhKLw/Q==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
17975
reporting-endpoints
x-fb-debug
llIs08Z/klV0ifArXrJAD8OJ3mq8me6Nmffhn8Ymwv1IrBeBcm6oGOtBNAFu4dLIaIyOVA1xJEhUurInL5cXVg==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
expires
Wed, 27 Nov 2024 22:01:09 GMT
GIcP89owNg_.js
static.xx.fbcdn.net/rsrc.php/v3/yb/r/ Frame 0B36 		320 B
381 B 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yb/r/GIcP89owNg_.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yW/r/cH_K1_w2EdK.js?_nc_x=Ij3Wp8lg5Kz
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
6a1eeca00bf47ec4544788be716cca0f7242d6bc32a3bc8b7d31297f7e0b3aa0
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 29 Nov 2023 15:43:01 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
L/r35nXwpk3bCfqneHj3cg==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
214
reporting-endpoints
x-fb-debug
v4An8Ju8jb5LNkAKnZtiBb413HSupeN/pVOqCJ1v9kglfn81Z281nTyayC+TTAuf3FyL8TR5HLPgDUKj0nV8kw==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
origin-agent-cluster
?0
cache-control
public,max-age=31536000,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
expires
Wed, 27 Nov 2024 10:34:28 GMT
XfuLyikhh2A.js
static.xx.fbcdn.net/rsrc.php/v3/yW/r/ Frame 0B36 		195 B
388 B 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yW/r/XfuLyikhh2A.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yW/r/cH_K1_w2EdK.js?_nc_x=Ij3Wp8lg5Kz
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
f7824cad57067e51ed2fb407ffdd301f9597d63dbc53a9c69599efceae5d94bb
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 29 Nov 2023 15:43:01 GMT
x-content-type-options
nosniff
content-md5
JM2vGTpqCLXxTFV7nDIVdQ==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
195
reporting-endpoints
x-fb-debug
+quJ1gOcSgEsmfvpu9/j7yZU4JMbOWll01RNZptfMahLRz9dZy9GoBxPPlbkoKAiKqqekmT/fXMrcQTMGj0RUA==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
origin-agent-cluster
?0
cache-control
public,max-age=31536000,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
expires
Wed, 27 Nov 2024 10:34:28 GMT
6kScfH1wDk9.js
static.xx.fbcdn.net/rsrc.php/v3/ym/r/ Frame 0B36 		130 B
298 B 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/ym/r/6kScfH1wDk9.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yW/r/cH_K1_w2EdK.js?_nc_x=Ij3Wp8lg5Kz
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
5142d3709329431605d4ba3ba55e3bcdd890d1070a8a6c3325d9e7e0ee7b53a7
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 29 Nov 2023 15:43:01 GMT
x-content-type-options
nosniff
content-md5
qT8mhSpEYrFAfOihgJiiKw==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
130
reporting-endpoints
x-fb-debug
sJ8ePbTEgT92YJyI5x/0RJJvdWSVPz6fh7kybkXO7K+8vm9ZRBoE3yx04nxcg7gpbr7m3wgXZHQwPf3oMUcexg==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
origin-agent-cluster
?0
cache-control
public,max-age=31536000,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
expires
Wed, 27 Nov 2024 10:34:28 GMT
RH62x1SNQaV.js
static.xx.fbcdn.net/rsrc.php/v3ilmf4/yW/l/de_DE/ Frame 0B36 		67 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3ilmf4/yW/l/de_DE/RH62x1SNQaV.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yW/r/cH_K1_w2EdK.js?_nc_x=Ij3Wp8lg5Kz
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
fee5fcb6d2c9e72264f4b646c2dfc921500a855a87d49ca8ca8c5f247acad344
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 29 Nov 2023 15:43:01 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
qAGvW+L9uBBJEAnH1cQdCg==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
17634
reporting-endpoints
x-fb-debug
oqoGyxgC96105Cx8rrhKEMr8LMTld0NmkCXivbSyT/MpemK8TU332/4wHG6+jOiTuzBn6wnw7K+Ee5NC1Ha25w==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
x-fb-optimizer
0
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
expires
Thu, 28 Nov 2024 04:41:15 GMT
yV6Fdzw9wLt.js
static.xx.fbcdn.net/rsrc.php/v3/yY/r/ Frame 0B36 		401 B
395 B 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yY/r/yV6Fdzw9wLt.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yW/r/cH_K1_w2EdK.js?_nc_x=Ij3Wp8lg5Kz
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
1d5774e0e8617f4f8a712fd2a099ad8998c11f27214559462b6b710a0a973846
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 29 Nov 2023 15:43:01 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
k7JblPZbLDHTgv1YoVnrwg==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
227
reporting-endpoints
x-fb-debug
6T8EYnhct26ov+nDqUuR5XMUnW4urny6x4gL/Py6deJnLUESj8wdz7FrvJeUV7RhmWy5EcRiCzlsU/8IpoChCQ==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
origin-agent-cluster
?0
cache-control
public,max-age=31536000,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
expires
Wed, 27 Nov 2024 10:34:28 GMT
ima3.js
imasdk.googleapis.com/js/sdkloader/ Frame 668F 		365 KB
126 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/sdkloader/ima3.js
Requested by
Host: geo.dailymotion.com
URL: https://geo.dailymotion.com/player/xd17s.html?video=x8q120x
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4a32283aaba0418ac1b0953af32fbe71948d43e7cdc08abeca552a9373809087
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://geo.dailymotion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 29 Nov 2023 15:43:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
128094
x-xss-protection
0
expires
Wed, 29 Nov 2023 15:43:01 GMT
dmp.advertising.addcd9af4b8891dfe5e2.js
static1.dmcdn.net/playerv5/ Frame 668F 		182 KB
50 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static1.dmcdn.net/playerv5/dmp.advertising.addcd9af4b8891dfe5e2.js
Requested by
Host: geo.dailymotion.com
URL: https://geo.dailymotion.com/player/xd17s.html?video=x8q120x
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
178.79.242.181 Frankfurt am Main, Germany, ASN22822 (LLNW, US),
Reverse DNS
https-178-79-242-181.fra.llnw.net
Software
DMS/1.0.42 /
Resource Hash
848484b594bee01f05dbe9fae928384d0c946dbd42379ca0bf5a3ff79af0cec4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://geo.dailymotion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 29 Nov 2023 15:43:01 GMT
content-encoding
gzip
age
175816
server-timing
total;dur=1, dc;desc="dc3"
content-length
50867
last-modified
Mon, 27 Nov 2023 13:39:46 GMT
server
DMS/1.0.42
etag
"65649c22-2d807"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=2592000
accept-ranges
bytes
timing-allow-origin
*
x-llid
8efd9927f713f64b54717955bde553d9
expires
Wed, 27 Dec 2023 14:52:45 GMT
ieeHDjcGsIR.js
static.xx.fbcdn.net/rsrc.php/v3/yH/r/ Frame 0B36 		213 B
353 B 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yH/r/ieeHDjcGsIR.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yW/r/cH_K1_w2EdK.js?_nc_x=Ij3Wp8lg5Kz
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
6480d194b98b9fc3e4589a44b7e54b81ad926722e5b6fb7cc236161e2c2e03ac
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 29 Nov 2023 15:43:01 GMT
x-content-type-options
nosniff
content-md5
oSUZEsOZh+qyGbXjvLFs7Q==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
213
reporting-endpoints
x-fb-debug
A9J2woR7lsJxAMmq3GPVE3/KBGrQpFIMKdnyX+MPXWVl7Hk6rP+oZTH76eBxHJLVzlvxeP5RyCj4TYsmKb4eQg==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
priority
u=1
expires
Fri, 15 Nov 2024 02:48:35 GMT
i.match
s.tribalfusion.com/z/ Frame 5AF5
Redirect Chain
  • https://a.tribalfusion.com/i.match?p=b6&u=CAESEIhNixn0RCxyTMxdZUPIAfw&google_cver=1&google_push=AXcoOmSOKbTs9sr-FbHLE4JFNmkNgHhgkNgaLD-IWsMaZtiOsWHjLZwvTHWU_qciIIpE8SwR-065d1K4uxOZuysC4APOlxBzXq1ju...
  • https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEIhNixn0RCxyTMxdZUPIAfw&google_cver=1&google_push=AXcoOmSOKbTs9sr-FbHLE4JFNmkNgHhgkNgaLD-IWsMaZtiOsWHjLZwvTHWU_qciIIpE8SwR-065d1K4uxOZuysC4APOlxBzXq1...
43 B
447 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEIhNixn0RCxyTMxdZUPIAfw&google_cver=1&google_push=AXcoOmSOKbTs9sr-FbHLE4JFNmkNgHhgkNgaLD-IWsMaZtiOsWHjLZwvTHWU_qciIIpE8SwR-065d1K4uxOZuysC4APOlxBzXq1juQ&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmSOKbTs9sr-FbHLE4JFNmkNgHhgkNgaLD-IWsMaZtiOsWHjLZwvTHWU_qciIIpE8SwR-065d1K4uxOZuysC4APOlxBzXq1juQ%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Requested by
Host: ed82c412a1d0517c38d808cdf80f705f.safeframe.googlesyndication.com
URL: https://ed82c412a1d0517c38d808cdf80f705f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Server
2606:4700::6812:18ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 29 Nov 2023 15:43:02 GMT
cf-cache-status
DYNAMIC
x-function
302
server
cloudflare
content-type
image/gif; charset=utf-8
p3p
CP="NOI DEVo TAIa OUR BUS"
cache-control
no-cache, private
cf-ray
82dbf6c50d94373d-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 29 Nov 2023 15:43:01 GMT
cf-cache-status
DYNAMIC
x-function
206
server
cloudflare
x-reuse-index
261
content-type
text/html
location
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEIhNixn0RCxyTMxdZUPIAfw&google_cver=1&google_push=AXcoOmSOKbTs9sr-FbHLE4JFNmkNgHhgkNgaLD-IWsMaZtiOsWHjLZwvTHWU_qciIIpE8SwR-065d1K4uxOZuysC4APOlxBzXq1juQ&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmSOKbTs9sr-FbHLE4JFNmkNgHhgkNgaLD-IWsMaZtiOsWHjLZwvTHWU_qciIIpE8SwR-065d1K4uxOZuysC4APOlxBzXq1juQ%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
p3p
CP="NOI DEVo TAIa OUR BUS"
cache-control
no-cache, private
cf-ray
82dbf6c3dbe3373d-FRA
alt-svc
h3=":443"; ma=86400
expires
Thu, 01 Jan 1970 00:00:00 GMT
google
match.adsrvr.org/track/cmf/ Frame 5AF5 		70 B
148 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/google?google_gid=CAESEBTj9acmqRmHySUtrK41iF4&google_cver=1&google_push=AXcoOmStUTMfmGjkeIis1R68by62Tr9BK-IONrCon-LjPkFXz_SFu9MrF4HOSqFWvpTJwPCbO2-2Hau66CKslrqjK_A8wv8jYaet
Requested by
Host: ed82c412a1d0517c38d808cdf80f705f.safeframe.googlesyndication.com
URL: https://ed82c412a1d0517c38d808cdf80f705f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 29 Nov 2023 15:43:01 GMT
server
Kestrel
content-length
70
content-type
image/gif
AdxPixel
tr.blismedia.com/v1/api/sync/ Frame 5AF5 		0
173 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tr.blismedia.com/v1/api/sync/AdxPixel?google_gid=CAESEIdIWqtlOhFhi3BwzqGzAPE&google_cver=1&google_push=AXcoOmSygfw0RBV68bzhvBkiCCNwtcZOoA_HWRyKeHv1287v2J77Vd-zAclhoLEXSyt_Vfq6vj_4VbXcBPWDOqegzsNl5SMd4-kquw
Requested by
Host: ed82c412a1d0517c38d808cdf80f705f.safeframe.googlesyndication.com
URL: https://ed82c412a1d0517c38d808cdf80f705f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.96.105.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
8.105.96.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 29 Nov 2023 15:43:01 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
pixel
cm.g.doubleclick.net/ Frame 5AF5
Redirect Chain
  • https://d5p.de17a.com/cookies/google?google_gid=CAESEB1yI3lB8z0_g8ZUffyzhdA&google_cver=1&google_push=AXcoOmQwNQpPUei63rnKxxR3zPUhoJy-3C8wJyyZfJSA_2WHfUpmRy1i9ukC1RGK8opFYfkk9nvCjwFQLGeD6f3HMf_Vww6...
  • https://d5p.de17a.com/cookies/google;c?google_gid=CAESEB1yI3lB8z0_g8ZUffyzhdA&google_cver=1&google_push=AXcoOmQwNQpPUei63rnKxxR3zPUhoJy-3C8wJyyZfJSA_2WHfUpmRy1i9ukC1RGK8opFYfkk9nvCjwFQLGeD6f3HMf_Vw...
  • https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AXcoOmQwNQpPUei63rnKxxR3zPUhoJy-3C8wJyyZfJSA_2WHfUpmRy1i9ukC1RGK8opFYfkk9nvCjwFQLGeD6f3HMf_Vww6XTArJ2A
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AXcoOmQwNQpPUei63rnKxxR3zPUhoJy-3C8wJyyZfJSA_2WHfUpmRy1i9ukC1RGK8opFYfkk9nvCjwFQLGeD6f3HMf_Vww6XTArJ2A
Requested by
Host: ed82c412a1d0517c38d808cdf80f705f.safeframe.googlesyndication.com
URL: https://ed82c412a1d0517c38d808cdf80f705f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
172.217.16.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f194.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 29 Nov 2023 15:43:01 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AXcoOmQwNQpPUei63rnKxxR3zPUhoJy-3C8wJyyZfJSA_2WHfUpmRy1i9ukC1RGK8opFYfkk9nvCjwFQLGeD6f3HMf_Vww6XTArJ2A
content-length
0
p3p
CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV
UCookieSetPug
image6.pubmatic.com/AdServer/ Frame 5AF5 		0
166 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEKPm-kokVCGTgv2-GBRBYhk&google_cver=1&google_push=AXcoOmR7DIjpZnNM-3gCvMadwiWCm7YQuz0DrYWAGTF_mutdmPZXv98Gbw4tY9JJ3wqZL0t9GHhEVnI7ThPC-BWSfrTMK9PfI-oehA
Requested by
Host: ed82c412a1d0517c38d808cdf80f705f.safeframe.googlesyndication.com
URL: https://ed82c412a1d0517c38d808cdf80f705f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date
Wed, 29 Nov 2023 15:43:00 GMT
content-length
0
content-type
text/html; charset=UTF-8
ebda
match.360yield.com/match/ Frame 5AF5 		43 B
199 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.360yield.com/match/ebda?google_gid=CAESEDeJnmZS4uTGt6hJSGO-6LQ&google_cver=1&google_push=AXcoOmSVOdCMkS8-MAfiiGAkR8P0tGRW0FzZr4kvOiiHU4TUm1CWS5LWVCJlecW1jfhRb2MhVZRlvHXkwpYRWnkFyTAgdCMo1R-AwA
Requested by
Host: ed82c412a1d0517c38d808cdf80f705f.safeframe.googlesyndication.com
URL: https://ed82c412a1d0517c38d808cdf80f705f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.19.11.170 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-19-11-170.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

access-control-allow-origin
*
date
Wed, 29 Nov 2023 15:43:01 GMT
content-type
image/gif
content-length
43
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
pixel
cm.g.doubleclick.net/ Frame 5AF5
Redirect Chain
  • https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESEB...
  • https://sync.1rx.io/usersync2/rmpssp?sub=google&zcc=1&google_push=AXcoOmRcIfMrZEfHhRQR05TDD9RRNiq_ME5uJMMb6NIz39dNuWBsy-QkIE_fyF_JMtcpiotS0PXyQxrDrB9cZeu_6O53pjoWY48o8Q&redir=https%3A%2F%2Fcm.g.dou...
  • https://sync.targeting.unrulymedia.com/csync/RX-ba0268cc-3c37-4ea0-99bf-0c55379bd839-003?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DAXcoOmRcIfMrZEfHhRQR05TDD...
  • https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AXcoOmRcIfMrZEfHhRQR05TDD9RRNiq_ME5uJMMb6NIz39dNuWBsy-QkIE_fyF_JMtcpiotS0PXyQxrDrB9cZeu_6O53pjoWY48o8Q&google_hm=A7oCaMw8N06gmb8MVTeb2Dk
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AXcoOmRcIfMrZEfHhRQR05TDD9RRNiq_ME5uJMMb6NIz39dNuWBsy-QkIE_fyF_JMtcpiotS0PXyQxrDrB9cZeu_6O53pjoWY48o8Q&google_hm=A7oCaMw8N06gmb8MVTeb2Dk
Requested by
Host: ed82c412a1d0517c38d808cdf80f705f.safeframe.googlesyndication.com
URL: https://ed82c412a1d0517c38d808cdf80f705f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
172.217.16.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f194.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 29 Nov 2023 15:43:01 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AXcoOmRcIfMrZEfHhRQR05TDD9RRNiq_ME5uJMMb6NIz39dNuWBsy-QkIE_fyF_JMtcpiotS0PXyQxrDrB9cZeu_6O53pjoWY48o8Q&google_hm=A7oCaMw8N06gmb8MVTeb2Dk
date
Wed, 29 Nov 2023 15:43:01 GMT
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag
RXba0268cc3c374ea099bf0c55379bd839003
content-type
text/html
attr
cm.g.doubleclick.net/pixel/ Frame 5AF5 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JGZ1rzL2-_2A5Zyn5W0Bp-GPF3agzmkYlcgIALQLvxkkmva2wTzEACSFsti1keF3PMrcdE
Requested by
Host: ed82c412a1d0517c38d808cdf80f705f.safeframe.googlesyndication.com
URL: https://ed82c412a1d0517c38d808cdf80f705f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f194.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 29 Nov 2023 15:43:01 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
dmp.locale-en-US.7ea9e0789b5df615c7aa.json
static1.dmcdn.net/playerv5/ Frame 668F 		2 KB
933 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://static1.dmcdn.net/playerv5/dmp.locale-en-US.7ea9e0789b5df615c7aa.json
Requested by
Host: geo.dailymotion.com
URL: https://geo.dailymotion.com/player/xd17s.html?video=x8q120x
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
178.79.242.181 Frankfurt am Main, Germany, ASN22822 (LLNW, US),
Reverse DNS
https-178-79-242-181.fra.llnw.net
Software
DMS/1.0.42 /
Resource Hash
fe5a5f3469030993701e2cb0c63a1a66b1a3d59f87d35a5fc0fb0503fb534cd4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://geo.dailymotion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 29 Nov 2023 15:43:01 GMT
content-encoding
gzip
age
1735356
server-timing
total;dur=2, dc;desc="dc3"
content-length
604
last-modified
Thu, 09 Nov 2023 13:08:56 GMT
server
DMS/1.0.42
etag
"654cd9e8-7fa"
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=2592000
accept-ranges
bytes
timing-allow-origin
*
x-llid
f22d11e4bb20df979eb4436bd4ac27ed
expires
Sat, 09 Dec 2023 13:40:25 GMT
/
pebed.dm-event.net/ Frame 668F 		15 B
363 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pebed.dm-event.net/
Requested by
Host: geo.dailymotion.com
URL: https://geo.dailymotion.com/player/xd17s.html?video=x8q120x
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
188.65.124.59 Paris, France, ASN41690 (DAILYMOTION For peering related business, please mail peering@dailymotion.com, FR),
Reverse DNS
ebed2.dm.gg
Software
edward-ed/2.2.1 /
Resource Hash
a29ee2b15c494311c52521766e44af56a3ad2248e7a8ab465e5206463c13d288

Request headers

Referer
https://geo.dailymotion.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type
text/plain; charset=UTF-8

Response headers

Date
Wed, 29 Nov 2023 15:43:01 GMT
Server
edward-ed/2.2.1
Access-Control-Max-Age
604800
Access-Control-Allow-Methods
POST
Content-Type
application/json
Access-Control-Allow-Origin
*
Access-Control-Allow-Headers
Content-Encoding, X-Dm-EventBus-Compression-Duration, X-Dm-EventBus-Worker-Duration
Content-Length
15
/
pebed.dm-event.net/ Frame 668F 		15 B
363 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pebed.dm-event.net/
Requested by
Host: geo.dailymotion.com
URL: https://geo.dailymotion.com/player/xd17s.html?video=x8q120x
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
188.65.124.59 Paris, France, ASN41690 (DAILYMOTION For peering related business, please mail peering@dailymotion.com, FR),
Reverse DNS
ebed2.dm.gg
Software
edward-ed/2.2.1 /
Resource Hash
a29ee2b15c494311c52521766e44af56a3ad2248e7a8ab465e5206463c13d288

Request headers

Referer
https://geo.dailymotion.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
content-type
text/plain; charset=UTF-8

Response headers

Date
Wed, 29 Nov 2023 15:43:01 GMT
Server
edward-ed/2.2.1
Access-Control-Max-Age
604800
Access-Control-Allow-Methods
POST
Content-Type
application/json
Access-Control-Allow-Origin
*
Access-Control-Allow-Headers
Content-Encoding, X-Dm-EventBus-Compression-Duration, X-Dm-EventBus-Worker-Duration
Content-Length
15
/
pebed.dm-event.net/ Frame 668F 		15 B
363 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pebed.dm-event.net/
Requested by
Host: geo.dailymotion.com
URL: https://geo.dailymotion.com/player/xd17s.html?video=x8q120x
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
188.65.124.59 Paris, France, ASN41690 (DAILYMOTION For peering related business, please mail peering@dailymotion.com, FR),
Reverse DNS
ebed2.dm.gg
Software
edward-ed/2.2.1 /
Resource Hash
a29ee2b15c494311c52521766e44af56a3ad2248e7a8ab465e5206463c13d288

Request headers

Referer
https://geo.dailymotion.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
content-type
text/plain; charset=UTF-8

Response headers

Date
Wed, 29 Nov 2023 15:43:01 GMT
Server
edward-ed/2.2.1
Access-Control-Max-Age
604800
Access-Control-Allow-Methods
POST
Content-Type
application/json
Access-Control-Allow-Origin
*
Access-Control-Allow-Headers
Content-Encoding, X-Dm-EventBus-Compression-Duration, X-Dm-EventBus-Worker-Duration
Content-Length
15
x8q120x
www.dailymotion.com/player/metadata/video/ Frame 668F 		8 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.dailymotion.com/player/metadata/video/x8q120x?embedder=https%3A%2F%2Fgempak.com%2F%2F404&geo=1&player-id=xd17s&locale=en-US&dmV1st=43ce2e11-5da6-40e5-809c-dfba8af9d734&dmTs=133448&is_native_app=0
Requested by
Host: geo.dailymotion.com
URL: https://geo.dailymotion.com/player/xd17s.html?video=x8q120x
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
188.65.124.90 Paris, France, ASN41690 (DAILYMOTION For peering related business, please mail peering@dailymotion.com, FR),
Reverse DNS
fp.dc3.dailymotion.com
Software
DMS/1.0.42 /
Resource Hash
b45d3c1bd61c9acd22b9b7b63f8f373d73737543e022cc409ecafe4aa2ed0c98
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31708800; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://geo.dailymotion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Security-Policy
upgrade-insecure-requests
Content-Encoding
gzip
Date
Wed, 29 Nov 2023 15:43:01 GMT
Strict-Transport-Security
max-age=31708800; includeSubDomains; preload
Content-Security-Policy-Report-Only
default-src https: blob: wss: data: android-webview-video-poster: android-webview: chrome-extension: safari-extension: 'unsafe-eval' 'unsafe-inline'; report-uri https://www.dailymotion.com/content_security_policy_report_uri
Server-Timing
total;dur=157, dc;desc="dc3"
Content-Length
4635
Referrer-Policy
strict-origin-when-cross-origin
Server
DMS/1.0.42
Expect-Ct
max-age=0, report-uri="https://www.dailymotion.com/content_security_policy_report_uri"
Vary
X-DM-SSL,Accept-Encoding
Access-Control-Allow-Methods
GET
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://geo.dailymotion.com
Cache-Control
no-cache
Access-Control-Allow-Credentials
true
Timing-Allow-Origin
*
Access-Control-Allow-Headers
Authorization
pixel
googleads.g.doubleclick.net/xbbe/ Frame DE37 		640 B
262 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CLOokgEQm8iDzQIYmq_V5gEwAQ&v=APEucNUcwL68-SoI8CFrfSjVjp-bRbBatqT8sBLrzgwg1TrbDqottC4Hk4KUI-FBew3m7CBOnooVJjoaTyOWb2x-VYXCEoGudbcmzwehRmbgkXPCHfSCcWvxzZsUuefITxeib0o5n8RDJrskQNig6-9kcRnD8Fw38IyIDU7SQRZUvxI56XQZchQ
Requested by
Host: ed82c412a1d0517c38d808cdf80f705f.safeframe.googlesyndication.com
URL: https://ed82c412a1d0517c38d808cdf80f705f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ed82c412a1d0517c38d808cdf80f705f.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
242
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 29 Nov 2023 15:43:01 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
html_inpage_rendering_lib_200_278.js
s0.2mdn.net/879366/ Frame 830C 		172 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_278.js
Requested by
Host: voting.astro.com.my
URL: https://voting.astro.com.my/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a6d36aa3d742ccd6f1ca3c76dcf885af72f7bebe2fcc001ea011a7aea2f55678
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ed82c412a1d0517c38d808cdf80f705f.safeframe.googlesyndication.com/
Origin
https://ed82c412a1d0517c38d808cdf80f705f.safeframe.googlesyndication.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 16:17:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
84339
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
61485
x-xss-protection
0
last-modified
Tue, 14 Mar 2023 18:43:57 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 29 Nov 2023 16:17:22 GMT
omrhp_fy2021.js
pagead2.googlesyndication.com/pagead/js/r20231109/r20110914/elements/html/ Frame 830C 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20231109/r20110914/elements/html/omrhp_fy2021.js
Requested by
Host: voting.astro.com.my
URL: https://voting.astro.com.my/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c4b813f7aa04eca20be469b259cca2779799f58e280d73488bd7386940d2d146
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ed82c412a1d0517c38d808cdf80f705f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 29 Nov 2023 07:40:28 GMT
content-encoding
br
x-content-type-options
nosniff
age
28953
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3071
x-xss-protection
0
server
cafe
etag
10674441169935035545
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 13 Dec 2023 07:40:28 GMT
abg_lite_fy2021.js
pagead2.googlesyndication.com/pagead/js/r20231109/r20110914/ Frame 830C 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20231109/r20110914/abg_lite_fy2021.js
Requested by
Host: voting.astro.com.my
URL: https://voting.astro.com.my/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8f665ba5c27890ebed553836dee5572ad583c0a65374373741ec0a5309df2b5a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ed82c412a1d0517c38d808cdf80f705f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 29 Nov 2023 07:40:28 GMT
content-encoding
br
x-content-type-options
nosniff
age
28953
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9282
x-xss-protection
0
server
cafe
etag
14645652906762492339
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 13 Dec 2023 07:40:28 GMT
Q12zgMmT.js
tpc.googlesyndication.com/sodar/ Frame 830C 		41 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Requested by
Host: voting.astro.com.my
URL: https://voting.astro.com.my/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ed82c412a1d0517c38d808cdf80f705f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 18:05:08 GMT
content-encoding
br
x-content-type-options
nosniff
age
423473
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13937
x-xss-protection
0
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 23 Nov 2024 18:05:08 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame 830C 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/window_focus_fy2021.js
Requested by
Host: ed82c412a1d0517c38d808cdf80f705f.safeframe.googlesyndication.com
URL: https://ed82c412a1d0517c38d808cdf80f705f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ed82c412a1d0517c38d808cdf80f705f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 29 Nov 2023 12:41:19 GMT
content-encoding
br
x-content-type-options
nosniff
age
10902
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 13 Dec 2023 12:41:19 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame D402 		1 KB
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: ed82c412a1d0517c38d808cdf80f705f.safeframe.googlesyndication.com
URL: https://ed82c412a1d0517c38d808cdf80f705f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ed82c412a1d0517c38d808cdf80f705f.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
84291
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 28 Nov 2023 16:18:10 GMT
etag
48472445140208031
expires
Wed, 29 Nov 2023 16:18:10 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame 830C 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: ed82c412a1d0517c38d808cdf80f705f.safeframe.googlesyndication.com
URL: https://ed82c412a1d0517c38d808cdf80f705f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3c30eaaa059a466037880c18c01c2fe94183d8e67eaab42061d4d2a180114658
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ed82c412a1d0517c38d808cdf80f705f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 23:16:58 GMT
content-encoding
br
x-content-type-options
nosniff
age
59163
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8541
x-xss-protection
0
server
cafe
etag
737174102934380276
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 12 Dec 2023 23:16:58 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 830C 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-A91stPqgNhb0gbDgJPZjmzZZgbe4pc9a3yg73o01KBqGJNCv_iGwifHIkTeg8Os2i4Ss1x58IRqr6L5KotYERKuuYWNiKln7qkDoW7PTTkShabzkA
Requested by
Host: ed82c412a1d0517c38d808cdf80f705f.safeframe.googlesyndication.com
URL: https://ed82c412a1d0517c38d808cdf80f705f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ed82c412a1d0517c38d808cdf80f705f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 29 Nov 2023 15:43:01 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
l
www.google.com/ads/measurement/ Frame 830C 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaRuGF7NmEziQQ4dIRACOvdWnLn8rlnHxUVwT51bEY7yNjItPZ9FJFW6EgH3Dv3YWgU1FyHhgFhmOrlT8q9GvAYMA0-_xw
Requested by
Host: ed82c412a1d0517c38d808cdf80f705f.safeframe.googlesyndication.com
URL: https://ed82c412a1d0517c38d808cdf80f705f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ed82c412a1d0517c38d808cdf80f705f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame 830C 		202 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: ed82c412a1d0517c38d808cdf80f705f.safeframe.googlesyndication.com
URL: https://ed82c412a1d0517c38d808cdf80f705f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d00881661ce5e766ce98430f69d6d217ab80bdfa98811e039afc92a327d57a68
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ed82c412a1d0517c38d808cdf80f705f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 29 Nov 2023 15:43:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
65070
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1700193896630564"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 29 Nov 2023 15:43:01 GMT
230909-vodus-main.js
cdn.jsdelivr.net/gh/vodus-ai/api@latest/ 		403 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/gh/vodus-ai/api@latest/230909-vodus-main.js?buildId=202308021233
Requested by
Host: voting.astro.com.my
URL: https://voting.astro.com.my/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5814 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b3e0c9b5e5c61785b2006cc8a2908f0025924a214987b0ec0ff939ce5c3a8b16
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gempak.com//404
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 29 Nov 2023 15:43:01 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
31623
x-jsd-version
master
content-encoding
br
x-cache
HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230111-FRA
x-jsd-version-type
branch
server
cloudflare
etag
W/"64b3a-zHW2QGUvYa+d4FTxZURKLKbF3M4"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NabCPOkSYKwQaoRTsFmY5GDaV6Ccc3eznahin1n4kK2Vksnk5AgXXXDnRwLgFdfWxqW%2BIxQiDh6efVls7XUak%2FY88SZn4waIRXGjKFcp7w29iU9jNDdrK1PXXolrRlWYS8TS0D1HL%2Bd2I10izrc%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
timing-allow-origin
*
cf-ray
82dbf6c3cd369bfe-FRA
vendor-list-v204.json
vendorlist.dmcdn.net/v2/archives/ Frame 668F 		418 KB
55 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://vendorlist.dmcdn.net/v2/archives/vendor-list-v204.json
Requested by
Host: static1.dmcdn.net
URL: https://static1.dmcdn.net/playerv5/dmp.infopack.45cd87b822a902fefa88.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
178.79.242.16 Frankfurt am Main, Germany, ASN22822 (LLNW, US),
Reverse DNS
https-178-79-242-16.fra.llnw.net
Software
AmazonS3 /
Resource Hash
b0978fb0412437ad74f3482f09b3c0084254e06ca8a3956467c7a388746ab840

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://geo.dailymotion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-amz-version-id
GSRcJmcaUJWitICBWr9S2xwSG6ODE9pk
content-encoding
gzip
via
1.1 a6e02469f8cbbfee9635eadf6e97ee54.cloudfront.net (CloudFront)
date
Wed, 29 Nov 2023 15:43:01 GMT
x-amz-cf-pop
CDG52-P1
age
428592
x-amz-server-side-encryption
AES256
content-length
55946
last-modified
Thu, 29 Jun 2023 16:05:24 GMT
server
AmazonS3
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=604800
x-ip-address
178.79.244.77
x-amz-cf-id
wtCbAAqn2qEQJ5Sy7E6Bt25FJC-HM6K18sL8X83gAvzqnDFABboEdQ==
x-llid
6584f05a2c53cceb96810d8f184ad8e2
expires
Fri, 01 Dec 2023 16:39:49 GMT
2f87776b3580b772c988979fccc36347.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_750%2Cw_1500%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		112 KB
113 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_750%2Cw_1500%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/2f87776b3580b772c988979fccc36347.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
a3c52fab288aedeba5055eb8f9e5f677d50c1f1be2972703f11bf1fff434e848

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gempak.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Wed, 29 Nov 2023 15:43:01 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_750%2Cw_1500%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/2f87776b3580b772c988979fccc36347.png
age
3740640
edge-cache-tag
539264722275397693898618951167535693130,618870499114759607638041997254694977048,29ecf9b93bbf306179626feeda1fab70
cache-tag
539264722275397693898618951167535693130,618870499114759607638041997254694977048,29ecf9b93bbf306179626feeda1fab70
x-cache
Miss from cloudfront, MISS, HIT, HIT, HIT, HIT
x-envoy-upstream-service-time
614
expiration
expiry-date="Sat, 07 Oct 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://www.comisarul.ro/
content-length
114940
x-backend-name
LA_nlb204
x-served-by
cache-iad-kiad7000162-IAD, cache-iad-kiad7000162-IAD, cache-lax-kwhp1940104-LAX, cache-iad-kiad7000068-IAD, cache-cph2320056-CPH
last-modified
Wed, 06 Sep 2023 09:56:00 GMT
server
nginx
surrogate-reporting
width=1200,height=600,owidth=1200,oheight=800,obytes=1756948
x-timer
S1701272582.787534,VS0,VE0
etag
"acd0bc56b0057258db7e148a76fe5165"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 30, 1, 9, 2
5e3f639bfe54f9634c74692e5eaad563.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_423%2Cw_760%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		42 KB
43 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_423%2Cw_760%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/5e3f639bfe54f9634c74692e5eaad563.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
a5ffbfc9bcf3065f2eb7e6d7246d4c88d60df04f1797e0bc18bba16ecd25255b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gempak.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Wed, 29 Nov 2023 15:43:01 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_423%2Cw_760%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/5e3f639bfe54f9634c74692e5eaad563.png
age
1826382
edge-cache-tag
401276493238227410103747508992688257408,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
cache-tag
401276493238227410103747508992688257408,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
Miss from cloudfront, MISS, MISS, HIT, HIT, HIT
x-envoy-upstream-service-time
275
req-referer
https://www.calcalist.co.il/
content-length
42872
x-request-id
87cc18a977c29de2802c89154a62bbb1
x-backend-name
CH_nlb803
x-served-by
cache-iad-kcgs7200061-IAD, cache-iad-kiad7000132-IAD, cache-lga21944-LGA, cache-iad-kjyo7100035-IAD, cache-cph2320056-CPH
last-modified
Sun, 29 Oct 2023 08:04:29 GMT
server
nginx
surrogate-reporting
width=1067,height=592,bytes=80000,owidth=1067,oheight=600,obytes=953629
x-timer
S1701272582.825780,VS0,VE0
etag
"a5bca7dd6a78fac4529945f20154cdb6"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 2, 5, 2
yp1u5iywkdxfgcxlbtxr.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_750%2Cw_1500%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//c3.taboola.com/libtrc/static/thumbnails/so_auto/f_jpg/v1700645353/ 		76 KB
77 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_750%2Cw_1500%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//c3.taboola.com/libtrc/static/thumbnails/so_auto/f_jpg/v1700645353/yp1u5iywkdxfgcxlbtxr.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
8691e656de704c1d31b01fe36c4c9f397ea0b42c42fee43f8e6ef0fde3a86bc8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gempak.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Wed, 29 Nov 2023 15:43:01 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_750%2Cw_1500%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//c3.taboola.com/libtrc/static/thumbnails/so_auto/f_jpg/v1700645353/yp1u5iywkdxfgcxlbtxr.jpg
age
30467
edge-cache-tag
502972884924560909050702601173479892810,618870499114759607638041997254694977048,29ecf9b93bbf306179626feeda1fab70
cache-tag
502972884924560909050702601173479892810,618870499114759607638041997254694977048,29ecf9b93bbf306179626feeda1fab70
x-cache
Miss from cloudfront, MISS, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time
490
expiration
expiry-date="Sat, 30 Dec 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://mereja.com/
content-length
77898
x-backend-name
US_nlb103
x-served-by
cache-iad-kjyo7100038-IAD, cache-iad-kcgs7200031-IAD, cache-lga21924-LGA, cache-iad-kjyo7100121-IAD, cache-cph2320056-CPH
last-modified
Wed, 29 Nov 2023 07:11:57 GMT
server
nginx
surrogate-reporting
width=800,height=400,bytes=41796,owidth=800,oheight=450,obytes=42063
x-timer
S1701272582.825869,VS0,VE0
etag
"27e40d361337abf99aa9be70ca540e05"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 0, 5, 2
container.html
ed82c412a1d0517c38d808cdf80f705f.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 0A2B 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ed82c412a1d0517c38d808cdf80f705f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: voting.astro.com.my
URL: https://voting.astro.com.my/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://gempak.com//404
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 29 Nov 2023 15:43:00 GMT
expires
Thu, 28 Nov 2024 15:43:00 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame 936E 		212 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
97b94fc813203740781e47408edacd0f869217c716ba547faa948afc91d41ffb

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type
image/png
62bHydCX.html
tpc.googlesyndication.com/sodar/ Frame 6DAA 		38 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/62bHydCX.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ed82c412a1d0517c38d808cdf80f705f.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
303861
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
br
content-length
13045
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sun, 26 Nov 2023 03:18:40 GMT
expires
Mon, 25 Nov 2024 03:18:40 GMT
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
budakbersalin13ta.jpg%3Fext%3D.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_423%2Cw_760%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//d3avoj45mekucs.cloudfront.net/astrogempak/media/asbp/ 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_423%2Cw_760%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//d3avoj45mekucs.cloudfront.net/astrogempak/media/asbp/budakbersalin13ta.jpg%3Fext%3D.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
35b5f9d1ca45b2ba3968a0a71012ccda3ea1c554229193e4bc82c0fb240e076a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gempak.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Wed, 29 Nov 2023 15:43:01 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_423%2Cw_760%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//d3avoj45mekucs.cloudfront.net/astrogempak/media/asbp/budakbersalin13ta.jpg%3Fext%3D.jpg
age
5452704
edge-cache-tag
324058617813921152438140298608431786769,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
cache-tag
324058617813921152438140298608431786769,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
x-cache
MISS, HIT, HIT, HIT, HIT
x-envoy-upstream-service-time
187
expiration
expiry-date="Sat, 30 Sep 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://gempak.com/berita-terkini/penampilan-jadi-perhatian-netizen-berat-badan-siti-bainun-susut-60-kg-ada-hikmah-jugalah-masuk-penja-84492
content-length
17064
x-backend-name
CH_nlb801
x-served-by
cache-iad-kiad7000060-IAD, cache-iad-kiad7000060-IAD, cache-chi-kigq8000083-CHI, cache-iad-kcgs7200054-IAD, cache-cph2320056-CPH
last-modified
Wed, 30 Aug 2023 15:03:25 GMT
server
nginx
surrogate-reporting
width=832,height=462,owidth=832,oheight=468,obytes=104094
x-timer
S1701272582.851053,VS0,VE0
etag
"70cf2312e6d335c0a9c468eb023c0fb6"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 33, 1, 17, 2
wanna-uzair-header.jpg%3Fext%3D.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_423%2Cw_760%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//d3avoj45mekucs.cloudfront.net/astrogempak/media/articleasset/2018/nov/ 		54 KB
55 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_423%2Cw_760%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//d3avoj45mekucs.cloudfront.net/astrogempak/media/articleasset/2018/nov/wanna-uzair-header.jpg%3Fext%3D.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
a930ab17af286c930110641f322e492caee1353b7484e403cc218f02a37487b3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gempak.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Wed, 29 Nov 2023 15:43:01 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_423%2Cw_760%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//d3avoj45mekucs.cloudfront.net/astrogempak/media/articleasset/2018/nov/wanna-uzair-header.jpg%3Fext%3D.jpg
age
3122342
edge-cache-tag
323288668404348673100174942879659232311,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
cache-tag
323288668404348673100174942879659232311,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
x-cache
Miss from cloudfront, MISS, HIT, HIT, HIT, HIT
x-envoy-upstream-service-time
163
expiration
expiry-date="Tue, 10 Oct 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://gempak.com/
content-length
55176
x-backend-name
LA_nlb203
x-served-by
cache-iad-kiad7000090-IAD, cache-iad-kiad7000032-IAD, cache-lax-kwhp1940023-LAX, cache-iad-kiad7000108-IAD, cache-cph2320056-CPH
last-modified
Sat, 09 Sep 2023 02:50:04 GMT
server
nginx
surrogate-reporting
width=900,height=500,owidth=900,oheight=560,obytes=569878
x-timer
S1701272582.851212,VS0,VE0
etag
"1b2c9a7b783dc2983f88490b871d7191"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 2, 1, 107, 2
sd
us-u.openx.net/w/1.0/ Frame DE37
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESECIRMpvF2_ifHUEBaXKDWaw&google_cver=1
43 B
114 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESECIRMpvF2_ifHUEBaXKDWaw&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLOokgEQm8iDzQIYmq_V5gEwAQ&v=APEucNUcwL68-SoI8CFrfSjVjp-bRbBatqT8sBLrzgwg1TrbDqottC4Hk4KUI-FBew3m7CBOnooVJjoaTyOWb2x-VYXCEoGudbcmzwehRmbgkXPCHfSCcWvxzZsUuefITxeib0o5n8RDJrskQNig6-9kcRnD8Fw38IyIDU7SQRZUvxI56XQZchQ
Protocol
H2
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 29 Nov 2023 15:43:01 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 29 Nov 2023 15:43:01 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESECIRMpvF2_ifHUEBaXKDWaw&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
295
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
cm
us-u.openx.net/w/1.0/ Frame DE37 		43 B
219 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLOokgEQm8iDzQIYmq_V5gEwAQ&v=APEucNUcwL68-SoI8CFrfSjVjp-bRbBatqT8sBLrzgwg1TrbDqottC4Hk4KUI-FBew3m7CBOnooVJjoaTyOWb2x-VYXCEoGudbcmzwehRmbgkXPCHfSCcWvxzZsUuefITxeib0o5n8RDJrskQNig6-9kcRnD8Fw38IyIDU7SQRZUvxI56XQZchQ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 29 Nov 2023 15:43:01 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
56
expires
Mon, 26 Jul 1997 05:00:00 GMT
um
sync.teads.tv/ Frame DE37
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm
  • https://sync.teads.tv/um?eid=3&uid=CAESEBVg_mTPoTMufdHPzPYPe00&google_cver=1
23 B
163 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.teads.tv/um?eid=3&uid=CAESEBVg_mTPoTMufdHPzPYPe00&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLOokgEQm8iDzQIYmq_V5gEwAQ&v=APEucNUcwL68-SoI8CFrfSjVjp-bRbBatqT8sBLrzgwg1TrbDqottC4Hk4KUI-FBew3m7CBOnooVJjoaTyOWb2x-VYXCEoGudbcmzwehRmbgkXPCHfSCcWvxzZsUuefITxeib0o5n8RDJrskQNig6-9kcRnD8Fw38IyIDU7SQRZUvxI56XQZchQ
Protocol
H2
Server
23.32.185.35 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-32-185-35.deploy.static.akamaitechnologies.com
Software
pekko-http/1.0.0 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

expires
Wed, 29 Nov 2023 15:43:02 GMT
pragma
no-cache
date
Wed, 29 Nov 2023 15:43:02 GMT
cache-control
max-age=0, no-cache, no-store
server
pekko-http/1.0.0
content-length
23
content-type
image/gif

