portalsemakan.com Open in urlscan Pro
2a06:98c1:3121::7 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://telekom.com.my/
Effective URL:
https://portalsemakan.com/permohonan-pelan-data-pelajar/
Submission: On March 21 via api (March 21st 2022, 2:45:58 pm UTC) from DE — Scanned from DE

Summary HTTP 392 Redirects Links 25 Behaviour Indicators

Summary

This website contacted 80 IPs in 12 countries across 71 domains to perform 392 HTTP transactions. The main IP is 2a06:98c1:3121::7, located in United States and belongs to CLOUDFLARENET, US. The main domain is portalsemakan.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on July 7th 2021. Valid for: a year.

This is the only time portalsemakan.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	220.158.200.104 220.158.200.104	55720 (GIGABIT-M...) (GIGABIT-MY Gigabit Hosting Sdn Bhd)
29	2a06:98c1:312... 2a06:98c1:3121::7	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:812::200a	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:82a::2003	15169 (GOOGLE) (GOOGLE)
2	192.0.76.3 192.0.76.3	2635 (AUTOMATTIC) (AUTOMATTIC)
2	2a04:4e42:400... 2a04:4e42:400::645	54113 (FASTLY) (FASTLY)
2	2a00:1450:400... 2a00:1450:4001:830::2008	15169 (GOOGLE) (GOOGLE)
23	2a00:1450:400... 2a00:1450:4001:831::2002	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:827::2002	15169 (GOOGLE) (GOOGLE)
3	184.30.24.198 184.30.24.198	16625 (AKAMAI-AS) (AKAMAI-AS)
7	104.19.132.78 104.19.132.78	13335 (CLOUDFLAR...) (CLOUDFLARENET)
28	104.19.135.78 104.19.135.78	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5 53	142.250.186.162 142.250.186.162	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80f::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:801::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:830::200e	15169 (GOOGLE) (GOOGLE)
19	2a00:1450:400... 2a00:1450:4001:801::2001	15169 (GOOGLE) (GOOGLE)
3	2a03:90c0:41:... 2a03:90c0:41:2801::254	199524 (GCORE) (GCORE)
2 4	2a02:2638::1c 2a02:2638::1c	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	2606:4700::68... 2606:4700::6810:5914	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	178.250.2.146 178.250.2.146	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	178.250.2.131 178.250.2.131	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
6	54.76.14.137 54.76.14.137	16509 (AMAZON-02) (AMAZON-02)
1	185.64.189.112 185.64.189.112	62713 (AS-PUBMATIC) (AS-PUBMATIC)
2	34.98.64.218 34.98.64.218	15169 (GOOGLE) (GOOGLE)
6	185.86.138.16 185.86.138.16	201081 (SMARTADSE...) (SMARTADSERVER)
3 7	37.252.172.38 37.252.172.38	29990 (ASN-APPNEX) (ASN-APPNEX)
1	184.31.84.150 184.31.84.150	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2602:803:c003... 2602:803:c003:200::31	26667 (RUBICONPR...) (RUBICONPROJECT)
4	2a00:1450:400... 2a00:1450:4001:801::2004	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:828::2001	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:809::200a	15169 (GOOGLE) (GOOGLE)
2	2607:f8b0:400... 2607:f8b0:4003:c05::78	15169 (GOOGLE) (GOOGLE)
1	66.102.1.157 66.102.1.157	15169 (GOOGLE) (GOOGLE)
4 5	2620:116:800d... 2620:116:800d:21:3175:5196:e3fd:8c1d	16509 (AMAZON-02) (AMAZON-02)
1 1	108.128.215.255 108.128.215.255	16509 (AMAZON-02) (AMAZON-02)
1	34.98.67.61 34.98.67.61	15169 (GOOGLE) (GOOGLE)
1	35.186.253.211 35.186.253.211	15169 (GOOGLE) (GOOGLE)
2 3	185.64.190.78 185.64.190.78	62713 (AS-PUBMATIC) (AS-PUBMATIC)
3 4	69.173.144.139 69.173.144.139	26667 (RUBICONPR...) (RUBICONPROJECT)
1 1	2a00:1450:400... 2a00:1450:4001:812::200e	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:400e:13::7	15169 (GOOGLE) (GOOGLE)
16	18.66.112.66 18.66.112.66	16509 (AMAZON-02) (AMAZON-02)
4	18.197.113.18 18.197.113.18	16509 (AMAZON-02) (AMAZON-02)
5 48	13.248.245.213 13.248.245.213	16509 (AMAZON-02) (AMAZON-02)
4	151.101.194.132 151.101.194.132	54113 (FASTLY) (FASTLY)
8	184.30.25.161 184.30.25.161	16625 (AKAMAI-AS) (AKAMAI-AS)
4	70.42.32.255 70.42.32.255	13789 (INTERNAP-...) (INTERNAP-BLK3)
4	213.227.153.223 213.227.153.223	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands)
4	151.101.114.132 151.101.114.132	54113 (FASTLY) (FASTLY)
4 4	52.58.249.203 52.58.249.203	16509 (AMAZON-02) (AMAZON-02)
6 7	3.122.58.109 3.122.58.109	16509 (AMAZON-02) (AMAZON-02)
5 5	213.19.147.45 213.19.147.45	26120 (RHYTHMONE) (RHYTHMONE)
4 4	18.156.0.31 18.156.0.31	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:803::2006	15169 (GOOGLE) (GOOGLE)
1	18.168.215.250 18.168.215.250	16509 (AMAZON-02) (AMAZON-02)
2 3	66.155.71.150 66.155.71.150	13768 (COGECO-PEER1) (COGECO-PEER1)
2 2	85.114.159.93 85.114.159.93	24961 (MYLOC-AS ...) (MYLOC-AS IP Backbone of myLoc managed IT AG)
4 4	213.155.156.180 213.155.156.180	1299 (TWELVE99 ...) (TWELVE99 Arelion)
1 1	2600:9000:225... 2600:9000:225e:2a00:1b:5138:8a40:93a1	16509 (AMAZON-02) (AMAZON-02)
1	185.86.139.104 185.86.139.104	201081 (SMARTADSE...) (SMARTADSERVER)
1 6	35.71.131.137 35.71.131.137	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:223... 2600:9000:223e:2e00:1e:6a6f:9700:93a1	16509 (AMAZON-02) (AMAZON-02)
2	2620:1ec:21::14 2620:1ec:21::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2 3	2a05:d018:d29... 2a05:d018:d29:3605:2e02:fe1c:9c40:529	16509 (AMAZON-02) (AMAZON-02)
1	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2 4	209.54.177.54 209.54.177.54	16509 (AMAZON-02) (AMAZON-02)
1 1	50.31.142.31 50.31.142.31	23352 (SERVERCEN...) (SERVERCENTRAL)
1	34.96.105.8 34.96.105.8	15169 (GOOGLE) (GOOGLE)
1 1	35.190.0.66 35.190.0.66	15169 (GOOGLE) (GOOGLE)
2 2	18.156.61.45 18.156.61.45	16509 (AMAZON-02) (AMAZON-02)
2	2a02:2638::3 2a02:2638::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1 2	169.50.137.184 169.50.137.184	36351 (SOFTLAYER) (SOFTLAYER)
3 5	37.157.2.238 37.157.2.238	198622 (ADFORM) (ADFORM)
1 1	2001:678:cb4:... 2001:678:cb4:bbbb::11	56396 (AMOBEE) (AMOBEE)
2 2	54.171.228.20 54.171.228.20	16509 (AMAZON-02) (AMAZON-02)
1 1	3.233.223.17 3.233.223.17	14618 (AMAZON-AES) (AMAZON-AES)
2 2	18.184.64.118 18.184.64.118	16509 (AMAZON-02) (AMAZON-02)
1 1	52.200.181.105 52.200.181.105	14618 (AMAZON-AES) (AMAZON-AES)
3 3	185.29.132.245 185.29.132.245	30419 (MEDIAMATH...) (MEDIAMATH-INC)
2	2a02:fa8:8806... 2a02:fa8:8806:13::1370	41041 (VCLK-EU-SE) (VCLK-EU-SE)
2 2	44.198.171.22 44.198.171.22	14618 (AMAZON-AES) (AMAZON-AES)
2	192.132.33.46 192.132.33.46	18568 (BIDTELLECT) (BIDTELLECT)
2 2	18.184.10.104 18.184.10.104	16509 (AMAZON-02) (AMAZON-02)
4 7	52.94.223.167 52.94.223.167	16509 (AMAZON-02) (AMAZON-02)
2	34.199.124.234 34.199.124.234	14618 (AMAZON-AES) (AMAZON-AES)
2 4	54.79.65.128 54.79.65.128	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:223... 2600:9000:223f:b000:3:7e1c:5b40:93a1	16509 (AMAZON-02) (AMAZON-02)
1	108.138.7.20 108.138.7.20	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:225... 2600:9000:2251:8000:d:3c0f:bcc0:93a1	16509 (AMAZON-02) (AMAZON-02)
1	130.211.115.4 130.211.115.4	15169 (GOOGLE) (GOOGLE)
2	23.79.143.124 23.79.143.124	() ()
1	151.101.1.108 151.101.1.108	() ()
1 6	184.30.24.241 184.30.24.241	16625 (AKAMAI-AS) (AKAMAI-AS)
12	185.64.190.80 185.64.190.80	() ()
1 1	178.250.0.163 178.250.0.163	() ()
2	198.47.127.20 198.47.127.20	() ()
2 2	35.210.178.101 35.210.178.101	() ()
1 1	159.65.196.12 159.65.196.12	() ()
1	185.33.220.242 185.33.220.242	() ()
1 1	34.111.151.213 34.111.151.213	() ()
1	72.251.241.206 72.251.241.206	() ()
4 4	69.173.144.165 69.173.144.165	() ()
1	2a00:1288:80:... 2a00:1288:80:807::1	() ()
392	80