Redirect headers

pragma
no-cache
date
Wed, 29 Nov 2023 15:43:01 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://sync.teads.tv/um?eid=3&uid=CAESEBVg_mTPoTMufdHPzPYPe00&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
281
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
um
sync.teads.tv/ Frame DE37 		23 B
163 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.teads.tv/um?eid=3&uid=&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_dbm%26google_hm%3D%5BVID_B64%5D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLOokgEQm8iDzQIYmq_V5gEwAQ&v=APEucNUcwL68-SoI8CFrfSjVjp-bRbBatqT8sBLrzgwg1TrbDqottC4Hk4KUI-FBew3m7CBOnooVJjoaTyOWb2x-VYXCEoGudbcmzwehRmbgkXPCHfSCcWvxzZsUuefITxeib0o5n8RDJrskQNig6-9kcRnD8Fw38IyIDU7SQRZUvxI56XQZchQ
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.32.185.35 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-32-185-35.deploy.static.akamaitechnologies.com
Software
pekko-http/1.0.0 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

expires
Wed, 29 Nov 2023 15:43:02 GMT
pragma
no-cache
date
Wed, 29 Nov 2023 15:43:02 GMT
cache-control
max-age=0, no-cache, no-store
server
pekko-http/1.0.0
content-length
23
content-type
image/gif
b995120125b940c60ed1c2beb6a62353.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_423%2Cw_760%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		42 KB
43 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_423%2Cw_760%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/b995120125b940c60ed1c2beb6a62353.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
62d2a3f860454fa6f4d6264bfa7cc7ece108cf85b60dbd5642004ab7824cfc8d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gempak.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Wed, 29 Nov 2023 15:43:01 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_423%2Cw_760%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/b995120125b940c60ed1c2beb6a62353.png
age
2510382
edge-cache-tag
375743649588577576758315705241312646771,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
cache-tag
375743649588577576758315705241312646771,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
Miss from cloudfront, HIT, HIT, HIT, HIT, HIT
x-envoy-upstream-service-time
328
req-referer
https://www.ynet.co.il/
content-length
42852
x-request-id
15145615f8d0d35bd20612592a3b1931
x-backend-name
CH_nlb802
x-served-by
cache-iad-kcgs7200165-IAD, cache-iad-kcgs7200165-IAD, cache-chi-kigq8000109-CHI, cache-iad-kiad7000031-IAD, cache-cph2320056-CPH
last-modified
Thu, 28 Sep 2023 13:24:32 GMT
server
nginx
surrogate-reporting
width=1000,height=555,bytes=82599,owidth=1000,oheight=600,obytes=1036744
x-timer
S1701272582.906107,VS0,VE0
etag
"4a3f5181b9c5893daf54d6926ae5ef0e"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 6, 1, 8, 1
bulk
trc.taboola.com/astromediasolutions-gempak/log/3/ 		0
323 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://trc.taboola.com/astromediasolutions-gempak/log/3/bulk?tvi2=14111&tvi48=10638&route=AM%3AAM%3AV&lti=deflated&bulkSize=12
Requested by
Host: voting.astro.com.my
URL: https://voting.astro.com.my/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://gempak.com//404
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-vcl-time-ms
29
date
Wed, 29 Nov 2023 15:43:01 GMT
via
1.1 varnish
x-fastly-to-nlb-rtt
14437
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
x-service-version
v2
x-served-by
cache-cph2320056-CPH
pragma
no-cache
server
nginx
x-timer
S1701272582.936210,VS0,VE29
content-type
image/gif
access-control-allow-origin
https://gempak.com
cache-control
no-cache
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
0
590844923bc9471cd5d78447446db7b9.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_750%2Cw_1500%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		245 KB
246 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_750%2Cw_1500%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/590844923bc9471cd5d78447446db7b9.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
3c1edb36c3c20244658c0351dd612a84390fb12ffdb0ef2577b7e19a1d7bd043

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gempak.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Wed, 29 Nov 2023 15:43:01 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_750%2Cw_1500%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/590844923bc9471cd5d78447446db7b9.jpg
age
81579
edge-cache-tag
354154687395849500270112018496364566776,618870499114759607638041997254694977048,29ecf9b93bbf306179626feeda1fab70
cache-tag
354154687395849500270112018496364566776,618870499114759607638041997254694977048,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
Miss from cloudfront, MISS, HIT, MISS, HIT, HIT
x-envoy-upstream-service-time
544
req-referer
https://www.wionews.com/
content-length
250910
x-request-id
23d4eb449bb6f6a71bfb204e8ef25f66
x-backend-name
LA_nlb202
x-served-by
cache-iad-kcgs7200061-IAD, cache-iad-kjyo7100124-IAD, cache-lax-kwhp1940051-LAX, cache-iad-kiad7000157-IAD, cache-cph2320056-CPH
last-modified
Tue, 28 Nov 2023 13:21:17 GMT
server
nginx
surrogate-reporting
width=1160,height=580,bytes=340284,owidth=1160,oheight=1128,obytes=1292706
x-timer
S1701272582.947792,VS0,VE0
etag
"8e9c524cad8cf3c5ed2343af32aeefcd"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 0, 4, 2
6aee2a08-5b40-49f1-a744-aaf4fe7c54e8__qvJyy3lJ.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_423%2Cw_760%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/IMAGE_UPSCALER/EIU/ 		25 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_423%2Cw_760%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/IMAGE_UPSCALER/EIU/6aee2a08-5b40-49f1-a744-aaf4fe7c54e8__qvJyy3lJ.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
d739fafde9e18e966bf873500318ca59d954863cbfa9b0ea02a37916445dd416

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gempak.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Wed, 29 Nov 2023 15:43:01 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_423%2Cw_760%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/IMAGE_UPSCALER/EIU/6aee2a08-5b40-49f1-a744-aaf4fe7c54e8__qvJyy3lJ.jpg
age
1908859
edge-cache-tag
321194619511491062242132839077726262353,458819120031143973608810691998763911622,29ecf9b93bbf306179626feeda1fab70
cache-tag
321194619511491062242132839077726262353,458819120031143973608810691998763911622,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
Miss from cloudfront, MISS, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time
645
req-referer
https://mikehistory.com/
content-length
25552
x-request-id
d1f2fc547e4ba02fe8c457a948be91aa
x-backend-name
US_nlb103
x-served-by
cache-iad-kiad7000041-IAD, cache-iad-kjyo7100154-IAD, cache-lga21978-LGA, cache-iad-kjyo7100021-IAD, cache-cph2320056-CPH
last-modified
Thu, 02 Nov 2023 12:52:38 GMT
server
nginx
surrogate-reporting
width=760,height=423,bytes=39667,owidth=1999,oheight=1249,obytes=185477
x-timer
S1701272582.947787,VS0,VE0
etag
"a361bef900df8f8eb1cf80f62ae54ee8"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 0, 4, 2
e4bc001fd77f2f7760aec8406fe45e1a.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_423%2Cw_760%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		32 KB
33 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_423%2Cw_760%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/e4bc001fd77f2f7760aec8406fe45e1a.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
2e118e3a87948635da9f85c9a6e057cb81eeec4b513644ba907646ad3cf15fd0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gempak.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Wed, 29 Nov 2023 15:43:01 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_423%2Cw_760%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/e4bc001fd77f2f7760aec8406fe45e1a.jpg
age
20401
edge-cache-tag
382762201788583176124837611869097530604,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
cache-tag
382762201788583176124837611869097530604,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
Miss from cloudfront, MISS, MISS, HIT, HIT, HIT
x-envoy-upstream-service-time
157
req-referer
https://diariodonordeste.verdesmares.com.br/
content-length
32770
x-request-id
fc0329c721b36efac10e2c98ade2d617
x-backend-name
US_nlb104
x-served-by
cache-iad-kcgs7200077-IAD, cache-iad-kiad7000034-IAD, cache-lga21941-LGA, cache-iad-kcgs7200083-IAD, cache-cph2320056-CPH
last-modified
Wed, 29 Nov 2023 10:03:02 GMT
server
nginx
surrogate-reporting
width=1000,height=555,bytes=60120,owidth=1000,oheight=600,obytes=357985
x-timer
S1701272582.947794,VS0,VE0
etag
"ec94f9bf1d5ed488de51ea1cb35fd12d"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 2, 3, 1
hton8mgrx5elegnvuwal.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_750%2Cw_1500%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//c3.taboola.com/libtrc/static/thumbnails/so_auto/f_jpg/v1699522823/ 		81 KB
81 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_750%2Cw_1500%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//c3.taboola.com/libtrc/static/thumbnails/so_auto/f_jpg/v1699522823/hton8mgrx5elegnvuwal.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
00d9ce21f5c96c009aec03d7831142041321dde76668072a5207c753fd83b413

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gempak.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Wed, 29 Nov 2023 15:43:01 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_750%2Cw_1500%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//c3.taboola.com/libtrc/static/thumbnails/so_auto/f_jpg/v1699522823/hton8mgrx5elegnvuwal.jpg
age
1633114
edge-cache-tag
359241379207639601269701542440521179257,618870499114759607638041997254694977048,29ecf9b93bbf306179626feeda1fab70
cache-tag
359241379207639601269701542440521179257,618870499114759607638041997254694977048,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
Miss from cloudfront, MISS, HIT, HIT, HIT, HIT
x-envoy-upstream-service-time
1134
req-referer
https://happy-woman.com/
content-length
82492
x-request-id
79a884d06e6982b1abbf251479473d79
x-backend-name
US_nlb104
x-served-by
cache-iad-kcgs7200046-IAD, cache-iad-kjyo7100132-IAD, cache-ewr18131-EWR, cache-iad-kjyo7100040-IAD, cache-cph2320056-CPH
last-modified
Thu, 09 Nov 2023 09:47:59 GMT
server
nginx
surrogate-reporting
width=800,height=400,bytes=44387,owidth=800,oheight=450,obytes=41732
x-timer
S1701272582.977686,VS0,VE0
etag
"26b10e585157f560e4163c8131236e6f"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 4, 1, 1, 2
0e70ecb507b9928349ddc65f96ef10ea.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_834%2Cw_1500%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		89 KB
90 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_834%2Cw_1500%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/0e70ecb507b9928349ddc65f96ef10ea.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
2bb48debccdcb1093ccdd2f204378e28fd313f0fbc7b01ef4737832e519d5ada

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gempak.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Wed, 29 Nov 2023 15:43:01 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_834%2Cw_1500%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/0e70ecb507b9928349ddc65f96ef10ea.jpg
age
4423456
edge-cache-tag
547335859392245889569607457302178115007,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
cache-tag
547335859392245889569607457302178115007,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
Miss from cloudfront, MISS, HIT, HIT, HIT, HIT
x-envoy-upstream-service-time
431
req-referer
https://wortguru.com/
content-length
90742
x-request-id
bc032f9074aade6bf04de82323f61316
x-backend-name
LA_nlb202
x-served-by
cache-iad-kcgs7200141-IAD, cache-iad-kiad7000080-IAD, cache-lax10634-LGB, cache-iad-kiad7000105-IAD, cache-cph2320056-CPH
last-modified
Mon, 09 Oct 2023 10:58:46 GMT
server
nginx
surrogate-reporting
width=1067,height=592,bytes=85703,owidth=1067,oheight=600,obytes=723714
x-timer
S1701272582.977680,VS0,VE0
etag
"15ccdde6ac3b03c8046004c76a12dbf2"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 1, 31, 2
generate_204
tpc.googlesyndication.com/ Frame F97C 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?ExI2Sw
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 29 Nov 2023 15:43:01 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
chepuankhaleeda.jpg%3Fext%3D.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_834%2Cw_1500%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//d3avoj45mekucs.cloudfront.net/astrogempak/media/aplikasi/ 		69 KB
70 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_834%2Cw_1500%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//d3avoj45mekucs.cloudfront.net/astrogempak/media/aplikasi/chepuankhaleeda.jpg%3Fext%3D.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
02c8d114c6d992ccda5a38ed8b69d20971c53937c37c9b3963315a74404b2548

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gempak.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Wed, 29 Nov 2023 15:43:01 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_834%2Cw_1500%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//d3avoj45mekucs.cloudfront.net/astrogempak/media/aplikasi/chepuankhaleeda.jpg%3Fext%3D.jpg
age
4870588
edge-cache-tag
522047026804042586756003130732754148281,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
cache-tag
522047026804042586756003130732754148281,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
HIT, HIT, HIT, HIT, HIT
x-envoy-upstream-service-time
488
req-referer
https://gempak.com/rojakdaily/news/finally-new-visit-malaysia-year-2020-logo-set-be-unveiled-soon-61923
content-length
71136
x-request-id
224cc12711107bca8e51b3652091899f
x-backend-name
CH_nlb803
x-served-by
cache-iad-kcgs7200042-IAD, cache-iad-kcgs7200042-IAD, cache-lga21968-LGA, cache-iad-kiad7000052-IAD, cache-cph2320056-CPH
last-modified
Thu, 21 Sep 2023 07:41:36 GMT
server
nginx
surrogate-reporting
width=900,height=500,bytes=57533,owidth=900,oheight=560,obytes=236798
x-timer
S1701272582.980993,VS0,VE0
etag
"9e0e634213a6f3a738ce073862fe1b66"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 18, 1, 2, 1
content_v3.js
vidstat.taboola.com/ 		16 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vidstat.taboola.com/content_v3.js
Requested by
Host: voting.astro.com.my
URL: https://voting.astro.com.my/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
12af7975664854ca36da674714083fa05297940fce71e42dabf688e2eb19a0f1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gempak.com//404
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 29 Nov 2023 15:43:02 GMT
via
1.1 52185ea0de4fc3b9a693955c5e065bbe.cloudfront.net (CloudFront), 1.1 varnish
content-encoding
gzip
x-amz-cf-pop
CPH50-C2
age
1476956
x-cache
Hit from cloudfront, HIT
content-length
4839
x-served-by
cache-cph2320056-CPH
last-modified
Wed, 20 Jul 2022 13:23:50 GMT
server
AmazonS3
x-timer
S1701272582.025570,VS0,VE0
etag
"f7533e747bb02a8eb527ada4f2749620"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
access-control-allow-headers
*
x-amz-cf-id
CXF8SJp2F_zuvYhte6eFDCfAo7przwk475Djruyf4Eose4Vzvc2xjQ==
x-cache-hits
3999
OvaMediaPlayer.js
vidstat.taboola.com/vpaid/vPlayer/player/v15.7.8/ 		437 KB
82 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vidstat.taboola.com/vpaid/vPlayer/player/v15.7.8/OvaMediaPlayer.js
Requested by
Host: voting.astro.com.my
URL: https://voting.astro.com.my/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3-br /
Resource Hash
a466be787bc560be100bf32efa33db39e105a3b9f07de995573e831c26e136c6

Request headers

Referer
https://gempak.com//404
Origin
https://gempak.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-amz-meta-mtime
1701165680
date
Wed, 29 Nov 2023 15:43:02 GMT
via
1.1 varnish
content-encoding
br
x-amz-request-id
PYPNB3SEXQFA8TAD
age
106832
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-meta-ctime
1701165694
x-amz-meta-mode
33188
content-length
83213
x-amz-id-2
NWlGbfQC9NcuyEml6mKWqOmaPNM7T+puTsje2RzrV+4uv4RGUm5o61EX05QlK8eTQuowHkJHYsY=
x-served-by
cache-cph2320025-CPH
last-modified
Tue, 28 Nov 2023 10:01:35 GMT
server
AmazonS3-br
x-timer
S1701272582.039062,VS0,VE0
etag
"bd543de2f76c8d9387f34e75caa975b1"
x-amz-meta-uid
0
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, HEAD
x-amz-meta-gid
0
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
access-control-allow-headers
*
x-cache-hits
9854
sync
am-match.taboola.com/ Frame C2FC 		439 B
533 B 		Document
General
Check archive.org
Download Go to
Full URL
https://am-match.taboola.com/sync?dast=V8VUECLAa4rDSk9sQwThJwWWlI7YlhnCwAAABgYID-AElOZs7FcLdySwaDmVu0MbncEodt41ZZZrvBZOSwOFy-ISDJycy5GO5WbslgMHOLNiaXW-Kwbdwqy2w3mIwcFofLNwUfxnKZDGqBhGX2-w4KyunpMbsMoqLrbbE7nGbPG1yg6XT4XPd6nctteHjtGr_brxcNRnMAAAAA8OD___8fAgAAAEAEAAAAAAkAAAAAFAIq_FsQuAAAAACA4f___18DABQHg3V4Pi-zPwAAAACAAAAAACABgDCUUQLgRez_xP________9_jAH6zBsZ_____zcMegA8-AB4EAIAAPAxBHb1I2QP2T6PSEFvEUYAAAAAsuW0KY5M0gkqFlX-___7rQBcAQAIYNz4hbPOojso8RYGAABAQIyWvY0QNOG15ZgFelj8frPDrvG7Xeb_________38z_mX80Qk0zM2mCMPTC1fwCAgCs-QUEAGCjbgAA3gjACTkcaDodPte9XvY3Pe0-u8JzuvztGr_brnb-RYegFYPB6gTE7AAAAADc-f___8ejZW8jBE14bakHpGyrkWs1Wy5WC5ttObPNPBPXZLKw2Waj2XCxW2zPEOSn9Wp4AnufEGGZ_b6DgnJ6eswug6joelvsDqfZcxAfNAzLySCYnwlbjFaTyWY5nC0Xk8FwNByN9mcgFssBmojBcjmZLCa71Wg12gx3o9lggQRiMEEULRpMVqPRZDEZrkaT1Wy52O02iKJVq9loMxiuZpPZbrcaDobL0QhN2GK0mkw2y-FsuZgMhqPhaDREMOJw7XaT2cStshhnbtFktlwLFzaPW-KZmBYeh3Ezcw3WotfH9LENVo7haIsEA1L2InlapBPVcrOazVwTz2q2G45My9HENNxNTLPFcuFwrDaLiViiOVmkE9ll37KtRq7VbLlYLWy25cw280xck8nCZpuNZsPFbrGvOFy73WQ2cassxplbNJkt18KFzeOWeCamhcdh3Mxcg7Xo9TF9bIOVYzjaN3aDxWQ3WQ0H-8ZusJjsJqvhYN-hcgmD3YvRe9KYPTrV5y95JmxOg8JlsHh_EtNi2p0dRCff0amTqpRFndHv9_v9fr_f7_f7DVrPwWxQ-K61iLT5eBZ313D4cTAoYongIp0oPKfL3-0yOR2ev9l1evrtnrfO5TY8vBaxRGm6SCd6vWgwmoglgtNFOhG9jKeL-o8cZLGbKxajuWQxnEsGqwQAAAAAAAAAYAmmmW4CAAAA4GRQo8Votlqng1kMVqvNarkALACAdQGDAAAAAAAA7IL-S8OmYAPCKNbYYxrhOV3-bpfJ6fD8za7T02_3vHUut-HhtTIACwBfZpt9RhBrtVrWAAAABLABAAAEcNONNwFkUdz_____OAAAADJy6AEAANDvA8oCAAAAAAD4B6BCrNVqdbuxVqsVsGCGo8lwAv____8B!&excid=22&docw=0&cijs=1&nlb=false
Requested by
Host: voting.astro.com.my
URL: https://voting.astro.com.my/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
a277606779ea42ad5beb00131f348541bed0a70faa4c1e1d09b6b5819cb5dcc4

Request headers

Referer
https://gempak.com//404
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-type
text/html;charset=ISO-8859-1
date
Wed, 29 Nov 2023 15:43:02 GMT
machineid
3408
server
nginx
st
am-vid-events.taboola.com/ 		0
43 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://am-vid-events.taboola.com/st?cijs=convusmp&ttype=16&cisd=convusmp&cipid=66361655&crid=-1&dast=V8VUECLAa4rDSk9sQwThJwWWlI7YlhnCwAAABgYID-AElOZs7FcLdySwaDmVu0MbncEodt41ZZZrvBZOSwOFy-ISDJycy5GO5WbslgMHOLNiaXW-Kwbdwqy2w3mIwcFofLNwUfxnKZDGqBhGX2-w4KyunpMbsMoqLrbbE7nGbPG1yg6XT4XPd6nctteHjtGr_brxcNRnMAAAAA8OD___8fAgAAAEAEAAAAAAkAAAAAFAIq_FsQuAAAAACA4f___18DABQHg3V4Pi-zPwAAAACAAAAAACABgDCUUQLgRez_xP________9_jAH6zBsZ_____zcMegA8-AB4EAIAAPAxBHb1I2QP2T6PSEFvEUYAAAAAsuW0KY5M0gkqFlX-___7rQBcAQAIYNz4hbPOojso8RYGAABAQIyWvY0QNOG15ZgFelj8frPDrvG7Xeb_________38z_mX80Qk0zM2mCMPTC1fwCAgCs-QUEAGCjbgAA3gjACTkcaDodPte9XvY3Pe0-u8JzuvztGr_brnb-RYegFYPB6gTE7AAAAADc-f___8ejZW8jBE14bakHpGyrkWs1Wy5WC5ttObPNPBPXZLKw2Waj2XCxW2zPEOSn9Wp4AnufEGGZ_b6DgnJ6eswug6joelvsDqfZcxAfNAzLySCYnwlbjFaTyWY5nC0Xk8FwNByN9mcgFssBmojBcjmZLCa71Wg12gx3o9lggQRiMEEULRpMVqPRZDEZrkaT1Wy52O02iKJVq9loMxiuZpPZbrcaDobL0QhN2GK0mkw2y-FsuZgMhqPhaDREMOJw7XaT2cStshhnbtFktlwLFzaPW-KZmBYeh3Ezcw3WotfH9LENVo7haIsEA1L2InlapBPVcrOazVwTz2q2G45My9HENNxNTLPFcuFwrDaLiViiOVmkE9ll37KtRq7VbLlYLWy25cw280xck8nCZpuNZsPFbrGvOFy73WQ2cassxplbNJkt18KFzeOWeCamhcdh3Mxcg7Xo9TF9bIOVYzjaN3aDxWQ3WQ0H-8ZusJjsJqvhYN-hcgmD3YvRe9KYPTrV5y95JmxOg8JlsHh_EtNi2p0dRCff0amTqpRFndHv9_v9fr_f7_f7DVrPwWxQ-K61iLT5eBZ313D4cTAoYongIp0oPKfL3-0yOR2ev9l1evrtnrfO5TY8vBaxRGm6SCd6vWgwmoglgtNFOhG9jKeL-o8cZLGbKxajuWQxnEsGqwQAAAAAAAAAYAmmmW4CAAAA4GRQo8Votlqng1kMVqvNarkALACAdQGDAAAAAAAA7IL-S8OmYAPCKNbYYxrhOV3-bpfJ6fD8za7T02_3vHUut-HhtTIACwBfZpt9RhBrtVrWAAAABLABAAAEcNONNwFkUdz_____OAAAADJy6AEAANDvA8oCAAAAAAD4B6BCrNVqdbuxVqsVsGCGo8lwAv____8B!&cmcv=&pix=31579697&cb=1701272582028&uv=3362&tms=1701272582028&su=3&abt=adxLoadDist7-out_vC!adxsub-out_vA!adxsub-out_vB!ufm_vG&ru=https://voting.astro.com.my/&ft=0&unm=FEED_MANAGER&su=3&
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gempak.com//404
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 29 Nov 2023 15:43:02 GMT
content-length
0
server
nginx
pixel
googleads.g.doubleclick.net/xbbe/ Frame A30E 		466 B
235 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CJq9JBD1mXwYgeaU_QEwAQ&v=APEucNUcPe7DQPBG2QpKeWP3r_NfnCf3aUxDUWU9hfTHVaj200gXxfT654Gj3XtumnUlfF2oSg4UwtmGm-KgdxKGc5ZApwmkcM9zGGY1wRCBZgduZnx8Zzvt_z4woM4LoCgV4RAUgfl2nki1aQijufRXNpl4wEaEYE2bU--Zotx2PNBA6Scssw0
Requested by
Host: ed82c412a1d0517c38d808cdf80f705f.safeframe.googlesyndication.com
URL: https://ed82c412a1d0517c38d808cdf80f705f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
37ab5c060ae53ccda75b8bd212d874a17650f7954b11c4e31f568990ab40196b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ed82c412a1d0517c38d808cdf80f705f.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
215
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 29 Nov 2023 15:43:02 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
dv3.js
pagead2.googlesyndication.com/pagead/js/ Frame 0A2B 		89 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/dv3.js
Requested by
Host: ed82c412a1d0517c38d808cdf80f705f.safeframe.googlesyndication.com
URL: https://ed82c412a1d0517c38d808cdf80f705f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
38eb0379c855f10a0e69073af6b54582216fa37b7e2b1563a1246bbf1ef49642
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ed82c412a1d0517c38d808cdf80f705f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 29 Nov 2023 15:43:02 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31485
x-xss-protection
0
server
cafe
etag
7119415641918660631
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=600
timing-allow-origin
*
expires
Wed, 29 Nov 2023 15:43:02 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 0A2B 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-BF0rsd-pqLPGVLS8O6d8hthxlv_daETZVj4KxhiX53QlnkYSdEXqCkHTzseQUgfc6Bm8DokyueWLBeUXSFuL4rTgoYmtj_HK7gUNykUsCNssapwNk
Requested by
Host: ed82c412a1d0517c38d808cdf80f705f.safeframe.googlesyndication.com
URL: https://ed82c412a1d0517c38d808cdf80f705f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ed82c412a1d0517c38d808cdf80f705f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 29 Nov 2023 15:43:02 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 0A2B 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=3405658971059314729&x=1&ct=119
Requested by
Host: ed82c412a1d0517c38d808cdf80f705f.safeframe.googlesyndication.com
URL: https://ed82c412a1d0517c38d808cdf80f705f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ed82c412a1d0517c38d808cdf80f705f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 29 Nov 2023 15:43:02 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ca
choices.truste.com/ Frame 0A2B 		26 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://choices.truste.com/ca?pid=sojern01&aid=sojern02_d&cid=&c=1701272581377890&js=pmw0&w=300&h=250&admarker=dynamic
Requested by
Host: ed82c412a1d0517c38d808cdf80f705f.safeframe.googlesyndication.com
URL: https://ed82c412a1d0517c38d808cdf80f705f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.88 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-88.fra53.r.cloudfront.net
Software
nginx /
Resource Hash
fe702c90cb027142d2009afffa655fdbc952f1179a758a249badc7e104e2b65c
Security Headers
Name Value
Content-Security-Policy default-src 'self' 'unsafe-eval' *; font-src 'self' *; style-src 'self' 'unsafe-inline' *; img-src 'self' * data: https://cdn1.iconfinder.com https://js.userflow.com; frame-src 'self' *; frame-ancestors 'self' *; connect-src 'self' *; script-src 'self' 'unsafe-inline' 'unsafe-eval' *; object-src 'self' *; media-src 'self' *; child-src 'self' *; worker-src 'self' *; manifest-src 'self' *;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ed82c412a1d0517c38d808cdf80f705f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 29 Nov 2023 15:43:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
via
1.1 f960fa0538fdb326fc338e984fa7ece8.cloudfront.net (CloudFront)
content-security-policy
default-src 'self' 'unsafe-eval' *; font-src 'self' *; style-src 'self' 'unsafe-inline' *; img-src 'self' * data: https://cdn1.iconfinder.com https://js.userflow.com; frame-src 'self' *; frame-ancestors 'self' *; connect-src 'self' *; script-src 'self' 'unsafe-inline' 'unsafe-eval' *; object-src 'self' *; media-src 'self' *; child-src 'self' *; worker-src 'self' *; manifest-src 'self' *;
x-amz-cf-pop
FRA53-C1
cross-origin-embedder-policy
unsafe-none
x-cache
Miss from cloudfront
cross-origin-resource-policy
cross-origin
x-xss-protection
1; mode=block
referrer-policy
origin
server
nginx
cross-origin-opener-policy
unsafe-none
expect-ct
max-age=31536000
x-frame-options
SAMEORIGIN
vary
Accept-Encoding, Origin
content-type
text/javascript;charset=UTF-8
permissions-policy
geolocation=(), microphone=(), payment=()
x-amz-cf-id
ML_64NOy8zIrIRXBHm_EeHEjRHM7pnyJ6KmC0nwy0V1dFu9L3lG1zQ==
dbm
beacon.sojern.com/imp/ Frame 0A2B 		42 B
208 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon.sojern.com/imp/dbm?auc=ABAjH0h7gZ07ose7yxfdWugx5zI2&li=20754821221&cr=530920193&io=1015034614&seg=&src=https://gempak.com//404&ord=1701272581377890
Requested by
Host: ed82c412a1d0517c38d808cdf80f705f.safeframe.googlesyndication.com
URL: https://ed82c412a1d0517c38d808cdf80f705f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
107.178.244.119 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
119.244.178.107.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ed82c412a1d0517c38d808cdf80f705f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 29 Nov 2023 15:43:02 GMT
via
1.1 google
vary
Accept-Encoding
content-type
image/gif
access-control-allow-origin
*
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame 0A2B 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/window_focus_fy2021.js
Requested by
Host: ed82c412a1d0517c38d808cdf80f705f.safeframe.googlesyndication.com
URL: https://ed82c412a1d0517c38d808cdf80f705f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ed82c412a1d0517c38d808cdf80f705f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 29 Nov 2023 12:41:19 GMT
content-encoding
br
x-content-type-options
nosniff
age
10903
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 13 Dec 2023 12:41:19 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame 0A2B 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: ed82c412a1d0517c38d808cdf80f705f.safeframe.googlesyndication.com
URL: https://ed82c412a1d0517c38d808cdf80f705f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3c30eaaa059a466037880c18c01c2fe94183d8e67eaab42061d4d2a180114658
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ed82c412a1d0517c38d808cdf80f705f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 23:16:58 GMT
content-encoding
br
x-content-type-options
nosniff
age
59164
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8541
x-xss-protection
0
server
cafe
etag
737174102934380276
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 12 Dec 2023 23:16:58 GMT
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame 0A2B 		202 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: ed82c412a1d0517c38d808cdf80f705f.safeframe.googlesyndication.com
URL: https://ed82c412a1d0517c38d808cdf80f705f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d00881661ce5e766ce98430f69d6d217ab80bdfa98811e039afc92a327d57a68
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ed82c412a1d0517c38d808cdf80f705f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 29 Nov 2023 15:43:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
65070
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1700193896630564"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 29 Nov 2023 15:43:02 GMT
vendor-list-v25.json
vendorlist.dmcdn.net/v3/archives/ Frame 668F 		530 KB
66 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://vendorlist.dmcdn.net/v3/archives/vendor-list-v25.json
Requested by
Host: static1.dmcdn.net
URL: https://static1.dmcdn.net/playerv5/dmp.infopack.45cd87b822a902fefa88.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
178.79.242.16 Frankfurt am Main, Germany, ASN22822 (LLNW, US),
Reverse DNS
https-178-79-242-16.fra.llnw.net
Software
AmazonS3 /
Resource Hash
61c3f279c024c4b28081fb6bda43f4e25dd8e7d9efbe3ade1d4ee0b188f88e79

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://geo.dailymotion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-amz-version-id
tKdlwoOnw_GuFP84h.C9QwQb.UKCEEKj
content-encoding
gzip
via
1.1 bfd596aba0de57f83442d2ebd6b268f4.cloudfront.net (CloudFront)
date
Wed, 29 Nov 2023 15:43:02 GMT
x-amz-cf-pop
CDG52-P1
age
504863
x-amz-server-side-encryption
AES256
content-length
66845
last-modified
Thu, 02 Nov 2023 16:07:35 GMT
server
AmazonS3
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=604800
x-ip-address
178.79.244.77
x-amz-cf-id
PY5CzDH0mlCkeKe500t6-BkouJsdHavoJCFcjwtjNusaBqqTZBkuaA==
x-llid
f4f4d100ca6a419f69edc17e0a9b51f1
expires
Thu, 30 Nov 2023 19:28:39 GMT
ekin-punya-42_1.png%3Fext%3D.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_834%2Cw_1500%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//d3avoj45mekucs.cloudfront.net/astrogempak/media/2019-flavettesglowingstar/ 		77 KB
78 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_834%2Cw_1500%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//d3avoj45mekucs.cloudfront.net/astrogempak/media/2019-flavettesglowingstar/ekin-punya-42_1.png%3Fext%3D.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
92c1fa9fa30c280eab7a6ca814e5160e303beb82d978289450630be654b42ab2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gempak.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Wed, 29 Nov 2023 15:43:02 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_834%2Cw_1500%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//d3avoj45mekucs.cloudfront.net/astrogempak/media/2019-flavettesglowingstar/ekin-punya-42_1.png%3Fext%3D.png
age
1934538
edge-cache-tag
397705751962934655371999192600156754988,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
cache-tag
397705751962934655371999192600156754988,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
x-cache
Miss from cloudfront, MISS, MISS, HIT, HIT, HIT
x-envoy-upstream-service-time
503
expiration
expiry-date="Sat, 25 Nov 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://gempak.com/rojakdaily/entertainment
content-length
78842
x-backend-name
LA_nlb204
x-served-by
cache-iad-kcgs7200079-IAD, cache-iad-kiad7000020-IAD, cache-lax-kwhp1940023-LAX, cache-iad-kjyo7100049-IAD, cache-cph2320056-CPH
last-modified
Wed, 25 Oct 2023 23:17:51 GMT
server
nginx
surrogate-reporting
width=1640,height=911,bytes=139559,owidth=1640,oheight=924,obytes=1773196
x-timer
S1701272582.110075,VS0,VE0
etag
"84bedf8bebb502de2463c9f2d0460ed8"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 1, 45, 1
ekin-punya-397.png%3Fext%3D.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_834%2Cw_1500%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//d3avoj45mekucs.cloudfront.net/astrogempak/media/articleasset/ 		66 KB
67 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_834%2Cw_1500%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//d3avoj45mekucs.cloudfront.net/astrogempak/media/articleasset/ekin-punya-397.png%3Fext%3D.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
1091c50cdf7bc4d7384fa194111c9da6673a5ade42976063c3b7a43a0db3c5ad

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gempak.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Wed, 29 Nov 2023 15:43:02 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_834%2Cw_1500%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//d3avoj45mekucs.cloudfront.net/astrogempak/media/articleasset/ekin-punya-397.png%3Fext%3D.png
age
2447558
edge-cache-tag
578838873718608023973366725004429312348,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
cache-tag
578838873718608023973366725004429312348,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
MISS, HIT, MISS, HIT, HIT
x-envoy-upstream-service-time
506
req-referer
https://gempak.com/rojakdaily/news/finally-new-visit-malaysia-year-2020-logo-set-be-unveiled-soon-61923
content-length
67814
x-request-id
1ee451d9ce83780a4c8ba6a607692228
x-backend-name
CH_nlb802
x-served-by
cache-iad-kcgs7200144-IAD, cache-iad-kcgs7200077-IAD, cache-lga21983-LGA, cache-iad-kiad7000164-IAD, cache-cph2320056-CPH
last-modified
Fri, 22 Sep 2023 00:11:27 GMT
server
nginx
surrogate-reporting
width=1640,height=911,bytes=125196,owidth=1640,oheight=924,obytes=1579691
x-timer
S1701272582.110071,VS0,VE0
etag
"c5a8321ba35862f32d045c6abfeaf778"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 18, 0, 6, 1
/
pebed.dm-event.net/ Frame 668F 		15 B
363 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pebed.dm-event.net/
Requested by
Host: geo.dailymotion.com
URL: https://geo.dailymotion.com/player/xd17s.html?video=x8q120x
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
188.65.124.59 Paris, France, ASN41690 (DAILYMOTION For peering related business, please mail peering@dailymotion.com, FR),
Reverse DNS
ebed2.dm.gg
Software
edward-ed/2.2.1 /
Resource Hash
a29ee2b15c494311c52521766e44af56a3ad2248e7a8ab465e5206463c13d288

Request headers

Referer
https://geo.dailymotion.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
content-type
text/plain; charset=UTF-8

Response headers

Date
Wed, 29 Nov 2023 15:43:02 GMT
Server
edward-ed/2.2.1
Access-Control-Max-Age
604800
Access-Control-Allow-Methods
POST
Content-Type
application/json
Access-Control-Allow-Origin
*
Access-Control-Allow-Headers
Content-Encoding, X-Dm-EventBus-Compression-Duration, X-Dm-EventBus-Worker-Duration
Content-Length
15
blackScreen5.mp4
vidstatb.taboola.com/vid/ 		89 KB
89 KB 		Media
General
Check archive.org
Download Go to
Full URL
https://vidstatb.taboola.com/vid/blackScreen5.mp4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
0407dafc112212a135d1aa4dd9b40ba0208c6bb6b1959f5535af093254189d66

Request headers

Referer
https://gempak.com//404
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Range
bytes=0-

Response headers

x-amz-meta-mtime
1497790207
date
Wed, 29 Nov 2023 15:43:02 GMT
via
1.1 8c1689d985cebe3591673210a2254e9e.cloudfront.net (CloudFront), 1.1 varnish
x-amz-cf-pop
CPH50-C2
age
2214190
x-cache
Miss from cloudfront, HIT
Content-Range
bytes 0-90783/90784
x-amz-meta-mode
33188
Content-Length
90784
x-served-by
cache-cph2320056-CPH
last-modified
Sun, 02 Jul 2017 20:40:57 GMT
server
AmazonS3
x-timer
S1701272582.146641,VS0,VE0
etag
"b2b087fe4ae638c533731c347fcd4df8"
x-amz-meta-uid
0
access-control-allow-methods
GET, OPTIONS, HEAD
x-amz-meta-gid
0
content-type
video/mp4
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
access-control-allow-headers
*
x-amz-cf-id
l9FWBpaPgO7-k87FStAUFfwM3XLG4r5Cww-LlFCzVuRErtS5gvG8XQ==
x-cache-hits
10968
f539211219b796ffbb49949997c764f0.png
cdn.taboola.com/libtrc/static/thumbnails/ 		254 B
736 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.taboola.com/libtrc/static/thumbnails/f539211219b796ffbb49949997c764f0.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f68019eb4b4e5933301d4ee75969e0cb94ed8333bf514630fa749eb9c3e483c9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gempak.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-amz-version-id
hL.cyLD7Q4TL5ceY.7JQwF9m5IYI8mkC
date
Wed, 29 Nov 2023 15:43:02 GMT
via
1.1 varnish
x-amz-request-id
DDQ4N5PH847FSFFN
age
26510
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
254
x-amz-id-2
aqXZ5TfXP8iRdMdELepuMA5C/5ciFi+p6Ky8KbHabejFtNJHH4peFIuNVRC4MRKY5KotSYHDQrQ=
x-served-by
cache-cph2320056-CPH
last-modified
Wed, 24 Jun 2015 07:14:11 GMT
server
AmazonS3
x-amz-meta-s3cmd-attrs
uid:0/gname:root/uname:root/gid:0/mode:33188/mtime:1377415166/atime:1435052450/md5:dfa7b52c86e56bd67fa4002f6ed19854/ctime:1422381567
x-timer
S1701272582.162472,VS0,VE0
etag
"dfa7b52c86e56bd67fa4002f6ed19854"
content-type
image/png
abp
31
access-control-allow-origin
*
cache-control
private,max-age=31536000
accept-ranges
bytes
x-cache-hits
2478
i.match
a.tribalfusion.com/ Frame D402 		43 B
438 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.tribalfusion.com/i.match?p=b6&u=CAESEIhNixn0RCxyTMxdZUPIAfw&google_cver=1&google_push=AXcoOmR5ol9yT1wD4sqDcMsEO1mf3CP4z-hO3H7l-9xaOC7jJsgESAssUMUy_e-KbcIje0Mmh1mGTgQPLtzmKZTlTOk8krlUM95JTg&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmR5ol9yT1wD4sqDcMsEO1mf3CP4z-hO3H7l-9xaOC7jJsgESAssUMUy_e-KbcIje0Mmh1mGTgQPLtzmKZTlTOk8krlUM95JTg%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Requested by
Host: ed82c412a1d0517c38d808cdf80f705f.safeframe.googlesyndication.com
URL: https://ed82c412a1d0517c38d808cdf80f705f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:18ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 29 Nov 2023 15:43:03 GMT
cf-cache-status
DYNAMIC
x-function
302
server
cloudflare
content-type
image/gif; charset=utf-8
p3p
CP="NOI DEVo TAIa OUR BUS"
cache-control
no-cache, private
cf-ray
82dbf6c68f58373d-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
Thu, 01 Jan 1970 00:00:00 GMT
sync
x.bidswitch.net/ Frame D402 		43 B
146 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEMm-R_hNsDjHGO_tNQKc6Rs&google_cver=1&google_push=AXcoOmRHAxBb5JbvSPE8jzG8TvhuZVybd4lW9Fo1X66A-QvfzE3gmXkP6XRzV6uHVFH1OFk0ZXRBveiWzny7MrTfT3dWLYYYtlXNJA
Requested by
Host: ed82c412a1d0517c38d808cdf80f705f.safeframe.googlesyndication.com
URL: https://ed82c412a1d0517c38d808cdf80f705f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.184.108.41 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-184-108-41.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 29 Nov 2023 15:43:02 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
43
content-type
image/gif
UCookieSetPug
image6.pubmatic.com/AdServer/ Frame D402 		0
41 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEKPm-kokVCGTgv2-GBRBYhk&google_cver=1&google_push=AXcoOmTarZExIhtPXCqEiUrKQjI1DfG-wK4pAw3icjWwyG0ua25zBX7Na-IPY3yIKahJXxT3FCr26g0OWl7BoBZ0VYIOEhE9ZR1g
Requested by
Host: ed82c412a1d0517c38d808cdf80f705f.safeframe.googlesyndication.com
URL: https://ed82c412a1d0517c38d808cdf80f705f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date
Wed, 29 Nov 2023 15:43:02 GMT
content-length
0
content-type
text/html; charset=UTF-8
pixel
cm.g.doubleclick.net/ Frame D402
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEJ5VQ1vjurBx7TfZQB6MOvw&google_cver=1&google_push=AXcoOmSoion6L55lemDg5WcZMDX344O5udfADiSefjAllEkw-fzYeQlOskjdjPLVQhXcFdj5HVM...
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TFBKWFJQVEktMTctRTlZOA==&google_push=AXcoOmSoion6L55lemDg5WcZMDX344O5udfADiSefjAllEkw-fzYeQlOskjdjPLVQhXcFdj5HVMysq_GMSKf7jHC7ax697BYzbGL1Q
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TFBKWFJQVEktMTctRTlZOA==&google_push=AXcoOmSoion6L55lemDg5WcZMDX344O5udfADiSefjAllEkw-fzYeQlOskjdjPLVQhXcFdj5HVMysq_GMSKf7jHC7ax697BYzbGL1Q
Requested by
Host: ed82c412a1d0517c38d808cdf80f705f.safeframe.googlesyndication.com
URL: https://ed82c412a1d0517c38d808cdf80f705f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
172.217.16.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f194.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 29 Nov 2023 15:43:02 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TFBKWFJQVEktMTctRTlZOA==&google_push=AXcoOmSoion6L55lemDg5WcZMDX344O5udfADiSefjAllEkw-fzYeQlOskjdjPLVQhXcFdj5HVMysq_GMSKf7jHC7ax697BYzbGL1Q
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
e06182bf224d96e6550f4595601cdb0b
Expires
0
pixel
cm.g.doubleclick.net/ Frame D402
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESELzXXAGed9eST4mTEeEPsr8&google_cver=1&googl...
  • https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESELzXXAGed9eST4mTEeEPsr8&google_hm=ZWdcBUtCWPWW8A49_h1MfwAAFC0AAAAB&google_nid=index&google_push=AXcoOmT0l94fF3exc9zVlsClpaU95YNNZKAVL...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESELzXXAGed9eST4mTEeEPsr8&google_hm=ZWdcBUtCWPWW8A49_h1MfwAAFC0AAAAB&google_nid=index&google_push=AXcoOmT0l94fF3exc9zVlsClpaU95YNNZKAVL8znxphlGma1TmN4iW7kB_f6UZzV3E1JYM2qSqbSCbuM-ErbWdrLpVYh4HkZPAOr
Requested by
Host: ed82c412a1d0517c38d808cdf80f705f.safeframe.googlesyndication.com
URL: https://ed82c412a1d0517c38d808cdf80f705f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
172.217.16.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f194.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 29 Nov 2023 15:43:02 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 29 Nov 2023 15:43:02 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=e7JDPq7GmtdvAxRkF%2Bp2uDCwtvfu6o33kzkXLD4PWDPg7h17pSlmIxtY%2FAyqUu94l4oJfoBD2PnGKr%2BbS%2BcP5cCJqjNrN6EwvmjAxeEkAELzqG9WuWVAGuR9Dz8LI91TDomQUCj4Q1P9DQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESELzXXAGed9eST4mTEeEPsr8&google_hm=ZWdcBUtCWPWW8A49_h1MfwAAFC0AAAAB&google_nid=index&google_push=AXcoOmT0l94fF3exc9zVlsClpaU95YNNZKAVL8znxphlGma1TmN4iW7kB_f6UZzV3E1JYM2qSqbSCbuM-ErbWdrLpVYh4HkZPAOr
cache-control
no-cache
cf-ray
82dbf6c6bb629104-FRA
alt-svc
h3=":443"; ma=86400
content-length
0
expires
0
pixel
cm.g.doubleclick.net/ Frame D402
Redirect Chain
  • https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEBJrsgCeAygSjS5SaLfUOQc&google_cver=1&google_push=AXcoOmRYm6UFCReZq3Zr60f1fkHuAT8t4L3jSr4h8SLWprXpcmuy6OapPhZp05hUFkC-BZgUSY163kxN5fJgfd6BtWGQvcfeBa...
  • https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=1&gdpr_consent=&us_privacy=&sync=1&google_push=AXcoOmRYm6UFCReZq3Zr60f1fkHuAT8t4L3jSr4h8SLWprXpcmuy6OapPhZp05hUFkC-BZgUSY163kxN5fJgfd6BtWGQvcfeBan...
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTk5NTQ1MTM1MTY0Mjc2Mjg3MDM3OQ%3D%3D&google_push=AXcoOmRYm6UFCReZq3Zr60f1fkHuAT8t4L3jSr4h8SLWprXpcmuy6Oap...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTk5NTQ1MTM1MTY0Mjc2Mjg3MDM3OQ%3D%3D&google_push=AXcoOmRYm6UFCReZq3Zr60f1fkHuAT8t4L3jSr4h8SLWprXpcmuy6OapPhZp05hUFkC-BZgUSY163kxN5fJgfd6BtWGQvcfeBanpig
Requested by
Host: ed82c412a1d0517c38d808cdf80f705f.safeframe.googlesyndication.com
URL: https://ed82c412a1d0517c38d808cdf80f705f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
172.217.16.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f194.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 29 Nov 2023 15:43:02 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTk5NTQ1MTM1MTY0Mjc2Mjg3MDM3OQ%3D%3D&google_push=AXcoOmRYm6UFCReZq3Zr60f1fkHuAT8t4L3jSr4h8SLWprXpcmuy6OapPhZp05hUFkC-BZgUSY163kxN5fJgfd6BtWGQvcfeBanpig
date
Wed, 29 Nov 2023 15:43:02 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
sync
ssbsync.smartadserver.com/api/ Frame D402 		0
45 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssbsync.smartadserver.com/api/sync?callerId=3&google_gid=CAESEOxON9GpdPXirMfJFbk7r3Y&google_cver=1&google_push=AXcoOmTrFSuZCjSAE0zM8qcgQYesGonN6Bq2XQ7yLmugOR1bofjsxPmwks8dIVdCuERJUwDDn7BgGJ-Xwg8Iph_ZmMMhXzP-sNoU-w
Requested by
Host: ed82c412a1d0517c38d808cdf80f705f.safeframe.googlesyndication.com
URL: https://ed82c412a1d0517c38d808cdf80f705f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.86.139.104 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 29 Nov 2023 15:43:01 GMT
content-length
0
attr
cm.g.doubleclick.net/pixel/ Frame D402 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13IXhOHUOYHR5MrWMKZzIKuMQq6Aoz3wJC2JBtTAalxoi_vaDyGOSRXT-6N_l4Ux6Ydq-DjP
Requested by
Host: ed82c412a1d0517c38d808cdf80f705f.safeframe.googlesyndication.com
URL: https://ed82c412a1d0517c38d808cdf80f705f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f194.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 29 Nov 2023 15:43:02 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
/
www.facebook.com/login/ Frame 0B36 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fhref%3Dhttps%253A%252F%252Fwww.facebook.com%252FPortalAstroGempak%252F%26width%3D340%26height%3D214%26small_header%3Dfalse%26adapt_container_width%3Dtrue%26hide_cover%3Dfalse%26show_facepile%3Dtrue%26appId
Requested by
Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yW/r/cH_K1_w2EdK.js?_nc_x=Ij3Wp8lg5Kz
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f176:84:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FPortalAstroGempak%2F&width=340&height=214&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
private, no-cache, no-store, must-revalidate
content-encoding
br
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-type
text/html; charset="utf-8"
cross-origin-opener-policy
same-origin-allow-popups
date
Wed, 29 Nov 2023 15:43:02 GMT
expires
Sat, 01 Jan 2000 00:00:00 GMT
origin-agent-cluster
?0
pragma
no-cache
priority
u=0,i
report-to
{"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
reporting-endpoints
default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown"
strict-transport-security
max-age=15552000; preload
vary
Accept-Encoding
x-content-type-options
nosniff
x-fb-debug
H134xY5U9CTHY3PZyjnwftJyEkAL1qQuT7MO1tKOEDMsoH96rCkZKvUy6I064M0LYAhhb9d8iUD3AfSffBfR8w==
x-frame-options
DENY
x-xss-protection
0
index.html
s0.2mdn.net/sadbundle/11952719878557111332/ Frame A53E 		133 KB
35 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/11952719878557111332/index.html?e=69&leftOffset=0&topOffset=0&c=SeeFuYCFHA&t=1&renderingType=2&ev=01_250
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_278.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9ef507894e158a8ab8a838484903d74d5af958a72c0673006b842c58d930ecf0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ed82c412a1d0517c38d808cdf80f705f.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Wed, 29 Nov 2023 15:43:02 GMT
expires
Thu, 28 Nov 2024 15:43:02 GMT
last-modified
Tue, 07 Feb 2023 13:03:48 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
view
ad.doubleclick.net/pcs/ Frame 830C 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ad.doubleclick.net/pcs/view?xai=AKAOjssQ7T79W6LRBDtmKbMj46BEv4ZhxuBtqsVneuL5mVtjmy766MM9WhGeLN6yhbSlrZahiuy_berBFb6l8n5xduNz6btKwlVX0Nwq9CoXdP6Vmbjuq7QIW23946ycK48qysVV4zEvSjZ0ccW4WewOiWtaxmMAG80kW-YQF8Y1uy4rgeJy1tlvmp6L3mD7_cAr3sCkWiEsYs4xT56tZ0e6bPwUv6Y29jjPDkhId7CIdAnpW2xkvnbb3GLIBFuodvafiz5GGLD2R1RND7qO6KkZTaD3qZmZ537B3TFvf8wFbTT6vktyQeCAWI3m0Wg4f0EKdKnRfZobvF61C2EqLcBm7ozki9APimyOaYfIL_IxFPm15Lex-xQ4IETeW5j3cac_tFq_M6WsDXnXmHtrIjzg1ubvABEFTNsWZmP-2pj70VRdgEa3eFERQ_TCtZR6d_EmDLdb_vSCkZwm8mETwj2APMtAoPae-DzdV-j1qoY5leEidxJ7x_PtW5Z9aEO9PpPDC_wdg1PITm4sQXWpghYQfN0n0-puVepTZwm6mgruHMm8NDyfAiEv6nh2u7V-gmwdbVTiJ_j6ED0hzq92RswvJcdaqwN-f3Siuh_p3hGdWj3ss3EdRpBqR-lFzj8dBctsk6BzSpK_ORwULnTeiLypxf5vGq5aNqqZHaLfxGieK0sd0YHDPuvAxflLxpPWEGqwgpjN8Oq3-sRISTpsh0odsBPRUPxS_3Zz3kuHG4DpxEPvu86BXUZS-UOSHGfG6xfUzMvKly7zq0XsFSW3bg7s2GfgY6g-vL4NlpyX_oiq_G1uJ0Bf4Ep3RwHrd1r2ank-6DiL_RjAxpQ7rcfkrx15bNNwbFrHHn_GmAuWgLJpR7s8Hs790iOJqVf3LyNPtlf_KpyRBeCVB9zLycBxmZvgbGBlNEC0rwGtMzhsrmUEREkWir0P1nS6KcF00DwyT5V_ytDkhU8z4xdI7wtFAsnwy3sQ-pA0u3eY5SAr6n6iad9yu7-28qEUtxqhUgpe39P3wFNkda1irQF2kcopYgdRyPhRN9giCL7yJHdW3D_WsuH441S4ZGNKUFm0RKtCro4rStNQiQa5We35CaxavpQ1WeeRV8CwcFWxV6aXw0kbi-KCkX5nEIMW7cfRKoDVNgjskI4kaszSWOsbs0z1wVzLmAc5pTKzupBuN-8WNjkeiAkMy_VhiBgVvv-IK-4gcByhSwboNfbscWea5uyrEjCdzEy5sGgOWEjY54ULhsxg9AXDERInYwomL7dwuz1GxYNbU4ETsIVUgTCoyXySQk29XmPEneXRlVW0z1asDMJmLx4rLTATj5ol18KHE90COTU-SaLHp40PuJVKrwwIxZVucXqKxN941bp8Ujw_UBhLc8jNb_Rsp75RNjnffItSVs3Xh1I1BkvYPexDnoJ9xadimL2b6lHEvvs0Evm3s_wPvuxGAcFWstLEShLUhilfr4khvLqn&sai=AMfl-YQHYRFgd9DVZ5AN4v1EA4MPMQIuI-JeG6x3J7F5SR8kBKoPgiYVSZcMlC8jZSG2PuBUhKHB8VS0IPRbc0mxN3fn7PzQbSht5yhjCarQWZAoj_JCs9HAjem1-f3oLTbC-Fl9jVXQSxTDZlK5BSoRA2-1MmIxvZ9HJZ4gcx6u3z4S_Ms0mX0NS1rrCOCGcHYtWvhntX-DGJJj_PRwm-_QlM-qNKj8bzUAzEtgwZI-vsvB0c0pRuASrpIodEG054nhGe0ftcgaABfYiTWopeRz5uAekoQ-k5fWxwA_nXnr3Yd1YTydx0or18oY1I8Q2lPVkB4PGijL5rXw04jx3bOVu9JH7yPQhpc3roGdOUXs1BtaEKR2RRJ8fPliqDe1zhDroSB79tL1venAJE5FmpWmngoluuP_27vONLHkMAaC&sig=Cg0ArKJSzOU0EJFLC_SwEAE&uach_m=%5BUACH%5D&pr=missingexchangepricemacro&crd=aHR0cHM6Ly9nZW5lc2lzLmNvbQ&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=496&cbvp=1&cstd=483&cisv=r20231109.08719&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=
Requested by
Host: voting.astro.com.my
URL: https://voting.astro.com.my/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.134 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f6.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ed82c412a1d0517c38d808cdf80f705f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Wed, 29 Nov 2023 15:43:02 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
content-type
image/gif
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
dmp.quality_switch_mse.6a13042003b6018133af.js
static1.dmcdn.net/playerv5/ Frame 668F 		388 KB
116 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static1.dmcdn.net/playerv5/dmp.quality_switch_mse.6a13042003b6018133af.js
Requested by
Host: geo.dailymotion.com
URL: https://geo.dailymotion.com/player/xd17s.html?video=x8q120x
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
178.79.242.181 Frankfurt am Main, Germany, ASN22822 (LLNW, US),
Reverse DNS
https-178-79-242-181.fra.llnw.net
Software
DMS/1.0.42 /
Resource Hash
041e8c6602095e4f4dbe24c0788a7fe211cfa6b9b515dfa35eef1e00b5bdb875

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://geo.dailymotion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 29 Nov 2023 15:43:02 GMT
content-encoding
gzip
age
1840134
server-timing
total;dur=1, dc;desc="dc3"
content-length
118644
last-modified
Wed, 08 Nov 2023 08:28:44 GMT
server
DMS/1.0.42
etag
"654b46bc-61136"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=2592000
accept-ranges
bytes
timing-allow-origin
*
x-llid
6cdd70b83dcca5e549b001a9df85f4bc
expires
Fri, 08 Dec 2023 08:34:08 GMT
latencies.js
speedtest.dailymotion.com/ Frame 668F 		7 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://speedtest.dailymotion.com/latencies.js
Requested by
Host: static1.dmcdn.net
URL: https://static1.dmcdn.net/playerv5/dmp.photon_app.e282e8762fba0008fdee.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
188.65.124.91 Paris, France, ASN41690 (DAILYMOTION For peering related business, please mail peering@dailymotion.com, FR),
Reverse DNS
st.dc3.dailymotion.com
Software
/
Resource Hash
72b2181e58d5c45800d66d36702794ca5ae5bf1fbc20f106442b7eac3191a623

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://geo.dailymotion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date
Wed, 29 Nov 2023 15:43:02 GMT
Content-Encoding
gzip
Last-Modified
Thu, 17 Sep 2020 07:44:45 GMT
Content-Type
application/javascript
Cache-Control
max-age=21600, public
Accept-Ranges
bytes
Content-Length
2041
Expires
Wed, 29 Nov 2023 21:43:02 GMT
ABCFavorit-Medium.woff2
static1.dmcdn.net/ Frame 668F 		52 KB
52 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://static1.dmcdn.net/ABCFavorit-Medium.woff2
Requested by
Host: geo.dailymotion.com
URL: https://geo.dailymotion.com/player/xd17s.html?video=x8q120x
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
178.79.242.181 Frankfurt am Main, Germany, ASN22822 (LLNW, US),
Reverse DNS
https-178-79-242-181.fra.llnw.net
Software
DMS/1.0.42 /
Resource Hash
2d7e04f93797dca868560733bfe7342aabd013ae8bba52073a35bc5fd99e830b

Request headers

Referer
https://geo.dailymotion.com/
Origin
https://geo.dailymotion.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 29 Nov 2023 15:43:02 GMT
last-modified
Thu, 20 Jul 2023 12:37:15 GMT
server
DMS/1.0.42
age
2139715
etag
"64b92a7b-ce44"
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
max-age=2592000
server-timing
total;dur=1, dc;desc="dc3"
accept-ranges
bytes
timing-allow-origin
*
content-length
52804
x-llid
6ffc3c620b53e04eefa0c79126f42c06
expires
Mon, 04 Dec 2023 21:21:07 GMT
ABCFavorit-Regular.woff2
static1.dmcdn.net/ Frame 668F 		49 KB
49 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://static1.dmcdn.net/ABCFavorit-Regular.woff2
Requested by
Host: geo.dailymotion.com
URL: https://geo.dailymotion.com/player/xd17s.html?video=x8q120x
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
178.79.242.181 Frankfurt am Main, Germany, ASN22822 (LLNW, US),
Reverse DNS
https-178-79-242-181.fra.llnw.net
Software
DMS/1.0.42 /
Resource Hash
cae765e89c38588186de4b36811acb8e873a674a2ca9223dca8fb391a012082b

Request headers

Referer
https://geo.dailymotion.com/
Origin
https://geo.dailymotion.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 29 Nov 2023 15:43:02 GMT
last-modified
Thu, 20 Jul 2023 12:37:31 GMT
server
DMS/1.0.42
age
1801487
etag
"64b92a8b-c320"
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
max-age=2592000
server-timing
total;dur=1, dc;desc="dc3"
accept-ranges
bytes
timing-allow-origin
*
content-length
49952
x-llid
7ac2411794aa2917d1ba24c0e3e0ab9e
expires
Fri, 08 Dec 2023 19:18:15 GMT
generic
match.adsrvr.org/track/cmf/ Frame C2FC 		70 B
148 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?gdpr=1&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1
Requested by
Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V8VUECLAa4rDSk9sQwThJwWWlI7YlhnCwAAABgYID-AElOZs7FcLdySwaDmVu0MbncEodt41ZZZrvBZOSwOFy-ISDJycy5GO5WbslgMHOLNiaXW-Kwbdwqy2w3mIwcFofLNwUfxnKZDGqBhGX2-w4KyunpMbsMoqLrbbE7nGbPG1yg6XT4XPd6nctteHjtGr_brxcNRnMAAAAA8OD___8fAgAAAEAEAAAAAAkAAAAAFAIq_FsQuAAAAACA4f___18DABQHg3V4Pi-zPwAAAACAAAAAACABgDCUUQLgRez_xP________9_jAH6zBsZ_____zcMegA8-AB4EAIAAPAxBHb1I2QP2T6PSEFvEUYAAAAAsuW0KY5M0gkqFlX-___7rQBcAQAIYNz4hbPOojso8RYGAABAQIyWvY0QNOG15ZgFelj8frPDrvG7Xeb_________38z_mX80Qk0zM2mCMPTC1fwCAgCs-QUEAGCjbgAA3gjACTkcaDodPte9XvY3Pe0-u8JzuvztGr_brnb-RYegFYPB6gTE7AAAAADc-f___8ejZW8jBE14bakHpGyrkWs1Wy5WC5ttObPNPBPXZLKw2Waj2XCxW2zPEOSn9Wp4AnufEGGZ_b6DgnJ6eswug6joelvsDqfZcxAfNAzLySCYnwlbjFaTyWY5nC0Xk8FwNByN9mcgFssBmojBcjmZLCa71Wg12gx3o9lggQRiMEEULRpMVqPRZDEZrkaT1Wy52O02iKJVq9loMxiuZpPZbrcaDobL0QhN2GK0mkw2y-FsuZgMhqPhaDREMOJw7XaT2cStshhnbtFktlwLFzaPW-KZmBYeh3Ezcw3WotfH9LENVo7haIsEA1L2InlapBPVcrOazVwTz2q2G45My9HENNxNTLPFcuFwrDaLiViiOVmkE9ll37KtRq7VbLlYLWy25cw280xck8nCZpuNZsPFbrGvOFy73WQ2cassxplbNJkt18KFzeOWeCamhcdh3Mxcg7Xo9TF9bIOVYzjaN3aDxWQ3WQ0H-8ZusJjsJqvhYN-hcgmD3YvRe9KYPTrV5y95JmxOg8JlsHh_EtNi2p0dRCff0amTqpRFndHv9_v9fr_f7_f7DVrPwWxQ-K61iLT5eBZ313D4cTAoYongIp0oPKfL3-0yOR2ev9l1evrtnrfO5TY8vBaxRGm6SCd6vWgwmoglgtNFOhG9jKeL-o8cZLGbKxajuWQxnEsGqwQAAAAAAAAAYAmmmW4CAAAA4GRQo8Votlqng1kMVqvNarkALACAdQGDAAAAAAAA7IL-S8OmYAPCKNbYYxrhOV3-bpfJ6fD8za7T02_3vHUut-HhtTIACwBfZpt9RhBrtVrWAAAABLABAAAEcNONNwFkUdz_____OAAAADJy6AEAANDvA8oCAAAAAAD4B6BCrNVqdbuxVqsVsGCGo8lwAv____8B!&excid=22&docw=0&cijs=1&nlb=false
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://am-match.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 29 Nov 2023 15:43:02 GMT
server
Kestrel
content-length
70
content-type
image/gif
ba57726b-eb8f-4269-8afc-b3b4aca83f50-tuctc60e184
pr-bh.ybp.yahoo.com/sync/taboola/ Frame C2FC 		43 B
425 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/taboola/ba57726b-eb8f-4269-8afc-b3b4aca83f50-tuctc60e184?gdpr=1&us_privacy=1---
Requested by
Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V8VUECLAa4rDSk9sQwThJwWWlI7YlhnCwAAABgYID-AElOZs7FcLdySwaDmVu0MbncEodt41ZZZrvBZOSwOFy-ISDJycy5GO5WbslgMHOLNiaXW-Kwbdwqy2w3mIwcFofLNwUfxnKZDGqBhGX2-w4KyunpMbsMoqLrbbE7nGbPG1yg6XT4XPd6nctteHjtGr_brxcNRnMAAAAA8OD___8fAgAAAEAEAAAAAAkAAAAAFAIq_FsQuAAAAACA4f___18DABQHg3V4Pi-zPwAAAACAAAAAACABgDCUUQLgRez_xP________9_jAH6zBsZ_____zcMegA8-AB4EAIAAPAxBHb1I2QP2T6PSEFvEUYAAAAAsuW0KY5M0gkqFlX-___7rQBcAQAIYNz4hbPOojso8RYGAABAQIyWvY0QNOG15ZgFelj8frPDrvG7Xeb_________38z_mX80Qk0zM2mCMPTC1fwCAgCs-QUEAGCjbgAA3gjACTkcaDodPte9XvY3Pe0-u8JzuvztGr_brnb-RYegFYPB6gTE7AAAAADc-f___8ejZW8jBE14bakHpGyrkWs1Wy5WC5ttObPNPBPXZLKw2Waj2XCxW2zPEOSn9Wp4AnufEGGZ_b6DgnJ6eswug6joelvsDqfZcxAfNAzLySCYnwlbjFaTyWY5nC0Xk8FwNByN9mcgFssBmojBcjmZLCa71Wg12gx3o9lggQRiMEEULRpMVqPRZDEZrkaT1Wy52O02iKJVq9loMxiuZpPZbrcaDobL0QhN2GK0mkw2y-FsuZgMhqPhaDREMOJw7XaT2cStshhnbtFktlwLFzaPW-KZmBYeh3Ezcw3WotfH9LENVo7haIsEA1L2InlapBPVcrOazVwTz2q2G45My9HENNxNTLPFcuFwrDaLiViiOVmkE9ll37KtRq7VbLlYLWy25cw280xck8nCZpuNZsPFbrGvOFy73WQ2cassxplbNJkt18KFzeOWeCamhcdh3Mxcg7Xo9TF9bIOVYzjaN3aDxWQ3WQ0H-8ZusJjsJqvhYN-hcgmD3YvRe9KYPTrV5y95JmxOg8JlsHh_EtNi2p0dRCff0amTqpRFndHv9_v9fr_f7_f7DVrPwWxQ-K61iLT5eBZ313D4cTAoYongIp0oPKfL3-0yOR2ev9l1evrtnrfO5TY8vBaxRGm6SCd6vWgwmoglgtNFOhG9jKeL-o8cZLGbKxajuWQxnEsGqwQAAAAAAAAAYAmmmW4CAAAA4GRQo8Votlqng1kMVqvNarkALACAdQGDAAAAAAAA7IL-S8OmYAPCKNbYYxrhOV3-bpfJ6fD8za7T02_3vHUut-HhtTIACwBfZpt9RhBrtVrWAAAABLABAAAEcNONNwFkUdz_____OAAAADJy6AEAANDvA8oCAAAAAAD4B6BCrNVqdbuxVqsVsGCGo8lwAv____8B!&excid=22&docw=0&cijs=1&nlb=false
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d018:d29:3601:bf9c:a4a:22aa:bd3 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://am-match.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 29 Nov 2023 15:43:02 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
sync
ups.analytics.yahoo.com/ups/58785/ Frame C2FC 		0
15 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/58785/sync?redir=true&gdpr=1&us_privacy=1---
Requested by
Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V8VUECLAa4rDSk9sQwThJwWWlI7YlhnCwAAABgYID-AElOZs7FcLdySwaDmVu0MbncEodt41ZZZrvBZOSwOFy-ISDJycy5GO5WbslgMHOLNiaXW-Kwbdwqy2w3mIwcFofLNwUfxnKZDGqBhGX2-w4KyunpMbsMoqLrbbE7nGbPG1yg6XT4XPd6nctteHjtGr_brxcNRnMAAAAA8OD___8fAgAAAEAEAAAAAAkAAAAAFAIq_FsQuAAAAACA4f___18DABQHg3V4Pi-zPwAAAACAAAAAACABgDCUUQLgRez_xP________9_jAH6zBsZ_____zcMegA8-AB4EAIAAPAxBHb1I2QP2T6PSEFvEUYAAAAAsuW0KY5M0gkqFlX-___7rQBcAQAIYNz4hbPOojso8RYGAABAQIyWvY0QNOG15ZgFelj8frPDrvG7Xeb_________38z_mX80Qk0zM2mCMPTC1fwCAgCs-QUEAGCjbgAA3gjACTkcaDodPte9XvY3Pe0-u8JzuvztGr_brnb-RYegFYPB6gTE7AAAAADc-f___8ejZW8jBE14bakHpGyrkWs1Wy5WC5ttObPNPBPXZLKw2Waj2XCxW2zPEOSn9Wp4AnufEGGZ_b6DgnJ6eswug6joelvsDqfZcxAfNAzLySCYnwlbjFaTyWY5nC0Xk8FwNByN9mcgFssBmojBcjmZLCa71Wg12gx3o9lggQRiMEEULRpMVqPRZDEZrkaT1Wy52O02iKJVq9loMxiuZpPZbrcaDobL0QhN2GK0mkw2y-FsuZgMhqPhaDREMOJw7XaT2cStshhnbtFktlwLFzaPW-KZmBYeh3Ezcw3WotfH9LENVo7haIsEA1L2InlapBPVcrOazVwTz2q2G45My9HENNxNTLPFcuFwrDaLiViiOVmkE9ll37KtRq7VbLlYLWy25cw280xck8nCZpuNZsPFbrGvOFy73WQ2cassxplbNJkt18KFzeOWeCamhcdh3Mxcg7Xo9TF9bIOVYzjaN3aDxWQ3WQ0H-8ZusJjsJqvhYN-hcgmD3YvRe9KYPTrV5y95JmxOg8JlsHh_EtNi2p0dRCff0amTqpRFndHv9_v9fr_f7_f7DVrPwWxQ-K61iLT5eBZ313D4cTAoYongIp0oPKfL3-0yOR2ev9l1evrtnrfO5TY8vBaxRGm6SCd6vWgwmoglgtNFOhG9jKeL-o8cZLGbKxajuWQxnEsGqwQAAAAAAAAAYAmmmW4CAAAA4GRQo8Votlqng1kMVqvNarkALACAdQGDAAAAAAAA7IL-S8OmYAPCKNbYYxrhOV3-bpfJ6fD8za7T02_3vHUut-HhtTIACwBfZpt9RhBrtVrWAAAABLABAAAEcNONNwFkUdz_____OAAAADJy6AEAANDvA8oCAAAAAAD4B6BCrNVqdbuxVqsVsGCGo8lwAv____8B!&excid=22&docw=0&cijs=1&nlb=false
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.71.149.231 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-71-149-231.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.87 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://am-match.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 29 Nov 2023 15:43:02 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.87
age
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
partner
sync.search.spotxchange.com/ Frame A30E
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_cm&google_dbm
  • https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESEAvmhzOp4cQysgLTJUcnCTw&google_cver=1
0
0
partner
sync.search.spotxchange.com/ Frame A30E 		0
0
sync
ups.analytics.yahoo.com/ups/58269/ Frame A30E 		0
38 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/58269/sync?_origin=1&redir=true
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJq9JBD1mXwYgeaU_QEwAQ&v=APEucNUcPe7DQPBG2QpKeWP3r_NfnCf3aUxDUWU9hfTHVaj200gXxfT654Gj3XtumnUlfF2oSg4UwtmGm-KgdxKGc5ZApwmkcM9zGGY1wRCBZgduZnx8Zzvt_z4woM4LoCgV4RAUgfl2nki1aQijufRXNpl4wEaEYE2bU--Zotx2PNBA6Scssw0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.71.149.231 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-71-149-231.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.87 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 29 Nov 2023 15:43:02 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.87
age
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js
pagead2.googlesyndication.com/bg/ Frame 6DAA 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
18e6b664af7bc55ab0f963920f0da5a86e15f25fea4e223924d8f4b6723a37cf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 29 Nov 2023 12:42:36 GMT
content-encoding
br
x-content-type-options
nosniff
age
10826
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15296
x-xss-protection
0
last-modified
Mon, 06 Nov 2023 16:38:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 28 Nov 2024 12:42:36 GMT
truncated
/ Frame 830C 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
146735354f1b614ae8b06f1a206a867e247fd0a6efe0594b4c0e789c851de8d3

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type
image/png
/
pebed.dm-event.net/ Frame 668F 		15 B
363 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pebed.dm-event.net/
Requested by
Host: static1.dmcdn.net
URL: https://static1.dmcdn.net/playerv5/dmp.photon_vendor.3ce7557f0c4e78d46b63.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
188.65.124.59 Paris, France, ASN41690 (DAILYMOTION For peering related business, please mail peering@dailymotion.com, FR),
Reverse DNS
ebed2.dm.gg
Software
edward-ed/2.2.1 /
Resource Hash
a29ee2b15c494311c52521766e44af56a3ad2248e7a8ab465e5206463c13d288

Request headers

Accept
application/json, text/plain, */*
Referer
https://geo.dailymotion.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type
text/plain; charset=UTF-8

Response headers

Date
Wed, 29 Nov 2023 15:43:02 GMT
Server
edward-ed/2.2.1
Access-Control-Max-Age
604800
Access-Control-Allow-Methods
POST
Content-Type
application/json
Access-Control-Allow-Origin
*
Access-Control-Allow-Headers
Content-Encoding, X-Dm-EventBus-Compression-Duration, X-Dm-EventBus-Worker-Duration
Content-Length
15
Enabler_01_247.js
s0.2mdn.net/879366/ Frame A53E 		118 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/Enabler_01_247.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/11952719878557111332/index.html?e=69&leftOffset=0&topOffset=0&c=SeeFuYCFHA&t=1&renderingType=2&ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e2ec81b19233fd4cd6ef5adcb45c0cbec6bd5673716ba0454ce56b67486ece46
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/11952719878557111332/index.html?e=69&leftOffset=0&topOffset=0&c=SeeFuYCFHA&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 29 Nov 2023 04:12:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
41429
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
41099
x-xss-protection
0
last-modified
Mon, 27 Sep 2021 18:45:07 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 30 Nov 2023 04:12:33 GMT
dmp.omweb.d252f0b4c506271f4ce7.js
static1.dmcdn.net/playerv5/ Frame 668F 		40 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static1.dmcdn.net/playerv5/dmp.omweb.d252f0b4c506271f4ce7.js
Requested by
Host: geo.dailymotion.com
URL: https://geo.dailymotion.com/player/xd17s.html?video=x8q120x
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
178.79.242.181 Frankfurt am Main, Germany, ASN22822 (LLNW, US),
Reverse DNS
https-178-79-242-181.fra.llnw.net
Software
DMS/1.0.42 /
Resource Hash
c9f581d340bfc6744ba2045f76253c9cf32ea544ed3f777cc9f4f53e81e9e858

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://geo.dailymotion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 29 Nov 2023 15:43:02 GMT
content-encoding
gzip
age
1926842
server-timing
total;dur=1, dc;desc="dc3"
content-length
13985
last-modified
Tue, 07 Nov 2023 07:47:39 GMT
server
DMS/1.0.42
etag
"6549eb9b-a187"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=2592000
accept-ranges
bytes
timing-allow-origin
*
x-llid
1ed52856e889ead7184e009776de0c64
expires
Thu, 07 Dec 2023 08:29:00 GMT
dmp.omid_session_client.b1d60b053fa0dabbdda9.js
static1.dmcdn.net/playerv5/ Frame 668F 		68 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static1.dmcdn.net/playerv5/dmp.omid_session_client.b1d60b053fa0dabbdda9.js
Requested by
Host: geo.dailymotion.com
URL: https://geo.dailymotion.com/player/xd17s.html?video=x8q120x
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
178.79.242.181 Frankfurt am Main, Germany, ASN22822 (LLNW, US),
Reverse DNS
https-178-79-242-181.fra.llnw.net
Software
DMS/1.0.42 /
Resource Hash
e51bf4a5da89c223a83617078b466770b1e4d590f2430e74de39ce765762c840