1 220.158.200.104 (Malaysia) 1 redirects

ASN55720 (GIGABIT-MY Gigabit Hosting Sdn Bhd, MY)
PTR: lion2-smtp3.sfdns.net

telekom.com.my	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

29 2a06:98c1:3121::7 (United States)

ASN13335 (CLOUDFLARENET, US)

portalsemakan.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:812::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:82a::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 192.0.76.3 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)

stats.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a04:4e42:400::645 (United States)

ASN54113 (FASTLY, US)

anymind360.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:830::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

23 2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 184.30.24.198 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-30-24-198.deploy.static.akamaitechnologies.com

ads.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 104.19.132.78 (None, )

ASN13335 (CLOUDFLARENET, US)

jsc.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
servicer.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cm.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

28 104.19.135.78 (None, )

ASN13335 (CLOUDFLARENET, US)

cdn.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s-img.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
servicer.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

53 142.250.186.162 (United States) 5 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f2.1e100.net

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:801::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:830::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 2a00:1450:4001:801::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:90c0:41:2801::254 (Frankfurt am Main, Germany)

ASN199524 (GCORE, LU)

video-native.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a02:2638::1c (France) 2 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:5914 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 178.250.2.146 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

mug.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.2.131 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
PTR: bidder.am5.vip.prod.criteo.com

bidder.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 54.76.14.137 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-76-14-137.eu-west-1.compute.amazonaws.com

prebid.ad.smaato.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.189.112 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

hbopenbid.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.98.64.218 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 218.64.98.34.bc.googleusercontent.com

adasia-d.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 185.86.138.16 (France)

ASN201081 (SMARTADSERVER, FR)

prg.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 37.252.172.38 (Frankfurt am Main, Germany) 3 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 690.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 184.31.84.150 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-31-84-150.deploy.static.akamaitechnologies.com

htlb.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2602:803:c003:200::31 (Amsterdam, Netherlands)

ASN26667 (RUBICONPROJECT, US)

fastlane.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:801::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:828::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

4ff8e811445a9b61eb0bed126f8b9447.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:809::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

imasdk.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4003:c05::78 (Tulsa, United States)

ASN15169 (GOOGLE, US)

csi.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 66.102.1.157 (United States)

ASN15169 (GOOGLE, US)
PTR: wb-in-f157.1e100.net

bid.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2620:116:800d:21:3175:5196:e3fd:8c1d (United States) 4 redirects

ASN16509 (AMAZON-02, US)

cms.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.128.215.255 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-108-128-215-255.eu-west-1.compute.amazonaws.com

pixel.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.98.67.61 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 61.67.98.34.bc.googleusercontent.com

odr.mookie1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.186.253.211 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 211.253.186.35.bc.googleusercontent.com

rtb.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.64.190.78 (United Kingdom) 2 redirects

ASN62713 (AS-PUBMATIC, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 69.173.144.139 (Frankfurt am Main, Germany) 3 redirects

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::200e (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

gcdn.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400e:13::7 (Ireland)

ASN15169 (GOOGLE, US)

r2---sn-5hne6nzd.c.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 18.66.112.66 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-112-66.fra56.r.cloudfront.net

ib.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 18.197.113.18 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-197-113-18.eu-central-1.compute.amazonaws.com

tlx.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

48 13.248.245.213 (United States) 5 redirects

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com

eb2.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 151.101.194.132 (United States)

ASN54113 (FASTLY, US)

widgets.zemanta.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 184.30.25.161 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-30-25-161.deploy.static.akamaitechnologies.com

z.moatads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
px.moatads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 70.42.32.255 (United States)

ASN13789 (INTERNAP-BLK3, US)
PTR: ny.outbrain.com

stas.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 213.227.153.223 (Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)

b1t-eudc1.zemanta.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 151.101.114.132 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

zem.outbrainimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 52.58.249.203 (Frankfurt am Main, Germany) 4 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-58-249-203.eu-central-1.compute.amazonaws.com

pm.w55c.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 3.122.58.109 (Frankfurt am Main, Germany) 6 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-122-58-109.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 213.19.147.45 (United Kingdom) 5 redirects

ASN26120 (RHYTHMONE, US)

sync.1rx.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync.targeting.unrulymedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 18.156.0.31 (Frankfurt am Main, Germany) 4 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-156-0-31.eu-central-1.compute.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:803::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.168.215.250 (London, United Kingdom)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-168-215-250.eu-west-2.compute.amazonaws.com

geo.moatads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 66.155.71.150 (Portsmouth, United Kingdom) 2 redirects

ASN13768 (COGECO-PEER1, CA)

pixel-sync.sitescout.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 85.114.159.93 (Germany) 2 redirects

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: dsp.adfarm1.adition.com

dsp.adfarm1.adition.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 213.155.156.180 (Uppsala, Sweden) 4 redirects

ASN1299 (TWELVE99 Arelion, fka Telia Carrier, SE)
PTR: 213-155-156-180.teliacarrier-cust.com

d5p.de17a.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:225e:2a00:1b:5138:8a40:93a1 (United States) 1 redirects

ASN16509 (AMAZON-02, US)

s.ad.smaato.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.86.139.104 (France)

ASN201081 (SMARTADSERVER, FR)

ssbsync.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 35.71.131.137 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:223e:2e00:1e:6a6f:9700:93a1 (United States)

ASN16509 (AMAZON-02, US)

cnt.trvdp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:1ec:21::14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a05:d018:d29:3605:2e02:fe1c:9c40:529 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 209.54.177.54 (Ashburn, United States) 2 redirects

ASN16509 (AMAZON-02, US)

s.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 50.31.142.31 (Riverdale, United States) 1 redirects

ASN23352 (SERVERCENTRAL, US)
PTR: chi.outbrain.com

b1sync.zemanta.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.96.105.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.105.96.34.bc.googleusercontent.com

tr.blismedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.190.0.66 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 66.0.190.35.bc.googleusercontent.com

ads.travelaudience.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.156.61.45 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-156-61-45.eu-central-1.compute.amazonaws.com

a.sportradarserving.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 169.50.137.184 (United States) 1 redirects

ASN36351 (SOFTLAYER, US)
PTR: b8.89.32a9.ip4.static.sl-reverse.com

um.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 37.157.2.238 (Denmark) 3 redirects