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://geo.dailymotion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 29 Nov 2023 15:43:02 GMT
content-encoding
gzip
age
1844491
server-timing
total;dur=1, dc;desc="dc3"
content-length
13451
last-modified
Tue, 07 Nov 2023 14:16:57 GMT
server
DMS/1.0.42
etag
"654a46d9-11010"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=2592000
accept-ranges
bytes
timing-allow-origin
*
x-llid
3ee483cbc9ca11b016ba1b10d1a8dfd7
expires
Fri, 08 Dec 2023 07:21:31 GMT
ima3.js
imasdk.googleapis.com/js/sdkloader/ Frame 5133 		365 KB
125 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/sdkloader/ima3.js
Requested by
Host: static1.dmcdn.net
URL: https://static1.dmcdn.net/playerv5/dmp.advertising.addcd9af4b8891dfe5e2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4a32283aaba0418ac1b0953af32fbe71948d43e7cdc08abeca552a9373809087
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://geo.dailymotion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 29 Nov 2023 15:43:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
128094
x-xss-protection
0
expires
Wed, 29 Nov 2023 15:43:02 GMT
62bHydCX.html
tpc.googlesyndication.com/sodar/ Frame E8A2 		38 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/62bHydCX.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ed82c412a1d0517c38d808cdf80f705f.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
303862
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
br
content-length
13045
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sun, 26 Nov 2023 03:18:40 GMT
expires
Mon, 25 Nov 2024 03:18:40 GMT
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
gen_204
pagead2.googlesyndication.com/pagead/ Frame 0A2B 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=5204780568096&version=m202309260101
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ed82c412a1d0517c38d808cdf80f705f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 29 Nov 2023 15:43:02 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 0A2B 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=5204780568096&version=m202309260101&ct=119&x=1&cor=3405658971059314700
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ed82c412a1d0517c38d808cdf80f705f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 29 Nov 2023 15:43:02 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame 0A2B 		92 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BHQ20_MUzr1eRaytxM3IWMEpaOtGWPIJhGN2YqUakWcIUCSPjewkxvem9WK54CIR2E1MtycpjumIcyUlKilLCb2qpx3aUk4f1HS_YBi3A_aBoY4XgU9CuxlulgMMMNeYBBjNnq3j7o3rQzXaL0rkbP0EDImtPIGIRgQcN_CzSVl2MG6xHKhSSToA9_E8KcsDXinygc&cry=1&dbm_d=AKAmf-BOeUXKpb4TtycLJ4MCjpaORUM8y21LOFOxaF8wn74poppKof5Ipk9NamhGuLSqb8YM-ZW_vSA_0R6S6KwzndWXIftgAR-II3TjR8R7MA-INrYmP60sgoRemLwzPhNYtJ5fhOtoocgSHj1tXz8PXAe4GdtPjTp2p3knEwgitTcPjUj1u0eETJItpwhRE-pdqrr1NuxGylQOm8boxNs9oICxA3w4EpmNrp7uYP5AFISZ185DbcLeINDdK8s1E65iDpqheCyUXpctHzzdW6H4Sl65HUZEeZlaEhfDLlPttY8qluyYTvDIFh1crY7Y2NsmQ7cjPdjNj3NdG4l-2RNxrG0Rms4hh-0Rusz7rsK3t9ccomfF5BldC0UhW4z0zC0uOvqj5se7cfwwE7K1RP1pHJ4hynDwekIswkp6m5iUgypXA8RUmwz6A1zXWodULyS1pUi3gSgWOg118LBs1_8UvN-6PlmVub1Bmp35VimlIrpnUp-nMmZZDC-p-mtchgDJKn-laYqNKKlMGy2OGcQZm3Map7gg6yzX9w93i3JH_7t6IeOV3VXRtMh1H2UuZpmoYSwj3R9ZRmO8ANRlJwWj5pOKZtT9J7tz4hNR-RJrUmEnzlXH50NQxM5FyqBGaa-u4iXE5w8wCq3Ovg7rZVr5p6HPfENtrcXdirsaBnLEaKQwigh2woXCUKhkzZjA8yxjINdmtXgxagSy-gJdOkZXzuymgNS3etuEnJ3r1GrqArqnYCRFAr_f19sOpXjX-xXexdDhkRnHvUXLehhscVTLkLDRwiFZJO6EJc3MFnAgiaSvlGMHmYIxPvatWRCTMGt_BK8PvM_Cl_2uqXRXslMglmAJ4cXsepuaAS4ZNZAPLQv7pMXdtnsMX9ro-N46pAkSf8UBb6DLoqWqeZ99YozW4gSdBKfzQz3kTpH-FwpS27StlJ2S5WFgETUiO2TFVmMXW3V6zp432IPUGp33Lz0nYInHWqQsr0QVQt73SEGAaDwnQRYp0iBCbCTjvczZ_tiaDrwMsA9AZDKzpNZRuNZa3dcyWWA3y6ZGDsJCo4fibo2noahqqC7GAFp74qqfLk10oiU-YYcK6Ov6s093ri60BFSjDbdsuJNe3LagfByShbsZd6sSxz-b0V4kUPTjqOprFNX36liDzs5lYY_DePw4nlDojofbq8mXR-PTbhcP58_T20sBABH1zGGmyjK4zDfBeCnRQKvJi3oWsE3vXJaueFfC0gFjhLG1j2-H4N4w0_kUiPAWfegosf-AQU31Uv2-iu_Es-scvq5VAT5bInNSLapGhv73_4mfjnPKbic44DT_gCxYfQGdrDj0wy31ZY7CRE3ok7lXV3mJyiRpq8H9lgLAHJ7QJRwjyvXlHwGLtyjIK0UBiZFHob5csxKTn8O0CKfx_dQZj74-k0ivq12mWzs0LashkAw0zOdYmxrVwOQ6Nn7mWzw4ZjvT0KO_XTaJZxganz0Y31hw1ud388JSohr1_tDqAXT6XvTnGfo__DxuxBkgdbLH0nmqFjjwqq_mOUFyc1SOd1JXeLzNBF7fPMGlcA7a0akkAfFBcdeuw0ZNWj-JWPJhMbsKGQf_pLCAQO5MspQNI5Yj7zzKEktlRmxweuoyJ5fcGvzEpz1hxpAmBm6r56CQ9JzZ-cTf7SmGfC1yqgGk_-7VQX--3covFnhcDWEVJi8T4fXW9qabjSj8p6Ia3ANpT_FaTZuT5nXk-1kGF2_NsObaVqQuXzKuuxd99KpZZMoe3tLMNQciACAS1iwub7yOsOd_dGqYpK2nI0ERurGeYOTwjBZxqeASyY-Y53BK0KjNdRr40u5FUc5WGLdkuVIwUOezuQpL0TJcSlhh3dw1_feqppNI6r1JDWrBFzvrfn60sKSUp6-B4dhOdlG_xSpzG4wdpxHB4_s3gnw7nNUFhqRbd7ex9QWzuYim4O-ROSDFeYuqilfeso7dyyx3aoL0S38yrmPfQrj8KbBED6C_Rb6MijESq6glEapuzg6xNYeP33-eCM1tCzJUQO9p_5r-6drCgxDPGV2UcELWL4IiHBvvq9eE5CZ7uqjNgqaSz6zTh4pwetzV7aM4NHInJ3vXx55nINTSXQspigeO5B7nESLix2xJAo5nzFaTirABY1dHNE7_XDtJg-_oZW6M-VK_77FktfririVSUqP6Wfb-dCv6TpZdM03w306ayeg5JFbxAYwgoA57oQCt_Mgf-Cm4g-k4UJIQe2LBfMW-AODC4egBa8gOKUYM5oXO6zkYaPqgZ14tK4WMBWDLmqGB_xR5Q18w34jpn2WibOaBB2QQGIfg9iH9YfWkK9zaxxPwReoirFnq83hAUmbucw5Y4OREh86bQT3wI-ZWhMA-TN3IbzErNb_RHY6qsZmcH2qHB5TDFzc9-op7muDKuMJGZZFrk2I4QOvjGrLGQEPfo_VL8cYwRj4N4md4xw0rZov3wH46EjhAlJzFC6Dz2bQPQ4hGG9L2fqxjo8OxVoWpzpeIABsCl2pybSUoG52sX_OuRKs8HRx5_x0YGFz7LUe8whppz10H4KO0LwYQktgROZRkYIqj0guDOIZ8g_nCGTddnEjpIJo31LqQ21mnZ1vXfoT2bXsMbliTqXm1XVJn_X2h9JTdg1weYHmoP932-Q9tT2P1BelDrPIYFDhdtzVMnbiRn0CDTZ_pD-7y3l172Gq3ZdU4CMSogkwzJfF-7FTvuNSW8XHTEgDTj4Dgx5SGVW9iJNkGj-gnbPGe_2VYq6CUWEkELuVZZZjHE9WUC6BYgWyra2gcOFcQ6Ic_zOnfIEfKvWtIOQFdeg-V6dlNEy_escnw9skgbjnU5WbRFaKlJ-ywzycee1w86254Gbfath39hNO6dBSe4RbCwd0INslgjAYIxIWSL8ypNZdlRinewUq1KWMdtczgBIFQHiOgXPjaH1mX4nHY-5dm7YeuVfY5hYvYMnM_oF8WdgFjEQR80HuviqjuxgMMtKRYsghA5C_r-kXX-rvA7A1iZHvR0we3TF6yfcA0zMqryOsS0L2CsEQocgizccQN63TUFgnJI-Uwh4GcMdQdzVmo5BXiG7OBRPbLeP1sMR_XUNen_0fMIyiNz_qA5Swrsfua5x6h_zZPoyh0F48F1jW__BMs3XJutOt7flg0Y6PTJDDC6hl_pG3-8vZX2sg6aOsIxt87Z2WdalIOaVoZzYtdUYovj4l0bKTpuGssd28dEDvBQ_s3rz139s7polm8TBJ0KsoTehIECyWrEV7Et7w-19iOE9xCmoOigq1pvuHzyG7RyFQ1qD6eNMs3t5-3qQg3_7VDistKUG9PqbvHD5_5pduUK3H_3V7_wEZAJJ3P6SQ7JlnMfbBgLHLxbKUPLhbvhCMs3cfRcvDRVwx5aUe8Zi9PXEILTap3h6D350_c3BFu3U7OrZVf_w2ns0nWZUzhwWvUmAvfVUnQF5bWkZIvRw3BhKhKUMJrPtUR_-x7rjk_a4heV4fmIA43A-Jlg7G-ZJ16u16Br-0tPKrIskte_Kd7l66WLFFmqci7z5iIIqVRU-tsLb62ZdLloglxj2b6hbMK7jOk_-wQNAmEyc_c-DkOslIkbRwqHxmx-8h3cTvRvkROt8gED9k1UWuCOAn4t78pe-IEY6kGLsHpc9lNAO2sE-GtupWl4XBKGauvWD-KkDPtq2BAOTcj0SDYwj81ltM0DXMfE9tpkR_i7sRkPJia6YEf-xw52nyVHIGWBf7p7plzSSf6OhKFfYhc1dD_0sYycw2mQ5URaIjs9w6eKgWTngg8_HmdJ7z25IX3Zdhtli2cCGnTZj60SUhKy7ddFbMdXm3sOEp-OP-r6UV-xZtX6VVpPVZcXHdlb1qLpv3Q4qaR1sr1mviH6BGahSvP4XpyVVvJLoiJ1HlNnRMw9oB0nfa-pm09gWmQBJSjZUo8WOcujqESJVRkpZLGpGInbdcYV_TUxjHhFtxUqj29jewQxcbUS_fqG_N8f-9kOgt0exWCicdL7bfUtHWphIgGLuEpa4tGqSG_XR5xVyZQnS9aqJltvneRK5uOaKhKb8JwNOdsPrGWHCoM-ZnoNISy81nm-vytERtwnhp3tD7NN63WqwO_QjJynvfmt9Aazv2KE8WlYLi7kx1MT_mjB_-eu53AaMbyCtVjv-0Qlek775pWBk5j0vXnfXckXpNePexXwXRNVwKOadHrwFzYRLFR7VIzkFfTxOoP7DljuvQQELkLtXd28JU-L2MVRH0JBm40IfKrCy4_OVAiXmsjwO7THBSgPVYF1nVqf_kbUvu49RM11pCVDLHYo0pZebLjLH41LzeQxb6dp4kspZ-MsyTcT6sMELlkVBSpFFWaatcP2k-4A0OAYSvJ468uXDuDSIn32PjMG9zG128fjFr-7LyY5gEvkNGFvQdEsFWKC-n0tOAxbuYlI1HDD7frzUJmC54cAPruYk48mQZk7UlMdDqrcoXvKCEAJGm173Y9E90MlzJmt-wI&cid=CAQSPADICaaN7Y5UYm4oicmXVqQyZnCa9GBnJf7rdqxPN6MB5e9UdKLD6ROEPHldXPKQ1HKeeyKakSayL2cZtBgB&dv3_ver=m202309260101&rfl=https%3A%2F%2Fgempak.com%2F%2F404&ds=l&xdt=1&iif=1&cor=3405658971059314700&adk=4188270525&idt=97&cac=0&dtd=49
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
28c4de9371140b5ed86eb4e7837882cd1d48e0641066ce98a223b9692c164a18
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ed82c412a1d0517c38d808cdf80f705f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 29 Nov 2023 15:43:02 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
38796
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
bz
www.facebook.com/ajax/ Frame 0B36 		0
0
bz
www.facebook.com/ajax/ Frame 0B36 		0
0
bz
www.facebook.com/ajax/ Frame 0B36 		0
0
GenesisSansHead-Light.woff2
s0.2mdn.net/sadbundle/11952719878557111332/ Frame A53E 		23 KB
23 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/11952719878557111332/GenesisSansHead-Light.woff2
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/11952719878557111332/index.html?e=69&leftOffset=0&topOffset=0&c=SeeFuYCFHA&t=1&renderingType=2&ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bba2d5622e1a33c1bd924e07f396c234a390f0bf9bb5fd1394521df422ad3607
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/sadbundle/11952719878557111332/index.html?e=69&leftOffset=0&topOffset=0&c=SeeFuYCFHA&t=1&renderingType=2&ev=01_250
Origin
https://s0.2mdn.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 17:53:13 GMT
x-content-type-options
nosniff
age
424189
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
23900
x-xss-protection
0
last-modified
Tue, 07 Feb 2023 13:03:48 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 23 Nov 2024 17:53:13 GMT
GenesisSansHead-Regular.woff2
s0.2mdn.net/sadbundle/11952719878557111332/ Frame A53E 		23 KB
23 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/11952719878557111332/GenesisSansHead-Regular.woff2
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/11952719878557111332/index.html?e=69&leftOffset=0&topOffset=0&c=SeeFuYCFHA&t=1&renderingType=2&ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
43cbe861b09360a856de530e3aac37acab9201d0eb166c906b26e0f71fc6ff23
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/sadbundle/11952719878557111332/index.html?e=69&leftOffset=0&topOffset=0&c=SeeFuYCFHA&t=1&renderingType=2&ev=01_250
Origin
https://s0.2mdn.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 16:16:04 GMT
x-content-type-options
nosniff
age
430018
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
23636
x-xss-protection
0
last-modified
Tue, 07 Feb 2023 13:03:48 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 23 Nov 2024 16:16:04 GMT
GenesisSansText-Regular.woff2
s0.2mdn.net/sadbundle/11952719878557111332/ Frame A53E 		37 KB
37 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/11952719878557111332/GenesisSansText-Regular.woff2
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/11952719878557111332/index.html?e=69&leftOffset=0&topOffset=0&c=SeeFuYCFHA&t=1&renderingType=2&ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
46b2dc3fc5e9ccbcde38dfcc96d4545befae794ae947ea3602693f2e7126b057
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/sadbundle/11952719878557111332/index.html?e=69&leftOffset=0&topOffset=0&c=SeeFuYCFHA&t=1&renderingType=2&ev=01_250
Origin
https://s0.2mdn.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sat, 25 Nov 2023 04:12:27 GMT
x-content-type-options
nosniff
age
387035
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
38296
x-xss-protection
0
last-modified
Tue, 07 Feb 2023 13:03:48 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 24 Nov 2024 04:12:27 GMT
express_html_inpage_rendering_lib_200_278.js
s0.2mdn.net/879366/ Frame 0A2B 		111 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js
Requested by
Host: voting.astro.com.my
URL: https://voting.astro.com.my/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ed82c412a1d0517c38d808cdf80f705f.safeframe.googlesyndication.com/
Origin
https://ed82c412a1d0517c38d808cdf80f705f.safeframe.googlesyndication.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 29 Nov 2023 07:40:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
28954
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
39806
x-xss-protection
0
last-modified
Tue, 14 Mar 2023 18:44:05 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 30 Nov 2023 07:40:28 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20231109/r20110914/elements/html/ Frame 0A2B 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20231109/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BHQ20_MUzr1eRaytxM3IWMEpaOtGWPIJhGN2YqUakWcIUCSPjewkxvem9WK54CIR2E1MtycpjumIcyUlKilLCb2qpx3aUk4f1HS_YBi3A_aBoY4XgU9CuxlulgMMMNeYBBjNnq3j7o3rQzXaL0rkbP0EDImtPIGIRgQcN_CzSVl2MG6xHKhSSToA9_E8KcsDXinygc&cry=1&dbm_d=AKAmf-BOeUXKpb4TtycLJ4MCjpaORUM8y21LOFOxaF8wn74poppKof5Ipk9NamhGuLSqb8YM-ZW_vSA_0R6S6KwzndWXIftgAR-II3TjR8R7MA-INrYmP60sgoRemLwzPhNYtJ5fhOtoocgSHj1tXz8PXAe4GdtPjTp2p3knEwgitTcPjUj1u0eETJItpwhRE-pdqrr1NuxGylQOm8boxNs9oICxA3w4EpmNrp7uYP5AFISZ185DbcLeINDdK8s1E65iDpqheCyUXpctHzzdW6H4Sl65HUZEeZlaEhfDLlPttY8qluyYTvDIFh1crY7Y2NsmQ7cjPdjNj3NdG4l-2RNxrG0Rms4hh-0Rusz7rsK3t9ccomfF5BldC0UhW4z0zC0uOvqj5se7cfwwE7K1RP1pHJ4hynDwekIswkp6m5iUgypXA8RUmwz6A1zXWodULyS1pUi3gSgWOg118LBs1_8UvN-6PlmVub1Bmp35VimlIrpnUp-nMmZZDC-p-mtchgDJKn-laYqNKKlMGy2OGcQZm3Map7gg6yzX9w93i3JH_7t6IeOV3VXRtMh1H2UuZpmoYSwj3R9ZRmO8ANRlJwWj5pOKZtT9J7tz4hNR-RJrUmEnzlXH50NQxM5FyqBGaa-u4iXE5w8wCq3Ovg7rZVr5p6HPfENtrcXdirsaBnLEaKQwigh2woXCUKhkzZjA8yxjINdmtXgxagSy-gJdOkZXzuymgNS3etuEnJ3r1GrqArqnYCRFAr_f19sOpXjX-xXexdDhkRnHvUXLehhscVTLkLDRwiFZJO6EJc3MFnAgiaSvlGMHmYIxPvatWRCTMGt_BK8PvM_Cl_2uqXRXslMglmAJ4cXsepuaAS4ZNZAPLQv7pMXdtnsMX9ro-N46pAkSf8UBb6DLoqWqeZ99YozW4gSdBKfzQz3kTpH-FwpS27StlJ2S5WFgETUiO2TFVmMXW3V6zp432IPUGp33Lz0nYInHWqQsr0QVQt73SEGAaDwnQRYp0iBCbCTjvczZ_tiaDrwMsA9AZDKzpNZRuNZa3dcyWWA3y6ZGDsJCo4fibo2noahqqC7GAFp74qqfLk10oiU-YYcK6Ov6s093ri60BFSjDbdsuJNe3LagfByShbsZd6sSxz-b0V4kUPTjqOprFNX36liDzs5lYY_DePw4nlDojofbq8mXR-PTbhcP58_T20sBABH1zGGmyjK4zDfBeCnRQKvJi3oWsE3vXJaueFfC0gFjhLG1j2-H4N4w0_kUiPAWfegosf-AQU31Uv2-iu_Es-scvq5VAT5bInNSLapGhv73_4mfjnPKbic44DT_gCxYfQGdrDj0wy31ZY7CRE3ok7lXV3mJyiRpq8H9lgLAHJ7QJRwjyvXlHwGLtyjIK0UBiZFHob5csxKTn8O0CKfx_dQZj74-k0ivq12mWzs0LashkAw0zOdYmxrVwOQ6Nn7mWzw4ZjvT0KO_XTaJZxganz0Y31hw1ud388JSohr1_tDqAXT6XvTnGfo__DxuxBkgdbLH0nmqFjjwqq_mOUFyc1SOd1JXeLzNBF7fPMGlcA7a0akkAfFBcdeuw0ZNWj-JWPJhMbsKGQf_pLCAQO5MspQNI5Yj7zzKEktlRmxweuoyJ5fcGvzEpz1hxpAmBm6r56CQ9JzZ-cTf7SmGfC1yqgGk_-7VQX--3covFnhcDWEVJi8T4fXW9qabjSj8p6Ia3ANpT_FaTZuT5nXk-1kGF2_NsObaVqQuXzKuuxd99KpZZMoe3tLMNQciACAS1iwub7yOsOd_dGqYpK2nI0ERurGeYOTwjBZxqeASyY-Y53BK0KjNdRr40u5FUc5WGLdkuVIwUOezuQpL0TJcSlhh3dw1_feqppNI6r1JDWrBFzvrfn60sKSUp6-B4dhOdlG_xSpzG4wdpxHB4_s3gnw7nNUFhqRbd7ex9QWzuYim4O-ROSDFeYuqilfeso7dyyx3aoL0S38yrmPfQrj8KbBED6C_Rb6MijESq6glEapuzg6xNYeP33-eCM1tCzJUQO9p_5r-6drCgxDPGV2UcELWL4IiHBvvq9eE5CZ7uqjNgqaSz6zTh4pwetzV7aM4NHInJ3vXx55nINTSXQspigeO5B7nESLix2xJAo5nzFaTirABY1dHNE7_XDtJg-_oZW6M-VK_77FktfririVSUqP6Wfb-dCv6TpZdM03w306ayeg5JFbxAYwgoA57oQCt_Mgf-Cm4g-k4UJIQe2LBfMW-AODC4egBa8gOKUYM5oXO6zkYaPqgZ14tK4WMBWDLmqGB_xR5Q18w34jpn2WibOaBB2QQGIfg9iH9YfWkK9zaxxPwReoirFnq83hAUmbucw5Y4OREh86bQT3wI-ZWhMA-TN3IbzErNb_RHY6qsZmcH2qHB5TDFzc9-op7muDKuMJGZZFrk2I4QOvjGrLGQEPfo_VL8cYwRj4N4md4xw0rZov3wH46EjhAlJzFC6Dz2bQPQ4hGG9L2fqxjo8OxVoWpzpeIABsCl2pybSUoG52sX_OuRKs8HRx5_x0YGFz7LUe8whppz10H4KO0LwYQktgROZRkYIqj0guDOIZ8g_nCGTddnEjpIJo31LqQ21mnZ1vXfoT2bXsMbliTqXm1XVJn_X2h9JTdg1weYHmoP932-Q9tT2P1BelDrPIYFDhdtzVMnbiRn0CDTZ_pD-7y3l172Gq3ZdU4CMSogkwzJfF-7FTvuNSW8XHTEgDTj4Dgx5SGVW9iJNkGj-gnbPGe_2VYq6CUWEkELuVZZZjHE9WUC6BYgWyra2gcOFcQ6Ic_zOnfIEfKvWtIOQFdeg-V6dlNEy_escnw9skgbjnU5WbRFaKlJ-ywzycee1w86254Gbfath39hNO6dBSe4RbCwd0INslgjAYIxIWSL8ypNZdlRinewUq1KWMdtczgBIFQHiOgXPjaH1mX4nHY-5dm7YeuVfY5hYvYMnM_oF8WdgFjEQR80HuviqjuxgMMtKRYsghA5C_r-kXX-rvA7A1iZHvR0we3TF6yfcA0zMqryOsS0L2CsEQocgizccQN63TUFgnJI-Uwh4GcMdQdzVmo5BXiG7OBRPbLeP1sMR_XUNen_0fMIyiNz_qA5Swrsfua5x6h_zZPoyh0F48F1jW__BMs3XJutOt7flg0Y6PTJDDC6hl_pG3-8vZX2sg6aOsIxt87Z2WdalIOaVoZzYtdUYovj4l0bKTpuGssd28dEDvBQ_s3rz139s7polm8TBJ0KsoTehIECyWrEV7Et7w-19iOE9xCmoOigq1pvuHzyG7RyFQ1qD6eNMs3t5-3qQg3_7VDistKUG9PqbvHD5_5pduUK3H_3V7_wEZAJJ3P6SQ7JlnMfbBgLHLxbKUPLhbvhCMs3cfRcvDRVwx5aUe8Zi9PXEILTap3h6D350_c3BFu3U7OrZVf_w2ns0nWZUzhwWvUmAvfVUnQF5bWkZIvRw3BhKhKUMJrPtUR_-x7rjk_a4heV4fmIA43A-Jlg7G-ZJ16u16Br-0tPKrIskte_Kd7l66WLFFmqci7z5iIIqVRU-tsLb62ZdLloglxj2b6hbMK7jOk_-wQNAmEyc_c-DkOslIkbRwqHxmx-8h3cTvRvkROt8gED9k1UWuCOAn4t78pe-IEY6kGLsHpc9lNAO2sE-GtupWl4XBKGauvWD-KkDPtq2BAOTcj0SDYwj81ltM0DXMfE9tpkR_i7sRkPJia6YEf-xw52nyVHIGWBf7p7plzSSf6OhKFfYhc1dD_0sYycw2mQ5URaIjs9w6eKgWTngg8_HmdJ7z25IX3Zdhtli2cCGnTZj60SUhKy7ddFbMdXm3sOEp-OP-r6UV-xZtX6VVpPVZcXHdlb1qLpv3Q4qaR1sr1mviH6BGahSvP4XpyVVvJLoiJ1HlNnRMw9oB0nfa-pm09gWmQBJSjZUo8WOcujqESJVRkpZLGpGInbdcYV_TUxjHhFtxUqj29jewQxcbUS_fqG_N8f-9kOgt0exWCicdL7bfUtHWphIgGLuEpa4tGqSG_XR5xVyZQnS9aqJltvneRK5uOaKhKb8JwNOdsPrGWHCoM-ZnoNISy81nm-vytERtwnhp3tD7NN63WqwO_QjJynvfmt9Aazv2KE8WlYLi7kx1MT_mjB_-eu53AaMbyCtVjv-0Qlek775pWBk5j0vXnfXckXpNePexXwXRNVwKOadHrwFzYRLFR7VIzkFfTxOoP7DljuvQQELkLtXd28JU-L2MVRH0JBm40IfKrCy4_OVAiXmsjwO7THBSgPVYF1nVqf_kbUvu49RM11pCVDLHYo0pZebLjLH41LzeQxb6dp4kspZ-MsyTcT6sMELlkVBSpFFWaatcP2k-4A0OAYSvJ468uXDuDSIn32PjMG9zG128fjFr-7LyY5gEvkNGFvQdEsFWKC-n0tOAxbuYlI1HDD7frzUJmC54cAPruYk48mQZk7UlMdDqrcoXvKCEAJGm173Y9E90MlzJmt-wI&cid=CAQSPADICaaN7Y5UYm4oicmXVqQyZnCa9GBnJf7rdqxPN6MB5e9UdKLD6ROEPHldXPKQ1HKeeyKakSayL2cZtBgB&dv3_ver=m202309260101&rfl=https%3A%2F%2Fgempak.com%2F%2F404&ds=l&xdt=1&iif=1&cor=3405658971059314700&adk=4188270525&idt=97&cac=0&dtd=49
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
47a0342d90a877ec7125c3a38706b2faefa9b867661ebcef4a98ec6cf3e60b40
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ed82c412a1d0517c38d808cdf80f705f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 16:17:22 GMT
content-encoding
br
x-content-type-options
nosniff
age
84340
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4206
x-xss-protection
0
server
cafe
etag
17947678125179771625
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 12 Dec 2023 16:17:22 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20231109/r20110914/ Frame 0A2B 		31 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20231109/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BHQ20_MUzr1eRaytxM3IWMEpaOtGWPIJhGN2YqUakWcIUCSPjewkxvem9WK54CIR2E1MtycpjumIcyUlKilLCb2qpx3aUk4f1HS_YBi3A_aBoY4XgU9CuxlulgMMMNeYBBjNnq3j7o3rQzXaL0rkbP0EDImtPIGIRgQcN_CzSVl2MG6xHKhSSToA9_E8KcsDXinygc&cry=1&dbm_d=AKAmf-BOeUXKpb4TtycLJ4MCjpaORUM8y21LOFOxaF8wn74poppKof5Ipk9NamhGuLSqb8YM-ZW_vSA_0R6S6KwzndWXIftgAR-II3TjR8R7MA-INrYmP60sgoRemLwzPhNYtJ5fhOtoocgSHj1tXz8PXAe4GdtPjTp2p3knEwgitTcPjUj1u0eETJItpwhRE-pdqrr1NuxGylQOm8boxNs9oICxA3w4EpmNrp7uYP5AFISZ185DbcLeINDdK8s1E65iDpqheCyUXpctHzzdW6H4Sl65HUZEeZlaEhfDLlPttY8qluyYTvDIFh1crY7Y2NsmQ7cjPdjNj3NdG4l-2RNxrG0Rms4hh-0Rusz7rsK3t9ccomfF5BldC0UhW4z0zC0uOvqj5se7cfwwE7K1RP1pHJ4hynDwekIswkp6m5iUgypXA8RUmwz6A1zXWodULyS1pUi3gSgWOg118LBs1_8UvN-6PlmVub1Bmp35VimlIrpnUp-nMmZZDC-p-mtchgDJKn-laYqNKKlMGy2OGcQZm3Map7gg6yzX9w93i3JH_7t6IeOV3VXRtMh1H2UuZpmoYSwj3R9ZRmO8ANRlJwWj5pOKZtT9J7tz4hNR-RJrUmEnzlXH50NQxM5FyqBGaa-u4iXE5w8wCq3Ovg7rZVr5p6HPfENtrcXdirsaBnLEaKQwigh2woXCUKhkzZjA8yxjINdmtXgxagSy-gJdOkZXzuymgNS3etuEnJ3r1GrqArqnYCRFAr_f19sOpXjX-xXexdDhkRnHvUXLehhscVTLkLDRwiFZJO6EJc3MFnAgiaSvlGMHmYIxPvatWRCTMGt_BK8PvM_Cl_2uqXRXslMglmAJ4cXsepuaAS4ZNZAPLQv7pMXdtnsMX9ro-N46pAkSf8UBb6DLoqWqeZ99YozW4gSdBKfzQz3kTpH-FwpS27StlJ2S5WFgETUiO2TFVmMXW3V6zp432IPUGp33Lz0nYInHWqQsr0QVQt73SEGAaDwnQRYp0iBCbCTjvczZ_tiaDrwMsA9AZDKzpNZRuNZa3dcyWWA3y6ZGDsJCo4fibo2noahqqC7GAFp74qqfLk10oiU-YYcK6Ov6s093ri60BFSjDbdsuJNe3LagfByShbsZd6sSxz-b0V4kUPTjqOprFNX36liDzs5lYY_DePw4nlDojofbq8mXR-PTbhcP58_T20sBABH1zGGmyjK4zDfBeCnRQKvJi3oWsE3vXJaueFfC0gFjhLG1j2-H4N4w0_kUiPAWfegosf-AQU31Uv2-iu_Es-scvq5VAT5bInNSLapGhv73_4mfjnPKbic44DT_gCxYfQGdrDj0wy31ZY7CRE3ok7lXV3mJyiRpq8H9lgLAHJ7QJRwjyvXlHwGLtyjIK0UBiZFHob5csxKTn8O0CKfx_dQZj74-k0ivq12mWzs0LashkAw0zOdYmxrVwOQ6Nn7mWzw4ZjvT0KO_XTaJZxganz0Y31hw1ud388JSohr1_tDqAXT6XvTnGfo__DxuxBkgdbLH0nmqFjjwqq_mOUFyc1SOd1JXeLzNBF7fPMGlcA7a0akkAfFBcdeuw0ZNWj-JWPJhMbsKGQf_pLCAQO5MspQNI5Yj7zzKEktlRmxweuoyJ5fcGvzEpz1hxpAmBm6r56CQ9JzZ-cTf7SmGfC1yqgGk_-7VQX--3covFnhcDWEVJi8T4fXW9qabjSj8p6Ia3ANpT_FaTZuT5nXk-1kGF2_NsObaVqQuXzKuuxd99KpZZMoe3tLMNQciACAS1iwub7yOsOd_dGqYpK2nI0ERurGeYOTwjBZxqeASyY-Y53BK0KjNdRr40u5FUc5WGLdkuVIwUOezuQpL0TJcSlhh3dw1_feqppNI6r1JDWrBFzvrfn60sKSUp6-B4dhOdlG_xSpzG4wdpxHB4_s3gnw7nNUFhqRbd7ex9QWzuYim4O-ROSDFeYuqilfeso7dyyx3aoL0S38yrmPfQrj8KbBED6C_Rb6MijESq6glEapuzg6xNYeP33-eCM1tCzJUQO9p_5r-6drCgxDPGV2UcELWL4IiHBvvq9eE5CZ7uqjNgqaSz6zTh4pwetzV7aM4NHInJ3vXx55nINTSXQspigeO5B7nESLix2xJAo5nzFaTirABY1dHNE7_XDtJg-_oZW6M-VK_77FktfririVSUqP6Wfb-dCv6TpZdM03w306ayeg5JFbxAYwgoA57oQCt_Mgf-Cm4g-k4UJIQe2LBfMW-AODC4egBa8gOKUYM5oXO6zkYaPqgZ14tK4WMBWDLmqGB_xR5Q18w34jpn2WibOaBB2QQGIfg9iH9YfWkK9zaxxPwReoirFnq83hAUmbucw5Y4OREh86bQT3wI-ZWhMA-TN3IbzErNb_RHY6qsZmcH2qHB5TDFzc9-op7muDKuMJGZZFrk2I4QOvjGrLGQEPfo_VL8cYwRj4N4md4xw0rZov3wH46EjhAlJzFC6Dz2bQPQ4hGG9L2fqxjo8OxVoWpzpeIABsCl2pybSUoG52sX_OuRKs8HRx5_x0YGFz7LUe8whppz10H4KO0LwYQktgROZRkYIqj0guDOIZ8g_nCGTddnEjpIJo31LqQ21mnZ1vXfoT2bXsMbliTqXm1XVJn_X2h9JTdg1weYHmoP932-Q9tT2P1BelDrPIYFDhdtzVMnbiRn0CDTZ_pD-7y3l172Gq3ZdU4CMSogkwzJfF-7FTvuNSW8XHTEgDTj4Dgx5SGVW9iJNkGj-gnbPGe_2VYq6CUWEkELuVZZZjHE9WUC6BYgWyra2gcOFcQ6Ic_zOnfIEfKvWtIOQFdeg-V6dlNEy_escnw9skgbjnU5WbRFaKlJ-ywzycee1w86254Gbfath39hNO6dBSe4RbCwd0INslgjAYIxIWSL8ypNZdlRinewUq1KWMdtczgBIFQHiOgXPjaH1mX4nHY-5dm7YeuVfY5hYvYMnM_oF8WdgFjEQR80HuviqjuxgMMtKRYsghA5C_r-kXX-rvA7A1iZHvR0we3TF6yfcA0zMqryOsS0L2CsEQocgizccQN63TUFgnJI-Uwh4GcMdQdzVmo5BXiG7OBRPbLeP1sMR_XUNen_0fMIyiNz_qA5Swrsfua5x6h_zZPoyh0F48F1jW__BMs3XJutOt7flg0Y6PTJDDC6hl_pG3-8vZX2sg6aOsIxt87Z2WdalIOaVoZzYtdUYovj4l0bKTpuGssd28dEDvBQ_s3rz139s7polm8TBJ0KsoTehIECyWrEV7Et7w-19iOE9xCmoOigq1pvuHzyG7RyFQ1qD6eNMs3t5-3qQg3_7VDistKUG9PqbvHD5_5pduUK3H_3V7_wEZAJJ3P6SQ7JlnMfbBgLHLxbKUPLhbvhCMs3cfRcvDRVwx5aUe8Zi9PXEILTap3h6D350_c3BFu3U7OrZVf_w2ns0nWZUzhwWvUmAvfVUnQF5bWkZIvRw3BhKhKUMJrPtUR_-x7rjk_a4heV4fmIA43A-Jlg7G-ZJ16u16Br-0tPKrIskte_Kd7l66WLFFmqci7z5iIIqVRU-tsLb62ZdLloglxj2b6hbMK7jOk_-wQNAmEyc_c-DkOslIkbRwqHxmx-8h3cTvRvkROt8gED9k1UWuCOAn4t78pe-IEY6kGLsHpc9lNAO2sE-GtupWl4XBKGauvWD-KkDPtq2BAOTcj0SDYwj81ltM0DXMfE9tpkR_i7sRkPJia6YEf-xw52nyVHIGWBf7p7plzSSf6OhKFfYhc1dD_0sYycw2mQ5URaIjs9w6eKgWTngg8_HmdJ7z25IX3Zdhtli2cCGnTZj60SUhKy7ddFbMdXm3sOEp-OP-r6UV-xZtX6VVpPVZcXHdlb1qLpv3Q4qaR1sr1mviH6BGahSvP4XpyVVvJLoiJ1HlNnRMw9oB0nfa-pm09gWmQBJSjZUo8WOcujqESJVRkpZLGpGInbdcYV_TUxjHhFtxUqj29jewQxcbUS_fqG_N8f-9kOgt0exWCicdL7bfUtHWphIgGLuEpa4tGqSG_XR5xVyZQnS9aqJltvneRK5uOaKhKb8JwNOdsPrGWHCoM-ZnoNISy81nm-vytERtwnhp3tD7NN63WqwO_QjJynvfmt9Aazv2KE8WlYLi7kx1MT_mjB_-eu53AaMbyCtVjv-0Qlek775pWBk5j0vXnfXckXpNePexXwXRNVwKOadHrwFzYRLFR7VIzkFfTxOoP7DljuvQQELkLtXd28JU-L2MVRH0JBm40IfKrCy4_OVAiXmsjwO7THBSgPVYF1nVqf_kbUvu49RM11pCVDLHYo0pZebLjLH41LzeQxb6dp4kspZ-MsyTcT6sMELlkVBSpFFWaatcP2k-4A0OAYSvJ468uXDuDSIn32PjMG9zG128fjFr-7LyY5gEvkNGFvQdEsFWKC-n0tOAxbuYlI1HDD7frzUJmC54cAPruYk48mQZk7UlMdDqrcoXvKCEAJGm173Y9E90MlzJmt-wI&cid=CAQSPADICaaN7Y5UYm4oicmXVqQyZnCa9GBnJf7rdqxPN6MB5e9UdKLD6ROEPHldXPKQ1HKeeyKakSayL2cZtBgB&dv3_ver=m202309260101&rfl=https%3A%2F%2Fgempak.com%2F%2F404&ds=l&xdt=1&iif=1&cor=3405658971059314700&adk=4188270525&idt=97&cac=0&dtd=49
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
610d24f5996131b3ab98f18e05441cc246aa8674c3842df0df2b40b57ac9fd0c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ed82c412a1d0517c38d808cdf80f705f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 16:17:22 GMT
content-encoding
br
x-content-type-options
nosniff
age
84340
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11874
x-xss-protection
0
server
cafe
etag
3876053170955424897
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 12 Dec 2023 16:17:22 GMT
Q12zgMmT.js
tpc.googlesyndication.com/sodar/ Frame 0A2B 		41 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Requested by
Host: voting.astro.com.my
URL: https://voting.astro.com.my/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ed82c412a1d0517c38d808cdf80f705f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 18:05:08 GMT
content-encoding
br
x-content-type-options
nosniff
age
423474
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13937
x-xss-protection
0
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 23 Nov 2024 18:05:08 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame C850 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssB0rLYqPG7jDgCdu8YrB-S7ZhQcL_f3IxM8eAphMvOVbVsVJn9_xtYZTLHa23H3pIFqAr-zBgDLyoy_LszEXXYx-eLaUMXkoH1F6ebz00-UpvGuOOQ65XSRO1y2Ut1tmhCvPQiut7VWmoFgaOWRpHiVaIJ5n47WrfGOZNnbJl4uHZvjyVXXdxnozJnmZ-atD0cMa39zqKBjg_DZpcn-p2JPilw-0_0IhtrUPTd3IaVTFZtMPVDs6qMKRgj0xt6AkaRwmKZlZjdXfr_5y4d7B8K7vmw2Ba5Ls8ihm_OwHqzrl5Ao6MNTQrdvvospVP2cg9GsFwVdtQOTlDK8QPm2J8BYTB92ts6uZ63qSFPur_8a5yXiQl1AY7snEpbn5kABQ&sai=AMfl-YRevjtNj1UlrNQBhnQ8tiiJrUkhgsx3AV984i9sGCzC7oituq1dJCNSOvLhakVE_9YwdV-1_uRNCBvy0Y9MGdKSQdBKoT-lWPkW-BGdWnJ0zSkgdkK7kyDDYXEgp75cYjRHq2uXD7Tv5Q&sig=Cg0ArKJSzLIwNiZCpRkWEAE&uach_m=%5BUACH%5D&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gempak.com//404
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 29 Nov 2023 15:43:02 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Wed, 29 Nov 2023 15:43:02 GMT
GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js
pagead2.googlesyndication.com/bg/ Frame E8A2 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
18e6b664af7bc55ab0f963920f0da5a86e15f25fea4e223924d8f4b6723a37cf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 29 Nov 2023 12:42:36 GMT
content-encoding
br
x-content-type-options
nosniff
age
10826
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15296
x-xss-protection
0
last-modified
Mon, 06 Nov 2023 16:38:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 28 Nov 2024 12:42:36 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame DAB0 		1 KB
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: ed82c412a1d0517c38d808cdf80f705f.safeframe.googlesyndication.com
URL: https://ed82c412a1d0517c38d808cdf80f705f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ed82c412a1d0517c38d808cdf80f705f.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
84292
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 28 Nov 2023 16:18:10 GMT
etag
48472445140208031
expires
Wed, 29 Nov 2023 16:18:10 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame 0A2B 		215 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
418c3fcc056bb4daab3f91af7390142dbd6c71f9a0381170c3fb281d4b3ed448

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type
image/png
bridge3.605.0_en.html
imasdk.googleapis.com/js/core/ Frame B1DF 		752 KB
241 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/core/bridge3.605.0_en.html
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a2eacbd0a55e794d92e79a03b68c07f613a0ab710ffaffe5f1d12d67aac843a1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://geo.dailymotion.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
347336
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
246766
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy
cross-origin
date
Sat, 25 Nov 2023 15:14:06 GMT
expires
Sun, 24 Nov 2024 15:14:06 GMT
last-modified
Wed, 15 Nov 2023 19:11:18 GMT
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
client.js
s0.2mdn.net/instream/video/ Frame 5133 		44 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/instream/video/client.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://geo.dailymotion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 29 Nov 2023 15:43:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
16746
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 29 Nov 2023 15:43:02 GMT
omweb-v1.js
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 4062 		40 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6300f448d738e70ac11f0140df0b3ce91a2de9e0da7fdf09d32d28031600ba51
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 29 Nov 2023 14:58:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2648
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13893
x-xss-protection
0
last-modified
Wed, 09 Aug 2023 15:57:08 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="omsdk-team-release-policy"
vary
Accept-Encoding
report-to
{"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
expires
Wed, 29 Nov 2023 15:58:54 GMT
cds-pips.js
cdn.taboola.com/scripts/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/scripts/cds-pips.js
Requested by
Host: voting.astro.com.my
URL: https://voting.astro.com.my/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
bce4b47b8fc12de49fac0a00e9039e38aa568aba0ee9154b93d20465f0289cfa

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gempak.com//404
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-amz-version-id
uLMchp7BESXZGZqPSJ8.FcfKBYdWFxIf
content-encoding
gzip
via
1.1 varnish
date
Wed, 29 Nov 2023 15:43:02 GMT
x-amz-request-id
W0R5QX74Q2PBN68B
age
1529
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
1347
x-amz-id-2
lRET2IwXjaFSp1i3BB9GjPtIDVCIcc4VElrKEqBeVbmOXvFNBRdOilZaej53L9vIVa/7JXMdEcU=
x-served-by
cache-cph2320056-CPH
last-modified
Sun, 29 Oct 2023 14:06:32 GMT
server
AmazonS3
x-timer
S1701272583.789935,VS0,VE0
etag
"c52aa1ea682aef8ad5ebf7aff9662e35"
vary
Accept-Encoding
content-type
application/javascript
abp
75
access-control-allow-origin
*
cache-control
private, max-age=3600
accept-ranges
bytes
x-cache-hits
1697
view
ad.doubleclick.net/pcs/ Frame 830C 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ad.doubleclick.net/pcs/view?xai=AKAOjssQ7T79W6LRBDtmKbMj46BEv4ZhxuBtqsVneuL5mVtjmy766MM9WhGeLN6yhbSlrZahiuy_berBFb6l8n5xduNz6btKwlVX0Nwq9CoXdP6Vmbjuq7QIW23946ycK48qysVV4zEvSjZ0ccW4WewOiWtaxmMAG80kW-YQF8Y1uy4rgeJy1tlvmp6L3mD7_cAr3sCkWiEsYs4xT56tZ0e6bPwUv6Y29jjPDkhId7CIdAnpW2xkvnbb3GLIBFuodvafiz5GGLD2R1RND7qO6KkZTaD3qZmZ537B3TFvf8wFbTT6vktyQeCAWI3m0Wg4f0EKdKnRfZobvF61C2EqLcBm7ozki9APimyOaYfIL_IxFPm15Lex-xQ4IETeW5j3cac_tFq_M6WsDXnXmHtrIjzg1ubvABEFTNsWZmP-2pj70VRdgEa3eFERQ_TCtZR6d_EmDLdb_vSCkZwm8mETwj2APMtAoPae-DzdV-j1qoY5leEidxJ7x_PtW5Z9aEO9PpPDC_wdg1PITm4sQXWpghYQfN0n0-puVepTZwm6mgruHMm8NDyfAiEv6nh2u7V-gmwdbVTiJ_j6ED0hzq92RswvJcdaqwN-f3Siuh_p3hGdWj3ss3EdRpBqR-lFzj8dBctsk6BzSpK_ORwULnTeiLypxf5vGq5aNqqZHaLfxGieK0sd0YHDPuvAxflLxpPWEGqwgpjN8Oq3-sRISTpsh0odsBPRUPxS_3Zz3kuHG4DpxEPvu86BXUZS-UOSHGfG6xfUzMvKly7zq0XsFSW3bg7s2GfgY6g-vL4NlpyX_oiq_G1uJ0Bf4Ep3RwHrd1r2ank-6DiL_RjAxpQ7rcfkrx15bNNwbFrHHn_GmAuWgLJpR7s8Hs790iOJqVf3LyNPtlf_KpyRBeCVB9zLycBxmZvgbGBlNEC0rwGtMzhsrmUEREkWir0P1nS6KcF00DwyT5V_ytDkhU8z4xdI7wtFAsnwy3sQ-pA0u3eY5SAr6n6iad9yu7-28qEUtxqhUgpe39P3wFNkda1irQF2kcopYgdRyPhRN9giCL7yJHdW3D_WsuH441S4ZGNKUFm0RKtCro4rStNQiQa5We35CaxavpQ1WeeRV8CwcFWxV6aXw0kbi-KCkX5nEIMW7cfRKoDVNgjskI4kaszSWOsbs0z1wVzLmAc5pTKzupBuN-8WNjkeiAkMy_VhiBgVvv-IK-4gcByhSwboNfbscWea5uyrEjCdzEy5sGgOWEjY54ULhsxg9AXDERInYwomL7dwuz1GxYNbU4ETsIVUgTCoyXySQk29XmPEneXRlVW0z1asDMJmLx4rLTATj5ol18KHE90COTU-SaLHp40PuJVKrwwIxZVucXqKxN941bp8Ujw_UBhLc8jNb_Rsp75RNjnffItSVs3Xh1I1BkvYPexDnoJ9xadimL2b6lHEvvs0Evm3s_wPvuxGAcFWstLEShLUhilfr4khvLqn&sai=AMfl-YQHYRFgd9DVZ5AN4v1EA4MPMQIuI-JeG6x3J7F5SR8kBKoPgiYVSZcMlC8jZSG2PuBUhKHB8VS0IPRbc0mxN3fn7PzQbSht5yhjCarQWZAoj_JCs9HAjem1-f3oLTbC-Fl9jVXQSxTDZlK5BSoRA2-1MmIxvZ9HJZ4gcx6u3z4S_Ms0mX0NS1rrCOCGcHYtWvhntX-DGJJj_PRwm-_QlM-qNKj8bzUAzEtgwZI-vsvB0c0pRuASrpIodEG054nhGe0ftcgaABfYiTWopeRz5uAekoQ-k5fWxwA_nXnr3Yd1YTydx0or18oY1I8Q2lPVkB4PGijL5rXw04jx3bOVu9JH7yPQhpc3roGdOUXs1BtaEKR2RRJ8fPliqDe1zhDroSB79tL1venAJE5FmpWmngoluuP_27vONLHkMAaC&sig=Cg0ArKJSzOU0EJFLC_SwEAE&uach_m=%5BUACH%5D&pr=missingexchangepricemacro&crd=aHR0cHM6Ly9nZW5lc2lzLmNvbQ&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=1077&vt=11&dtpt=581&dett=3&cstd=483&cisv=r20231109.08719&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=
Requested by
Host: voting.astro.com.my
URL: https://voting.astro.com.my/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.134 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f6.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ed82c412a1d0517c38d808cdf80f705f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 29 Nov 2023 15:43:02 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
x8q120x.m3u8
dmxleo.dailymotion.com/cdn/manifest/video/ Frame 668F 		0
275 B 		Script
General
Check archive.org
Download Go to
Full URL
https://dmxleo.dailymotion.com/cdn/manifest/video/x8q120x.m3u8?auth=1701445381-2688-rduaakc8-cf301851cffad8aa2270d9190befee72mrTV8tS0or_-PvjaiBUy7PSFnb7nwglXsK3-byieFmp9q4_1vV96auIUFmy5E6pVS9SN3JCXUYLW4G7b-LZux07VVjD7cs8KB7BnvjPMC4qnug2AB7QgxdPO_CaxXUJZ6N9CMUWzOusMfEneJ2bfRnWOwaVpKBVccLtcU2UgXYQlP7CBr_3272ZMRbOGLIdiNMrLJ9YV6ZH1ZmVHK6L6BVc5QlJbei4_rp3JllrmEV7tZjZ12_ANDsCxikzqdUT9l7g6sg-Ne1hecJGJXQgGKXWBthaBO6j3babxaWVnjYQLS-e44P-j_dtSN1T4Ny_UPKkQcEHraPg3Y9NXFBayMBcF3jTwXUGYddvVK9dv2I0Bu13-DGQPn94QoPojKbMA9MZuiWD46aycgf3MyU9PzMR6pGRZXeTZ1cVLf2tFz_RTH1Jj2yWUdgi4GJA-uW0ZL_ZoJHk3FqI7fFUJ8q0Hf8yq0yvE8g7CDa8yCedRQxZAOvDYFXnsiQHXYwAVFHG_oQII7RhxpzCR18iTHI-KGqXKsyF89-rMs6THEUEXgebCPojwk9z3zEDaU1E5umcPRjZFEkOqbGsK8WQJVEnA_TnBswv3TqjHwnDV4nQHAmFTv8Pi2kjvEjGzH-p__4xSk-EhC9twexwMIwN1v4vK5wfkuZjGwe4OWXsUwKZlOg1_aPfES5W_B7zeXI7xDsvjr3hnCBJHKevkJrWx9KqKdaemA74Rml9aTNz03EgTjzdqMx52HHknDj2DdM8yvkKgG2W1JAzf4fy1wERxl0Phsim0_pDQDcyX-ac7mxmpueKb29vgPUPahg0FEAXCBG9AgjV2f3hQAgZM1QklCPhlujgOz48GsAooWVktBR6oNV6PZ-Y0yR_JGJFLtGktgg6UHtHHXGJCHZ222U2Jy9g7N53SvLEaFziMJE1YZeqfVj-1P0W9XvcBpk7YKtH2aWtfAoW3JX9OfpRKGctpG0NXVoDUdZBNJIlHvpb-E3pHKZQWR6MwOklkpf5FdiLxfLqPlfYIXQW5YkZ1C47rFHk0ALJxJVQQ3He1tJjBW8mLQU8wJL483tG3mMvzf4fDeMYmv7VAKfkAcq7AZSwxHtU-laVRZRqSw9LJTfy_MvIcP6owrDYb95j_AFBAktjz3RBJXz-mM67pUkwLw2BlhmnLq3w&af=[APIFRAMEWORKS]&bs=1&cookie_sync_ab_gk=1&reader_gdpr_flag=1&reader_gdpr_consent=&gdpr_binary_consent=opt-out&gdpr_comes_from_infopack=0&reader_us_privacy=1---
Requested by
Host: static1.dmcdn.net
URL: https://static1.dmcdn.net/playerv5/dmp.advertising.addcd9af4b8891dfe5e2.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
188.65.124.66 Paris, France, ASN41690 (DAILYMOTION For peering related business, please mail peering@dailymotion.com, FR),
Reverse DNS
ingress-03-pub-prod-ix7.vip.dailymotion.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://geo.dailymotion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-dm-lb-name
ingress-nginx-nginx-in-cluster-trt7k
date
Wed, 29 Nov 2023 15:43:02 GMT
content-encoding
gzip
strict-transport-security
max-age=15724800; includeSubDomains
access-control-allow-methods
GET
access-control-allow-origin
https://geo.dailymotion.com/
access-control-allow-credentials
true
access-control-allow-headers
Authorization, Content-Type
sodar
pagead2.googlesyndication.com/getconfig/ Frame A53E 		8 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=01_247&st=int
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
bb5060207edffb22eeb6d049482f722ed612b3d399bda1654947bb2fe2b7bfa1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 29 Nov 2023 15:43:02 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5874
x-xss-protection
0
activeview
pagead2.googlesyndication.com/pcs/ Frame 936E 		42 B
174 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstYa8GkZgN9jggpIlO5WIGhfWIjL0p004t48bx7riAoGRho-5yPhNuK5-5Gy-rdnkofd3ZPo-RZfY9yrKMOuSO93ZGMup9LYOVMkUhlsP0gMBhzLA1LbCY_Wx9Dvv9OY54yZknqqS41QDy4&sai=AMfl-YSHpPFaqYZFBSZI3jxLTK6KyEeozi2-d7CGYFyTkLN42jtgz-VijvXtAj1VoveP8YX1YuLtgM4W4UiWpHOjfqfBCV5Qr4Y0Vwo3eHwDNQYSfdxZvmqQFYGpTRy9V_NLpB5pbmV-Rw&sig=Cg0ArKJSzK-0xPZAGIUwEAE&cid=CAQSOwDICaaNMVhpQSg5wdva0SMKKUUpeXXVvoNzxEcpKkXl1ynnZHpweYvYdwLxtiJMp4dg4DLA0Efi1xB_GAE&id=lidar2&mcvt=1075&p=473,315,563,1285&mtos=1075,1075,1075,1075,1075&tos=1075,0,0,0,0&v=20231116&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=3619616653&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1701272581236&rpt=532&isd=0&lsd=0&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ed82c412a1d0517c38d808cdf80f705f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 29 Nov 2023 15:43:02 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 0A2B 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvhh66f5i9UlCc6b2cH6yl7cG7sZzsn15gTXdf-3eza2qSGbqTLxLvPZqX7FRjeANoHfw0yC_r7dOk96VnTR1bk3SWGsmgTEn1TFtT9YxdkUlYQ3S4q8myuUSTEviuKdau70srvktFF_40_AFtN9T-UNAFomO3zIuEDu750w6lsHTR6iWj3bukWNTa5JAOvZ9fxqm1yAlBg5FaUGMRcAdhz1uJ0cwcgBSB9CuTKuQIpJKSDqE3QUE9LPIS-RlufRV1uX-PludQ8MZlzUzEnBFy1YUKSpOgr9f7T7-b8yV8KnuUwP5490JXXteZTOD-K25ixP9SkYCXk1pDqaT-3TClDWTTgvA1-5m1VcogDJlkK0zwvap-RBOYNItrGQIsqV40fo0AVKSpIQgo9lQRKyVqxg5GRWYSOoTsh9g_OuGZ0fxibi8tofmUiEeF3LWABJ5NAzV7CP5Vcr8LEXjXG3EgIf5Xz6YMLEo4eb2ht2os4FzNHxGeFXg80XKU2iPffkqF79_ooHkVr09-MF3ONUuH0PRkMsl1huqquSvZZ6W1Y50EUFOM40_OGHdhA06Kkgq91VE4_F2WbWpDCvPDpHJnu0epsTflMKF75IHz-4IRZLGNIdptOxk7K49ngmSnj7zedrPJomHvTtMpCpHD1VZBunkiT4OVqXFeZhBXpIN_5HsLGmiSRz5Hdjx4jncKphn4209VqXkJiu79oFXrnjXA3AmK7lupztFZRQSLWbbRzIZHGxrtwGhbq5AFPLsHah6ZDy68HXVtQklBRMkzgxz6sRX3JS76ETEs_G_LHsNa81lKIHcT-LJlThQlSyhxT_k2JC2rruWxYCffIP9-6uwKEYRVaSDiFcNvOmFzrIXu2QwOs26WrVw6XZn-alZZA0bETMgaV8zw7OwNe9BejWq_LkKpBmEblD-mhwH_kBQ59NjNSxw92RKa5LkBusQ1EQhjm7bwJeG1a10t8gAWaqzG1sY3xY5T1EUBlFWJKGe98miJFepC8RIlCLoshMAgAnxnkTmw2M5EvviAlXEAB0xc7JKKji3ovdfo6P8a5bQUr4jFgap6ia6dpW1FWyMKN1lrHgi-MFiRb3JjEdmoO0VTW87Lx19C4_oBl1tBuWb2HXs0subLr9Nq87fO-WPvbZbgcn3mEum0zCelpuSL532WouLIHqrOOOa51r7Uok9PUTv1VgIbNRiLWujQjMnTWNjlfGxD-Kqm8QbqM57HujaKiYitFBE5Dc3mcs0CabB1n92jc05c-deQ1LPnUR7act7yeVrgh6yqvOudOrw6wCwpz8moRJu1GF8KpgAYs-Z4h7i8169nSLDXMTNnORUJN81L5OrmbETUzwGWAQvKT9NpcSUIt5-OLw8wOWIffjXe5SANa2POHCy17nG2g&sai=AMfl-YQZkfMVpO0fA6S8OMIDHJvsozd_nDxRe2Qc3z9kMbJGObtOroZeEgGZQFZXtCzC2XCxkP2s1y7GyaeV9Em7QTccI4V0TfwfTEYY-uAhxW_t96GS3dqINKQV1Paph-Mnz88Ly_83-0GVxfyp9gYjzMxtzPO55AEIMJoAm8916iNdwFTjTXEt7uK4LDuQOMorNJb8DO8wy4LYaKHc2qo0biIFseTmJLfTDhSyX4-mQ1tslO5z7lGJUR3M82uO62U6YqDxzzE&sig=Cg0ArKJSzHPlmYnGrNNwEAE&uach_m=%5BUACH%5D&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=215&cbvp=1&cisv=r20231109.24944&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=
Requested by
Host: voting.astro.com.my
URL: https://voting.astro.com.my/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.212.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s46-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ed82c412a1d0517c38d808cdf80f705f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Wed, 29 Nov 2023 15:43:02 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
content-type
image/gif
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
8423298266618258335
s0.2mdn.net/simgad/ Frame 0A2B 		36 KB
36 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/simgad/8423298266618258335
Requested by
Host: ed82c412a1d0517c38d808cdf80f705f.safeframe.googlesyndication.com
URL: https://ed82c412a1d0517c38d808cdf80f705f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5ca811725f62428eb0683dfd3447605c4e1122c36047ee810ac5620f6f9b0505
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ed82c412a1d0517c38d808cdf80f705f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 20:30:30 GMT
x-content-type-options
nosniff
age
69152
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
36779
x-xss-protection
0
last-modified
Mon, 06 Nov 2023 17:54:11 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 27 Nov 2024 20:30:30 GMT
dmp.pes_pip_tracking.5041b4de7b7b0fb943c6.js
static1.dmcdn.net/playerv5/ Frame 668F 		2 KB
1008 B 		Script
General
Check archive.org
Download Go to
Full URL
https://static1.dmcdn.net/playerv5/dmp.pes_pip_tracking.5041b4de7b7b0fb943c6.js
Requested by
Host: geo.dailymotion.com
URL: https://geo.dailymotion.com/player/xd17s.html?video=x8q120x
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
178.79.242.181 Frankfurt am Main, Germany, ASN22822 (LLNW, US),
Reverse DNS
https-178-79-242-181.fra.llnw.net
Software
DMS/1.0.42 /
Resource Hash
63741eca9eda562e18659e715046db377b3df29e2adb9c13ca28fcac1c69a2c9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://geo.dailymotion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 29 Nov 2023 15:43:02 GMT
content-encoding
gzip
age
1824126
server-timing
total;dur=1, dc;desc="dc3"
content-length
672
last-modified
Wed, 08 Nov 2023 12:58:12 GMT
server
DMS/1.0.42
etag
"654b85e4-656"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=2592000
accept-ranges
bytes
timing-allow-origin
*
x-llid
16b00d3aa8460f85256abf09a1fd7a6a
expires
Fri, 08 Dec 2023 13:00:56 GMT
62bHydCX.html
tpc.googlesyndication.com/sodar/ Frame 5B58 		38 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/62bHydCX.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ed82c412a1d0517c38d808cdf80f705f.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
303862
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
br
content-length
13045
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sun, 26 Nov 2023 03:18:40 GMT
expires
Mon, 25 Nov 2024 03:18:40 GMT
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
dpixel
cms.quantserve.com/ Frame DAB0 		35 B
463 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEJh4FsWkgmAypaJ7wSFkEkw&google_cver=1&google_push=AXcoOmS5Z5gEYBP6pzZmH1TP3tZ04sxwcYKK5B6aKUpQzTsST0VAFyVIK_Z0fOfnYD58x-DC_MSfmt81-6eL7cDPZ-adB3KTTfeQ
Requested by
Host: ed82c412a1d0517c38d808cdf80f705f.safeframe.googlesyndication.com
URL: https://ed82c412a1d0517c38d808cdf80f705f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:5ed4:8d5d:fed7:f5ef , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 29 Nov 2023 15:43:02 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type
image/gif
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
i.match
a.tribalfusion.com/ Frame DAB0 		43 B
612 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.tribalfusion.com/i.match?p=b6&u=CAESEIhNixn0RCxyTMxdZUPIAfw&google_cver=1&google_push=AXcoOmRTVjCbiAuhqdJomcPVw_mT9XVdMLZiSjk6pbcFnD01fZ9J4rZN5U3ddOJ8dBhmsf5TceBftmJzaW6d6V2eysijfu_Is9V_&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmRTVjCbiAuhqdJomcPVw_mT9XVdMLZiSjk6pbcFnD01fZ9J4rZN5U3ddOJ8dBhmsf5TceBftmJzaW6d6V2eysijfu_Is9V_%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Requested by
Host: ed82c412a1d0517c38d808cdf80f705f.safeframe.googlesyndication.com
URL: https://ed82c412a1d0517c38d808cdf80f705f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:18ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 29 Nov 2023 15:43:03 GMT
cf-cache-status
DYNAMIC
x-function
302
server
cloudflare
content-type
image/gif; charset=utf-8
p3p
CP="NOI DEVo TAIa OUR BUS"
cache-control
no-cache, private
cf-ray
82dbf6cb4c4b5c7a-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
Thu, 01 Jan 1970 00:00:00 GMT
sync
x.bidswitch.net/ Frame DAB0 		43 B
145 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEMm-R_hNsDjHGO_tNQKc6Rs&google_cver=1&google_push=AXcoOmSM26Z7MDktzcLx_YRswN94jDMhT9boU_UEyOF6QW-gxzkv4Jo9F3eccZtP_Vh-pFGDQ147YMm2H05umUM9nUAQIzAbxaQ
Requested by
Host: ed82c412a1d0517c38d808cdf80f705f.safeframe.googlesyndication.com
URL: https://ed82c412a1d0517c38d808cdf80f705f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.184.108.41 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-184-108-41.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 29 Nov 2023 15:43:02 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
43
content-type
image/gif
pixel
cm.g.doubleclick.net/ Frame DAB0
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESECBJk1cTyYWaGV_DyjD9pR0&google_cver=1&google_push=AXcoOmSBDUD7jA24Zy5c_l21PjEsx16FXuaQSkl99gLu0MLijrwN49twPhlWovNcaC8tbQXg1BWwaCZcVJ0JKBjvFed63A1...
  • https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmSBDUD7jA24Zy5c_l21PjEsx16FXuaQSkl99gLu0MLijrwN49twPhlWovNcaC8tbQXg1BWwaCZcVJ0JKBjvFed63A1KXydK&google_hm=eS10eFRQUnhoRTJwRWk2cF...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmSBDUD7jA24Zy5c_l21PjEsx16FXuaQSkl99gLu0MLijrwN49twPhlWovNcaC8tbQXg1BWwaCZcVJ0JKBjvFed63A1KXydK&google_hm=eS10eFRQUnhoRTJwRWk2cFhZZ1FqYkguVFhvOTlMZkcwbH5B
Requested by
Host: ed82c412a1d0517c38d808cdf80f705f.safeframe.googlesyndication.com
URL: https://ed82c412a1d0517c38d808cdf80f705f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
172.217.16.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f194.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 29 Nov 2023 15:43:02 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Wed, 29 Nov 2023 15:43:02 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmSBDUD7jA24Zy5c_l21PjEsx16FXuaQSkl99gLu0MLijrwN49twPhlWovNcaC8tbQXg1BWwaCZcVJ0JKBjvFed63A1KXydK&google_hm=eS10eFRQUnhoRTJwRWk2cFhZZ1FqYkguVFhvOTlMZkcwbH5B
content-length
0
pixel
cm.g.doubleclick.net/ Frame DAB0
Redirect Chain
  • https://dis.criteo.com/dis/usersync.aspx?r=4&p=14&cp=google&cu=1&url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcjp%26google_hm%3D%40%40CRITEO_USERID%40%40%26google_push%3DAXcoOmTk4F...
  • https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_hm=k-sTcG0mTRkSOukBPx2Y_auABiHqmEd-wGPZrj5A&google_push=AXcoOmTk4Fw-OxxubefF-uA-jpui91qLOJaEC7VgcQu-bQuXOzkatL4Ej0z8_T6wJmGzMj8VX90ixTT-3O6s...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_hm=k-sTcG0mTRkSOukBPx2Y_auABiHqmEd-wGPZrj5A&google_push=AXcoOmTk4Fw-OxxubefF-uA-jpui91qLOJaEC7VgcQu-bQuXOzkatL4Ej0z8_T6wJmGzMj8VX90ixTT-3O6sWJcodN9lU1lqRX7r
Requested by
Host: ed82c412a1d0517c38d808cdf80f705f.safeframe.googlesyndication.com
URL: https://ed82c412a1d0517c38d808cdf80f705f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
172.217.16.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f194.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 29 Nov 2023 15:43:03 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 29 Nov 2023 15:43:02 GMT
x-errorlevel
0
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
location
https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_hm=k-sTcG0mTRkSOukBPx2Y_auABiHqmEd-wGPZrj5A&google_push=AXcoOmTk4Fw-OxxubefF-uA-jpui91qLOJaEC7VgcQu-bQuXOzkatL4Ej0z8_T6wJmGzMj8VX90ixTT-3O6sWJcodN9lU1lqRX7r
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
1147552
content-length
0
expires
Wed, 29 Nov 2023 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame DAB0
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESELzXXAGed9eST4mTEeEPsr8&google_cver=1&googl...
  • https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESELzXXAGed9eST4mTEeEPsr8&google_hm=ZWdcBUtCWPWW8A49_h1MfwAAFC0AAAAB&google_nid=index&google_push=AXcoOmT6QdkBut7wecnxwXrH3w1cBomPLiRlI...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESELzXXAGed9eST4mTEeEPsr8&google_hm=ZWdcBUtCWPWW8A49_h1MfwAAFC0AAAAB&google_nid=index&google_push=AXcoOmT6QdkBut7wecnxwXrH3w1cBomPLiRlIvrvJLPZTYzlJzoyEZDkF7SFZnY3PvmGnpy8t23FXiEwG0pnGS2ri5Pghce37Hmg
Requested by
Host: ed82c412a1d0517c38d808cdf80f705f.safeframe.googlesyndication.com
URL: https://ed82c412a1d0517c38d808cdf80f705f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
172.217.16.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f194.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 29 Nov 2023 15:43:02 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 29 Nov 2023 15:43:02 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=c5B4isAgqdNRPgVPAsIfb53jmRFQgLbiQd8EOgxxLOjiNuOwaqGsyBN7Zua1mWnU1xOYeqRu7j2NEpG3Wbk8PqavXRSjXlVYzwgPG8oriPiI029hxYPbO4zT2Ai23gJoRD5eVw8nOIF8Ng%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESELzXXAGed9eST4mTEeEPsr8&google_hm=ZWdcBUtCWPWW8A49_h1MfwAAFC0AAAAB&google_nid=index&google_push=AXcoOmT6QdkBut7wecnxwXrH3w1cBomPLiRlIvrvJLPZTYzlJzoyEZDkF7SFZnY3PvmGnpy8t23FXiEwG0pnGS2ri5Pghce37Hmg
cache-control
no-cache
cf-ray
82dbf6cb38c92bf1-FRA
alt-svc
h3=":443"; ma=86400
content-length
0
expires
0
pixel
cm.g.doubleclick.net/ Frame DAB0
Redirect Chain
  • https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEBJrsgCeAygSjS5SaLfUOQc&google_cver=1&google_push=AXcoOmTH5KznVhPI2O09FgZ9b_ClJbJdkpgwl_RrHqRmwnxMljKqjobCHE8MF9lg3-vYJA1ryW3fKWAfR7GZwcI3-ZoZKN5pltbD
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTk5NTQ1MTM1MTY0Mjc2Mjg3MDM3OQ%3D%3D&google_push=AXcoOmTH5KznVhPI2O09FgZ9b_ClJbJdkpgwl_RrHqRmwnxMljKqjobC...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTk5NTQ1MTM1MTY0Mjc2Mjg3MDM3OQ%3D%3D&google_push=AXcoOmTH5KznVhPI2O09FgZ9b_ClJbJdkpgwl_RrHqRmwnxMljKqjobCHE8MF9lg3-vYJA1ryW3fKWAfR7GZwcI3-ZoZKN5pltbD
Requested by
Host: ed82c412a1d0517c38d808cdf80f705f.safeframe.googlesyndication.com
URL: https://ed82c412a1d0517c38d808cdf80f705f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
172.217.16.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f194.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 29 Nov 2023 15:43:02 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTk5NTQ1MTM1MTY0Mjc2Mjg3MDM3OQ%3D%3D&google_push=AXcoOmTH5KznVhPI2O09FgZ9b_ClJbJdkpgwl_RrHqRmwnxMljKqjobCHE8MF9lg3-vYJA1ryW3fKWAfR7GZwcI3-ZoZKN5pltbD
date
Wed, 29 Nov 2023 15:43:02 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
attr
cm.g.doubleclick.net/pixel/ Frame DAB0 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13IIX-qcGuq4CQnna00yEBXkUWbOcACVAjaMc0dTCfTj47q-afJ_s0ToOJlANhr7ZoKm9jlu
Requested by
Host: ed82c412a1d0517c38d808cdf80f705f.safeframe.googlesyndication.com
URL: https://ed82c412a1d0517c38d808cdf80f705f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f194.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 29 Nov 2023 15:43:02 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
logo.png
s0.2mdn.net/sadbundle/11952719878557111332/ Frame A53E 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/11952719878557111332/logo.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f2a78ec0800976a7fbcd2f14881e6be9588f6f95d7e2ebcae41236f6ecfe3206
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/11952719878557111332/index.html?e=69&leftOffset=0&topOffset=0&c=SeeFuYCFHA&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 10:04:16 GMT
x-content-type-options
nosniff
age
538726
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8111
x-xss-protection
0
last-modified
Tue, 07 Feb 2023 13:03:48 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 22 Nov 2024 10:04:16 GMT
60015186_20230202011701910_award_logo_970x250_default.png
s0.2mdn.net/ads/richmedia/studio/60015186/ Frame A53E 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/ads/richmedia/studio/60015186/60015186_20230202011701910_award_logo_970x250_default.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7a5efc58956be2fecb29a3adbad65173c6f93ac4c073d6d1cb0fb541fb487ace
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/11952719878557111332/index.html?e=69&leftOffset=0&topOffset=0&c=SeeFuYCFHA&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 21:21:15 GMT
x-content-type-options
nosniff
age
66107
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2309
x-xss-protection
0
last-modified
Thu, 02 Feb 2023 09:17:01 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 29 Nov 2023 21:21:15 GMT
truncated
/ Frame A53E 		43 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type
image/gif
60015186_20230713054325376_970x250_eGV70_image4.jpg
s0.2mdn.net/ads/richmedia/studio/60015186/ Frame A53E 		274 KB
274 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/ads/richmedia/studio/60015186/60015186_20230713054325376_970x250_eGV70_image4.jpg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6e7d70a632451dd78b28629fce9090064d783fc493d2c3f5dd52d8642ceb455c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/11952719878557111332/index.html?e=69&leftOffset=0&topOffset=0&c=SeeFuYCFHA&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 29 Nov 2023 08:28:40 GMT
x-content-type-options
nosniff
age
26062
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
281002
x-xss-protection
0
last-modified
Thu, 13 Jul 2023 12:43:25 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 30 Nov 2023 08:28:40 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame A53E 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 29 Nov 2023 15:43:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 29 Nov 2023 15:43:03 GMT
/
pips.taboola.com/ 		4 B
118 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pips.taboola.com/
Requested by
Host: voting.astro.com.my
URL: https://voting.astro.com.my/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Varnish /
Resource Hash
fb329000228cc5a24c264c57139de8bf854fc86fc18bf1c04ab61a2b5cb4b921

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gempak.com//404
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-served-by
cache-cph2320025-CPH
date
Wed, 29 Nov 2023 15:43:03 GMT
via
1.1 varnish
server
Varnish
access-control-allow-methods
GET
x-cache
HIT
access-control-allow-origin
https://gempak.com
cache-control
no-store
accept-ranges
bytes
content-length
4
retry-after
0
x-cache-hits
0
view
googleads4.g.doubleclick.net/pcs/ Frame 0A2B 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvhh66f5i9UlCc6b2cH6yl7cG7sZzsn15gTXdf-3eza2qSGbqTLxLvPZqX7FRjeANoHfw0yC_r7dOk96VnTR1bk3SWGsmgTEn1TFtT9YxdkUlYQ3S4q8myuUSTEviuKdau70srvktFF_40_AFtN9T-UNAFomO3zIuEDu750w6lsHTR6iWj3bukWNTa5JAOvZ9fxqm1yAlBg5FaUGMRcAdhz1uJ0cwcgBSB9CuTKuQIpJKSDqE3QUE9LPIS-RlufRV1uX-PludQ8MZlzUzEnBFy1YUKSpOgr9f7T7-b8yV8KnuUwP5490JXXteZTOD-K25ixP9SkYCXk1pDqaT-3TClDWTTgvA1-5m1VcogDJlkK0zwvap-RBOYNItrGQIsqV40fo0AVKSpIQgo9lQRKyVqxg5GRWYSOoTsh9g_OuGZ0fxibi8tofmUiEeF3LWABJ5NAzV7CP5Vcr8LEXjXG3EgIf5Xz6YMLEo4eb2ht2os4FzNHxGeFXg80XKU2iPffkqF79_ooHkVr09-MF3ONUuH0PRkMsl1huqquSvZZ6W1Y50EUFOM40_OGHdhA06Kkgq91VE4_F2WbWpDCvPDpHJnu0epsTflMKF75IHz-4IRZLGNIdptOxk7K49ngmSnj7zedrPJomHvTtMpCpHD1VZBunkiT4OVqXFeZhBXpIN_5HsLGmiSRz5Hdjx4jncKphn4209VqXkJiu79oFXrnjXA3AmK7lupztFZRQSLWbbRzIZHGxrtwGhbq5AFPLsHah6ZDy68HXVtQklBRMkzgxz6sRX3JS76ETEs_G_LHsNa81lKIHcT-LJlThQlSyhxT_k2JC2rruWxYCffIP9-6uwKEYRVaSDiFcNvOmFzrIXu2QwOs26WrVw6XZn-alZZA0bETMgaV8zw7OwNe9BejWq_LkKpBmEblD-mhwH_kBQ59NjNSxw92RKa5LkBusQ1EQhjm7bwJeG1a10t8gAWaqzG1sY3xY5T1EUBlFWJKGe98miJFepC8RIlCLoshMAgAnxnkTmw2M5EvviAlXEAB0xc7JKKji3ovdfo6P8a5bQUr4jFgap6ia6dpW1FWyMKN1lrHgi-MFiRb3JjEdmoO0VTW87Lx19C4_oBl1tBuWb2HXs0subLr9Nq87fO-WPvbZbgcn3mEum0zCelpuSL532WouLIHqrOOOa51r7Uok9PUTv1VgIbNRiLWujQjMnTWNjlfGxD-Kqm8QbqM57HujaKiYitFBE5Dc3mcs0CabB1n92jc05c-deQ1LPnUR7act7yeVrgh6yqvOudOrw6wCwpz8moRJu1GF8KpgAYs-Z4h7i8169nSLDXMTNnORUJN81L5OrmbETUzwGWAQvKT9NpcSUIt5-OLw8wOWIffjXe5SANa2POHCy17nG2g&sai=AMfl-YQZkfMVpO0fA6S8OMIDHJvsozd_nDxRe2Qc3z9kMbJGObtOroZeEgGZQFZXtCzC2XCxkP2s1y7GyaeV9Em7QTccI4V0TfwfTEYY-uAhxW_t96GS3dqINKQV1Paph-Mnz88Ly_83-0GVxfyp9gYjzMxtzPO55AEIMJoAm8916iNdwFTjTXEt7uK4LDuQOMorNJb8DO8wy4LYaKHc2qo0biIFseTmJLfTDhSyX4-mQ1tslO5z7lGJUR3M82uO62U6YqDxzzE&sig=Cg0ArKJSzHPlmYnGrNNwEAE&uach_m=%5BUACH%5D&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=435&vt=11&dtpt=220&dett=3&cstd=431&cisv=r20231109.24944&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=
Requested by
Host: voting.astro.com.my
URL: https://voting.astro.com.my/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.212.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s46-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ed82c412a1d0517c38d808cdf80f705f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 29 Nov 2023 15:43:03 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
index.html
s0.2mdn.net/sadbundle/2634629190918671081/ Frame CDC3 		29 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/2634629190918671081/index.html?ev=01_250
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8f377b885e230f48818784ef697c9f13ae292094d42811e3b5ccbed8ec374e3b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ed82c412a1d0517c38d808cdf80f705f.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
429286
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5717
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Fri, 24 Nov 2023 16:28:17 GMT
expires
Sat, 23 Nov 2024 16:28:17 GMT
last-modified
Mon, 06 Nov 2023 17:51:09 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
/
cds.taboola.com/ 		0
82 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cds.taboola.com/?uid=ba57726b-eb8f-4269-8afc-b3b4aca83f50-tuctc60e184&mbl=ZmFsc2U=
Requested by
Host: voting.astro.com.my
URL: https://voting.astro.com.my/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.224.32 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gempak.com//404
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

access-control-allow-origin
*
date
Wed, 29 Nov 2023 15:43:03 GMT
cache-control
no-store
server
nginx
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202311150101&jk=1617186540678678&bg=!5Oel56jNAAZxrfrxUa07ADQBe5WfODwoVHcSPBq4dulkXgBmEfIqLD3BA31GSMH1D7NzO4bMZebS1wu5tronTc_BFXWtAgAAA9lSAAAAAmgBB5kCtgINaw9rWvj2vgQl8QF3R7lzL2lIMDTnRqypQIlxKkl-VJJAS2OnfkRUpx6NMYNFVlK07Dy8w5UVobuADaHhEXhLb-g7j8tKwU5kOtzR5NlI7Nu3r9yZGyT2Uo2nM8KktTVSeHVcKcWlBvmTRWOc4NJa_dzo3V1-OBXj3vXFzwC5eMKNlne04ZvL8DbCoZKwqjOXy6_IeNlqw7oeSWzFJHJHRDNFdrYdcVoWP8q2yPuddKO4tCTTOMy9F0R4hcQis2jqYH3tjUDQgJpK5VDljE_4du6u9q9Ilki5xhNwGXwoqWJhxjaueJ43YN68BWmJi7NwbF3ja48dvZfweukH_aIpDtV7wVen2nrCAoXWnz5_5eZ78BYm4HBrMCP8GfFo2BX-ip6zZpqygR6Ou4mLHKpMzJkYVH_L5PeAmhISX4w5XxQnqXDvnxM_KFYjzNj50P5yKw8E8W2Q4cifxN16qWCjHG1sqVZGCY1Ih6vZgvQhigARYlcGWzwuVMlChPNQpMrhPM5U4HGYeKy89wNcLjlwm9M-wzhwr8fiqP-TpGqsU3wpXZHOc25_0e2ofmsLQ96pbDxrMdE7MjzD7LeysexUqEuX0msF_ynkMA9B1v4DaehTOCAbbpKQyjR-rZVzPCTifsKdTWuI3IsI9LHHJshdoOrA1tsWnBEcjoNUoxGheE9rjnzd4fhTxLGW_Ec2wXKhqPZRRmcL6eK-e0sWrK1FCJg_s_RJGyCoUpl3Uv-luFA0kqsMuqaaKUtavnyC59ij83PiUI9iB61VJL7hKZyzYVB4I0o3u52DPzBo-WOQpxXtnfl1Iw9uu-_zONgwL3bqsZcfsK4st3EZb14v6tLSR8KzCA5bC7mqm3BkUn3AN4OGTNLA7nr8wF3X_czDDcjnR1FuMuNGQAe575finHiZhBJrh88
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gempak.com//404
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers
GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js
pagead2.googlesyndication.com/bg/ Frame 5B58 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
18e6b664af7bc55ab0f963920f0da5a86e15f25fea4e223924d8f4b6723a37cf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 29 Nov 2023 12:42:36 GMT
content-encoding
br
x-content-type-options
nosniff
age
10827
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15296
x-xss-protection
0
last-modified
Mon, 06 Nov 2023 16:38:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 28 Nov 2024 12:42:36 GMT
ea0df16627bab17471fb1077521e8f63.js
s0.2mdn.net/sadbundle/2634629190918671081/ Frame CDC3 		133 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/2634629190918671081/ea0df16627bab17471fb1077521e8f63.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/2634629190918671081/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2ceea9773c66a5540e1bc1c0e2abd7c6ff2949b1e0514e31c6331eff30001619
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/2634629190918671081/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 20:16:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
502003
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
39019
x-xss-protection
0
last-modified
Mon, 06 Nov 2023 17:51:09 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 22 Nov 2024 20:16:20 GMT
GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js
pagead2.googlesyndication.com/bg/ Frame F0F2 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
18e6b664af7bc55ab0f963920f0da5a86e15f25fea4e223924d8f4b6723a37cf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 29 Nov 2023 12:42:36 GMT
content-encoding
br
x-content-type-options
nosniff
age
10827
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15296
x-xss-protection
0
last-modified
Mon, 06 Nov 2023 16:38:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 28 Nov 2024 12:42:36 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 6DAA 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=BBBWDBFxnZY2jNYnB7gPfn5SQBQAAAAA4AeAEAg&bg=!ODulO3TNAAZxrfrxUa07ADQBe5WfOFSU8mgv0rRTqWwVm4MQtPgCn1B-D-DJEevhtrL1MH7vbTcWFT2uW-iTRwqZbifNAgAAAhFSAAAAAmgBB5kDEPy8FFR33trvUPLliWaSADkGPjPssjHdbfeDFCz_ET3Qk5pfuR6DvJJQ4hZtn8yBoD2HwqUtJe8G9SfdBp_81--1FeOuGdRHISGEuPGwCuoU9boPlg-ofGoA1_NcVI4dShoMQEInxfxjAthKlAgH1Q8vs-OPu3cRt4ioXW2nElYQwQWMrmbYjb_ca-fKcHYmIaI_G7t2KldSu92ZqCDj_4W9VFPIVL5TJEN_6EC79taGN8EE1UqlQl1qpVZb9MVSDQC2u-OXqrkqLXulHexDoMTx7U-mUXFHgdEr1An5AkcFNhu9xjEJnsEETNVrbgFF65kBmhXQIlnR_QAcQxhS0Z1VlyOpcAT3Zd6YGmtotwXqKBHr9-bkRelA4V-9SISVn7yAkDfHc0pKFyVS7CXtdGehsoi5wLtuL7qpr6KIHFjuglsyqcM2lguYjZuroAlSWKB9vOtXSJLGtDQUDP3ISd_YbV4Pjuuojrif_hXY6M6t7eBEMouLZ741IYF6RS9p05s8LmhMoJ2hr69lmqPaghE9pnNIqC2wOrn1ldpyFZjMuNNcEgLHV9UfUn-iPbhe6uN5kwdFiaODAm4AfLK5EbuVHicTqfA5JFOdmESsttpW5F7q6Gxf8vqxkMwahO7wK09WzK0ynH7Gtkm8SCxI56oiOwWzCnselYMlLMiZKPpxS0KBb93w41FFQnrgoHzk13pZHMiU2EpR4Ge_XvhyMGSs_apTzkvu8rW3ftWzoOqRN32497WndgO4rgRBJ65X8KJbkjXGIJi7n_OP6-lcsCQGyHH4REe9e7awrUZfRjwgfFhXWeZTJq_Zdv-KXLbU2z7nJvqI-ooUcWlVRZQKmF98SxVkv4tsaWkmPNuboCcbX-cNdCJX3T095ZSMGNCndIj2m4IFroZiGOsqqR3zG0phSotlo60IQ8setfQULcL3m7XNczr_kkpxwZsHIjYjSddhaLo8PkDPVTtPic-H5vzRLQlJ_ASJXIKgFU6ZWoCme-5k8pbD02TjGQzAa6WEktHvd_QLnYcKRfG9pVkb07c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 29 Nov 2023 15:43:03 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
css
fonts.googleapis.com/ Frame CDC3 		3 KB
677 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Montserrat:600|Montserrat:800
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/2634629190918671081/ea0df16627bab17471fb1077521e8f63.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
264640fa288ddadcf0328a0103b715a2b4d0e3b7e7982e1b44234674e84470ad
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Wed, 29 Nov 2023 15:43:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Wed, 29 Nov 2023 15:43:03 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 29 Nov 2023 15:43:03 GMT
cb6f40a406251fd6fed5a8c69e1fadc3.jpg
s0.2mdn.net/sadbundle/2634629190918671081/media/ Frame CDC3 		28 KB
28 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/2634629190918671081/media/cb6f40a406251fd6fed5a8c69e1fadc3.jpg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/2634629190918671081/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
413c8d7065400c7c4680477a0b1d35eb5711a27fef1efd558b7f94b081b33437
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/2634629190918671081/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 16:11:05 GMT
x-content-type-options
nosniff
age
516718
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
28479
x-xss-protection
0
last-modified
Mon, 06 Nov 2023 17:51:09 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 22 Nov 2024 16:11:05 GMT
ff4050fa8c2dfe27edcc9c97b3df975c.jpg
s0.2mdn.net/sadbundle/2634629190918671081/media/ Frame CDC3 		27 KB
27 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/2634629190918671081/media/ff4050fa8c2dfe27edcc9c97b3df975c.jpg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/2634629190918671081/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8b8a5a27eeb6248d338ed973eb3efc68f10c3c0523e3c525c5a7d99c7f691014
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/2634629190918671081/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:08:07 GMT
x-content-type-options
nosniff
age
477296
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
28105
x-xss-protection
0
last-modified
Mon, 06 Nov 2023 17:51:09 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 23 Nov 2024 03:08:07 GMT
052981c438c345649d53ef9584d471c8.jpg
s0.2mdn.net/sadbundle/2634629190918671081/media/ Frame CDC3 		23 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/2634629190918671081/media/052981c438c345649d53ef9584d471c8.jpg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/2634629190918671081/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
34fdbfec416dfc825c6f1a9afb95f6fd11f20d9b7647c1428a5c759d34aa7448
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/2634629190918671081/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 00:22:43 GMT
x-content-type-options
nosniff
age
487220
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
23648
x-xss-protection
0
last-modified
Mon, 06 Nov 2023 17:51:09 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 23 Nov 2024 00:22:43 GMT
8f091e56641869a18d00002bf509ae64.jpg
s0.2mdn.net/sadbundle/2634629190918671081/media/ Frame CDC3 		31 KB
31 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/2634629190918671081/media/8f091e56641869a18d00002bf509ae64.jpg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/2634629190918671081/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7a082e0da6c01e088cdc4895eab211c805851770fcedb33e9945f437cf49d25a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/2634629190918671081/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sat, 25 Nov 2023 00:12:00 GMT
x-content-type-options
nosniff
age
401463
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31880
x-xss-protection
0
last-modified
Mon, 06 Nov 2023 17:51:09 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 24 Nov 2024 00:12:00 GMT
b884a28fd6b57d5bf36039ff98aa6572.png
s0.2mdn.net/sadbundle/2634629190918671081/media/ Frame CDC3 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/2634629190918671081/media/b884a28fd6b57d5bf36039ff98aa6572.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/2634629190918671081/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6c71c96ead99278899d8dd72fb766a678908df9a40c99fc07b386170d13ed880
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/2634629190918671081/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 29 Nov 2023 00:20:42 GMT
x-content-type-options
nosniff
age
55341
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1799
x-xss-protection
0
last-modified
Mon, 06 Nov 2023 17:51:09 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 28 Nov 2024 00:20:42 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame E8A2 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=BiCDdBVxnZZH-CIGf1PIPnPyHkAUAAAAAOAHgBAI&bg=!q6ilqOfNAAZxrfrxUa07ADQBe5WfOHxP70IMyblnoHOGAo5zzZHbyuw3S_CfObNIPDUzhYPpi78q7cnbSpQzM_Kt2V7qAgAAATdSAAAAA2gBB5kC-9YUGzNIuTtfU0b3_CymK3CsAkOCW6dDENaAuZ0NtNbwF2wGajbavoGs_xXgQS0l2b1TKKtzLqwDOyjs5YK7O5XfpUk2NF-SzwcMOvzaPLUVSnXE8L3OHrl-7ObdAVzsWFcE_fBZSjVVX2TV9Q1GnmSMUqUM0yHZRspykJdKhqJgr2CZZ_VKkiFL6LWkyHoTyE1XZOBnISOXpfQjqV86Z95rZxTUYPGb1KWmA0G2jJb9543sF3sT07tkCXDIXzlaaKqwmk3374uXAPa4M2wtWBwc2vzBb6KceiZDr1J-P2oAsBJGEV6LwG-5u0bQ82FlpmDGffb9RSOtE6H3Vp5I76KxEHnNJ6CVtmFynHEVHIWZGKG9BUA34twtSrJ9X_Hi48eYu2S97_WZ_ag2dw4PX8jej6VIrhQqC_IfiukyuWgzhq0eCgwrFWoBGoG4wW0Apr391uuHOMRXkJoL7GAKL7UMNOo13bA_6yPsvllf66d63NDYYtI2dJZKNGr4GbKziVwUqe0HzciNNVqEizyrupK9439Z7xEJLyYTAvgVgyJfOLN5h1cl7-9eMOhONrOMnHEz56yfVyGC8bvKVivON13XdCowGrxoQVNFrOqXepVq1of09Q3_-tI3q4D_zGZk_88x9nhx9dyMFHaRJJBoeuHNWaKf-axtXr569QejBHVsutRele8eZS0k4CkOKB1ndRysKzp1YDnLWE62rhZUlXzyDaW0i6rbzaW5NcQoJG3jSOrxTZDjaulfjrGSAbvSwBbeodjfuG50GvwaRYqGbjXtHvdfNk0n-EvUI2ayz4k8jtXxMuwa3WT9QsKKOuAAtfjGEn3bMWIZcQHsDV_n_TJmDZowNJLZfiSQE3wAn9MTiVDno2aX57o0EOdlA1Fzf7NCklmOBzgPRSbhRiCP7H1FS9ydZxhrEUIqzlnuVlQRxrDj33drO_kKq0Ng4E_NqyXWvSHwxx1RsWzHUQxXQs7QTXv5c0xkLimD0IJNfsgHlXXIKrIGe36SYe0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 29 Nov 2023 15:43:03 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v26/ Frame CDC3 		32 KB
32 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/montserrat/v26/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat:600|Montserrat:800
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bb2f90081933c0f2475883ca2c5cfee94e96d7314a09433fffc42e37f4cffd3b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://s0.2mdn.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 18:19:05 GMT
x-content-type-options
nosniff
age
509038
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
33092
x-xss-protection
0
last-modified
Wed, 13 Sep 2023 22:51:58 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 22 Nov 2024 18:19:05 GMT
cb6f40a406251fd6fed5a8c69e1fadc3.jpg
s0.2mdn.net/sadbundle/2634629190918671081/media/ Frame CDC3 		28 KB
28 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/2634629190918671081/media/cb6f40a406251fd6fed5a8c69e1fadc3.jpg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
413c8d7065400c7c4680477a0b1d35eb5711a27fef1efd558b7f94b081b33437
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/2634629190918671081/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 16:11:05 GMT
x-content-type-options
nosniff
age
516718
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
28479
x-xss-protection
0
last-modified
Mon, 06 Nov 2023 17:51:09 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 22 Nov 2024 16:11:05 GMT
ff4050fa8c2dfe27edcc9c97b3df975c.jpg
s0.2mdn.net/sadbundle/2634629190918671081/media/ Frame CDC3 		27 KB
27 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/2634629190918671081/media/ff4050fa8c2dfe27edcc9c97b3df975c.jpg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8b8a5a27eeb6248d338ed973eb3efc68f10c3c0523e3c525c5a7d99c7f691014
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/2634629190918671081/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:08:07 GMT
x-content-type-options
nosniff
age
477296
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
28105
x-xss-protection
0
last-modified
Mon, 06 Nov 2023 17:51:09 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 23 Nov 2024 03:08:07 GMT
052981c438c345649d53ef9584d471c8.jpg
s0.2mdn.net/sadbundle/2634629190918671081/media/ Frame CDC3 		23 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/2634629190918671081/media/052981c438c345649d53ef9584d471c8.jpg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
34fdbfec416dfc825c6f1a9afb95f6fd11f20d9b7647c1428a5c759d34aa7448
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/2634629190918671081/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 00:22:43 GMT
x-content-type-options
nosniff
age
487220
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
23648
x-xss-protection
0
last-modified
Mon, 06 Nov 2023 17:51:09 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 23 Nov 2024 00:22:43 GMT
8f091e56641869a18d00002bf509ae64.jpg
s0.2mdn.net/sadbundle/2634629190918671081/media/ Frame CDC3 		31 KB
31 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/2634629190918671081/media/8f091e56641869a18d00002bf509ae64.jpg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7a082e0da6c01e088cdc4895eab211c805851770fcedb33e9945f437cf49d25a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/2634629190918671081/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sat, 25 Nov 2023 00:12:00 GMT
x-content-type-options
nosniff
age
401463
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31880
x-xss-protection
0
last-modified
Mon, 06 Nov 2023 17:51:09 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 24 Nov 2024 00:12:00 GMT
b884a28fd6b57d5bf36039ff98aa6572.png
s0.2mdn.net/sadbundle/2634629190918671081/media/ Frame CDC3 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/2634629190918671081/media/b884a28fd6b57d5bf36039ff98aa6572.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6c71c96ead99278899d8dd72fb766a678908df9a40c99fc07b386170d13ed880
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/2634629190918671081/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 29 Nov 2023 00:20:42 GMT
x-content-type-options
nosniff
age
55341
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1799
x-xss-protection
0
last-modified
Mon, 06 Nov 2023 17:51:09 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 28 Nov 2024 00:20:42 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 830C 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuCWGeRLfdnG-bEvHPjw4M0EbxrU5il28odjs93bV-7gL3f0BKHuB6jiTWIeZIFTcSbkLIL9U71VwBh3mp3erjSRVZIS7-CeyMnN_Hx1qNUp2gUgR3ZyAYA1gJH9J4yCS_fplzSEz2kPj7u&sai=AMfl-YRXMrt89jkbDoIyyyxiLRKgwzTrlqyoFXE-EuqeaXnRKG0GAIiYPMSJn7hKLmyhS0_rSlmY-GBXnDAMRv_yi-Ec5fIXxvKU2OA6VeKZUPvkFfF3FFzMyAssmuK0t1GsIk5AYN0DCQ&sig=Cg0ArKJSzP8nGjaTzG07EAE&cid=CAQSOwDICaaNp9CBUby9VLQxUyafWD80Aj8JI0R06yrso50FhrfDna2Mh1ZF8l9vEoJxhjOhwaOE5hL_AHd4GAE&id=lidar2&mcvt=1004&p=32,315,282,1285&mtos=1004,1004,1004,1004,1004&tos=1004,0,0,0,0&v=20231116&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1833563596&rs=4&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1701272581535&rpt=803&isd=0&lsd=0&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ed82c412a1d0517c38d808cdf80f705f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 29 Nov 2023 15:43:03 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 5B58 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=BaTExBlxnZb_LIM-d3gP654SoAQAAAAA4AeAEAg&bg=!cnGlcT7NAAZxrfrxUa07ADQBe5WfOI7EI47JwuFE4r2CXv8X8zoUZTC_HfGbusmYh00XK0gNRzdJibmNIf0msAqJgfysAgAAAJVSAAAAAmgBB5kC-SKljRnmWku1DuaOV2j4anULa7FO5z3DcQzic96U0aYCfScOYo9hNCyVzkD8F9tvDf1fVGS_cDNrSlxtFQvGpEfiBmfvW1TvirukZOprapnR2N5AmKgE-MNh7cVTQofiQCnelJDiSSBnuPA-C4BQHq3U5SSi__NiGtzrVqk6ICaCUrF7GONpq3ytqGmOkhG9IhEwoEEtn1actSCKQQfIdQcFYZ8AEZPrKuBFMLxoyk7xxZ76-t0-TGDC1BEp7OyRU-mURmhmZ_wuWWGdi3WmwMHUirNITmsw1yBBYJMQwK0AioPGkeeghHm58fRfU_mVbtU0wmenQyMlfXmGOhVBsjGeXlJ-b1-xIMAVkzbmLPudAA66Dau0_7PraZwaBp25Iw_j_Y8iECFpcNlmu3zJIgw-sqBXp4Sl1Vx19MDiQ9cW6QcpGqDbKrvm0BGPdEHhGqNZ8Ww-PWxXDqkyNZrFTYPLwh1gpLsykjyITeSFVKN2eE9oOAlfh1TfMrMPd_gdH7iwDQjfvsNTBjs6KVgUf8yqxkabRKV3fmXZOGcFdrE4Ax70i3wdkLlWO6i7oWShxnhse-0Au-ioQ6KGDtmAHHZEN2QGvpPTDBeqXcQPeU99fItmJF0OKqtkhlf2xaVGuD6wvY0ejpY8AnweV3XCL3kjuzlWvYQ7mNmnEkOIh6dxgXisW_RwyjZ1Ya3ZoH4PJafzCf-MWon0eguQLL1hZVQXVshA2kwEwdZYLfu-oqAVuvLcaAY6qv0WYGXef__rIbXDnVIWUn3mtMaQN3_x4Fe41jMM2F2c2Dn87U0srXizt4PNFusLYcc0aOfWONBjn5rdLPV77x7SRFzZ09-SaW6pJ-2swxXbnPvdyn9zeSDGuJq80F0vlScwjg8289tpMplMbceJCDY_0YonuCRpBwRhs0fDzOpMuKwQTUFLZc3W6cXYH1vIgA_zeolOFCyQ272V22ESpiWm4KAZvBCTSg4Cmaho6ayJiSWnncV1HjMHu8DQlsjgcEk1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 29 Nov 2023 15:43:03 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
cast_sender.js
www.gstatic.com/cv/js/sender/v1/ Frame 668F 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/cv/js/sender/v1/cast_sender.js
Requested by
Host: static1.dmcdn.net
URL: https://static1.dmcdn.net/playerv5/dmp.photon_app.e282e8762fba0008fdee.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://geo.dailymotion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 29 Nov 2023 15:43:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2007
x-xss-protection
0
last-modified
Tue, 16 Feb 2021 23:57:06 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="cloudview"
vary
Accept-Encoding
report-to
{"group":"cloudview","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 29 Nov 2023 15:43:03 GMT
cast_sender.js
www.gstatic.com/eureka/clank/119/ Frame 668F 		50 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/eureka/clank/119/cast_sender.js
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/cv/js/sender/v1/cast_sender.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f4d5deb4709cebcb8d869180a1db81fab7c54f99dc2e72dab8b3db15eb76e660
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://geo.dailymotion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 29 Nov 2023 10:25:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
19059
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview-release
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14705
x-xss-protection
0
last-modified
Mon, 02 Oct 2023 15:08:53 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="cloudview-release"
vary
Accept-Encoding
report-to
{"group":"cloudview-release","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview-release"}]}
content-type
text/javascript
cache-control
public, max-age=86400
accept-ranges
bytes
expires
Thu, 30 Nov 2023 10:25:24 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame C850 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstdqVHopeOQfFifTxKJcnAICP7DOpOfFJbOBSibyBsQL7YENFk-pjgoOEBZXknSlGF6MhSt3w3Icrp9cmSzX97ln7nljU4PbuA2C6XXsNcU5uLU8TCq60FzbfhTxE-dsuguAhFeJlvvlQ&sai=AMfl-YSrKEjFcwKho5q-oQvF4ylVl-kgT5lhm1usgiySNapicaIevZ0&sig=Cg0ArKJSzAV1BQyVCB-UEAE&id=lidar2&mcvt=1000&p=107,400,606,1200&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20231116&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=19&adk=228371592&rs=4&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1701272580947&rpt=1725&isd=0&lsd=0&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gempak.com//404
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 29 Nov 2023 15:43:03 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 0A2B 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstQoZG9vWstOoqtVhfP5V7NbJcvrY5HH7nFUB6_RJvHtR94g-HXxbAOIY6tzO6yACOXjvYp4LXJ3kv3ymkfldCPEgX0xRDqw0--WP75EoAjig_R6iQcx539QOkMtWyrTUQBoPDlTgGd1BWs&sai=AMfl-YRFdAEr2LzhMAJNpAk1YTvWFiX1hs9SQf8FMtEkqMb4EiXtIe3TQhoX-nBWqIwfkp_QAahnGNAgZri4gkUBGdXP7zSiT2XF15NWchkkmzK-HrWxuRN3mH79gwXhAFkw5lJx5xVR49Y&sig=Cg0ArKJSzIfMKJFHN5vREAE&cid=CAQSPADICaaN7Y5UYm4oicmXVqQyZnCa9GBnJf7rdqxPN6MB5e9UdKLD6ROEPHldXPKQ1HKeeyKakSayL2cZtBgB&id=lidar2&mcvt=1000&p=595,1082,845,1382&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20231116&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1052546453&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1701272581731&rpt=968&isd=0&lsd=0&met=ce&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ed82c412a1d0517c38d808cdf80f705f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 29 Nov 2023 15:43:03 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
region1.analytics.google.com/g/ 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-K6Q5ED8R4T&gtm=45je3b81v884855698&_p=1701272576497&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=1730769388.1701272577&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AEAE&_s=3&sid=1701272578&sct=1&seg=0&dl=https%3A%2F%2Fgempak.com%2F%2F404&dr=https%3A%2F%2Fvoting.astro.com.my%2F&dt=&en=scroll&epn.percent_scrolled=90&_et=17&tfd=9239
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=G-K6Q5ED8R4T&l=dataLayer&cx=c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gempak.com//404
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 29 Nov 2023 15:43:03 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://gempak.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
get
choices.trustarc.com/ Frame 0A2B 		20 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://choices.trustarc.com/get?name=pmw2.js
Requested by
Host: choices.truste.com
URL: https://choices.truste.com/ca?pid=sojern01&aid=sojern02_d&cid=&c=1701272581377890&js=pmw0&w=300&h=250&admarker=dynamic
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.214.37 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-214-37.fra56.r.cloudfront.net
Software
nginx /
Resource Hash
0affa837a4669f475d1195dba5f0e3f054035f22e4c560992b71d0f298cedb89