ASN198622 (ADFORM, DK)

c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:678:cb4:bbbb::11 (United Kingdom) 1 redirects

ASN56396 (AMOBEE, GB)

ad.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.171.228.20 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-171-228-20.eu-west-1.compute.amazonaws.com

match.prod.bidr.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.233.223.17 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-233-223-17.compute-1.amazonaws.com

sync.ipredictive.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.184.64.118 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-184-64-118.eu-central-1.compute.amazonaws.com

rtb.mfadsrvr.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.200.181.105 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-200-181-105.compute-1.amazonaws.com

sync.srv.stackadapt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.29.132.245 (United Kingdom) 3 redirects

ASN30419 (MEDIAMATH-INC, US)

sync.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:fa8:8806:13::1370 (Singapore)

ASN41041 (VCLK-EU-SE, US)

triplelift-match.dotomi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 44.198.171.22 (Ashburn, United States) 2 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-198-171-22.compute-1.amazonaws.com

sync.hgrtb.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 192.132.33.46 (United States)

ASN18568 (BIDTELLECT, US)
PTR: 46.bidtellect.com

bttrack.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.184.10.104 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-184-10-104.eu-central-1.compute.amazonaws.com

sportradarserving.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 52.94.223.167 (Dublin, Ireland) 4 redirects

ASN16509 (AMAZON-02, US)

aax-eu.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.199.124.234 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-199-124-234.compute-1.amazonaws.com

rtb.adentifi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 54.79.65.128 (Sydney, Australia) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-79-65-128.ap-southeast-2.compute.amazonaws.com

sasinator.realestate.com.au	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:223f:b000:3:7e1c:5b40:93a1 (United States)

ASN16509 (AMAZON-02, US)

go.trvdp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.138.7.20 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-7-20.fra56.r.cloudfront.net

stg.truvidplayer.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2251:8000:d:3c0f:bcc0:93a1 (United States)

ASN16509 (AMAZON-02, US)

s.trvdp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 130.211.115.4 (Council Bluffs, United States)

ASN15169 (GOOGLE, US)
PTR: 4.115.211.130.bc.googleusercontent.com

data.ad-score.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.79.143.124 (None, )

ASN- ()

eus.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.1.108 (None, )

ASN- ()

acdn.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 184.30.24.241 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a184-30-24-241.deploy.static.akamaitechnologies.com

js-sec.indexww.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ssum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
dsum.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 185.64.190.80 (None, )

ASN- ()

image2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
simage2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.0.163 (None, ) 1 redirects

ASN- ()

dis.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 198.47.127.20 (None, )

ASN- ()

image4.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.210.178.101 (None, ) 2 redirects

ASN- ()

a.volvelle.tech	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 159.65.196.12 (None, ) 1 redirects

ASN- ()

match.adsby.bidtheatre.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.33.220.242 (None, )

ASN- ()

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.111.151.213 (None, ) 1 redirects

ASN- ()

dmp.brand-display.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 72.251.241.206 (None, )

ASN- ()

cm.adgrx.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 69.173.144.165 (None, ) 4 redirects

ASN- ()

token.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1288:80:807::1 (None, )

ASN- ()

ads.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
68	3lift.com 5 redirects ib.3lift.com — Cisco Umbrella Rank: 1006 tlx.3lift.com — Cisco Umbrella Rank: 512 eb2.3lift.com — Cisco Umbrella Rank: 346	378 KB
57	doubleclick.net 5 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 38 securepubads.g.doubleclick.net — Cisco Umbrella Rank: 159 bid.g.doubleclick.net — Cisco Umbrella Rank: 468 cm.g.doubleclick.net — Cisco Umbrella Rank: 176	269 KB
42	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 90 tpc.googlesyndication.com — Cisco Umbrella Rank: 122 4ff8e811445a9b61eb0bed126f8b9447.safeframe.googlesyndication.com	324 KB
38	mgid.com jsc.mgid.com — Cisco Umbrella Rank: 8333 cdn.mgid.com — Cisco Umbrella Rank: 10514 video-native.mgid.com — Cisco Umbrella Rank: 28798 c.mgid.com — Cisco Umbrella Rank: 6428 servicer.mgid.com — Cisco Umbrella Rank: 8449 s-img.mgid.com — Cisco Umbrella Rank: 7801 cm.mgid.com — Cisco Umbrella Rank: 2218	575 KB
29	portalsemakan.com portalsemakan.com	392 KB
21	pubmatic.com 2 redirects ads.pubmatic.com — Cisco Umbrella Rank: 419 hbopenbid.pubmatic.com — Cisco Umbrella Rank: 417 image6.pubmatic.com — Cisco Umbrella Rank: 571 image2.pubmatic.com simage2.pubmatic.com image4.pubmatic.com	106 KB
11	amazon-adsystem.com 6 redirects s.amazon-adsystem.com — Cisco Umbrella Rank: 260 aax-eu.amazon-adsystem.com — Cisco Umbrella Rank: 1352	6 KB