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ed82c412a1d0517c38d808cdf80f705f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Mon, 06 Nov 2023 14:18:26 GMT
content-encoding
gzip
via
1.1 eaedf92fd05c53aa96f20b6322b473e6.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P3
age
1992277
x-cache
Hit from cloudfront
pragma
public
last-modified
Mon, 6 Nov 2023 03:03:44 GMT
server
nginx
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=2592000
timing-allow-origin
*
x-amz-cf-id
RJwOhhS7TJofrqiFRUqLMjZ_msYkG_4INjKSQzxtrIP1u-L_F8ggBw==
expires
Wed, 06 Dec 2023 14:18:26 GMT
cap
choices.trustarc.com/ Frame 0A2B 		43 B
1021 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://choices.trustarc.com/cap?&aid=sojern02_d&pid=sojern01&cid=_LBcidLB_&w=300&h=250&c=806f
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.214.37 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-214-37.fra56.r.cloudfront.net
Software
nginx /
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
Security Headers
Name Value
Content-Security-Policy default-src 'self' 'unsafe-eval' *; font-src 'self' *; style-src 'self' 'unsafe-inline' *; img-src 'self' * data: https://cdn1.iconfinder.com https://js.userflow.com; frame-src 'self' *; frame-ancestors 'self' *; connect-src 'self' *; script-src 'self' 'unsafe-inline' 'unsafe-eval' *; object-src 'self' *; media-src 'self' *; child-src 'self' *; worker-src 'self' *; manifest-src 'self' *;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ed82c412a1d0517c38d808cdf80f705f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 29 Nov 2023 15:43:03 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
content-security-policy
default-src 'self' 'unsafe-eval' *; font-src 'self' *; style-src 'self' 'unsafe-inline' *; img-src 'self' * data: https://cdn1.iconfinder.com https://js.userflow.com; frame-src 'self' *; frame-ancestors 'self' *; connect-src 'self' *; script-src 'self' 'unsafe-inline' 'unsafe-eval' *; object-src 'self' *; media-src 'self' *; child-src 'self' *; worker-src 'self' *; manifest-src 'self' *;
via
1.1 eaedf92fd05c53aa96f20b6322b473e6.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P3
cross-origin-embedder-policy
unsafe-none
x-cache
Miss from cloudfront
cross-origin-resource-policy
cross-origin
content-length
43
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
origin
server
nginx
cross-origin-opener-policy
unsafe-none
expect-ct
max-age=31536000
x-frame-options
SAMEORIGIN
vary
Origin
content-type
image/gif
cache-control
private, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
permissions-policy
geolocation=(), microphone=(), payment=()
x-amz-cf-id
mjeCq6DjcRjS-hhedHvILFEphWSq_IFmRPE73IPrJ1z9TSYlaf9TXg==
expires
Mon, 26 Jul 1997 05:00:00 GMT
collect
u.clarity.ms/ 		0
290 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://u.clarity.ms/collect
Requested by
Host: voting.astro.com.my
URL: https://voting.astro.com.my/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
4.227.249.197 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/x-clarity-gzip
Referer
https://gempak.com//404
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Access-Control-Allow-Origin
https://gempak.com
Date
Wed, 29 Nov 2023 15:43:04 GMT
Access-Control-Allow-Credentials
true
Server
nginx/1.18.0 (Ubuntu)
Connection
keep-alive
Vary
Origin
Request-Context
appId=cid-v1:9c7c879b-c51a-427e-9701-218438da5f81
VideoBidRequestHandlerServlet
wf.taboola.com/ 		2 KB
939 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://wf.taboola.com/VideoBidRequestHandlerServlet?oid=15&width=700&height=393&pubid=169497&tagid=953497&crid=-1&noaop=3&sortOrderType=0&cb=1701272583975&mimes=5,10,11,12&isvideo=0&plmd=2&mindur=1&maxdur=210&minbr=1&maxbr=10000&st=0&seq=2&pv=1578&pt=-1569085781&tz=60&viewable=true&ddast=V8VUECLAa4rDSk9sQwThJwWWlI7YlhnCwAAABgYID-AElOZs7FcLdySwaDmVu0MbncEodt41ZZZrvBZOSwOFy-ISDJycy5GO5WbslgMHOLNiaXW-Kwbdwqy2w3mIwcFofLNwUfxnKZDGqBhGX2-w4KyunpMbsMoqLrbbE7nGbPG1yg6XT4XPd6nctteHjtGr_brxcNRnMAAAAA8OD___8fAgAAAEAEAAAAAAkAAAAAFAIq_FsQuAAAAACA4f___18DABQHg3V4Pi-zPwAAAACAAAAAACABgDCUUQLgRez_xP________9_jAH6zBsZ_____zcMegA8-AB4EAIAAPAxBHb1I2QP2T6PSEFvEUYAAAAAsuW0KY5M0gkqFlX-___7rQBcAQAIYNz4hbPOojso8RYGAABAQIyWvY0QNOG15ZgFelj8frPDrvG7Xeb_________38z_mX80Qk0zM2mCMPTC1fwCAgCs-QUEAGCjbgAA3gjACTkcaDodPte9XvY3Pe0-u8JzuvztGr_brnb-RYegFYPB6gTE7AAAAADc-f___8ejZW8jBE14bakHpGyrkWs1Wy5WC5ttObPNPBPXZLKw2Waj2XCxW2zPEOSn9Wp4AnufEGGZ_b6DgnJ6eswug6joelvsDqfZcxAfNAzLySCYnwlbjFaTyWY5nC0Xk8FwNByN9mcgFssBmojBcjmZLCa71Wg12gx3o9lggQRiMEEULRpMVqPRZDEZrkaT1Wy52O02iKJVq9loMxiuZpPZbrcaDobL0QhN2GK0mkw2y-FsuZgMhqPhaDREMOJw7XaT2cStshhnbtFktlwLFzaPW-KZmBYeh3Ezcw3WotfH9LENVo7haIsEA1L2InlapBPVcrOazVwTz2q2G45My9HENNxNTLPFcuFwrDaLiViiOVmkE9ll37KtRq7VbLlYLWy25cw280xck8nCZpuNZsPFbrGvOFy73WQ2cassxplbNJkt18KFzeOWeCamhcdh3Mxcg7Xo9TF9bIOVYzjaN3aDxWQ3WQ0H-8ZusJjsJqvhYN-hcgmD3YvRe9KYPTrV5y95JmxOg8JlsHh_EtNi2p0dRCff0amTqpRFndHv9_v9fr_f7_f7DVrPwWxQ-K61iLT5eBZ313D4cTAoYongIp0oPKfL3-0yOR2ev9l1evrtnrfO5TY8vBaxRGm6SCd6vWgwmoglgtNFOhG9jKeL-o8cZLGbKxajuWQxnEsGqwQAAAAAAAAAYAmmmW4CAAAA4GRQo8Votlqng1kMVqvNarkALACAdQGDAAAAAAAA7IL-S8OmYAPCKNbYYxrhOV3-bpfJ6fD8za7T02_3vHUut-HhtTIACwBfZpt9RhBrtVrWAAAABLABAAAEcNONNwFkUdz_____OAAAADJy6AEAANDvA8oCAAAAAAD4B6BCrNVqdbuxVqsVsGCGo8lwAv____8B!&proto=2,3,5,6&encoded=1&pstn=1&callback=&wfv=1&amp=0&qsz=6&ft=0&pb=0&pagg=1&sd=undefined&ctsldr=1&dtagid=3105535&dpubid=541465&abtst=adxLoadDist7-out_vC!adxsub-out_vA!adxsub-out_vB!ufm_vG&mPre=0.033&cirf=https%3A%2F%2Fgempak.com&en=1&subu=3
Requested by
Host: voting.astro.com.my
URL: https://voting.astro.com.my/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
cb7f9ce1a655b238a729f675ea727926a693c5d00621a5dc8d6cf4c6e11d6038

Request headers

Referer
https://gempak.com//404
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-type
text/plain

Response headers

x-cache-hits
0
date
Wed, 29 Nov 2023 15:43:04 GMT
content-encoding
gzip
via
1.1 varnish
machineid
1407
x-cache
MISS
x-served-by
cache-cph2320056-CPH
pragma
no-cache
server
nginx
x-timer
S1701272584.997823,VS0,VE150
vary
Accept-Encoding
content-type
application/json;charset=utf-8
access-control-allow-origin
https://gempak.com
cache-control
no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
access-control-allow-credentials
true
accept-ranges
bytes
expires
Sat, 26 Jul 1997 05:00:00 GMT
get
choices.trustarc.com/ Frame 434A 		287 B
671 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://choices.trustarc.com/get?name=admarker-icon-tr.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.214.37 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-214-37.fra56.r.cloudfront.net
Software
nginx /
Resource Hash
821262a8c32b52639f97ddf4f34c494e82156651752608fa6a23ffa3df2f84b1

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
public
date
Sun, 19 Nov 2023 13:19:27 GMT
via
1.1 eaedf92fd05c53aa96f20b6322b473e6.cloudfront.net (CloudFront)
last-modified
Thu, 26 Oct 2023 03:20:37 GMT
server
nginx
x-amz-cf-pop
FRA56-P3
age
872617
x-cache
Hit from cloudfront
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=2592000
timing-allow-origin
*
content-length
287
x-amz-cf-id
Ou10i5XmjoypPHWdUQejzV2gG-IqdQmIfP7a7YsYYpM4wT5BUNVzFA==
expires
Tue, 19 Dec 2023 13:19:27 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 0A2B 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=5204780568096&version=m202309260101&ct=119&x=1&cor=3405658971059314700
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ed82c412a1d0517c38d808cdf80f705f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 29 Nov 2023 15:43:04 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
230612-1-vodus-common.js
cdn.jsdelivr.net/gh/vodus-ai/api@latest/ 		30 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/gh/vodus-ai/api@latest/230612-1-vodus-common.js?build=202308021233
Requested by
Host: voting.astro.com.my
URL: https://voting.astro.com.my/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:5814 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ddeb966717b2ec144839c4480f0fc4da8d6eb830fd03ce5d523f4abe6acae4ea
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gempak.com//404
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 29 Nov 2023 15:43:05 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
29430
x-jsd-version
master
content-encoding
br
x-cache
HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230120-FRA
x-jsd-version-type
branch
server
cloudflare
etag
W/"776d-2mbdureYPIIosr7u45DaTx6Dwdo"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eszG3cp6WpFB%2FtUtkdTMX3ZeZSwLNv84mxhqV%2FU%2BJYoiqJ5rPopvNGXOj4UpS71%2BYd40MgJkzZLjXTt7GWJKh20AVIFMo51P7WCBZcpIZTluN8%2Fj4dzgsN1JR2KtfC2KVy9PIolGFvoKP57pqTE%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
timing-allow-origin
*
cf-ray
82dbf6d96e3436e0-FRA
bootstrap-vodus.css
cdn.jsdelivr.net/gh/vodus-ai/api@latest/ 		94 KB
12 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/gh/vodus-ai/api@latest/bootstrap-vodus.css?build=202308021233
Requested by
Host: voting.astro.com.my
URL: https://voting.astro.com.my/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:5814 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9054b7735cbd42d74d4e95347994eabb230c9ebd5a414344a25e6f6a1eaadc06
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gempak.com//404
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 29 Nov 2023 15:43:05 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
36641
x-jsd-version
master
content-encoding
br
x-cache
HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230028-FRA
x-jsd-version-type
branch
server
cloudflare
etag
W/"17741-eyr5qVyhEoMVOXam3tr3OJZpN0A"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CkhkCbmiMY%2BUqSZpyG%2FB%2BViXRgEvsC81ceXrrwOyyzC48uYegHrdefJ6IECWpFdXMm5wtQ3rpmvIeho5TSJrKDqCmJbXm4bxXDHzX6jPNnZJN9WMCssc4CMOWrzdzz5NfXf%2BPFyxH7Q%2BkEwDuJU%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
timing-allow-origin
*
cf-ray
82dbf6d96e3a36e0-FRA
230626-survey.css
cdn.jsdelivr.net/gh/vodus-ai/api@latest/ 		90 KB
16 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/gh/vodus-ai/api@latest/230626-survey.css?build=202308021233
Requested by
Host: voting.astro.com.my
URL: https://voting.astro.com.my/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:5814 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ee1809002036a48cef12c927023fcb0e0738faf11b0bac4cc7fdb93a6b884b8d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gempak.com//404
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 29 Nov 2023 15:43:05 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
40385
x-jsd-version
master
content-encoding
br
x-cache
HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230026-FRA
x-jsd-version-type
branch
server
cloudflare
etag
W/"16696-TB815+z8/Kp6aTTj5OVpIlvO+PI"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5MtQfDJjxKKv%2BaLUxJSDsfxxitFPv8QyW0hMowqTyZbK9v733C%2FjpdeREoSTG3UP%2BILhccN2qApqvSmMUXiNSkMiRdfNKQRp%2BRBp8PLM0Dz7%2FBGJMJIXQnso4hZSHVz8HsBkTa9P7PVSzQMjgrY%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
timing-allow-origin
*
cf-ray
82dbf6d96e3d36e0-FRA
toastr.min.css
cdn.jsdelivr.net/gh/vodus-ai/api@latest/ 		7 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/gh/vodus-ai/api@latest/toastr.min.css?build=202308021233
Requested by
Host: voting.astro.com.my
URL: https://voting.astro.com.my/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:5814 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eec6191dda502c94c19edba266ef530b898b586b53de0d5621fd29cff61181d1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gempak.com//404
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 29 Nov 2023 15:43:05 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
33227
x-jsd-version
master
content-encoding
br
x-cache
HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230057-FRA
x-jsd-version-type
branch
server
cloudflare
etag
W/"1b1c-+sjET/VTfZ02RhtMXNAvWE2vvBY"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IaO5A%2Bl1604uzy6z4EmhlMEFnAeP45mheMHrTT%2BF3h%2BHNwbhgB0oQ8pQwZ%2BrdruyREKSEarLUVDB1rvhe3uI0Y%2B5CKM2UA%2FP9698g3EEp7yJ82a5RmnQWO3G%2FdaRLqvRWeyD%2BRAdhSvNXVpSBwo%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
timing-allow-origin
*
cf-ray
82dbf6d96e4036e0-FRA
tingle.css
cdn.jsdelivr.net/gh/vodus-ai/api@latest/ 		5 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/gh/vodus-ai/api@latest/tingle.css?build=202308021233
Requested by
Host: voting.astro.com.my
URL: https://voting.astro.com.my/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:5814 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
50249ef86bd97b4aeb97db2e5de7d016b3f519972a125c7c2dbf6a0e7be05f2a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gempak.com//404
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 29 Nov 2023 15:43:05 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
37382
x-jsd-version
master
content-encoding
br
x-cache
HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230040-FRA
x-jsd-version-type
branch
server
cloudflare
etag
W/"131e-GKaOehQVjA7l9LZbTh1TNm8rJh8"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dYhhX%2F1jjeYcHXJzDl%2FFukrhUKwuJy6b6%2FWuE7mCVut1zDY%2FZFM6pts8uKu4%2FJSSR%2BNE%2FTW2KsjhdMpRAx%2B6MTY1ctXfqpc9SYRDNvvEysK0nGqWbCgghHaDKDdot9%2FNhlTi%2Bxykk2jDSDRg390%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
timing-allow-origin
*
cf-ray
82dbf6d96e4136e0-FRA
toastr.min.js
cdnjs.cloudflare.com/ajax/libs/toastr.js/latest/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/toastr.js/latest/toastr.min.js
Requested by
Host: voting.astro.com.my
URL: https://voting.astro.com.my/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ddb96c25de07962ffbc0243e6e68177ce74aee9fd950cb4f5d8d3c8e6c524a09
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gempak.com//404
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 29 Nov 2023 15:43:05 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
2373629
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
1885
last-modified
Mon, 04 May 2020 16:17:02 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03ffe-15a1"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QDAe%2BWr8CysqizuT58fTZzsAQu4ngpBN11rUhR%2Fq6T9p07p1NdMPIRnuBbymfacEyvaOJqfleHi7xM9RBeypZsi1x9zwqH31KWdcPiz29zoNEM%2Fjh8%2FdPmt9Mem1BsudJf0fGwyjBLpUX67gj3MZl6Zv"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
82dbf6d96c4b9125-FRA
expires
Mon, 18 Nov 2024 15:43:05 GMT
tingle.min.js
cdnjs.cloudflare.com/ajax/libs/tingle/0.13.2/ 		7 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/tingle/0.13.2/tingle.min.js
Requested by
Host: voting.astro.com.my
URL: https://voting.astro.com.my/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e23a4e032b9b1dc7ed992b680df42bcc5ae15bf7e8573a6ff2cc694235adcd38
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gempak.com//404
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 29 Nov 2023 15:43:05 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
128272
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
1561
last-modified
Mon, 04 May 2020 16:17:01 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03ffd-1bfc"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=q0RMf9QPWsTlMS%2Fw97UiNGe8OqcAKUls9DKkR1Yz%2BpdoJsFnYo71z%2BxD6Al5UIsvSSrXN2Bu5g5CLKxk5zmqnHaXoWT9xC5POehZP0%2BOi%2B3gwUsw%2Fkv0nY7i2Byva9FM2yvJBWtKt%2F96N7PnmbRcVwF%2B"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
82dbf6d97c4e9125-FRA
expires
Mon, 18 Nov 2024 15:43:05 GMT
i18next.min.js
cdnjs.cloudflare.com/ajax/libs/i18next/8.4.3/ 		36 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/i18next/8.4.3/i18next.min.js
Requested by
Host: voting.astro.com.my
URL: https://voting.astro.com.my/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d659b0ebd2557d1e35fba8bf8fcd3aedc04ff08d2d737e38633548180f35df4e
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gempak.com//404
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 29 Nov 2023 15:43:05 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
120923
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
9349
last-modified
Mon, 04 May 2020 16:11:10 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03e9e-8fd1"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bFNlbBlTOD620Qs9S%2Bw4%2FZ6f6Whbn4VCL1HzaSj84x49W%2FuwDdQ9pSGAFLxsCg3B1eZunOjp54xMmiSfOaf9uKeNX%2FU9W5%2B8xvBaKlADOBtmxoN7V%2Fvhu2gvusTcYx5jP2cAjBqhkjL7wxwgqK9AJaC5"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
82dbf6d97c509125-FRA
expires
Mon, 18 Nov 2024 15:43:05 GMT
jquery-i18next.min.js
cdnjs.cloudflare.com/ajax/libs/jquery-i18next/1.2.0/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/jquery-i18next/1.2.0/jquery-i18next.min.js
Requested by
Host: voting.astro.com.my
URL: https://voting.astro.com.my/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e37a6f5b4a9288dad70a0cabf87c08989b4042bc6ca7fa3b1fef3f6ab4cc509a
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gempak.com//404
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 29 Nov 2023 15:43:05 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
681372
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
770
last-modified
Mon, 04 May 2020 16:11:46 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03ec2-740"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MRTg%2FuEwDX4hT2ry%2F%2FI5EL8llI%2BXFGVyxUHGRC3vnaBZ3Z5716tYI4Wu1YbxcMJKRj2jUOcq1RENEXOriI16O09V%2B7JxA%2F25H9czcreePq8V23hlGuiw3irmyeIzQp5UUGV6G3nwhl7nXPnLJZoaeFzj"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
82dbf6d97c549125-FRA
expires
Mon, 18 Nov 2024 15:43:05 GMT
bootstrap.min.js
cdn.jsdelivr.net/npm/bootstrap@3.4.1/dist/js/ 		39 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/bootstrap@3.4.1/dist/js/bootstrap.min.js?build=202308021233
Requested by
Host: voting.astro.com.my
URL: https://voting.astro.com.my/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:5814 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9ee2fcff6709e4d0d24b09ca0fc56aade12b4961ed9c43fd13b03248bfb57afe
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gempak.com//404
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 29 Nov 2023 15:43:05 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
124107
x-jsd-version
3.4.1
content-encoding
br
x-cache
HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230118-FRA
x-jsd-version-type
version
server
cloudflare
etag
W/"9b00-sW/YImvWv7COVo8bHQoh1gJHzvs"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2Fn7Ewi7WbQ0mpWYtWJG0t4zVpgramNqyqjN0gSgL5Ig%2BrEBe8OJcjT7fJxy3MbacLo6WyWRkR4YMW9hgTFgBYUgvF9IA6J3FC1fK74fuILs%2B0MciMx2l%2BdNVjlBRVTos4tBq7a466xELXmgyhdg%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
cf-ray
82dbf6d97e4b36e0-FRA
jquery-ui.min.js
code.jquery.com/ui/1.12.1/ 		248 KB
67 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.jquery.com/ui/1.12.1/jquery-ui.min.js
Requested by
Host: voting.astro.com.my
URL: https://voting.astro.com.my/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:600::649 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
55accff7b642c2d7a402cbe03c1494c0f14a76bc03dee9d47d219562b6a152a5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gempak.com//404
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 29 Nov 2023 15:43:05 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
age
4959506
x-cache
HIT, HIT
content-length
67751
x-served-by
cache-lga13623-LGA, cache-fra-eddf8230052-FRA
last-modified
Fri, 18 Oct 1991 12:00:00 GMT
server
nginx
x-timer
S1701272585.244643,VS0,VE0
etag
W/"28feccc0-3dee4"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=604800
accept-ranges
bytes
x-cache-hits
38, 13210
platform.js
apis.google.com/js/ 		56 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://apis.google.com/js/platform.js
Requested by
Host: voting.astro.com.my
URL: https://voting.astro.com.my/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
58ce837eacdf9d9f4038f4ecdbebc41c418b346ceffd66d2faa9a97b72aac854
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gempak.com//404
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

content-security-policy
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
content-encoding
gzip
x-content-type-options
nosniff
date
Wed, 29 Nov 2023 15:43:05 GMT
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
21930
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="gapi-team"
etag
"d5ad85e4d3af90e1"
vary
Accept-Encoding
report-to
{"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
private, max-age=1800, stale-while-revalidate=1800
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 29 Nov 2023 15:43:05 GMT
css
fonts.googleapis.com/ 		1 KB
463 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Dosis:400
Requested by
Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/gh/vodus-ai/api@latest/230626-survey.css?build=202308021233
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
f4de41edd6d540328311323b4ed0b21dc34b269d909f793164e2dedf3c611edb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.jsdelivr.net/gh/vodus-ai/api@latest/230626-survey.css?build=202308021233
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Wed, 29 Nov 2023 15:43:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Wed, 29 Nov 2023 15:43:05 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 29 Nov 2023 15:43:05 GMT
css
fonts.googleapis.com/ 		406 B
318 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Droid+Serif:700
Requested by
Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/gh/vodus-ai/api@latest/230626-survey.css?build=202308021233
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
ca1481183c16bda26d662792e22c516a8fdc7ac21baa4fa0744e20db8457e910
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.jsdelivr.net/gh/vodus-ai/api@latest/230626-survey.css?build=202308021233
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Wed, 29 Nov 2023 15:43:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Wed, 29 Nov 2023 15:43:05 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 29 Nov 2023 15:43:05 GMT
css
fonts.googleapis.com/ 		1 KB
505 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Inconsolata:700
Requested by
Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/gh/vodus-ai/api@latest/230626-survey.css?build=202308021233
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
f10b89fde67b2bafa1794d514006a5f3a436bac868dc987e031993e133ce09ed
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.jsdelivr.net/gh/vodus-ai/api@latest/230626-survey.css?build=202308021233
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Wed, 29 Nov 2023 15:43:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Wed, 29 Nov 2023 15:30:38 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 29 Nov 2023 15:43:05 GMT
css
fonts.googleapis.com/ 		2 KB
549 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Lora:700
Requested by
Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/gh/vodus-ai/api@latest/230626-survey.css?build=202308021233
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
9daac18af4abbcce5453991010a64421d516f323651fd08d87245a78f76b76c0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.jsdelivr.net/gh/vodus-ai/api@latest/230626-survey.css?build=202308021233
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Wed, 29 Nov 2023 15:43:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Wed, 29 Nov 2023 15:36:47 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 29 Nov 2023 15:43:05 GMT
css
fonts.googleapis.com/ 		2 KB
554 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Merriweather:700
Requested by
Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/gh/vodus-ai/api@latest/230626-survey.css?build=202308021233
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
b87b5ff04023985cd86fe44e2ab7e61cc6057c14988223c4b26fb025d6ae118e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.jsdelivr.net/gh/vodus-ai/api@latest/230626-survey.css?build=202308021233
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Wed, 29 Nov 2023 15:43:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Wed, 29 Nov 2023 15:41:28 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 29 Nov 2023 15:43:05 GMT
css
fonts.googleapis.com/ 		730 B
374 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Oxygen:400
Requested by
Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/gh/vodus-ai/api@latest/230626-survey.css?build=202308021233
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
74d5dfb509b5cd822e2337d445ff84837025c3a9fd618678d1690758f692ecee
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.jsdelivr.net/gh/vodus-ai/api@latest/230626-survey.css?build=202308021233
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Wed, 29 Nov 2023 15:43:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Wed, 29 Nov 2023 15:43:05 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 29 Nov 2023 15:43:05 GMT
css
fonts.googleapis.com/ 		2 KB
496 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Ubuntu:400
Requested by
Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/gh/vodus-ai/api@latest/230626-survey.css?build=202308021233
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
838fcf38d188c20c103e6e3cc1902ad8cca9e7446018d88a5c25d531f67402aa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.jsdelivr.net/gh/vodus-ai/api@latest/230626-survey.css?build=202308021233
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Wed, 29 Nov 2023 15:43:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Wed, 29 Nov 2023 15:36:21 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 29 Nov 2023 15:43:05 GMT
css
fonts.googleapis.com/ 		3 KB
665 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Open+Sans
Requested by
Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/gh/vodus-ai/api@latest/230626-survey.css?build=202308021233
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
4ddf6973fa3421cc10d8946187a761c0317632b66442c3d20c736024fba1029f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.jsdelivr.net/gh/vodus-ai/api@latest/230626-survey.css?build=202308021233
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Wed, 29 Nov 2023 15:43:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Wed, 29 Nov 2023 14:25:58 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 29 Nov 2023 15:43:05 GMT
css
fonts.googleapis.com/ 		717 B
370 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Lato
Requested by
Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/gh/vodus-ai/api@latest/230626-survey.css?build=202308021233
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
eb91e77384f9aff2e81a868ae4f2ae6fb5940c573d0e39088ff637414b4ffed9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.jsdelivr.net/gh/vodus-ai/api@latest/230626-survey.css?build=202308021233
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Wed, 29 Nov 2023 15:43:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Wed, 29 Nov 2023 14:24:52 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 29 Nov 2023 15:43:05 GMT
css
fonts.googleapis.com/ 		2 KB
570 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto
Requested by
Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/gh/vodus-ai/api@latest/230626-survey.css?build=202308021233
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
289d25d68f730e581e0a16b8bee8f63a061717973f8ac8c29ccf2ba8fed15adf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.jsdelivr.net/gh/vodus-ai/api@latest/230626-survey.css?build=202308021233
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Wed, 29 Nov 2023 15:43:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Wed, 29 Nov 2023 14:30:25 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 29 Nov 2023 15:43:05 GMT
css
fonts.googleapis.com/ 		2 KB
597 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Source+Sans+Pro
Requested by
Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/gh/vodus-ai/api@latest/230626-survey.css?build=202308021233
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
8eb0ee259863bc0abfb4ebf2d5138c3931fdd2dc3e4a920ee139064df8632c06
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.jsdelivr.net/gh/vodus-ai/api@latest/230626-survey.css?build=202308021233
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Wed, 29 Nov 2023 15:43:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Wed, 29 Nov 2023 14:23:55 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 29 Nov 2023 15:43:05 GMT
css
fonts.googleapis.com/ 		2 KB
555 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Oswald:700
Requested by
Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/gh/vodus-ai/api@latest/230626-survey.css?build=202308021233
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
66bb15f6fcefa66403acc1e4bca76dc4d7f1e6b2af365de840198df41f5635b2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.jsdelivr.net/gh/vodus-ai/api@latest/230626-survey.css?build=202308021233
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Wed, 29 Nov 2023 15:43:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Wed, 29 Nov 2023 14:40:19 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 29 Nov 2023 15:43:05 GMT
css
fonts.googleapis.com/ 		2 KB
539 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Pangolin
Requested by
Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/gh/vodus-ai/api@latest/230626-survey.css?build=202308021233
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
3909701b14ebd83886515f2b196cf69018152b7ef85b6d17b6c4cad6157b24ba
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.jsdelivr.net/gh/vodus-ai/api@latest/230626-survey.css?build=202308021233
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Wed, 29 Nov 2023 15:43:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Wed, 29 Nov 2023 15:36:08 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 29 Nov 2023 15:43:05 GMT
css
fonts.googleapis.com/ 		2 KB
559 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Montserrat
Requested by
Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/gh/vodus-ai/api@latest/230626-survey.css?build=202308021233
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
28d397270696b4361f8722b8c43ff2db5ba45891f35eeecedc913088dcc58ed5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.jsdelivr.net/gh/vodus-ai/api@latest/230626-survey.css?build=202308021233
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Wed, 29 Nov 2023 15:43:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Wed, 29 Nov 2023 14:29:19 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 29 Nov 2023 15:43:05 GMT
css
fonts.googleapis.com/ 		2 KB
530 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Playfair+Display
Requested by
Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/gh/vodus-ai/api@latest/230626-survey.css?build=202308021233
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
5ad61e6094e5bdc2688ddf01cf03dcd97dc1a7ff7e26bda92c99d7d6e3184c3e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.jsdelivr.net/gh/vodus-ai/api@latest/230626-survey.css?build=202308021233
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Wed, 29 Nov 2023 15:43:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Wed, 29 Nov 2023 14:34:53 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 29 Nov 2023 15:43:05 GMT
css
fonts.googleapis.com/ 		775 B
394 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Titillium+Web
Requested by
Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/gh/vodus-ai/api@latest/230626-survey.css?build=202308021233
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
2fdba028bf5bb5f94fe0180bbf318d8b2345fa8d338d9d8936794d9e1f67544e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.jsdelivr.net/gh/vodus-ai/api@latest/230626-survey.css?build=202308021233
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Wed, 29 Nov 2023 15:43:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Wed, 29 Nov 2023 14:42:40 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 29 Nov 2023 15:43:05 GMT
css
fonts.googleapis.com/ 		1 KB
489 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=PT+Sans+Narrow
Requested by
Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/gh/vodus-ai/api@latest/230626-survey.css?build=202308021233
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
25a913c2d492f74053eb0b305f4cc64f4d7a97795d1893a5ad1b9a3c5013ff15
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.jsdelivr.net/gh/vodus-ai/api@latest/230626-survey.css?build=202308021233
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Wed, 29 Nov 2023 15:43:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Wed, 29 Nov 2023 14:31:42 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 29 Nov 2023 15:43:05 GMT
css
fonts.googleapis.com/ 		405 B
317 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Indie+Flower
Requested by
Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/gh/vodus-ai/api@latest/230626-survey.css?build=202308021233
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
f7162a2bf4f3f84010fcd399f9420597332841fb4814ac737da2a4fda9324437
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.jsdelivr.net/gh/vodus-ai/api@latest/230626-survey.css?build=202308021233
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Wed, 29 Nov 2023 15:43:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Wed, 29 Nov 2023 14:38:01 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 29 Nov 2023 15:43:05 GMT
css
fonts.googleapis.com/ 		1 KB
444 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Poppins&display=swap
Requested by
Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/gh/vodus-ai/api@latest/230626-survey.css?build=202308021233
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e4240ee23e840bebe54c7c07512f10aee39ae8c0f3ddd6a692be08eb6a6875a9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.jsdelivr.net/gh/vodus-ai/api@latest/230626-survey.css?build=202308021233
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Wed, 29 Nov 2023 15:43:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Wed, 29 Nov 2023 14:30:18 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 29 Nov 2023 15:43:05 GMT
thirdparty-cookie-check-start.html
api.vodus.com/ Frame 82CB 		171 B
545 B 		Document
General
Check archive.org
Download Go to
Full URL
https://api.vodus.com/thirdparty-cookie-check-start.html
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/jquery/3.6.1/jquery.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.212.64.10 Singapore, Singapore, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
702834f160909a08542eca7b7713f85cb876d3ce1805f178dbba236e3f74204e

Request headers

Referer
https://gempak.com//404
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Content-Encoding
gzip
Content-Type
text/html
Date
Wed, 29 Nov 2023 15:43:05 GMT
ETag
"1d9414676c0c0ab"
Last-Modified
Wed, 15 Feb 2023 14:04:48 GMT
Server
Microsoft-IIS/10.0
Transfer-Encoding
chunked
Vary
Accept-Encoding
X-Powered-By
ASP.NET
jquery.ui.touch-punch.min.js
cdnjs.cloudflare.com/ajax/libs/jqueryui-touch-punch/0.2.3/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/jqueryui-touch-punch/0.2.3/jquery.ui.touch-punch.min.js
Requested by
Host: voting.astro.com.my
URL: https://voting.astro.com.my/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
000854d782781aff1b16ea5451c1da3d07efadd35ab911ccb7e4b851571a25bd
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gempak.com//404
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 29 Nov 2023 15:43:05 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
137183
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
493
last-modified
Mon, 04 May 2020 16:11:48 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03ec4-50b"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=E%2FADTdSUu9526eLIr1rbGe49GADcQM%2FPHqJIiZ7EyVs9m6p79yxdN%2ByMMiqiv8rm1eYmKjTQpBxEvFOIUzbsWHAksMLDljBUJpEtCV3BMrRa6OKeItxXHz%2FDMRK5UdSJs8vs9ds6x8yfNBMwWCONx12q"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
82dbf6da3b168ff4-FRA
expires
Mon, 18 Nov 2024 15:43:05 GMT
thirdparty-cookie-check-complete.html
api.vodus.com/ Frame 82CB 		271 B
575 B 		Document
General
Check archive.org
Download Go to
Full URL
https://api.vodus.com/thirdparty-cookie-check-complete.html
Requested by
Host: api.vodus.com
URL: https://api.vodus.com/thirdparty-cookie-check-start.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.212.64.10 Singapore, Singapore, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
61a43852167ac96e7aeb7759114880592ea637b1e62bce42ca85f514eae83614

Request headers

Referer
https://api.vodus.com/thirdparty-cookie-check-start.html
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Content-Encoding
gzip
Content-Type
text/html
Date
Wed, 29 Nov 2023 15:43:05 GMT
ETag
"1d941462813270f"
Last-Modified
Wed, 15 Feb 2023 14:02:36 GMT
Server
Microsoft-IIS/10.0
Transfer-Encoding
chunked
Vary
Accept-Encoding
X-Powered-By
ASP.NET
serverless
api.vodus.com/v1/token/ Frame 06C7 		7 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://api.vodus.com/v1/token/serverless?partnerCode=
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/jquery/3.6.1/jquery.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.212.64.10 Singapore, Singapore, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
87aa1daa37cd8dd501095ca12436da32d38055980698e878e955ce72eaf4ee04

Request headers

Referer
https://gempak.com//404
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Content-Encoding
gzip
Content-Type
text/html; charset=utf-8
Date
Wed, 29 Nov 2023 15:43:05 GMT
Server
Microsoft-IIS/10.0
Transfer-Encoding
chunked
Vary
Accept-Encoding
X-Powered-By
ASP.NET
trace
www.cloudflare.com/cdn-cgi/ Frame 06C7 		322 B
458 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.cloudflare.com/cdn-cgi/trace
Requested by
Host: api.vodus.com
URL: https://api.vodus.com/v1/token/serverless?partnerCode=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:7c60 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c4599e3e174c8cfea0b9e91cfa9a836602085a1f5f8319146016998cd54e17fc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://api.vodus.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 29 Nov 2023 15:43:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cloudflare
x-frame-options
DENY
content-type
text/plain
access-control-allow-origin
*
cache-control
no-cache
cf-ray
82dbf6de3f4ebb8f-FRA
expires
Thu, 01 Jan 1970 00:00:01 GMT
check
vodus.my/token/ Frame 3366 		982 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://vodus.my/token/check?partnerCode=
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/jquery/3.6.1/jquery.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.212.64.10 Singapore, Singapore, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
de2f619367d5efc5a236b34e46014ba18bd44b03be31d278f242b198f7547253
Security Headers
Name Value
Strict-Transport-Security max-age=2592000

Request headers

Referer
https://gempak.com//404
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Content-Encoding
gzip
Content-Type
text/html; charset=utf-8
Date
Wed, 29 Nov 2023 15:43:07 GMT
Server
Microsoft-IIS/10.0
Strict-Transport-Security
max-age=2592000
Transfer-Encoding
chunked
Vary
Accept-Encoding
X-Powered-By
ASP.NET
collect
region1.analytics.google.com/g/ 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-0GC2LF80F2&gtm=45je3b81v877875055&_p=1701272576497&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=1730769388.1701272577&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AEI&sid=1701272576&sct=1&seg=0&dl=https%3A%2F%2Fgempak.com%2F%2F404&dr=https%3A%2F%2Fvoting.astro.com.my%2F&dt=&_s=2&tfd=11450
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-0GC2LF80F2&l=dataLayer&cx=c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://gempak.com//404
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Wed, 29 Nov 2023 15:43:06 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://gempak.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
VideoBidRequestHandlerServlet
am-wf.taboola.com/ 		2 KB
974 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://am-wf.taboola.com/VideoBidRequestHandlerServlet?oid=15&width=700&height=393&pubid=169497&tagid=953497&crid=-1&noaop=3&sortOrderType=0&cb=1701272586999&mimes=5,10,11,12&isvideo=0&plmd=2&mindur=1&maxdur=210&minbr=1&maxbr=10000&st=0&seq=3&pv=1578&pt=-1569085781&tz=60&viewable=true&ddast=V8VUECLAa4rDSk9sQwThJwWWlI7YlhnCwAAABgYID-AElOZs7FcLdySwaDmVu0MbncEodt41ZZZrvBZOSwOFy-ISDJycy5GO5WbslgMHOLNiaXW-Kwbdwqy2w3mIwcFofLNwUfxnKZDGqBhGX2-w4KyunpMbsMoqLrbbE7nGbPG1yg6XT4XPd6nctteHjtGr_brxcNRnMAAAAA8OD___8fAgAAAEAEAAAAAAkAAAAAFAIq_FsQuAAAAACA4f___18DABQHg3V4Pi-zPwAAAACAAAAAACABgDCUUQLgRez_xP________9_jAH6zBsZ_____zcMegA8-AB4EAIAAPAxBHb1I2QP2T6PSEFvEUYAAAAAsuW0KY5M0gkqFlX-___7rQBcAQAIYNz4hbPOojso8RYGAABAQIyWvY0QNOG15ZgFelj8frPDrvG7Xeb_________38z_mX80Qk0zM2mCMPTC1fwCAgCs-QUEAGCjbgAA3gjACTkcaDodPte9XvY3Pe0-u8JzuvztGr_brnb-RYegFYPB6gTE7AAAAADc-f___8ejZW8jBE14bakHpGyrkWs1Wy5WC5ttObPNPBPXZLKw2Waj2XCxW2zPEOSn9Wp4AnufEGGZ_b6DgnJ6eswug6joelvsDqfZcxAfNAzLySCYnwlbjFaTyWY5nC0Xk8FwNByN9mcgFssBmojBcjmZLCa71Wg12gx3o9lggQRiMEEULRpMVqPRZDEZrkaT1Wy52O02iKJVq9loMxiuZpPZbrcaDobL0QhN2GK0mkw2y-FsuZgMhqPhaDREMOJw7XaT2cStshhnbtFktlwLFzaPW-KZmBYeh3Ezcw3WotfH9LENVo7haIsEA1L2InlapBPVcrOazVwTz2q2G45My9HENNxNTLPFcuFwrDaLiViiOVmkE9ll37KtRq7VbLlYLWy25cw280xck8nCZpuNZsPFbrGvOFy73WQ2cassxplbNJkt18KFzeOWeCamhcdh3Mxcg7Xo9TF9bIOVYzjaN3aDxWQ3WQ0H-8ZusJjsJqvhYN-hcgmD3YvRe9KYPTrV5y95JmxOg8JlsHh_EtNi2p0dRCff0amTqpRFndHv9_v9fr_f7_f7DVrPwWxQ-K61iLT5eBZ313D4cTAoYongIp0oPKfL3-0yOR2ev9l1evrtnrfO5TY8vBaxRGm6SCd6vWgwmoglgtNFOhG9jKeL-o8cZLGbKxajuWQxnEsGqwQAAAAAAAAAYAmmmW4CAAAA4GRQo8Votlqng1kMVqvNarkALACAdQGDAAAAAAAA7IL-S8OmYAPCKNbYYxrhOV3-bpfJ6fD8za7T02_3vHUut-HhtTIACwBfZpt9RhBrtVrWAAAABLABAAAEcNONNwFkUdz_____OAAAADJy6AEAANDvA8oCAAAAAAD4B6BCrNVqdbuxVqsVsGCGo8lwAv____8B!&proto=2,3,5,6&encoded=1&pstn=1&callback=&wfv=1&amp=0&qsz=6&ft=0&pb=0&pagg=1&sd=undefined&ctsldr=1&dtagid=3105535&dpubid=541465&abtst=adxLoadDist7-out_vC!adxsub-out_vA!adxsub-out_vB!ufm_vG&mPre=0.033&cirf=https%3A%2F%2Fgempak.com&en=1&subu=3
Requested by
Host: voting.astro.com.my
URL: https://voting.astro.com.my/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
387124461d221bdfd28cc0c1dbba9dbb9fe86fee1ade9aa1161c1950e09114e2

Request headers

Referer
https://gempak.com//404
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-type
text/plain

Response headers

pragma
no-cache
date
Wed, 29 Nov 2023 15:43:07 GMT
content-encoding
gzip
server
nginx
machineid
1426
vary
Accept-Encoding
content-type
application/json;charset=utf-8
access-control-allow-origin
https://gempak.com
cache-control
no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
access-control-allow-credentials
true
expires
Sat, 26 Jul 1997 05:00:00 GMT
/
pebed.dm-event.net/ Frame 668F 		15 B
363 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pebed.dm-event.net/
Requested by
Host: static1.dmcdn.net
URL: https://static1.dmcdn.net/playerv5/dmp.photon_vendor.3ce7557f0c4e78d46b63.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
188.65.124.59 Paris, France, ASN41690 (DAILYMOTION For peering related business, please mail peering@dailymotion.com, FR),
Reverse DNS
ebed2.dm.gg
Software
edward-ed/2.2.1 /
Resource Hash
a29ee2b15c494311c52521766e44af56a3ad2248e7a8ab465e5206463c13d288

Request headers

Accept
application/json, text/plain, */*
Referer
https://geo.dailymotion.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type
text/plain; charset=UTF-8

Response headers

Date
Wed, 29 Nov 2023 15:43:07 GMT
Server
edward-ed/2.2.1
Access-Control-Max-Age
604800
Access-Control-Allow-Methods
POST
Content-Type
application/json
Access-Control-Allow-Origin
*
Access-Control-Allow-Headers
Content-Encoding, X-Dm-EventBus-Compression-Duration, X-Dm-EventBus-Worker-Duration
Content-Length
15
getCCParameter
vodus-api-serverless.azurewebsites.net/api/ 		652 B
769 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://vodus-api-serverless.azurewebsites.net/api/getCCParameter
Requested by
Host: voting.astro.com.my
URL: https://voting.astro.com.my/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.188.98.74 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
5d7779854ed7a997b5a129a4eb24ee5c0432f5e884f0446816f7a6ef30a5d10f

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://gempak.com//404
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

Access-Control-Allow-Origin
*
Date
Wed, 29 Nov 2023 15:43:07 GMT
Content-Encoding
gzip
Request-Context
appId=
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/plain; charset=utf-8
generate-temp-token
vodus-api-serverless.azurewebsites.net/api/token/ 		90 B
455 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://vodus-api-serverless.azurewebsites.net/api/token/generate-temp-token
Requested by
Host: voting.astro.com.my
URL: https://voting.astro.com.my/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.188.98.74 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
9f1d9d05d77a587f38162d85a3c9a08dbd676c24f04c8659f5439cdfea358d0d

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://gempak.com//404
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

Access-Control-Allow-Origin
*
Date
Wed, 29 Nov 2023 15:43:07 GMT
Content-Encoding
gzip
Content-Type
application/json; charset=utf-8
Transfer-Encoding
chunked
Vary
Accept-Encoding
Request-Context
appId=
cookiesync
cdn.aralego.net/ucfad/sdk/us-east/
Redirect Chain
  • https://ads.aralego.com/cookiesync
  • https://cdn.aralego.net/ucfad/sdk/us-east/cookiesync
5 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.aralego.net/ucfad/sdk/us-east/cookiesync
Protocol
H2
Server
2606:4700:20::ac43:47fe -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
7fd367045a99ab837da7993139ed22179ee8dd6a9e1915e83ac9d37c33d77a99

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gempak.com//404
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 29 Nov 2023 15:43:08 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
9414
alt-svc
h3=":443"; ma=86400
content-length
4739
last-modified
Mon, 28 Aug 2023 06:02:46 GMT
server
cloudflare
etag
"64ec3886-1283"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6sJpb%2BWDLJ19%2BWP%2FTElULcL4XmwaBxcwt24zYWmReNjCTQGQ6rTdLGlezLVct2ajk6Hngu9mBHNELXxGMN2RkID7x8r6wQnoL2P4EUkc%2BVqr35h5PoEKc1kya0VWsGiAp%2FAEvI2xg%2B2ZfXxjwg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/octet-stream
cache-control
max-age=14400
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
82dbf6ef8f913731-FRA

Redirect headers

Location
https://cdn.aralego.net/ucfad/sdk/us-east/cookiesync
Connection
close
Content-length
0
trace
www.cloudflare.com/cdn-cgi/ 		323 B
357 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.cloudflare.com/cdn-cgi/trace
Requested by
Host: voting.astro.com.my
URL: https://voting.astro.com.my/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:7c60 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ce74969a5ebb6871e5aafc8dbbf0e2a62ab1263d1147881d62ea17421487d0e8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gempak.com//404
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 29 Nov 2023 15:43:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cloudflare
x-frame-options
DENY
content-type
text/plain
access-control-allow-origin
*
cache-control
no-cache
cf-ray
82dbf6ed2cecbb8f-FRA
expires
Thu, 01 Jan 1970 00:00:01 GMT
idRequest
sync.aralego.com/ 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
voting-service.eco.astro.com.my
URL
https://voting-service.eco.astro.com.my/api/v1/vote/
Domain
region1.analytics.google.com
URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-K6Q5ED8R4T&gtm=45je3b81v884855698&_p=1701272572756&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=434321360.1701272573&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=2&sid=1701272573&sct=1&seg=0&dl=https%3A%2F%2Fvoting.astro.com.my%2F&dt=Lagu%20Trending%20Tergempak&en=user_engagement&ep.cookieFlags=samesite%3Dlax%3Bsecure&_et=2683&tfd=4595
Domain
region1.analytics.google.com
URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-3EV8LLM8NY&gtm=45je3b81v881506662&_p=1701272572756&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=434321360.1701272573&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=2&sid=1701272573&sct=1&seg=0&dl=https%3A%2F%2Fvoting.astro.com.my%2F&dt=Lagu%20Trending%20Tergempak&en=user_engagement&_et=2531&tfd=4599
Domain
region1.analytics.google.com
URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-4Q9DLDY2BM&gtm=45je3b81v875107886&_p=1701272572756&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=434321360.1701272573&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AEA&_s=2&sid=1701272573&sct=1&seg=0&dl=https%3A%2F%2Fvoting.astro.com.my%2F&dt=Lagu%20Trending%20Tergempak&en=scroll&ep.page=%2F&ep.location=https%3A%2F%2Fvoting.astro.com.my%2F&ep.cookieFlags=samesite%3Dlax%3Bsecure&epn.percent_scrolled=90&_et=44&tfd=4620
Domain
region1.analytics.google.com
URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-4Q9DLDY2BM&gtm=45je3b81v875107886&_p=1701272572756&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=434321360.1701272573&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=3&sid=1701272573&sct=1&seg=0&dl=https%3A%2F%2Fvoting.astro.com.my%2F&dt=Lagu%20Trending%20Tergempak&en=user_engagement&ep.page=%2F&ep.location=https%3A%2F%2Fvoting.astro.com.my%2F&ep.cookieFlags=samesite%3Dlax%3Bsecure&_et=2487&tfd=4621
Domain
gempak.com
URL
https://gempak.com/main.dd5f32e67ccd0cc20896.chunk.js
Domain
gempak.com
URL
https://gempak.com/npm.browserify-sign.09b7f1af3a490d3b55aa.chunk.js
Domain
gempak.com
URL
https://gempak.com/npm.formatjs.aba37cb5cf1b2892771e.chunk.js
Domain
gempak.com
URL
https://gempak.com/npm.react-redux.e671e33d8ba6bee2d2c8.chunk.js
Domain
gempak.com
URL
https://gempak.com/npm.react-app-polyfill.0fbf524a000065589bb8.chunk.js
Domain
gempak.com
URL
https://gempak.com/npm.core-js.c3b3e2c24d3a1fbc80b0.chunk.js
Domain
gempak.com
URL
https://gempak.com/npm.react-responsive-carousel.808d5cf7e4f016035eb0.chunk.js
Domain
gempak.com
URL
https://gempak.com/npm.astro-my.63d4bc39fe5949184cb4.chunk.js
Domain
gempak.com
URL
https://gempak.com/npm.tanstack.17c1f4d67f7645ef4680.chunk.js
Domain
gempak.com
URL
https://gempak.com/npm.uuid.57688f56173adcb2d14b.chunk.js
Domain
gempak.com
URL
https://gempak.com/runtime.a04a2cb89411aa044b02.js
Domain
sync.search.spotxchange.com
URL
https://sync.search.spotxchange.com/partner?source=270999
Domain
lb.eu-1-id5-sync.com
URL
https://lb.eu-1-id5-sync.com/lb/v1
Domain
de-digital-fortress-stg-assets.eco.astro.com.my
URL
https://de-digital-fortress-stg-assets.eco.astro.com.my/staging/f63f777a554e87e471848d0e06d02949.svg
Domain
sync.search.spotxchange.com
URL
https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESEAvmhzOp4cQysgLTJUcnCTw&google_cver=1
Domain
sync.search.spotxchange.com
URL
https://sync.search.spotxchange.com/partner?adv_id=7025&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dspotxchange_dbm%26google_hm%3D%24SPOTX_BASE64_USER_ID
Domain
www.facebook.com
URL
https://www.facebook.com/ajax/bz?__a=1&__ccg=EXCELLENT&__dyn=7xeUmxa13xu1syUbAihwRwqo98nwgU5Gex-ewSwMwNw8OdwJwvE3vx61cw9y0Ko2_CwjE3awbG78b87C1xwEwlU-0nS4o5-0ha2l2Utw78waOfwbK0RE5a1qw8W1uwa-7U1bo6i6811E2ZwrU6C0L836w5Kw&__hs=19690.BP%3Aplugin_default_pkg.2.0..0.0&__hsi=7306910093516235089&__req=2&__rev=1010092598&__s=%3A%3Aui1p2r&__sp=1&__user=0&dpr=1&jazoest=21900&lsd=tQWdO4-bcVowpHw6DHmGUA
Domain
www.facebook.com
URL
https://www.facebook.com/ajax/bz?__a=1&__ccg=EXCELLENT&__dyn=7xeUmxa13xu1syUbAihwRwqo98nwgU5Gex-ewSwMwNw8OdwJwvE3vx61cw9y0Ko2_CwjE3awbG78b87C1xwEwlU-0nS4o5-0ha2l2Utw78waOfwbK0RE5a1qw8W1uwa-7U1bo6i6811E2ZwrU6C0L836w5Kw&__hs=19690.BP%3Aplugin_default_pkg.2.0..0.0&__hsi=7306910093516235089&__req=3&__rev=1010092598&__s=%3A%3Aui1p2r&__sp=1&__user=0&dpr=1&jazoest=21900&lsd=tQWdO4-bcVowpHw6DHmGUA
Domain
www.facebook.com
URL
https://www.facebook.com/ajax/bz?__a=1&__ccg=EXCELLENT&__dyn=7xeUmxa13xu1syUbAihwRwqo98nwgU5Gex-ewSwMwNw8OdwJwvE3vx61cw9y0Ko2_CwjE3awbG78b87C1xwEwlU-0nS4o5-0ha2l2Utw78waOfwbK0RE5a1qw8W1uwa-7U1bo6i6811E2ZwrU6C0L836w5Kw&__hs=19690.BP%3Aplugin_default_pkg.2.0..0.0&__hsi=7306910093516235089&__req=4&__rev=1010092598&__s=%3A%3Aui1p2r&__sp=1&__user=0&dpr=1&jazoest=21900&lsd=tQWdO4-bcVowpHw6DHmGUA
Domain
sync.aralego.com
URL
https://sync.aralego.com/idRequest?lang=en-US,en&deviceInfo=8416001200&pixRatio=1&font=14px%20/%2021px%20FSAlbertPro,%20Times,%20%22Times%20New%20Roman%22,%20serif&

Verdicts & Comments Add Verdict or Comment

720 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| 15 object| documentPictureInPicture object| __cfQR object| NREUM object| webpackChunkNRBA object| newrelic object| NRBA object| webVitals object| dataLayer object| _taboola boolean| __cfRLUnblockHandlers object| google_tag_manager function| postscribe object| google_tag_manager_external object| google_tag_data object| GooglebQhCsO object| _sf_async_config object| dmpObj object| dmpArr function| fbq function| _fbq string| partnerData function| clarity function| twq object| googletag function| onYouTubeIframeAPIReady object| gaGlobal object| ggeac object| google_js_reporting_queue object| TRC function| _typeof object| _tblConsole undefined| msg function| __trcCopyProps function| __trcFromError function| __trcClientTimestamp function| __trcLog function| __trcError function| __trcDebug function| __trcInfo function| __trcWarn function| __trcWarnUsingBeacon function| __trcDOMWalker function| __trcJSONify function| __trcUnJSONify function| __trcTrim function| __trcGetElementsByClass function| __trcToArray function| __trcObjectCreate function| PageManager function| addHashParam number| trc_debug_level string| trc_article_id object| TRCImpl undefined| google_measure_js_timing string| c_name function| getCookie string| idSync object| objP object| astroDil function| objIsEmpty object| uriData object| se function| DIL function| demdexRequestCallback_0_1701272577121 object| _cb_shared object| pSUPERFLY_mab object| _cbq object| pSUPERFLY object| regeneratorRuntime object| twttr object| jqueryScript function| demdexRequestCallback_0_1701272577122 function| $ function| jQuery number| time_interval number| geopercent number| geoedge number| min_view_andbeyond number| min_view number| timebased_refresh_andbeyond number| hijackabm number| unfilledabm object| andbeyondnewarray number| residual number| residual2 number| refresh_andbeyond number| number number| refresh number| iframes string| machine_rules object| label_adapter_video object| label_adapter_display object| config_rtb object| adapter_rtb_new string| home_country object| adunit_network function| getQueryString_val_new string| sitemainurlandbyeond undefined| andbeyondhttp object| observ object| slot_vis object| start_time object| total_vis string| country_rtb1 string| city_rtb string| city_ip string| city_region string| Countrytimezone number| timedate1 number| andstatus300 number| andstatus3001 number| prebid_active number| newtestunitcount number| adlooksstatus number| adlooksstatus1 number| adloox_fraud number| andbeyondadult number| netacuitycpde object| block_url object| and_geo_block undefined| width undefined| height number| size3001status number| size3002status number| size3003status number| size3004status number| size3005status number| size3006status number| size3007status number| size3008status number| size3009status number| size30010status number| size30011status number| size30012status number| size30013status number| size30014status number| size30015status number| size30016status number| size30017status number| size30018status number| size30019status number| size30020status number| size30021status number| size30022status number| size30023status number| size30024status number| size30025status number| size30026status number| size30027status number| size30028status number| size30029status number| size30030status number| size30031status number| size30032status number| size30033status number| size30034status number| size30035status number| size30036status number| size30037status number| size30038status number| size30039status number| size30040status number| size30041status number| size30042status number| size30043status number| size30044status number| size30045status number| size30046status number| size30047status number| size30048status number| size30049status number| size30050status number| size30051status number| size30052status number| size30053status number| size30054status number| size30055status number| size6001status number| size6002status number| size6003status number| size6004status number| size6005status number| size7281status number| size7282status number| size7283status number| size7284status number| size7285status number| size7286status number| size7287status number| size7288status number| size7289status number| size72810status number| size72811status number| size72812status number| size72813status number| size72814status number| size72815status number| size72816status number| size72817status number| size72818status number| size72819status number| size72820status number| size72821status number| size72822status number| size72823status number| size72824status number| size72825status number| size72826status number| size72827status number| size9701status number| size9702status number| size9703status number| size9704status number| size9705status number| size9706status number| size9707status number| size9708status number| size9709status number| size97010status number| size97011status number| size97012status number| size97013status number| size97014status number| size97015status number| size9702501status number| size9702502status number| size9702503status number| size9702504status number| size9702505status number| size1601status number| size1602status number| size1201status number| size1202status number| size3201status number| size3202status number| size3203status number| size3204status number| size3205status number| size3206status number| size3207status number| size3208status number| size3209status number| size32010status number| size32011status number| size32012status number| size32013status number| size32014status number| size32015status number| size32016status number| size32017status number| size32018status number| size32019status number| size32020status number| size32021status number| size32022status number| size32023status number| size32024status number| size32025status number| size32026status number| size32027status number| size32028status number| size32029status number| size32030status number| size1001status number| size1002status number| size1003status number| size1004status number| size1005status number| size1006status number| size1007status number| size1008status number| size1009status number| size10010status object| a9slots object| label_adapter number| tier2 number| tier3 number| globalandbeyond number| factor_internal number| timebased number| timebased_refresh number| timer_refresh number| factor_visible number| factor_tier1 number| factor_tier2 string| factor_tier1_text string| factor_tier2_text string| no_refresh boolean| detectPartial number| highcpm number| highcpm1 number| strategy number| myVar number| randomval1 number| network1 number| network2 number| percent1 number| namemc number| windowwidth2 number| PREBID_TIMEOUT_NEW number| floor number| ref object| pbjs object| activeadunit object| divandbeyond number| andbeyondtotalSeconds number| andbeyondtotalSeconds1 undefined| andbeyondtimestop boolean| idleStates object| idleTimers function| bidder_restrict function| callnative function| encodenativeurl function| callvideo function| calcTime function| isInteger function| myTimer function| isVisible function| bidadjust1 function| andbeyonddisps function| addListenerMulti function| callback0 object| aff_var number| floorlogic object| bidder_allowed_native object| bidder_allowed_video object| apstag object| webpackJsonp object| _aps boolean| apstagLOADED object| apscustom string| timezonename object| adloox_pubint object| ignore object| lotame_sync_16576 function| ha function| lotameIsCompatible function| sync16576_aa function| sync16576_c undefined| sync16576_d undefined| sync16576_ba undefined| sync16576_e function| sync16576_f object| sync16576_h function| sync16576_ca function| sync16576_j function| sync16576_da object| sync16576_ object| sync16576_ga object| sync16576_v object| sync16576_oa object| sync16576_xa object| sync16576_ya function| sync16576_a function| sync16576_b function| sync16576_g function| sync16576_i function| sync16576_k function| sync16576_l function| sync16576_m function| sync16576_n function| sync16576_o function| sync16576_p function| sync16576_q function| sync16576_r function| sync16576_fa function| sync16576_ea function| sync16576_s function| sync16576_t function| sync16576_u function| sync16576_w function| sync16576_ha function| sync16576_ia function| sync16576_y function| sync16576_ja function| sync16576_z function| sync16576_A function| sync16576_x function| sync16576_B function| sync16576_ka function| sync16576_C function| sync16576_D function| sync16576_E function| sync16576_F function| sync16576_G function| sync16576_H function| sync16576_I function| sync16576_J function| sync16576_K function| sync16576_L function| sync16576_la function| sync16576_ma function| sync16576_na function| sync16576_M function| sync16576_N function| sync16576_pa function| sync16576_O function| sync16576_qa function| sync16576_ra function| sync16576_sa function| sync16576_P function| sync16576_ta function| sync16576_ua function| sync16576_va function| sync16576_wa function| sync16576_Q function| sync16576_R function| sync16576_za function| sync16576_S function| sync16576_T function| sync16576_U function| sync16576_V function| sync16576_Aa function| sync16576_W function| sync16576_X function| sync16576_Y function| sync16576_Z function| sync16576__ function| sync16576_0 function| sync16576_Ea function| sync16576_Ba function| sync16576_1 function| sync16576_Da function| sync16576_Ca function| sync16576_2 function| sync16576_3 function| sync16576_4 function| sync16576_5 function| sync16576_Ga function| sync16576_Ha function| sync16576_Ja function| sync16576_Fa function| sync16576_7 function| sync16576_Ia function| sync16576_La function| sync16576_Ka function| sync16576_8 function| sync16576_6 function| sync16576_9 function| sync16576_Ma function| sync16576_Na function| sync16576_Oa function| sync16576_Pa function| sync16576_$ function| sync16576_Qa function| sync16576_Ra function| sync16576_Sa function| sync16576_Ta object| ID5 object| __id5_instances object| hadron boolean| __halo_loaded__ object| PublisherCommonId object| core function| setImmediate function| clearImmediate boolean| _babelPolyfill object| scCGSHMRCache undefined| device object| au string| GoogleAnalyticsObject function| ga object| gaplugins object| gaData object| pbjsChunk object| ADAGIO object| invibes object| mnet string| nobidVersion object| nobid object| APPLICATION_GLOBALS number| taboola_view_id boolean| __SET_IMAGE_DOMAINS_TO_HTTPS__ number| google_unique_id string| nam object| placementData object| GoogleGcLKhOms function| sync16589_aa function| sync16589_c undefined| sync16589_d undefined| sync16589_ba undefined| sync16589_e function| sync16589_f object| sync16589_h function| sync16589_ca function| sync16589_j function| sync16589_da object| sync16589_ object| sync16589_ga object| sync16589_v object| sync16589_oa object| sync16589_xa object| sync16589_ya function| sync16589_a function| sync16589_b function| sync16589_g function| sync16589_i function| sync16589_k function| sync16589_l function| sync16589_m function| sync16589_n function| sync16589_o function| sync16589_p function| sync16589_q function| sync16589_r function| sync16589_fa function| sync16589_ea function| sync16589_s function| sync16589_t function| sync16589_u function| sync16589_w function| sync16589_ha function| sync16589_ia function| sync16589_y function| sync16589_ja function| sync16589_z function| sync16589_A function| sync16589_x function| sync16589_B function| sync16589_ka function| sync16589_C function| sync16589_D function| sync16589_E function| sync16589_F function| sync16589_G function| sync16589_H function| sync16589_I function| sync16589_J function| sync16589_K function| sync16589_L function| sync16589_la function| sync16589_ma function| sync16589_na function| sync16589_M function| sync16589_N function| sync16589_pa function| sync16589_O function| sync16589_qa function| sync16589_ra function| sync16589_sa function| sync16589_P function| sync16589_ta function| sync16589_ua function| sync16589_va function| sync16589_wa function| sync16589_Q function| sync16589_R function| sync16589_za function| sync16589_S function| sync16589_T function| sync16589_U function| sync16589_V function| sync16589_Aa function| sync16589_W function| sync16589_X function| sync16589_Y function| sync16589_Z function| sync16589__ function| sync16589_0 function| sync16589_Ea function| sync16589_Ba function| sync16589_1 function| sync16589_Da function| sync16589_Ca function| sync16589_2 function| sync16589_3 function| sync16589_4 function| sync16589_5 function| sync16589_Ga function| sync16589_Ha function| sync16589_Ja function| sync16589_Fa function| sync16589_7 function| sync16589_Ia function| sync16589_La function| sync16589_Ka function| sync16589_8 function| sync16589_6 function| sync16589_9 function| sync16589_Ma function| sync16589_Na function| sync16589_Oa function| sync16589_Pa function| sync16589_$ function| sync16589_Qa function| sync16589_Ra function| sync16589_Sa function| sync16589_Ta object| lotame_sync_16589 object| ox_esp object| __uid2SecureSignalProvider object| __uid2 object| cmTag object| criteo_syncframe_state object| criteo_pubtag object| criteo_identitytag_144 object| Criteo object| Criteo_identitytag_144 number| refreshval number| number5 object| _cm_wfCounters string| lastWfUrl object| mrecAdDiv object| widgetAdDiv function| yourFunctionToCall function| showResult string| VodusObject object| vodus string| vodusBuild function| Zepto object| Backbone function| startCMTagMain string| category number| success number| timeflag string| idnew2 number| knew number| j number| newidflag string| vs3 number| nextactive number| nextpassive number| time_refreshunit number| nextnumber number| pos number| passivegoogleadsiframe142680780MBNSGempakMBNSGempakROSMasthead970x250300x3000container number| activegoogleadsiframe142680780MBNSGempakMBNSGempakROSMasthead970x250300x3000container number| time_refreshunitgoogleadsiframe142680780MBNSGempakMBNSGempakROSMasthead970x250300x3000container number| nextnumbergoogleadsiframe142680780MBNSGempakMBNSGempakROSMasthead970x250300x3000container number| newflag number| diff number| flagnewone number| passivegoogleadsiframe142680780MBNSGempakMBNSGempakROSLeaderboard728x90970x90900x90320x50TOP0container number| activegoogleadsiframe142680780MBNSGempakMBNSGempakROSLeaderboard728x90970x90900x90320x50TOP0container number| time_refreshunitgoogleadsiframe142680780MBNSGempakMBNSGempakROSLeaderboard728x90970x90900x90320x50TOP0container number| nextnumbergoogleadsiframe142680780MBNSGempakMBNSGempakROSLeaderboard728x90970x90900x90320x50TOP0container number| passivegoogleadsiframe142680780MBNSGempakMBNSGempakROSMREC300x250300x600TOP0container number| activegoogleadsiframe142680780MBNSGempakMBNSGempakROSMREC300x250300x600TOP0container number| time_refreshunitgoogleadsiframe142680780MBNSGempakMBNSGempakROSMREC300x250300x600TOP0container number| nextnumbergoogleadsiframe142680780MBNSGempakMBNSGempakROSMREC300x250300x600TOP0container number| passivegoogleadsiframe142680780MBNSGempakMBNSGempakROSInterstitial800x600320x4800container number| activegoogleadsiframe142680780MBNSGempakMBNSGempakROSInterstitial800x600320x4800container number| time_refreshunitgoogleadsiframe142680780MBNSGempakMBNSGempakROSInterstitial800x600320x4800container number| nextnumbergoogleadsiframe142680780MBNSGempakMBNSGempakROSInterstitial800x600320x4800container number| passivegoogleadsiframe142680780MBNSGempakMBNSGempakROSInterstitialOOP0container number| activegoogleadsiframe142680780MBNSGempakMBNSGempakROSInterstitialOOP0container number| time_refreshunitgoogleadsiframe142680780MBNSGempakMBNSGempakROSInterstitialOOP0container number| nextnumbergoogleadsiframe142680780MBNSGempakMBNSGempakROSInterstitialOOP0container number| passivegoogleadsiframe142680780MBNSGempakMBNSGempakROSCatfishOOP0container number| activegoogleadsiframe142680780MBNSGempakMBNSGempakROSCatfishOOP0container number| time_refreshunitgoogleadsiframe142680780MBNSGempakMBNSGempakROSCatfishOOP0container number| nextnumbergoogleadsiframe142680780MBNSGempakMBNSGempakROSCatfishOOP0container object| GlobalParameter function| extractHostname function| repositionMobileImage function| VodusRewardClickToClose function| closeAllVodusModal function| BackButtonClick function| addLogoutEvent function| addShowLoginModalEvent function| scrollToBannerDiv function| addShowGetQuestionModal function| reinitModalEvent function| getQuestionHandler function| showThankYouMessage function| showCloseMessage function| type2Close undefined| globalGoogleUser undefined| auth2 function| onSuccess function| onFailure function| initGoogleLogin function| signinChanged function| userChanged function| scrollFunction function| NoCCCheckIsSurveyFallbackScript function| ResponseCloseCheckIsSurveyFallbackScript function| updateRecoRewardImpression function| logDelay function| getBrowser function| vodusInit function| shuffle object| entertainment object| arrToUse object| playlist function| OvaMediaPlayer object| google_image_requests function| resizeMobileFontSize_Preview function| randomizeGridBooleanRows function| makeMCQAnswersSortable function| makeRankingAnswerSortable function| getRandomInt function| updateRankingAnswerOrderNumber function| enableSubmitButtonRanking function| displayPlaceholderContent function| initMcqOpenEndedAnswer function| getCurrentQuestionTier function| resetFakePassAndFailAnswer object| toastr object| tingle object| i18next object| jqueryI18next object| gapi object| ___jsl

85 Cookies

Domain/Path Name / Value
.astro.com.my/ Name: _gcl_au
Value: 1.1.137888056.1701272573
.astro.com.my/ Name: _ga
Value: GA1.3.434321360.1701272573
.astro.com.my/ Name: _gid
Value: GA1.3.1177818959.1701272574
.astro.com.my/ Name: _gat_UA-20278225-1
Value: 1
.voting.astro.com.my/ Name: _ga
Value: GA1.4.434321360.1701272573
.voting.astro.com.my/ Name: _gid
Value: GA1.4.1177818959.1701272574
.voting.astro.com.my/ Name: _gat_UA-20278225-84
Value: 1
.voting.astro.com.my/ Name: _ga_21E37QQT0R
Value: GS1.4.1701272573.1.0.1701272573.60.0.0
voting-service.eco.astro.com.my/ Name: sid
Value: s%3AYB5arCgz5xJnbZ2JJCzirbqibFC9I%2FAZhi%2FFzvSIn6k%3D.BJndZ8SXZmGvGxZqICuQwBOT3QtX5orsnd5pYvp1A3k
.astro.com.my/ Name: _fbp
Value: fb.2.1701272574739.670966841
.astro.com.my/ Name: _ga_K6Q5ED8R4T
Value: GS1.1.1701272573.1.0.1701272576.57.0.0
.astro.com.my/ Name: _ga_3EV8LLM8NY
Value: GS1.1.1701272573.1.0.1701272576.57.0.0
.astro.com.my/ Name: _ga_4Q9DLDY2BM
Value: GS1.1.1701272573.1.0.1701272576.57.0.0
.gempak.com/ Name: _gcl_au
Value: 1.1.2100602728.1701272577
.eyeota.net/ Name: SERVERID
Value: 18068~DM
.gempak.com/ Name: _cb
Value: DRFz3yCPpQWY2rTRD
.gempak.com/ Name: _chartbeat2
Value: .1701272577129.1701272577129.1.DdvhhSCDJL2ACveC_ZD0TaHFBvtnF-.1
.gempak.com/ Name: _cb_svref
Value: https%3A%2F%2Fvoting.astro.com.my%2F
www.clarity.ms/ Name: CLID
Value: c4d507db8b16421aa0a033d21a6a4fff.20231129.20241128
.gempak.com/ Name: _clck
Value: r7s8pu%7C2%7Cfh4%7C0%7C1428
.gempak.com/ Name: _fbp
Value: fb.1.1701272577235.1531192217
.demdex.net/ Name: demdex
Value: 64764661949446401443795250116988876968
.api.vodus.com/ Name: ARRAffinitySameSite
Value: 099f4d66ca1b75bc6f413eb5a70ff677406d7c0e6566d57ea1461cdaa467c12b
.demdex.net/ Name: DST
Value:
.astro.demdex.net/ Name: astro
Value: 64764661949446401443795250116988876968
.gempak.com/ Name: aam_uuid
Value: 64764661949446401443795250116988876968
.t.co/ Name: muc_ads
Value: 3c507056-2efd-4758-9e3d-9c5cb61df44f
.twitter.com/ Name: guest_id_marketing
Value: v1%3A170127257729573441
.twitter.com/ Name: guest_id_ads
Value: v1%3A170127257729573441
.twitter.com/ Name: personalization_id
Value: "v1_4rdZZlWCBkkAcCmclfaglQ=="
.twitter.com/ Name: guest_id
Value: v1%3A170127257729573441
.gempak.com/ Name: _clsk
Value: 2qx7mf%7C1701272577670%7C1%7C1%7Cu.clarity.ms%2Fcollect
.gempak.com/ Name: uuid
Value: ZTAxYzU4MWItY2M1MS00ZDJiLWFlOGQtMmE3ZWM0OTY0OTAz
.gempak.com/ Name: _gid
Value: GA1.2.2138228162.1701272579
.gempak.com/ Name: _gat_UA-20278225-157
Value: 1
.gempak.com/ Name: _ga_K6Q5ED8R4T
Value: GS1.1.1701272578.1.0.1701272578.60.0.0
.w55c.net/ Name: wfivefivec
Value: MDL1Q4sC1R8mIi5
.w55c.net/ Name: matchdmx
Value: 5
gempak.com/ Name: _pbjs_userid_consent_data
Value: 3524755945110770
.gempak.com/ Name: _sharedID
Value: 1cc0f60a-6d6d-44a3-b638-8ddc9bcc23fa
.doubleclick.net/ Name: IDE
Value: AHWqTUlliIIv1gZb15Cq5ZQrar6Razx6xkKkNlI0ftg-OWLKg5XfpZlFWsFv04pXIDQ
.dpm.demdex.net/ Name: dpm
Value: 64764661949446401443795250116988876968
.bing.com/ Name: MUID
Value: 25254C39A008605013DD5FE1A1086112
.c.bing.com/ Name: MR
Value: 0
.c.bing.com/ Name: SRM_B
Value: 25254C39A008605013DD5FE1A1086112
.c.clarity.ms/ Name: SM
Value: C
.clarity.ms/ Name: MUID
Value: 25254C39A008605013DD5FE1A1086112
.c.clarity.ms/ Name: MR
Value: 0
.c.clarity.ms/ Name: ANONCHK
Value: 0
.demdex.net/ Name: dextp
Value: 359-1-1701272578712|466-1-1701272578724|771-1-1701272578807|1083-1-1701272578837|1085-1-1701272578862|1086-1-1701272578898|1087-1-1701272578913|1088-1-1701272578929|19913-1-1701272578944|30064-1-1701272578960|83349-1-1701272578975|121998-1-1701272578990|175765-1-1701272579005
.everesttech.net/ Name: everest_g_v2
Value: g_surferid~ZWdcAwAAAIuiEANx
.everesttech.net/ Name: ev_sync_ax
Value: 20231129
.everesttech.net/ Name: everest_session_v2
Value: ZWdb8wAABXoB-hNM
gempak.com/ Name: trc_cookie_storage
Value: taboola%2520global%253Auser-id%3Dba57726b-eb8f-4269-8afc-b3b4aca83f50-tuctc60e184
.gempak.com/ Name: _ga
Value: GA1.2.1730769388.1701272577
.criteo.com/ Name: uid
Value: 81b2b8f0-3ea3-48b5-9b1d-d83394f80ea9
.criteo.com/ Name: receive-cookie-deprecation
Value: 1
.openx.net/ Name: i
Value: 35dbbd0b-6342-4808-8bfb-877172872674|1701272581
.dailymotion.com/ Name: dmvk
Value: 65675c051b9f8
.dailymotion.com/ Name: ts
Value: 133448
.dailymotion.com/ Name: v1st
Value: 43ce2e11-5da6-40e5-809c-dfba8af9d734
.gempak.com/ Name: cto_bundle
Value: 6vKBhV9VbUIyJTJGSk5BMmFHbVUxWkl4R2Zuc0ZtVDRQeWlOTXlWRkpqdmglMkZSaEg2ejRRZyUyQiUyRm1BUUZMcGRLdU1jNjdNdW4ySCUyQkJoenU1R0t2VXVlNmlMd1E3b1NIUjd3NjU4R05VUGJhMDYzQ1BtSEFmYyUyRkhvUzNWSXBMOEFCbmEyWG1aTmpNeTN3aDBETmRyZUMzbGE4Vm1oRUElM0QlM0Q
.casalemedia.com/ Name: CMID
Value: ZWdcBUtCWPWW8A49-h1MfwAA
.casalemedia.com/ Name: CMPS
Value: 5165
.casalemedia.com/ Name: CMPRO
Value: 5165
.adnxs.com/ Name: uuid2
Value: 8904511416773198045
.gempak.com/ Name: __gads
Value: ID=db6cf3f353b7b34c:T=1701272580:RT=1701272580:S=ALNI_MZzdfiaGmeu-zsREEdCwIVghOlLgA
.gempak.com/ Name: __gpi
Value: UID=00000cfd22f3b37c:T=1701272580:RT=1701272580:S=ALNI_MaYQ3iG6WLdadPXW_1BcGNFBt5L-g
.adnxs.com/ Name: anj
Value: dTM7k!M41.D>6NRF']wIg2Hc$DJrD]!@wnfH8K6pQK`!5=E<*L5?%KLa*!Vrcun+Yly]^CX]+zucsQw%?T<3Ulxu6V%nugO%v4VB%nnD.*!Uc^
.blismedia.com/ Name: b
Value: 65675C05389972E5739F225EBLIS
.de17a.com/ Name: guid
Value: 1.6209281134462345242
.1rx.io/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-ba0268cc-3c37-4ea0-99bf-0c55379bd839-003%22%7D
.gempak.com/ Name: _ga_0GC2LF80F2
Value: GS1.1.1701272576.1.0.1701272581.55.0.0
.targeting.unrulymedia.com/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-ba0268cc-3c37-4ea0-99bf-0c55379bd839-003%22%7D
.dailymotion.com/ Name: usprivacy
Value: 1---
.3lift.com/ Name: tluid
Value: 1995451351642762870379
pixel.rubiconproject.com/ Name: receive-cookie-deprecation
Value: 1
.doubleclick.net/ Name: APC
Value: AfxxVi6Y4wDEmDmIhBWlsWZis6XOEibAlHK9kjNIRjSOmhSCxtFPQA
.yahoo.com/ Name: A3
Value: d=AQABBAZcZ2UCEHiDiJAmZLsu7iBfCZLLkzAFEgEBAQGtaGVxZQAAAAAA_eMAAA&S=AQAAAoWf6bdY2ntXUbeGLT6ZOGQ
.quantserve.com/ Name: d
Value: EHcBCQHFKoEA
.quantserve.com/ Name: mc
Value: 65675c06-ef015-f3bc7-729e1
.tribalfusion.com/ Name: ANON_ID
Value: a5ntAZcsjyDjmTFM6EKNQfVZboAvmC3g3vyHU3bQ4RfE3HUE9Vq8SH1Jxs7XqZcCKAWXwF3lhJZcPU4YSpepU0QZdCsQVJM8k98Ku
.google.com/ Name: NID
Value: 511=sr2E31UT_DOaP_meLHnTSw6DBrnzFZLl-DwzCBhfQlvZixfCH_ozQh5wH8KGAKjVnoLmHjuz3x_QYLDqG2YYZvN84ZjpXehkPRkDtD6Q8RR31KgDNuSrPhxRTa1kpXnv0va5lBtn68rbx0R0K5I3ens9rrpxyyuMmuuRJp2-jB0
api.vodus.com/ Name: thirdparty
Value: yes
.vodus.my/ Name: ARRAffinitySameSite
Value: 099f4d66ca1b75bc6f413eb5a70ff677406d7c0e6566d57ea1461cdaa467c12b