11	rubiconproject.com 7 redirects fastlane.rubiconproject.com — Cisco Umbrella Rank: 412 pixel.rubiconproject.com — Cisco Umbrella Rank: 289 eus.rubiconproject.com token.rubiconproject.com	16 KB
9	moatads.com z.moatads.com — Cisco Umbrella Rank: 329 geo.moatads.com — Cisco Umbrella Rank: 553 px.moatads.com — Cisco Umbrella Rank: 392	108 KB
9	zemanta.com 1 redirects widgets.zemanta.com — Cisco Umbrella Rank: 8728 b1t-eudc1.zemanta.com — Cisco Umbrella Rank: 20128 b1sync.zemanta.com — Cisco Umbrella Rank: 528	11 KB
9	adnxs.com 3 redirects ib.adnxs.com — Cisco Umbrella Rank: 205 acdn.adnxs.com secure.adnxs.com	22 KB
9	criteo.com 3 redirects gum.criteo.com — Cisco Umbrella Rank: 347 mug.criteo.com — Cisco Umbrella Rank: 3185 bidder.criteo.com — Cisco Umbrella Rank: 689 dis.criteo.com	9 KB
8	yahoo.com 6 redirects ups.analytics.yahoo.com — Cisco Umbrella Rank: 268 pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 416 ads.yahoo.com	5 KB
7	bidswitch.net 6 redirects x.bidswitch.net — Cisco Umbrella Rank: 257	4 KB
7	smartadserver.com prg.smartadserver.com — Cisco Umbrella Rank: 1227 ssbsync.smartadserver.com — Cisco Umbrella Rank: 1266	3 KB
7	smaato.net 1 redirects prebid.ad.smaato.net — Cisco Umbrella Rank: 3208 s.ad.smaato.net — Cisco Umbrella Rank: 698	3 KB
7	google.com adservice.google.com — Cisco Umbrella Rank: 57 www.google.com — Cisco Umbrella Rank: 2	2 KB
6	adsrvr.org 1 redirects match.adsrvr.org — Cisco Umbrella Rank: 293	2 KB
6	gstatic.com fonts.gstatic.com csi.gstatic.com	88 KB
5	adform.net 3 redirects c1.adform.net — Cisco Umbrella Rank: 524	2 KB
5	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 147	178 KB
5	quantserve.com 4 redirects cms.quantserve.com — Cisco Umbrella Rank: 929 pixel.quantserve.com	2 KB
5	casalemedia.com 1 redirects htlb.casalemedia.com — Cisco Umbrella Rank: 409 ssum-sec.casalemedia.com — Cisco Umbrella Rank: 476 dsum-sec.casalemedia.com dsum.casalemedia.com	6 KB
4	realestate.com.au 2 redirects sasinator.realestate.com.au — Cisco Umbrella Rank: 3554	2 KB
4	sportradarserving.com 4 redirects a.sportradarserving.com — Cisco Umbrella Rank: 2159 sportradarserving.com — Cisco Umbrella Rank: 2125	2 KB
4	de17a.com 4 redirects d5p.de17a.com — Cisco Umbrella Rank: 4364	1 KB
4	w55c.net 4 redirects pm.w55c.net — Cisco Umbrella Rank: 730	3 KB
4	outbrainimg.com zem.outbrainimg.com — Cisco Umbrella Rank: 2613	43 KB
4	outbrain.com stas.outbrain.com — Cisco Umbrella Rank: 2705	1 KB
4	2mdn.net 1 redirects gcdn.2mdn.net — Cisco Umbrella Rank: 924 r2---sn-5hne6nzd.c.2mdn.net — Cisco Umbrella Rank: 348614 s0.2mdn.net — Cisco Umbrella Rank: 246	2 KB
4	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 35 imasdk.googleapis.com — Cisco Umbrella Rank: 399	129 KB
3	mathtag.com 3 redirects sync.mathtag.com — Cisco Umbrella Rank: 384	2 KB
3	trvdp.com cnt.trvdp.com — Cisco Umbrella Rank: 64714 go.trvdp.com — Cisco Umbrella Rank: 56324 s.trvdp.com — Cisco Umbrella Rank: 58266	205 KB
3	sitescout.com 2 redirects pixel-sync.sitescout.com — Cisco Umbrella Rank: 557	759 B
3	1rx.io 3 redirects sync.1rx.io — Cisco Umbrella Rank: 491	2 KB
3	openx.net adasia-d.openx.net — Cisco Umbrella Rank: 43068 rtb.openx.net — Cisco Umbrella Rank: 1359 u.openx.net	822 B
3	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 31	20 KB
3	google.de adservice.google.de — Cisco Umbrella Rank: 8832	1 KB
2	volvelle.tech 2 redirects a.volvelle.tech	1 KB
2	indexww.com js-sec.indexww.com	2 KB
2	adentifi.com rtb.adentifi.com — Cisco Umbrella Rank: 956	93 B
2	bttrack.com bttrack.com — Cisco Umbrella Rank: 659	760 B
2	hgrtb.com 2 redirects sync.hgrtb.com — Cisco Umbrella Rank: 1641	516 B
2	dotomi.com triplelift-match.dotomi.com — Cisco Umbrella Rank: 3096	207 B
2	mfadsrvr.com 2 redirects rtb.mfadsrvr.com — Cisco Umbrella Rank: 744	1 KB
2	bidr.io 2 redirects match.prod.bidr.io — Cisco Umbrella Rank: 462	1004 B
2	simpli.fi 1 redirects um.simpli.fi — Cisco Umbrella Rank: 707	1 KB
2	criteo.net static.criteo.net — Cisco Umbrella Rank: 600	63 KB
2	linkedin.com px.ads.linkedin.com — Cisco Umbrella Rank: 434	847 B
2	adition.com 2 redirects dsp.adfarm1.adition.com — Cisco Umbrella Rank: 1438	1 KB
2	unrulymedia.com 2 redirects sync.targeting.unrulymedia.com — Cisco Umbrella Rank: 829	1 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 54	100 KB
2	anymind360.com anymind360.com — Cisco Umbrella Rank: 22767	119 KB
2	wp.com stats.wp.com — Cisco Umbrella Rank: 2544 pixel.wp.com — Cisco Umbrella Rank: 2476	3 KB
1	adgrx.com cm.adgrx.com	408 B
1	brand-display.com 1 redirects dmp.brand-display.com	318 B
1	bidtheatre.com 1 redirects match.adsby.bidtheatre.com	534 B
1	ad-score.com data.ad-score.com — Cisco Umbrella Rank: 5686	726 B
1	truvidplayer.com stg.truvidplayer.com — Cisco Umbrella Rank: 49130	2 KB
1	stackadapt.com 1 redirects sync.srv.stackadapt.com — Cisco Umbrella Rank: 781	595 B
1	ipredictive.com 1 redirects sync.ipredictive.com — Cisco Umbrella Rank: 880	462 B
1	turn.com 1 redirects ad.turn.com — Cisco Umbrella Rank: 690	412 B
1	travelaudience.com 1 redirects ads.travelaudience.com — Cisco Umbrella Rank: 18240	523 B
1	blismedia.com tr.blismedia.com — Cisco Umbrella Rank: 2593	173 B
1	bing.com c.bing.com — Cisco Umbrella Rank: 193	594 B
1	mookie1.com odr.mookie1.com — Cisco Umbrella Rank: 794	324 B
1	everesttech.net 1 redirects pixel.everesttech.net — Cisco Umbrella Rank: 2828 sync-tm.everesttech.net Failed	375 B
1	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 403	1 KB
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 716	647 B
1	telekom.com.my 1 redirects telekom.com.my	228 B
0	onaudience.com Failed pixel.onaudience.com Failed
392	71