16 Console Messages

Source Level URL
Text
javascript warning URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js(Line 9)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311150101/pubads_impl.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js(Line 9)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311150101/pubads_impl.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript error URL: https://voting.astro.com.my/
Message:
Access to XMLHttpRequest at 'https://voting-service.eco.astro.com.my/api/v1/vote/' from origin 'https://voting.astro.com.my' has been blocked by CORS policy: The 'Access-Control-Allow-Origin' header has a value 'https://voting-service.eco.astro.com.my' that is not equal to the supplied origin.
network error URL: https://voting-service.eco.astro.com.my/api/v1/vote/
Message:
Failed to load resource: net::ERR_FAILED
network error URL: https://sync.search.spotxchange.com/partner?source=270999
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network error URL: https://dpm.demdex.net/ibs:dpid=466&dpuuid=%s
Message:
Failed to load resource: the server responded with a status of 400 ()
javascript error URL: https://gempak.com//404
Message:
Access to fetch at 'https://de-digital-fortress-stg-assets.eco.astro.com.my/staging/f63f777a554e87e471848d0e06d02949.svg' from origin 'https://gempak.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource. If an opaque response serves your needs, set the request's mode to 'no-cors' to fetch the resource with CORS disabled.
network error URL: https://de-digital-fortress-stg-assets.eco.astro.com.my/staging/f63f777a554e87e471848d0e06d02949.svg
Message:
Failed to load resource: net::ERR_FAILED
network error URL: https://dce-gempak-api-prd.eco.astro.com.my/v1/articles/404?siteId=1
Message:
Failed to load resource: the server responded with a status of 404 ()
security warning
Message:
Error with Permissions-Policy header: Unrecognized feature: 'ambient-light-sensor'.
security warning
Message:
Error with Permissions-Policy header: Unrecognized feature: 'bluetooth'.
other warning URL: https://geo.dailymotion.com/libs/player/xd17s.js(Line 57)
Message:
Allow attribute will take precedence over 'allowfullscreen'.
network error URL: https://sync.search.spotxchange.com/partner?adv_id=7025&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dspotxchange_dbm%26google_hm%3D%24SPOTX_BASE64_USER_ID
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network error URL: https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESEAvmhzOp4cQysgLTJUcnCTw&google_cver=1
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED
other error URL: chrome-error://chromewebdata/
Message:
Refused to display 'https://www.facebook.com/' in a frame because it set 'X-Frame-Options' to 'deny'.
javascript warning URL: https://geo.dailymotion.com/player/xd17s.html?video=x8q120x
Message:
The resource https://imasdk.googleapis.com/js/sdkloader/ima3.js was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.ad.gt
a.tribalfusion.com
ad.doubleclick.net
ads.aralego.com
ads.yahoo.com
am-match.taboola.com
am-trc-events.taboola.com
am-vid-events.taboola.com
am-wf.taboola.com
analytics.twitter.com
api.vodus.com
apis.google.com
astro.demdex.net
bam.nr-data.net
bcp.crwdcntrl.net
beacon.sojern.com
c.amazon-adsystem.com
c.bing.com
c.clarity.ms
cdn.aralego.net
cdn.hadronid.net
cdn.id5-sync.com
cdn.jsdelivr.net
cdn.prod.uidapi.com
cdn.taboola.com
cdnjs.cloudflare.com
cds.taboola.com
choices.trustarc.com
choices.truste.com
cm.everesttech.net
cm.g.doubleclick.net
cms.quantserve.com
code.jquery.com
config.aps.amazon-adsystem.com
connect.facebook.net
d2aujjfcidxgdj.cloudfront.net
d5p.de17a.com
dce-gempak-api-prd.eco.astro.com.my
de-digital-fortress-stg-assets.eco.astro.com.my
digital-fortress-assets.eco.astro.com.my
dis.criteo.com
dmxleo.dailymotion.com
dpm.demdex.net
dsum-sec.casalemedia.com
eb2.3lift.com
ed82c412a1d0517c38d808cdf80f705f.safeframe.googlesyndication.com
fonts.googleapis.com
fonts.gstatic.com
gempak.com
geo.dailymotion.com
google-bidout-d.openx.net
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
gum.criteo.com
ib.adnxs.com
id.hadron.ad.gt
id5-sync.com
image5.pubmatic.com
image6.pubmatic.com
images.taboola.com
imasdk.googleapis.com
imprammp.taboola.com
js-agent.newrelic.com
lb.eu-1-id5-sync.com
match.360yield.com
match.adsrvr.org
mug.criteo.com
notify.bugsnag.com
oa.openxcdn.net
oajs.openx.net
p.adlooxtracking.com
pagead2.googlesyndication.com
pebed.dm-event.net
ping.chartbeat.net
pips.taboola.com
pixel.everesttech.net
pixel.rubiconproject.com
pm.w55c.net
pr-bh.ybp.yahoo.com
prebid.andbeyond.media
ps.eyeota.net
region1.analytics.google.com
rtbcdn.andbeyond.media
rtbdemand.apiip.net
rtbpass-us.andbeyond.media
s.tribalfusion.com
s0.2mdn.net
sb.scorecardresearch.com
scontent.xx.fbcdn.net
secure.cdn.fastclick.net
securepubads.g.doubleclick.net
sessions.bugsnag.com
speedtest.dailymotion.com
ssbsync.smartadserver.com
ssum-sec.casalemedia.com
stackpath.bootstrapcdn.com
static.ads-twitter.com
static.chartbeat.com
static.criteo.net
static.xx.fbcdn.net
static1.dmcdn.net
stats.g.doubleclick.net
sync.1rx.io
sync.aralego.com
sync.crwdcntrl.net
sync.search.spotxchange.com
sync.targeting.unrulymedia.com
sync.teads.tv
synchroscript.deliveryengine.adswizz.com
t.co
tags.crwdcntrl.net
tpc.googlesyndication.com
tr.blismedia.com
trc-events.taboola.com
trc.taboola.com
u.clarity.ms
ups.analytics.yahoo.com
us-u.openx.net
vendorlist.dmcdn.net
videos.taboola.com
vidstat.taboola.com
vidstatb.taboola.com
vodus-api-serverless.azurewebsites.net
vodus.my
voting-service.eco.astro.com.my
voting.astro.com.my
wf.taboola.com
wrappers.geoedge.be
www.clarity.ms
www.cloudflare.com
www.dailymotion.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
x.bidswitch.net
de-digital-fortress-stg-assets.eco.astro.com.my
gempak.com
lb.eu-1-id5-sync.com
region1.analytics.google.com
sync.aralego.com
sync.search.spotxchange.com
voting-service.eco.astro.com.my
www.facebook.com
104.244.42.3
104.244.42.5
107.178.244.119
108.138.1.25
108.138.26.18
141.226.224.32
141.226.228.48
142.250.185.134
143.204.205.86
143.204.215.88
146.75.120.157
15.197.193.217
151.101.129.44
151.101.2.137
151.101.3.52
162.19.138.82
162.247.243.29
172.217.16.194
172.64.151.101
178.250.1.9
178.79.242.16
178.79.242.181
18.138.19.42
18.184.108.41
185.64.190.78
185.86.139.104
188.65.124.59
188.65.124.66
188.65.124.90
188.65.124.91
192.96.203.13
2.19.228.187
20.188.98.74
20.212.64.10
2001:4860:4802:34::36
213.155.156.185
216.58.212.130
23.32.185.35
23.57.19.78
2600:1901:0:7a0b::
2600:1901:0:a5e4::
2600:9000:20b4:4a00:19:769a:2440:93a1
2600:9000:2156:c400:3:d4b:fac0:93a1
2600:9000:2240:7600:c:9855:b600:93a1
2600:9000:2240:ce00:c:9855:b600:93a1
2600:9000:2250:7800:a:e047:753:a221
2600:9000:236e:1000:2:d490:4d80:93a1
2600:9000:2490:ba00:0:b903:6380:93a1
2600:9000:2646:6000:18:1fcd:353:c61
2606:4700:10::6816:3556
2606:4700:10::6816:445
2606:4700:10::6816:545
2606:4700:10::ac43:246e
2606:4700:20::ac43:47fe
2606:4700::6810:5814
2606:4700::6810:7c60
2606:4700::6810:8274
2606:4700::6811:190e
2606:4700::6812:18ad
2606:4700::6812:acf
2620:116:800d:21:5ed4:8d5d:fed7:f5ef
2620:1ec:46::45
2620:1ec:c11::200
2a00:1288:80:807::2
2a00:1450:4001:801::2008
2a00:1450:4001:803::2002
2a00:1450:4001:808::200e
2a00:1450:4001:809::2003
2a00:1450:4001:80f::2002
2a00:1450:4001:80f::2004
2a00:1450:4001:810::2001
2a00:1450:4001:812::2001
2a00:1450:4001:828::2003
2a00:1450:4001:829::2002
2a00:1450:4001:82b::200e
2a00:1450:4001:82f::200a
2a00:1450:4001:830::2003
2a00:1450:4001:830::200a
2a00:1450:4001:831::2002
2a00:1450:4001:831::2006
2a00:1450:400c:c07::9a
2a02:2638:3::3
2a02:2638:3::c
2a03:2880:f084:d:face:b00c:0:3
2a03:2880:f176:84:face:b00c:0:25de
2a04:4e42:600::649
2a05:d018:d29:3601:bf9c:a4a:22aa:bd3
2a06:98c1:3121::3
3.1.39.24
3.120.214.218
3.71.149.231
34.102.146.192
34.107.231.31
34.120.107.143
34.241.138.233
34.96.105.8
35.244.159.8
37.252.171.52
4.227.249.197
46.228.174.117
52.19.11.170
52.209.2.79
52.222.214.37
52.57.12.239
54.170.72.30
54.237.54.211
54.77.160.81
54.78.218.204
65.9.66.97
68.219.88.97
69.173.144.139
76.223.111.18
99.86.4.71
000854d782781aff1b16ea5451c1da3d07efadd35ab911ccb7e4b851571a25bd
00271de682c3fb32f96d6ee4ac3a4a19efe56e4a73f3511d41df1fbe03b82268
00390d42c88f9316e53dbb853786cdc00fd3890197de721058d4f03352af1f44
00d9ce21f5c96c009aec03d7831142041321dde76668072a5207c753fd83b413
02600a23c6f383880f5706af53e035423140c8b23c83025ccc780d53e29c4019
02c8d114c6d992ccda5a38ed8b69d20971c53937c37c9b3963315a74404b2548
030680d4f2f00af04f0833dfb31ddf08490896150ddd89c1bc547e10a21ad4bc
038235bd3cb8315d2a638e0dcb856d9aabbce9db44f08914cbb89cddb4e1ee15
0389894e2d6d914ff2fba91d4f437e8ceccc65b9928c4e081afc1068383fb0aa
0407dafc112212a135d1aa4dd9b40ba0208c6bb6b1959f5535af093254189d66
041e8c6602095e4f4dbe24c0788a7fe211cfa6b9b515dfa35eef1e00b5bdb875
046f97a5c1ec5d9b78b93f2818ae57a5257d32f684c5515025b96212e149f5f1
05e2289387e41a8d87e84984bd1d669baf85bf781c50b6da3499e188570ba15b
05e901ea0028be5abc05c4848ae43c54636ca34ebf906de8eea96b1f721069b7
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
08106c7bf341e3850ac42fe1844e6a66013f726e6927a91c2b965a6861c97121
0972f989586d3e33b045041775032c53df377380e64d58bd0f00917c4f26fab8
0affa837a4669f475d1195dba5f0e3f054035f22e4c560992b71d0f298cedb89
0b87b7d1b44eecca2e7eeb98975dc31ed574b8ec8502f549c7693495f0bb0c8d
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c9cf152a0ad00d4f102c93c613c104914be5517ac8f8e0831727f8bfbe8b300
0e9556ab104436e4eda52d8591d6d50247d4578feb26723a3e2585b488e9cc7c
0e9739b0f1901b8ef6c7c0ee5706a335a3871326f008a60675962ea3a1c5e884
0f7ae9cb587ad740740e9db71b09406569d088f3d64a8ebf5d6e95894f47853e
0fdd62dadc4b24ef29ab25fda195eedeb7345107e26c1e65e2fa4badbd151d80
10541cb493220a5249f490488fc449d4580bde3a7d1923293f1b3aa2f636b0b1
1091c50cdf7bc4d7384fa194111c9da6673a5ade42976063c3b7a43a0db3c5ad
12af7975664854ca36da674714083fa05297940fce71e42dabf688e2eb19a0f1
13e64e2153618f475e94e0e85fa68c9ce910cfc9b24ca9d44fa546a7d2020a24
146735354f1b614ae8b06f1a206a867e247fd0a6efe0594b4c0e789c851de8d3
162e61781cc277cc205866a2f434d4dddd1297f1d16c4840afe9eeb4d47a6a9b
1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5
1735dc7d9457fadc0a3ca783a76a0c19f073c4e2ee94f68bfaa3c7433d7e7c96
189b8ed64093b12937354b2ef71ccf1df59690d90432241a10fe1cb25000acba
18e6b664af7bc55ab0f963920f0da5a86e15f25fea4e223924d8f4b6723a37cf
1c8edc950fc2dacac5d7767c22d20ad999a18a6961351193ba6de539c333a41f
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
1d5774e0e8617f4f8a712fd2a099ad8998c11f27214559462b6b710a0a973846
2078801d05da0c3385ee7006bc0080299b45d322c631dca81dedb0dc2261d83b
20809e367d9088cdf13745d0cf95e750bdce002aa479bdd3fd1b90e455bf44db
20eb692d7e54b1992776015beb0cc19aa121ebbcc37f6e5ee59d5b0f03a6b558
2241d391f10f461a915b6ef47bc0c8103bf0e7289aff47e1bcfed5ff2a84d119
2365cc11ef3d43f265b848c7164e5487c7a49d6af06c2938ac9272c8d91fc1a2
252b2f10581698d9b321920fd01e1b80aaed9e8c5669877723e6b0c234d4bec1
25a913c2d492f74053eb0b305f4cc64f4d7a97795d1893a5ad1b9a3c5013ff15
264640fa288ddadcf0328a0103b715a2b4d0e3b7e7982e1b44234674e84470ad
26a9dd9419f02a8f6848f783ccda3f24d24a085bb0aaf384181e7701127e9ffb
289d25d68f730e581e0a16b8bee8f63a061717973f8ac8c29ccf2ba8fed15adf
28c4de9371140b5ed86eb4e7837882cd1d48e0641066ce98a223b9692c164a18
28d397270696b4361f8722b8c43ff2db5ba45891f35eeecedc913088dcc58ed5
28d8af512e3c593dd70e0d19515abbb497e304d3cbf6ec11ef82fc5c789ad62f
28ee36cc9b548242f916cfcc81196ebf465c8885c0e0228b96fc4907788cb613
29fa531ef040a7dbaa846f635b842ae177be4af00332c8166cd1870f1a1be460
2b8486df2e61ffd6bd29e50df1ac76ee92c1876fe1b5e6853dc17e7c0dc30747
2bb48debccdcb1093ccdd2f204378e28fd313f0fbc7b01ef4737832e519d5ada
2c6202ad1e81feacd09034c590746c9bcf0c589452ae1fe072d0aaf75132004b
2ceea9773c66a5540e1bc1c0e2abd7c6ff2949b1e0514e31c6331eff30001619
2d7e04f93797dca868560733bfe7342aabd013ae8bba52073a35bc5fd99e830b
2d8e760ea95920acc0a7e8d74d86beba9ac0e83766654c42f316e3eb7a9faf8e
2d9b55eebc9b1af96c1e6f6d9937736cd1ec8e87315887fe68ef5cdc44496494
2e118e3a87948635da9f85c9a6e057cb81eeec4b513644ba907646ad3cf15fd0
2e385f33cc0f04ff34640fd671e218e34ab359a851f4aaf0e368543ca71eb91f
2fdba028bf5bb5f94fe0180bbf318d8b2345fa8d338d9d8936794d9e1f67544e
31208ecc48df16a8aa26e3b96143fabef05748dc39f8d2e9d75a014574c3789d
313d7bad01577d169a368d471264cd2228b145a183fba42679f41e1d2b2a9f27
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
33342f4dc05d8d78b73a556268c204b766a15f85e04324801c6cb418bf9e2a75
33a38095eeb8a778a21895df75b075f20c35621c7091f789f3e44976d763782f
33df335c6b870c371177e3f70e3c0c2280a75af996a04ea34a0869986f9066d3
34418a5009e659880a3c224f48402005bffc18192e85078c210d2f4f3ef0d28c
34be0ac88bec325e6c47361e342cdc3c7cf87aa61f429bb67e791a1c9f242c3d
34fdbfec416dfc825c6f1a9afb95f6fd11f20d9b7647c1428a5c759d34aa7448
35032c53d5d52b8c8ff55a244c6f3d0f9c0be4f22670fb61f48995ca5e463515
35b5f9d1ca45b2ba3968a0a71012ccda3ea1c554229193e4bc82c0fb240e076a
371efc0115ad875d3c13d4949c769a620a7e3281360130b1213394ea3a076591
37ab5c060ae53ccda75b8bd212d874a17650f7954b11c4e31f568990ab40196b
37b893dfec13d26539039f00896a600a18ebdb784aaa1f1e76d7d63b212d141b
387124461d221bdfd28cc0c1dbba9dbb9fe86fee1ade9aa1161c1950e09114e2
38eb0379c855f10a0e69073af6b54582216fa37b7e2b1563a1246bbf1ef49642
3909701b14ebd83886515f2b196cf69018152b7ef85b6d17b6c4cad6157b24ba
390a8fa5be78483bda80212a6cf1cdbf0007b1f294926b501db50beab7c684d2
39b076e4bb4fab9b8a142499cf6155f8c128464974691a04de7e764f71b72618
3b859b50e9c18c4f387eb45ff0f7888ff58d5920acaa646bedadf94b48b570d2
3bddcab031ae76b1b42900840d46b5a03c0fd556e286c17d9dd934292883f76f
3c1edb36c3c20244658c0351dd612a84390fb12ffdb0ef2577b7e19a1d7bd043
3c30eaaa059a466037880c18c01c2fe94183d8e67eaab42061d4d2a180114658
3e136e77083bfc6ef14ffc5abd19da89a82bf12fc0cda3c603e01582b93303c8
3e98bec19d091d0ce45f1cf5c29df8ecdab774b0fd7de3437d7c627e17ade349
407c0ea74212ba3a966ae1d7cf3c8ecf68e6071c8b6194fa830e4560ec13635b
413c8d7065400c7c4680477a0b1d35eb5711a27fef1efd558b7f94b081b33437
418c3fcc056bb4daab3f91af7390142dbd6c71f9a0381170c3fb281d4b3ed448
418fd2688311ce0b84e51500509b9cb2dde3ef4fa2eb32bebd388be7ca52a121
41dfcf76c1f62a043a2b529fc68562d353cf8dfbef9d845267ebba3166c2809f
4274bccef7a6366901f0d2b17a944224c9a926b8ebcd566c63a5b1f5e938b7e1
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
43cbe861b09360a856de530e3aac37acab9201d0eb166c906b26e0f71fc6ff23
43f804d38a294c6df1ce8ee64fb95ad0ff5a8d6d5685d9537df02212668a1dff
45986891113c4ae3780f4974cd3facaf0146bf46605c1b9ef525896d75fa6aaa
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
46b2dc3fc5e9ccbcde38dfcc96d4545befae794ae947ea3602693f2e7126b057
47a0342d90a877ec7125c3a38706b2faefa9b867661ebcef4a98ec6cf3e60b40
481c9a3142fba0d8327f830809163b0118de497b848da9a7b26a9dfec135f23f
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
4a32283aaba0418ac1b0953af32fbe71948d43e7cdc08abeca552a9373809087
4a891a0d7276c66d24a0e50d1a4e5d70db8c8c3d50ceb6f119c533a78212f946
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4c8fe936e012d2d229577704c34c41a451d7a98aa5c2566ea5c3930aa7e3f40f
4dbf3b55079aab49fd1b19ce1547a10b60122b34046b6d89b5d8ab18dccb85f0
4ddd140d75faae2937f73cb04e8f2a855f1aa967b2fd25163ff2a34050c58b42
4ddf6973fa3421cc10d8946187a761c0317632b66442c3d20c736024fba1029f
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
50249ef86bd97b4aeb97db2e5de7d016b3f519972a125c7c2dbf6a0e7be05f2a
5142d3709329431605d4ba3ba55e3bcdd890d1070a8a6c3325d9e7e0ee7b53a7
51df0d8aebbf2a09eec21bb89998d92349b04f4f91db6044169a6f8d214bf22d
53efd5e6385bcc5e2602651064d8a5ae758024aaaaeac1f18dbdb824fa249df4
544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
549a14b0d3b9fe0d43c01ae0e475e8cd91c78cf2562ce5200854adb09f574516
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
55accff7b642c2d7a402cbe03c1494c0f14a76bc03dee9d47d219562b6a152a5
58ce837eacdf9d9f4038f4ecdbebc41c418b346ceffd66d2faa9a97b72aac854
5ad61e6094e5bdc2688ddf01cf03dcd97dc1a7ff7e26bda92c99d7d6e3184c3e
5ca811725f62428eb0683dfd3447605c4e1122c36047ee810ac5620f6f9b0505
5d7779854ed7a997b5a129a4eb24ee5c0432f5e884f0446816f7a6ef30a5d10f
5e24b61f7ae7a4e552208ab7eb54601da5fd5af5a24a5cf542839398a33a9630
60685c8cc482cf049eab0dc1da9f78da62de825e8edb1a0fb3cc2a43af5f88cc
6070e9aa5ba81f4fe38452317022d88209bf594275e5835683c302df31db0704
610d24f5996131b3ab98f18e05441cc246aa8674c3842df0df2b40b57ac9fd0c
61a43852167ac96e7aeb7759114880592ea637b1e62bce42ca85f514eae83614
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
61c3f279c024c4b28081fb6bda43f4e25dd8e7d9efbe3ade1d4ee0b188f88e79
62d2a3f860454fa6f4d6264bfa7cc7ece108cf85b60dbd5642004ab7824cfc8d
6300f448d738e70ac11f0140df0b3ce91a2de9e0da7fdf09d32d28031600ba51
63741eca9eda562e18659e715046db377b3df29e2adb9c13ca28fcac1c69a2c9
6480d194b98b9fc3e4589a44b7e54b81ad926722e5b6fb7cc236161e2c2e03ac
66bb15f6fcefa66403acc1e4bca76dc4d7f1e6b2af365de840198df41f5635b2
66e61ea89dc6311915d3069feb9bba1e773bbf1d2525ff86eaa81ec3d4ebb961
66efeaacbd90eba053bda6c0f17599873a6d2023a9408bd9ad2d414cf9813444
69b32d756292121e2117de2a537e21b4904552251a9e1e26e702d679f7663526
69f806fe455926c54639bcc9997bd5f9d1699c825c516a2646a6b419af85a357
6a1eeca00bf47ec4544788be716cca0f7242d6bc32a3bc8b7d31297f7e0b3aa0
6aa4538ca3e0a157bf9dca196091b22b8f7c7817bd97cc0ddc16cc9a2fa6022d
6b733d841288a3cd0a0362eab6213def6bda9af70cab46a4bfe5a26870d8a1a8
6c71c96ead99278899d8dd72fb766a678908df9a40c99fc07b386170d13ed880
6e3f4e85ed3bbab63a9a45fa92f3ad985dfea6478acc1890d8f42ebb4989bc54
6e7d70a632451dd78b28629fce9090064d783fc493d2c3f5dd52d8642ceb455c
6f15ecb3768464c2791734b2d4950cebfc13789e4e796ad1216c31d93d585c0c
702834f160909a08542eca7b7713f85cb876d3ce1805f178dbba236e3f74204e
70372ad11f283f5513872e74332be66f24911ba675a939297ef3dce427337892
70501f0933c5e5b1707402251ca4dbf3fe8b82edc7310bf3bb19b46254feb27d
70901f71c6cbe86f94bfc95478a343238c5ce3477e504d46e72330a1d2bbd676
72b2181e58d5c45800d66d36702794ca5ae5bf1fbc20f106442b7eac3191a623
72e960baa80ec819264a604f2f8a8e5c21f81b785ebc17595211ad170d8b1bdc
74d5dfb509b5cd822e2337d445ff84837025c3a9fd618678d1690758f692ecee
7571db16348512fc55b35102ce3699733cf0882f4b4fb3e652fa8db700c07fb5
75a19e0f4b17cc211c54d0b882a5baddefe9ab6e4535bbd368eb9d18fb24efc7
75bacafffa45b1ed4d5752e229064adb519bbf2b0d49703d351b341b0babb355
766a45ec415e28fdddbcaecf2b36b6aaa6a31dd5326a5fcd3b75b6a34b46ccae
7713183ba1a38b1ea2be2d5f7d3d49dab7b8d468cf78a603e6517ffbd1f33d59
77e2e2edd702ec91a3b942ed160daa624b6bf5c5bf05fb96c401b04fedfcc2b0
79424d3878d92040e2f971460d2b565662bc6a73d5c8411f88ddd86da2931ee8
7945ac533997310952de7ea4993a3145ccd8753222940b91791bf6e0aa1ffa28
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
79f3554e9863664eacf3f28e8bbbd6c350c80ae86c79e9d482667325583da9f6
7a082e0da6c01e088cdc4895eab211c805851770fcedb33e9945f437cf49d25a
7a5efc58956be2fecb29a3adbad65173c6f93ac4c073d6d1cb0fb541fb487ace
7c23b19c471ad7ca4de13063af7e15d02b7f10917a8e3446f69158927ccdc109
7ca7a1e30027e42d510cd253b29f1b9f505c04b9af48c9ed20804d9d8006faff
7cb4a1da6cb5eff01426d6a258c9f99aa9105457498ec75890be9791c1b9ea43
7e469a101940a00ed2e1f5c7899d0395443153626ca120f4c5bfaec3c299f353
7e81c0026102621c4adc2770334c4a933286676ece8f0e5e9ac91e0c54a16945
7edbf476ee03931dd8190c5f24df7be362379b175dc55fe3ed1be9ccb922299e
7eeb8f5fe5d1db1f669d2f96afec846928617ee6bb6d597c698c7da61ff29f13
7ef11b187e8806e28e33f2973d57038ecb89b2aa4e20cf774a6491cb727d0853
7f4f3336e0e35f086435f2037ee0a52abf3ced5e386c74a5ccc2f18edd1c3207
7fd367045a99ab837da7993139ed22179ee8dd6a9e1915e83ac9d37c33d77a99
80ba56e5fab4d8e6199f3b33643962f1438e290143106b9b136cab890c568453
81db4f627f83bad24d74c6a441f5dc4c0da76e2b60326ee815afc82f141941d7
821262a8c32b52639f97ddf4f34c494e82156651752608fa6a23ffa3df2f84b1
8265c5aec9ae3882691303cec1b6993e75b12e8071fe6710826f7fc6b5cbccdb
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8348e9255ab81e0c27d41eaea349637c36629ea06b9e8f52273df14d827be269
838fcf38d188c20c103e6e3cc1902ad8cca9e7446018d88a5c25d531f67402aa
83ecdfb76c38605f0e3538a0a9de0f1e57a457a2dfebe0654ee2f9b13c49a2ec
848484b594bee01f05dbe9fae928384d0c946dbd42379ca0bf5a3ff79af0cec4
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
85aa934009e7ffa8115fa2c3b5b8efbee7d760e80aff3cdfef749e1710e0c6d5
85cb90674ad0b183074290b7f775faa663e26255436f804e8f62f7c9a39bedf3
8610d116c02bfa0c447943a326878b3e8e51a46192a18f70589c22bf7b5a1193
8691e656de704c1d31b01fe36c4c9f397ea0b42c42fee43f8e6ef0fde3a86bc8
87aa1daa37cd8dd501095ca12436da32d38055980698e878e955ce72eaf4ee04
8b8a5a27eeb6248d338ed973eb3efc68f10c3c0523e3c525c5a7d99c7f691014
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8daabc8d037b051f50861554a0190c2261fa6f6854cbe843d6bac8576a6d4ab7
8eb0ee259863bc0abfb4ebf2d5138c3931fdd2dc3e4a920ee139064df8632c06
8f377b885e230f48818784ef697c9f13ae292094d42811e3b5ccbed8ec374e3b
8f665ba5c27890ebed553836dee5572ad583c0a65374373741ec0a5309df2b5a
9054b7735cbd42d74d4e95347994eabb230c9ebd5a414344a25e6f6a1eaadc06
91b9f10b554122072dd8f441b2b965285c2a2e9f687aed2bf6ca83eff50cd375
92c1fa9fa30c280eab7a6ca814e5160e303beb82d978289450630be654b42ab2
933c64091a7be6134b742dcf952eea56adad38f9aa0ffc5f07fb1786cfdb5b25
96884203ea0efacd55e8a8a17d91081a6b74c1bae49f8cfb241a84386478f990
96e3e8dfde6b1042514824bac1b44282d4a76bac028f2d767f6534dce2cf3db0
96f730c216303e7b314b05ddcaf416d14b09197b71e1c6b4f063cae4f4c430d6
97b94fc813203740781e47408edacd0f869217c716ba547faa948afc91d41ffb
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
99472e40113fa5b178733c2f0376bfd1aa5d1dc5802dc09b536dd98512c43077
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9a54bafa76694e249ef4055bdb2e2ecaf66508088c4749904b6ccb98c7d4e3b8
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9aa6501ff5395d8b36bfb5dd589c2c94fb6e4b04fadac7be66b754d103563412
9b056a512decad006747f1ad10be4c3a04350a3bf50d1d7e5d64ed3a6b8e7f49
9daac18af4abbcce5453991010a64421d516f323651fd08d87245a78f76b76c0
9e0033f4590f9c6acd5dadaa57cb1e9a4026f8c4c5ab8bac1f1c3b883260aaa0
9e57fedb96b3686621bccd5521f43a2037a823c74f062176952890b179b3955b
9ee2fcff6709e4d0d24b09ca0fc56aade12b4961ed9c43fd13b03248bfb57afe
9ef507894e158a8ab8a838484903d74d5af958a72c0673006b842c58d930ecf0
9f0f1985b9a8c619904ab04f25673c021c716d7b1827479127980c629408a824
9f1d9d05d77a587f38162d85a3c9a08dbd676c24f04c8659f5439cdfea358d0d
9f69cafbf765b3d08dbf7311af29392bb3a12235d932565e34994ce8e201e4bf
9ff05cdc1a0607a9818fa522b9206273070b9d7f2a1fa2934a255833f5af0dee
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0abf6fcfc0bf653c6841b9e80691ddb1cf908320e7253d01ab1231271fb016e
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a1a256244f073b9ed474c52d16f8b7d0ed5d92ca4129042d6ee150817671bcd9
a277606779ea42ad5beb00131f348541bed0a70faa4c1e1d09b6b5819cb5dcc4
a29ee2b15c494311c52521766e44af56a3ad2248e7a8ab465e5206463c13d288
a2eacbd0a55e794d92e79a03b68c07f613a0ab710ffaffe5f1d12d67aac843a1
a39027104de91d1f4394f8b02ae4ae5125af75032fe444b7cb1b4ce4682ffa81
a3c52fab288aedeba5055eb8f9e5f677d50c1f1be2972703f11bf1fff434e848
a3cda672877794b17401e61057febdfc48938bd56e4c660c5b570603a0f87d6e
a3cf00c109d907e543bc4f6dbc85eb31068f94515251347e9e57509b52ee3d74
a3f75b6029afca74376dc86b33ce875dc9e5bfc7df7133c56660a9dd2315045a
a466be787bc560be100bf32efa33db39e105a3b9f07de995573e831c26e136c6
a4f5230d39a7a21971fe62ccde2443345638d2beaa369b752820390a687b91b6
a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e
a5ffbfc9bcf3065f2eb7e6d7246d4c88d60df04f1797e0bc18bba16ecd25255b
a6d36aa3d742ccd6f1ca3c76dcf885af72f7bebe2fcc001ea011a7aea2f55678
a731c3e7e5a97ed0db1a5539f732ce8d7aa8dd4498712783ce7bf971c0343862
a749ae28e3ba47b2bec3dc1f613f1a6266ff6b007a3b1106a09b54ff0362242a
a829be17a754656d432e07ca56e9bc8c952d019afc6f7086a28cb51ef7f5c9cc
a82b357d90f03942ee9e812efd229264ff27c7e03f06acd2efa2fa9f98b7e78e
a930ab17af286c930110641f322e492caee1353b7484e403cc218f02a37487b3
a965579cd2f6be17535aaab42ee137b2f5fd53e6beb7c8c8f93707e14cc995f4
aa46eaab9fb219a9b500df37f8a5ca28fa77665d0fa7f4101d6a7fbda566b61a
ab82784200027747d61a26a3bb2e4d6ce3f4e37f083f1057c6fe8e27c3d43681
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
ae7c001d6239fe40aaf2b30601eb2def5125339cbc93a5002b0e03beea354044
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
afa3499787b58f95f29d7e25ba545ab0307cf3380097a4ce7c4bccf9474427e9
b033f59e4ffeaa6f3e4f2e839c035a14811d5469d3f772eda6056d7d5782c53f
b0978fb0412437ad74f3482f09b3c0084254e06ca8a3956467c7a388746ab840
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b204f32a3eb745dc41c39a6e0fdba21bc6ae4d1b709dfc743eede6c89a91a888
b3e0c9b5e5c61785b2006cc8a2908f0025924a214987b0ec0ff939ce5c3a8b16
b45d3c1bd61c9acd22b9b7b63f8f373d73737543e022cc409ecafe4aa2ed0c98
b55894081269b1da4de31586fecb047557fd5bfac9e0e71ca633baef2244a2ff
b67e965ff661459516a2d4a79e31e9f8768bb622871adf1dc3ce7a800c22bad3
b87b5ff04023985cd86fe44e2ab7e61cc6057c14988223c4b26fb025d6ae118e
baa47cb028f5878356baacb8c2760dbc85b3695c4fe1c346e26b4b978eb0100f
bb2f90081933c0f2475883ca2c5cfee94e96d7314a09433fffc42e37f4cffd3b
bb5060207edffb22eeb6d049482f722ed612b3d399bda1654947bb2fe2b7bfa1
bba2d5622e1a33c1bd924e07f396c234a390f0bf9bb5fd1394521df422ad3607
bce4b47b8fc12de49fac0a00e9039e38aa568aba0ee9154b93d20465f0289cfa
bf94db5c7d218f9a2a2edfff6c01bf65f5946a32000cd41835fee5b564efa62f
bfe84806e4b5ffbdd053eac9b99de72b5325e547548f53e41e2032772498f389
c4599e3e174c8cfea0b9e91cfa9a836602085a1f5f8319146016998cd54e17fc
c4b813f7aa04eca20be469b259cca2779799f58e280d73488bd7386940d2d146
c5e1f0f3d1ac6d91fdc55942afc927a17154dc593732943c3bd158c89cb6b501
c69cb3df5cd5efdfbc75c2812c6b7bbf922d6ee5a8f8a2064d4f25425f83aec1
c795395f7438fa12e7baaee46d9e672b022ac76b62c4a932ad26c17bc9073b98
c7d5594f3a599ccd0b1a336bb68a24d59882f394bb0b9c9a29c5200cd2b48468
c86d792f85479bc941b4eb8e817e461f88e5b57097f65c48529b509857bda2ea
c87b7f745cfb4a994801488584e6e0e78d6c4f0ad567e985a781fc0b86074724
c9f581d340bfc6744ba2045f76253c9cf32ea544ed3f777cc9f4f53e81e9e858
ca1481183c16bda26d662792e22c516a8fdc7ac21baa4fa0744e20db8457e910
cae765e89c38588186de4b36811acb8e873a674a2ca9223dca8fb391a012082b
cb7f9ce1a655b238a729f675ea727926a693c5d00621a5dc8d6cf4c6e11d6038
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
cd6bc8bd03109f348ef0bb41349b8afc8199d99eee8ece2074f4d501941111f8
ce74969a5ebb6871e5aafc8dbbf0e2a62ab1263d1147881d62ea17421487d0e8
ceb6f7c93b3c2454eec6ff10589da6881fc9452037dacf469c0ae41cdcc9cd65
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cf7fcc9f75c8717897bfaef72f303fab423ce1b70c98512aeb3677e4af988dee
d0047705a09f6ad63d4c5ca4cb994ce3c585c148dad026e07976ba9d49afb965
d00881661ce5e766ce98430f69d6d217ab80bdfa98811e039afc92a327d57a68
d050c56b76cb2dae10e3eadd8e8f5e83594db0916d25946bec2f662f69dd776d
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2
d1ea19a19ec8d6220550ff2184b4c0b90caae3b46865454cc42f803d52d2562e
d5591cf564a1e2cddacd30fe4a0ece9902037e8014d33a7782cf88a7a262a247
d659b0ebd2557d1e35fba8bf8fcd3aedc04ff08d2d737e38633548180f35df4e
d739fafde9e18e966bf873500318ca59d954863cbfa9b0ea02a37916445dd416
d8c52fe5bb662564ab7edf0abe01a2202dcc36eaa71ce6a465cd64210c4eb2c0
daef08274cc0cf1285278070175d965c2ea873a3ed6b279e51b3b9681d1272e3
dce3a7d75903f3a00ff7b72c2b3f3e34c786c0867a1398caa5212977e721d1b0
ddb96c25de07962ffbc0243e6e68177ce74aee9fd950cb4f5d8d3c8e6c524a09
ddeb966717b2ec144839c4480f0fc4da8d6eb830fd03ce5d523f4abe6acae4ea
de2f619367d5efc5a236b34e46014ba18bd44b03be31d278f242b198f7547253
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e13547eec8879c9b576c2e06837303ad06ea15905d4eb075291ff21686a5b3da
e18d236964106571c1d4549b9527ec39f5d73fa64bbbeccc73bc6fd5ef40dfb7
e23a4e032b9b1dc7ed992b680df42bcc5ae15bf7e8573a6ff2cc694235adcd38
e29fdaaa72532cf073043684b894027d655f4f252383c475c1f3347d51696392
e2ec81b19233fd4cd6ef5adcb45c0cbec6bd5673716ba0454ce56b67486ece46
e37a6f5b4a9288dad70a0cabf87c08989b4042bc6ca7fa3b1fef3f6ab4cc509a
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4240ee23e840bebe54c7c07512f10aee39ae8c0f3ddd6a692be08eb6a6875a9
e51bf4a5da89c223a83617078b466770b1e4d590f2430e74de39ce765762c840
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e6bc44b365258db3749115c394eb2793bcb8ebaa55c10e8ff8dce79751e4c669
e885badff253144e188588b5657e13cfa1135d4cd682053c9cca02b83baf1ef2
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
eb91e77384f9aff2e81a868ae4f2ae6fb5940c573d0e39088ff637414b4ffed9
ece57bec2c1d6f99d361e52c1e23904b6177200583d66027cb4e8958f63ae846
ecf0f2b7f270b19fdef46f701420c4e6eaf3ca34f8077574e6d63dad87f466e7
ed0858d30b5cfcc282757e0078c8f9c3b7711cf86be5f5934ece6a9d47e28ae8
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
ee1809002036a48cef12c927023fcb0e0738faf11b0bac4cc7fdb93a6b884b8d
eec6191dda502c94c19edba266ef530b898b586b53de0d5621fd29cff61181d1
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef8935acbc35ec745965c0d7149de04e09b991d30b3586887165480cee202fa5
f025516815a6f6cebe8eecae606c07df1144a6776a8773909ec484a7bc00d9e3
f10b89fde67b2bafa1794d514006a5f3a436bac868dc987e031993e133ce09ed
f2885a83e514c105bec4685c7226d166b2884009d0eefe7a2999567c53e4459b
f2a78ec0800976a7fbcd2f14881e6be9588f6f95d7e2ebcae41236f6ecfe3206
f3f286e42d6cf5abf69e6a06088976b1348bf3ef5623bb0ffdf7dc4f4d6b1d7a
f4d5deb4709cebcb8d869180a1db81fab7c54f99dc2e72dab8b3db15eb76e660
f4de41edd6d540328311323b4ed0b21dc34b269d909f793164e2dedf3c611edb
f4e16c137bfcf443839c20e1038b9ee2dec570f047ae3b1c8f9378e9176750dd
f68019eb4b4e5933301d4ee75969e0cb94ed8333bf514630fa749eb9c3e483c9
f7162a2bf4f3f84010fcd399f9420597332841fb4814ac737da2a4fda9324437
f7824cad57067e51ed2fb407ffdd301f9597d63dbc53a9c69599efceae5d94bb
f8adb8b0c5e7880cf2c66137533bfeea4e96040bb2c7edcb9e5c6373d78a5d0a
f9745c48d0b4c918d466da4acdb3f786ef5cda4c69ac0b6009d76cff67e6325d
f992ef717c41ea0f59eb313449f7561ff6ea24d60a0ba146b31036449750ae4b
fa2f2c409ec8c3790f3a2824ff3644873de9ca6700b7b3add056837bb677ee9f
fb329000228cc5a24c264c57139de8bf854fc86fc18bf1c04ab61a2b5cb4b921
fdcc8d709256b4d58647ad5d3e9521ea3aed9800f0f46887c1b5317cb947a664
fe5a5f3469030993701e2cb0c63a1a66b1a3d59f87d35a5fc0fb0503fb534cd4
fe702c90cb027142d2009afffa655fdbc952f1179a758a249badc7e104e2b65c
fee5fcb6d2c9e72264f4b646c2dfc921500a855a87d49ca8ca8c5f247acad344
fef25a2b6e39201daf72e8cc609e3f8876af67bc761eede56da99270ea3c6774