	Domain	Requested by
48	eb2.3lift.com	5 redirects 4ff8e811445a9b61eb0bed126f8b9447.safeframe.googlesyndication.com ib.3lift.com eb2.3lift.com
38	cm.g.doubleclick.net	5 redirects googleads.g.doubleclick.net 4ff8e811445a9b61eb0bed126f8b9447.safeframe.googlesyndication.com eb2.3lift.com ssum-sec.casalemedia.com
29	portalsemakan.com	portalsemakan.com
19	tpc.googlesyndication.com	pagead2.googlesyndication.com tpc.googlesyndication.com googleads.g.doubleclick.net imasdk.googleapis.com 4ff8e811445a9b61eb0bed126f8b9447.safeframe.googlesyndication.com
18	s-img.mgid.com
18	pagead2.googlesyndication.com	portalsemakan.com pagead2.googlesyndication.com tpc.googlesyndication.com googleads.g.doubleclick.net 4ff8e811445a9b61eb0bed126f8b9447.safeframe.googlesyndication.com www.googletagservices.com
16	ib.3lift.com	4ff8e811445a9b61eb0bed126f8b9447.safeframe.googlesyndication.com ib.3lift.com
14	securepubads.g.doubleclick.net	anymind360.com securepubads.g.doubleclick.net portalsemakan.com www.googletagservices.com
7	simage2.pubmatic.com	ads.pubmatic.com
7	aax-eu.amazon-adsystem.com	4 redirects eb2.3lift.com
7	px.moatads.com	4ff8e811445a9b61eb0bed126f8b9447.safeframe.googlesyndication.com
7	x.bidswitch.net	6 redirects eb2.3lift.com
7	ib.adnxs.com	3 redirects anymind360.com eb2.3lift.com acdn.adnxs.com
7	cdn.mgid.com	portalsemakan.com jsc.mgid.com
6	match.adsrvr.org	1 redirects ads.pubmatic.com eb2.3lift.com 4ff8e811445a9b61eb0bed126f8b9447.safeframe.googlesyndication.com ssum-sec.casalemedia.com
6	prg.smartadserver.com	anymind360.com
6	prebid.ad.smaato.net	anymind360.com
5	image2.pubmatic.com	ads.pubmatic.com
5	c1.adform.net	3 redirects ads.pubmatic.com ssum-sec.casalemedia.com
5	www.googletagservices.com	4ff8e811445a9b61eb0bed126f8b9447.safeframe.googlesyndication.com securepubads.g.doubleclick.net
5	4ff8e811445a9b61eb0bed126f8b9447.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
4	token.rubiconproject.com	4 redirects
4	sasinator.realestate.com.au	2 redirects eb2.3lift.com
4	s.amazon-adsystem.com	2 redirects eb2.3lift.com ssum-sec.casalemedia.com
4	d5p.de17a.com	4 redirects
4	ups.analytics.yahoo.com	4 redirects
4	pm.w55c.net	4 redirects
4	zem.outbrainimg.com	4ff8e811445a9b61eb0bed126f8b9447.safeframe.googlesyndication.com widgets.zemanta.com
4	b1t-eudc1.zemanta.com	4ff8e811445a9b61eb0bed126f8b9447.safeframe.googlesyndication.com
4	stas.outbrain.com	4ff8e811445a9b61eb0bed126f8b9447.safeframe.googlesyndication.com
4	widgets.zemanta.com	ib.3lift.com
4	tlx.3lift.com	4ff8e811445a9b61eb0bed126f8b9447.safeframe.googlesyndication.com
4	pixel.rubiconproject.com	3 redirects
4	cms.quantserve.com	3 redirects googleads.g.doubleclick.net
4	servicer.mgid.com	jsc.mgid.com cdn.mgid.com
4	www.google.com	tpc.googlesyndication.com googleads.g.doubleclick.net 4ff8e811445a9b61eb0bed126f8b9447.safeframe.googlesyndication.com
4	gum.criteo.com	2 redirects static.criteo.net
4	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net
4	fonts.gstatic.com	fonts.googleapis.com
3	sync.mathtag.com	3 redirects
3	pr-bh.ybp.yahoo.com	2 redirects ads.pubmatic.com
3	pixel-sync.sitescout.com	2 redirects 4ff8e811445a9b61eb0bed126f8b9447.safeframe.googlesyndication.com
3	sync.1rx.io	3 redirects
3	image6.pubmatic.com	2 redirects ads.pubmatic.com
3	mug.criteo.com
3	video-native.mgid.com	cdn.mgid.com jsc.mgid.com
3	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
3	adservice.google.com	pagead2.googlesyndication.com securepubads.g.doubleclick.net
3	adservice.google.de	pagead2.googlesyndication.com securepubads.g.doubleclick.net
3	ads.pubmatic.com	anymind360.com ads.pubmatic.com
2	dsum-sec.casalemedia.com	1 redirects ssum-sec.casalemedia.com
2	a.volvelle.tech	2 redirects
2	image4.pubmatic.com	ads.pubmatic.com
2	js-sec.indexww.com	anymind360.com ssum-sec.casalemedia.com
2	eus.rubiconproject.com	anymind360.com eus.rubiconproject.com
2	rtb.adentifi.com	eb2.3lift.com
2	sportradarserving.com	2 redirects
2	bttrack.com	eb2.3lift.com
2	sync.hgrtb.com	2 redirects
2	triplelift-match.dotomi.com	eb2.3lift.com
2	rtb.mfadsrvr.com	2 redirects
2	match.prod.bidr.io	2 redirects
2	um.simpli.fi	1 redirects ads.pubmatic.com
2	static.criteo.net	anymind360.com static.criteo.net
2	a.sportradarserving.com	2 redirects
2	px.ads.linkedin.com	eb2.3lift.com
2	dsp.adfarm1.adition.com	2 redirects
2	sync.targeting.unrulymedia.com	2 redirects
2	r2---sn-5hne6nzd.c.2mdn.net
2	cm.mgid.com	jsc.mgid.com
2	csi.gstatic.com	imasdk.googleapis.com
2	c.mgid.com	jsc.mgid.com
2	imasdk.googleapis.com	googleads.g.doubleclick.net
2	jsc.mgid.com	portalsemakan.com
2	www.googletagmanager.com	portalsemakan.com www.googletagmanager.com
2	anymind360.com	portalsemakan.com anymind360.com
2	fonts.googleapis.com	portalsemakan.com googleads.g.doubleclick.net
1	ads.yahoo.com
1	cm.adgrx.com	ssum-sec.casalemedia.com
1	dsum.casalemedia.com	ssum-sec.casalemedia.com
1	dmp.brand-display.com	1 redirects
1	secure.adnxs.com	ssum-sec.casalemedia.com
1	match.adsby.bidtheatre.com	1 redirects
1	pixel.quantserve.com	1 redirects
1	dis.criteo.com	1 redirects
1	ssum-sec.casalemedia.com	js-sec.indexww.com
1	acdn.adnxs.com	anymind360.com
1	u.openx.net	anymind360.com
1	data.ad-score.com	s.trvdp.com
1	s.trvdp.com	go.trvdp.com
1	stg.truvidplayer.com	go.trvdp.com
1	go.trvdp.com	cnt.trvdp.com
1	sync.srv.stackadapt.com	1 redirects
1	sync.ipredictive.com	1 redirects
1	ad.turn.com	1 redirects
1	ads.travelaudience.com	1 redirects
1	tr.blismedia.com	4ff8e811445a9b61eb0bed126f8b9447.safeframe.googlesyndication.com
1	b1sync.zemanta.com	1 redirects
1	c.bing.com	eb2.3lift.com
1	cnt.trvdp.com	securepubads.g.doubleclick.net
1	ssbsync.smartadserver.com	4ff8e811445a9b61eb0bed126f8b9447.safeframe.googlesyndication.com
1	s.ad.smaato.net	1 redirects
1	geo.moatads.com	z.moatads.com
1	s0.2mdn.net	4ff8e811445a9b61eb0bed126f8b9447.safeframe.googlesyndication.com
1	z.moatads.com	ib.3lift.com
1	gcdn.2mdn.net	1 redirects
1	rtb.openx.net	googleads.g.doubleclick.net
1	odr.mookie1.com	googleads.g.doubleclick.net
1	pixel.everesttech.net	1 redirects
1	bid.g.doubleclick.net	imasdk.googleapis.com
1	fastlane.rubiconproject.com	anymind360.com
1	htlb.casalemedia.com	anymind360.com
1	adasia-d.openx.net	anymind360.com
1	hbopenbid.pubmatic.com	anymind360.com
1	bidder.criteo.com	anymind360.com
1	cdn.jsdelivr.net	anymind360.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	pixel.wp.com
1	stats.wp.com	portalsemakan.com
1	telekom.com.my	1 redirects
0	pixel.onaudience.com Failed	ads.pubmatic.com
0	sync-tm.everesttech.net Failed	eb2.3lift.com
392	122

This site contains links to these domains. Also see Links.

Domain
widgets.mgid.com
www.mgid.com
www.mohe.gov.my
akismet.com
generatepress.com

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-07-07` - `2022-07-06`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2022-02-28` - `2022-05-23`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-02-28` - `2022-05-23`	3 months	crt.sh
*.wp.com Sectigo RSA Domain Validation Secure Server CA	`2020-04-02` - `2022-07-05`	2 years	crt.sh
anymind360.com R3	`2022-03-04` - `2022-06-02`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-02-28` - `2022-05-23`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-02-28` - `2022-05-23`	3 months	crt.sh
*.pubmatic.com DigiCert SHA2 Secure Server CA	`2022-02-04` - `2023-02-03`	a year	crt.sh
*.googleadservices.com GTS CA 1C3	`2022-02-28` - `2022-05-23`	3 months	crt.sh
*.google.de GTS CA 1C3	`2022-02-28` - `2022-05-23`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-02-28` - `2022-05-23`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-02-28` - `2022-05-23`	3 months	crt.sh
*.mgid.com Go Daddy Secure Certificate Authority - G2	`2021-09-13` - `2022-10-15`	a year	crt.sh
*.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-02-04` - `2022-05-03`	3 months	crt.sh
smaato.net Sectigo ECC Organization Validation Secure Server CA	`2020-07-28` - `2022-10-04`	2 years	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2021-07-08` - `2022-08-08`	a year	crt.sh
*.smartadserver.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-01-25` - `2023-01-25`	a year	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2022-02-11` - `2023-03-14`	a year	crt.sh
san.casalemedia.com GeoTrust RSA CA 2018	`2021-12-12` - `2022-12-13`	a year	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2022-03-08` - `2023-04-04`	a year	crt.sh
www.google.com GTS CA 1C3	`2022-02-28` - `2022-05-23`	3 months	crt.sh
*.quantserve.com DigiCert TLS RSA SHA256 2020 CA1	`2021-09-22` - `2022-09-21`	a year	crt.sh
*.mookie1.com DigiCert TLS RSA SHA256 2020 CA1	`2022-02-24` - `2023-03-27`	a year	crt.sh
*.3lift.com Amazon	`2021-06-12` - `2022-07-11`	a year	crt.sh
*.zemanta.com R3	`2022-01-23` - `2022-04-23`	3 months	crt.sh
moatads.com DigiCert SHA2 Secure Server CA	`2021-11-27` - `2022-11-29`	a year	crt.sh
*.outbrain.com Thawte RSA CA 2018	`2021-10-24` - `2022-11-24`	a year	crt.sh
*.outbrainimg.com R3	`2022-02-06` - `2022-05-07`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2022-02-28` - `2022-05-23`	3 months	crt.sh
*.moatads.com DigiCert TLS RSA SHA256 2020 CA1	`2021-05-25` - `2022-06-25`	a year	crt.sh
*.c.docs.google.com GTS CA 1C3	`2022-03-08` - `2022-05-17`	2 months	crt.sh
*.sitescout.com GeoTrust TLS DV RSA Mixed SHA256 2020 CA-1	`2021-12-15` - `2023-01-15`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2021-03-18` - `2022-04-19`	a year	crt.sh
*.trvdp.com Amazon	`2021-09-24` - `2022-10-23`	a year	crt.sh
www.linkedin.com DigiCert SHA2 Secure Server CA	`2022-03-01` - `2022-09-01`	6 months	crt.sh
*.bidswitch.net Sectigo RSA Domain Validation Secure Server CA	`2020-04-23` - `2022-05-04`	2 years	crt.sh
www.bing.com Microsoft RSA TLS CA 01	`2022-03-16` - `2022-09-16`	6 months	crt.sh
tr.blismedia.com GTS CA 1D4	`2022-02-20` - `2022-05-21`	3 months	crt.sh
*.criteo.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-02-02` - `2022-05-03`	3 months	crt.sh
*.dotomi.com GlobalSign RSA OV SSL CA 2018	`2021-08-10` - `2022-09-11`	a year	crt.sh
*.bttrack.com Sectigo RSA Domain Validation Secure Server CA	`2021-03-29` - `2022-03-29`	a year	crt.sh
adentifi.com Amazon	`2021-09-04` - `2022-10-03`	a year	crt.sh
*.truvidplayer.com Amazon	`2022-02-07` - `2023-03-07`	a year	crt.sh
*.ad-score.com Go Daddy Secure Certificate Authority - G2	`2021-09-02` - `2022-10-04`	a year	crt.sh
cdn.adnxs.com GlobalSign Organization Validated CA - SHA256 - G4	`2021-05-10` - `2022-06-11`	a year	crt.sh
track.adform.net DigiCert TLS RSA SHA256 2020 CA1	`2021-09-06` - `2022-10-07`	a year	crt.sh
*.simpli.fi DigiCert TLS RSA SHA256 2020 CA1	`2021-10-27` - `2022-11-27`	a year	crt.sh
*.ybp.yahoo.com DigiCert SHA2 High Assurance Server CA	`2022-01-18` - `2022-07-13`	6 months	crt.sh
public1.adgear.com Sectigo RSA Domain Validation Secure Server CA	`2022-03-01` - `2023-03-28`	a year	crt.sh

This page contains 43 frames:

Primary Page: https://portalsemakan.com/permohonan-pelan-data-pelajar/
Frame ID: C8C58BA14FC9B016C18A8AE6AB7CCC3C
Requests: 127 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220316/r20190131/zrt_lookup.html
Frame ID: B6DF22B316651559BEFA5D465B8722EE
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9427148377333143&output=html&adk=1812271804&adf=3025194257&lmt=1647873950&plat=9%3A32904%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fportalsemakan.com%2Fpermohonan-pelan-data-pelajar%2F&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1647873950195&bpp=4&bdt=931&idt=217&shv=r20220316&mjsv=m202203140101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=1546548480197&frm=20&pv=2&ga_vid=501444452.1647873950&ga_sid=1647873950&ga_hid=2070634736&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531397%2C44750773%2C31065636%2C31062931&oid=2&pvsid=2369941670710697&pem=206&tmod=21303447&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=242
Frame ID: 9CEBDCFECDCBC48914EF59153FE923DD
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9427148377333143&output=html&h=280&adk=4181226519&adf=619340566&pi=t.aa~a.1381849204~i.3~rp.4&w=668&fwrn=4&fwrnh=100&lmt=1647873950&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=6421966292&psa=0&ad_type=text_image&format=668x280&url=https%3A%2F%2Fportalsemakan.com%2Fpermohonan-pelan-data-pelajar%2F&flash=0&fwr=0&pra=3&rh=167&rw=668&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1647873950773&bpp=5&bdt=1509&idt=5&shv=r20220316&mjsv=m202203140101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dfcd06c51c05991a7-22348e9962cd00f4%3AT%3D1647873951%3ART%3D1647873951%3AS%3DALNI_MZi8O8l3zDjrt19u8o_ud9CyufgXA&prev_fmts=0x0&nras=2&correlator=1546548480197&frm=20&pv=1&ga_vid=501444452.1647873950&ga_sid=1647873950&ga_hid=2070634736&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=291&ady=1319&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531397%2C44750773%2C31065636%2C31062931&oid=2&pvsid=2369941670710697&pem=206&tmod=21303447&uas=0&nvt=1&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=CxSphkvNw4&p=https%3A//portalsemakan.com&dtd=62
Frame ID: 78B5726D8764AF731ED445C3344968DA
Requests: 18 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 57F4B42D000BA0FB7858DC3A0D83A0AA
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: C6B4646ECFA71421D2A083EF670273D0
Requests: 2 HTTP requests in this frame

Frame: https://4ff8e811445a9b61eb0bed126f8b9447.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: CD361E2514C67CCC9532D68F4DFD24CB
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 16575E3CFC8166037D6003757650A007
Requests: 9 HTTP requests in this frame

Frame: https://4ff8e811445a9b61eb0bed126f8b9447.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 0478CCEA20D3CCB0C667D470881AB3DC
Requests: 30 HTTP requests in this frame

Frame: https://cm.mgid.com/i-noref.js?cbuster=1647873951932133567048
Frame ID: 1ACDD1BB0FC741BF016272491A60ED9A
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html
Frame ID: EAC6374FE9400AE95A9F6AC3419F6F3F
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: D7BCFCB395D892288AA20891ED2B30F4
Requests: 9 HTTP requests in this frame

Frame: data://truncated
Frame ID: F09D83187DED0A67C0A2DA791E33532B
Requests: 1 HTTP requests in this frame

Frame: https://widgets.zemanta.com/1646288090/widget-728x90.js
Frame ID: B1594DD361921ACFAB536EC0BD679B4B
Requests: 4 HTTP requests in this frame

Frame: https://4ff8e811445a9b61eb0bed126f8b9447.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 2E260F7860177B3543F03FE4947D215E
Requests: 18 HTTP requests in this frame

Frame: https://4ff8e811445a9b61eb0bed126f8b9447.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 7398ACCB64DF9918A3262DA0086BBB77
Requests: 16 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 8980430A727CABF7CDF3B1EE1DB26838
Requests: 9 HTTP requests in this frame

Frame: data://truncated
Frame ID: 2B3AE2567714B2D04520C98E3CA003F3
Requests: 1 HTTP requests in this frame

Frame: https://widgets.zemanta.com/1646288090/widget-336x280.js
Frame ID: 0ED0CB69FAAB9BDDCAEDF64039E860C2
Requests: 4 HTTP requests in this frame

Frame: https://4ff8e811445a9b61eb0bed126f8b9447.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 116CECC051A51C298EECF9AAB28E42F9
Requests: 18 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync?max=10&cb=92100
Frame ID: 83A5658FF14F409861FFF7072AE98579
Requests: 11 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 41F8664EEC6071B03212FAA5FF90D754
Requests: 9 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsv4uM3QLxkn1haatMXOayyT2TXUbMHXevzGrKSwfp5sqWQJrRCZZfcKehHSvWkwUpVEUcO-_FdiglKf4orkgKCL6uFz61vbaWcmlPCi8levClAJFeC8P9UYF1tMKyd_-GYLilH6HZr_W0FFVYvSdvg3Np09vdf8kWeGbIHs7gUYFjQjv_GvofJ4c1R66mjzBBtvDZAx8aoohI7suLQIGBFhNLlIMlyeB1o06lL7LYOcIE2Xdqbf2i5yaZ_sy3BShc0DQFqS3g6LLMITu4CSXZNUljhhRiyEhD_fLJWQUwUrszyILHIAylKt-WOY4qJ0gEXvYISj6GUdqD37NY8rnXLHgaTmfyqRw4o&sig=Cg0ArKJSzEmm2wtnpJa5EAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: 192587C98560F65779C7EC142D502DED
Requests: 6 HTTP requests in this frame

Frame: data://truncated
Frame ID: 845F0CC7A6A66CC635280482613FB9F9
Requests: 1 HTTP requests in this frame

Frame: https://widgets.zemanta.com/1646288090/widget-728x90.js
Frame ID: A2D7D823D197F1B6AC5C7BAB1C178DA3
Requests: 4 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 105B036E12BC22E3166589B32EDD495B
Requests: 9 HTTP requests in this frame

Frame: data://truncated
Frame ID: CB5A63AE586EE98E01502143FB83C153
Requests: 1 HTTP requests in this frame

Frame: https://widgets.zemanta.com/1646288090/widget-300x250.js
Frame ID: 1D3FDFCB118EED039B81A4F50993972F
Requests: 4 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=portalsemakan.com
Frame ID: 3083C4D54A9B2D48A357501DC4A3D051
Requests: 2 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync?max=10&cb=56001
Frame ID: 2AA7E8FE2EFE476F97BFCB23336BDFD8
Requests: 11 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync?max=10&cb=98802
Frame ID: CE72D0CE84FFFED4139E891A0B9C307D
Requests: 11 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync?max=10&cb=77033
Frame ID: 31785B5AEF8E0EF2856E42E6F9437A5E
Requests: 11 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: 5BCF25F2564EA3DE9C64056599E4B4D2
Requests: 10 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158497
Frame ID: 88C4741CDB3C32CD26062635A3F7E4D0
Requests: 16 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/pd
Frame ID: 685A5439EB48520E8C3936431A43EFF7
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 94AF616B89F8C1CB8D5BF17B29D648A7
Requests: 2 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: 1D138C77F20EBAE16509103B01BDF083
Requests: 1 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fportalsemakan.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Frame ID: D69B94207D70F4BF0F851AF84D0A0E05
Requests: 10 HTTP requests in this frame

Frame: https://c1.adform.net/serving/cookie/match?party=14&cid=693F7F8C-3EA6-4C2C-9BEF-784CFC23A086
Frame ID: 21BE4C2A3478E35E7652519F086CCA96
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=1038671538451992436
Frame ID: F4559E1C7E9FC418E6B0719415BEA2FA
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:2e1b6238-8fa2-4f00-8b78-f55dd9c91e8e&gdpr=0&gdpr_consent=
Frame ID: 7CC162E43FE9E2210FFFEAD94B8B522B
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
Frame ID: 15F11838D3863019B5FAAB11C06238BD
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=7077564736077691022
Frame ID: AAD483A2A120AD8F271C47A40C2208E6
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Permohonan Pelan Data dan Peranti Percuma Pelajar IPT B40 2021

Page URL History Show full URLs

http://telekom.com.my/ HTTP 301
https://portalsemakan.com/permohonan-pelan-data-pelajar/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

/wp-(?:content|includes)/

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick Ad Exchange (AdX) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

tpc\.googlesyndication\.com/safeframe

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Moat (Analytics) Expand

Overall confidence: 100%
Detected patterns

moatads\.com

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

Prebid (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.com/[^"]*(?:prebid|/pb\.js)

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

392
Requests

80 %
HTTPS

33 %
IPv6

71
Domains

122
Subdomains

80
IPs

12
Countries

3181 kB
Transfer

8621 kB
Size

75
Cookies

25 Outgoing links

These are links going to different origins than the main page.

URL: https://widgets.mgid.com/?utm_source=portalsemakan.com&utm_medium=referral&utm_campaign=widgets&utm_content=1233564

Search URL Search Domain Scan URL

URL: https://www.mgid.com/services/privacy-policy

Search URL Search Domain Scan URL

URL: https://www.mgid.com/ghits/11739844/i/57566460/0/pp/1/1?h=cE8UWto1mhdu21bq1Xp2HVWUkyceDA1dedN4gYNotvevCfGnNGtpr-Vj5sfVi1rz&rid=9b2cee56-a925-11ec-915f-e43d1a2a53a0&tt=Direct&att=3&afrd=8&iv=11&ct=1&gdpr=1&st=60

Search URL Search Domain Scan URL

URL: https://www.mgid.com/ghits/11739868/i/57566460/0/pp/2/1?h=cE8UWto1mhdu21bq1Xp2HeSPlMcupPhMwB9uawoJLm4O-EAHGNV1lxBlqoVNlQww&rid=9b2cee56-a925-11ec-915f-e43d1a2a53a0&tt=Direct&att=3&afrd=8&iv=11&ct=1&gdpr=1&st=60

Search URL Search Domain Scan URL

URL: https://www.mgid.com/ghits/11739847/i/57566460/0/pp/3/1?h=cE8UWto1mhdu21bq1Xp2Hf5B083X3y6wE6SGJOrr_7uTvnnoyED8e9TDfb9TUCRZ&rid=9b2cee56-a925-11ec-915f-e43d1a2a53a0&tt=Direct&att=3&afrd=8&iv=11&ct=1&gdpr=1&st=60

Search URL Search Domain Scan URL

URL: https://www.mgid.com/ghits/11739861/i/57566460/0/pp/4/1?h=cE8UWto1mhdu21bq1Xp2HWQe85_PVyugiwz7WJsMc_vKsjOIwrRkK5nPvvF0hXps&rid=9b2cee56-a925-11ec-915f-e43d1a2a53a0&tt=Direct&att=3&afrd=8&iv=11&ct=1&gdpr=1&st=60

Search URL Search Domain Scan URL

URL: http://www.mohe.gov.my/
Title: www.mohe.gov.my

Search URL Search Domain Scan URL

URL: https://widgets.mgid.com/?utm_source=portalsemakan.com&utm_medium=referral&utm_campaign=widgets&utm_content=1233814

Search URL Search Domain Scan URL

URL: https://www.mgid.com/ghits/11739858/i/57566710/0/pp/1/1?h=72S4AYImFhqvypFw_uuoY0s2o9Ns1We1N-QrfiT7J0PtqTmOQeszktgFmMcyF082&rid=9b4afdbc-a925-11ec-915f-e43d1a2a53a0&tt=Direct&att=3&afrd=8&iv=11&ct=1&gdpr=1&st=60

Search URL Search Domain Scan URL

URL: https://www.mgid.com/ghits/11739872/i/57566710/0/pp/2/1?h=72S4AYImFhqvypFw_uuoY7P8BoEcgUChIMBWk24OgNr6bhjIUOqVpQqYQdJF354a&rid=9b4afdbc-a925-11ec-915f-e43d1a2a53a0&tt=Direct&att=3&afrd=8&iv=11&ct=1&gdpr=1&st=60

Search URL Search Domain Scan URL

URL: https://www.mgid.com/ghits/11739846/i/57566710/0/pp/3/1?h=72S4AYImFhqvypFw_uuoYx3S59ej2TcMmPFk_4tuP0K_yejMx8MpdAOiytPY9zO7&rid=9b4afdbc-a925-11ec-915f-e43d1a2a53a0&tt=Direct&att=3&afrd=8&iv=11&ct=1&gdpr=1&st=60

Search URL Search Domain Scan URL

URL: https://www.mgid.com/ghits/11739840/i/57566710/0/pp/4/1?h=72S4AYImFhqvypFw_uuoY2l4xt3VLe1WzjW--A6-oLbF13Jr33rgLT10QHy8Y1cR&rid=9b4afdbc-a925-11ec-915f-e43d1a2a53a0&tt=Direct&att=3&afrd=8&iv=11&ct=1&gdpr=1&st=60

Search URL Search Domain Scan URL

URL: https://www.mgid.com/ghits/11739856/i/57566710/0/pp/5/1?h=72S4AYImFhqvypFw_uuoY-m1teYvzldDY8rzCjPbbygbPGwnXmdqwgyQ-z_J4-By&rid=9b4afdbc-a925-11ec-915f-e43d1a2a53a0&tt=Direct&att=3&afrd=8&iv=11&ct=1&gdpr=1&st=60

Search URL Search Domain Scan URL

URL: https://www.mgid.com/ghits/11739839/i/57566710/0/pp/6/1?h=72S4AYImFhqvypFw_uuoY4hbHN8cF7BMclQIQTdG9KLzFjzG3oaeHRSR0sDCSnbM&rid=9b4afdbc-a925-11ec-915f-e43d1a2a53a0&tt=Direct&att=3&afrd=8&iv=11&ct=1&gdpr=1&st=60

Search URL Search Domain Scan URL

URL: https://www.mgid.com/ghits/11739844/i/57566710/0/pp/7/1?h=72S4AYImFhqvypFw_uuoY1WUkyceDA1dedN4gYNotvcKzoU77HXgYsiTsZNx8_O6&rid=9b4afdbc-a925-11ec-915f-e43d1a2a53a0&tt=Direct&att=3&afrd=8&iv=11&ct=1&gdpr=1&st=60

Search URL Search Domain Scan URL

URL: https://www.mgid.com/ghits/11739859/i/57566710/0/pp/8/1?h=72S4AYImFhqvypFw_uuoY1saUjCKAa2D2gEku1ukA495VnzfV1SS08RK-37psEY2&rid=9b4afdbc-a925-11ec-915f-e43d1a2a53a0&tt=Direct&att=3&afrd=8&iv=11&ct=1&gdpr=1&st=60

Search URL Search Domain Scan URL

URL: https://www.mgid.com/ghits/11739848/i/57566710/0/pp/9/1?h=72S4AYImFhqvypFw_uuoY7N06UTyMjo230xszmovDpJOT6iWj4IJ2n-n5B2hQBPk&rid=9b4afdbc-a925-11ec-915f-e43d1a2a53a0&tt=Direct&att=3&afrd=8&iv=11&ct=1&gdpr=1&st=60

Search URL Search Domain Scan URL

URL: https://www.mgid.com/ghits/11739851/i/57566710/0/pp/10/1?h=72S4AYImFhqvypFw_uuoY3iOWDduDQkmLPJ6dEysxtjBeEKrExtYAUavDiGBPyJd&rid=9b4afdbc-a925-11ec-915f-e43d1a2a53a0&tt=Direct&att=3&afrd=8&iv=11&ct=1&gdpr=1&st=60

Search URL Search Domain Scan URL

URL: https://www.mgid.com/ghits/11739838/i/57566710/0/pp/11/1?h=72S4AYImFhqvypFw_uuoY_ATCtPuqhVa39iesbjaTpTUu8_IzZTfRpAqqnZQAJWV&rid=9b4afdbc-a925-11ec-915f-e43d1a2a53a0&tt=Direct&att=3&afrd=8&iv=11&ct=1&gdpr=1&st=60

Search URL Search Domain Scan URL

URL: https://www.mgid.com/ghits/11739834/i/57566710/0/pp/12/1?h=72S4AYImFhqvypFw_uuoY_PaGNFV8vb1YLyBjuvNoDLckqdRqDelPChx-Rw5Yl3T&rid=9b4afdbc-a925-11ec-915f-e43d1a2a53a0&tt=Direct&att=3&afrd=8&iv=11&ct=1&gdpr=1&st=60

Search URL Search Domain Scan URL

URL: https://www.mgid.com/ghits/11739863/i/57566710/0/pp/13/1?h=72S4AYImFhqvypFw_uuoY7I4Q5EMjEbyPROvuL3tM41EYYViBaNu0Gs03OYdqckX&rid=9b4afdbc-a925-11ec-915f-e43d1a2a53a0&tt=Direct&att=3&afrd=8&iv=11&ct=1&gdpr=1&st=60

Search URL Search Domain Scan URL

URL: https://www.mgid.com/ghits/11739842/i/57566710/0/pp/14/1?h=72S4AYImFhqvypFw_uuoY_EqTg_fEcTBHDSXYy1qfzEwknHheWNdum_X7L_MdHbH&rid=9b4afdbc-a925-11ec-915f-e43d1a2a53a0&tt=Direct&att=3&afrd=8&iv=11&ct=1&gdpr=1&st=60

Search URL Search Domain Scan URL

URL: https://www.mgid.com/ghits/11739862/i/57566710/0/pp/15/1?h=72S4AYImFhqvypFw_uuoY-utzx0toTH5zh0Tp44kDnMrlNh3qRWZ8D66l0-BkIXz&rid=9b4afdbc-a925-11ec-915f-e43d1a2a53a0&tt=Direct&att=3&afrd=8&iv=11&ct=1&gdpr=1&st=60

Search URL Search Domain Scan URL

URL: https://akismet.com/privacy/
Title: Learn how your comment data is processed

Search URL Search Domain Scan URL

URL: https://generatepress.com/
Title: GeneratePress

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://telekom.com.my/ HTTP 301
https://portalsemakan.com/permohonan-pelan-data-pelajar/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 59

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fportalsemakan.com%2F&domain=portalsemakan.com&cw=1&lsw=1 HTTP 302
https://mug.criteo.com/sid?cpp=xqaiEXx6RFFwUWVWNnB1Z1AzMGJyMFYyYjBQZVFRWmU1VWZnZTdidnBzKzFIY0ZSYjdOK0ZNSXZmQmN0WTN4a2x3NTNIQ0FTY0Nyb29DeTVGNWZVcjU1djhrRTlucFM0K25DRzJ1dmd2OFlwOWNDRWx2cndUcHMwTkcyNlpUeGVmOTdlWU0wNXhxSkI2c0ZyanZ3cWVaTWpRcUtCTExpaXdOeVltR29PT1NldFZHK0FPWHp5R1A3TE05U0VDUFB2eDgyTFAvYXgzZUJjeVJJUFR3SVFnNGV1aWNXUVlONW9iSXp1RDg0Y1EvbTNnVHYwPXw&cppv=2

Request Chain 125

https://pixel.everesttech.net/1/m?url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Deverest%26google_hm%3D__EFGSURFER_USB64__%26google_push%3DAYg5qPJdRJlxEvwoe_01RaWj4Bv0_1yKVCMRI1v6BN4uOLsqSzZ4iSGeh7D8y56E4JmldvwszWfMtIgpy3bSIt4jbJvXlfWfFu0&google_gid=CAESEKx-n6SzqNx7KIr3Wks22c8&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WWppUG9BQUFBY0RmM2wwNw&google_push=AYg5qPJdRJlxEvwoe_01RaWj4Bv0_1yKVCMRI1v6BN4uOLsqSzZ4iSGeh7D8y56E4JmldvwszWfMtIgpy3bSIt4jbJvXlfWfFu0

Request Chain 128

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEOg2i8KMHf0BusyzkpOvDOU&google_cver=1&google_push=AYg5qPJZc2y6UVtVL9tbqZSh1sepyLN7jTMk1nOSpJ75VfwD86PSny_IX9_4nBLu1P9Ybgbm6g30Y_YCbv34f8KGcYsW6STsSCk HTTP 302
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEOg2i8KMHf0BusyzkpOvDOU&google_cver=1&google_push=AYg5qPJZc2y6UVtVL9tbqZSh1sepyLN7jTMk1nOSpJ75VfwD86PSny_IX9_4nBLu1P9Ybgbm6g30Y_YCbv34f8KGcYsW6STsSCk&rdf=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=aT9_jD6mTCyb73hM_COghg%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPJZc2y6UVtVL9tbqZSh1sepyLN7jTMk1nOSpJ75VfwD86PSny_IX9_4nBLu1P9Ybgbm6g30Y_YCbv34f8KGcYsW6STsSCk

Request Chain 129

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEOo0LstSDOB-uaVOcAny6Jg&google_cver=1&google_push=AYg5qPJhpDsCMIYEqHPCoppIP8q7MPNBOG0QeyGNh694j9fFNCRp2xDcYa_FGZWrkznyAo4zaVDE1Ni-qtjjSqt9_2QAb1cy2Ys HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDEwVExRVUktVi1KSDQw&google_push=AYg5qPJhpDsCMIYEqHPCoppIP8q7MPNBOG0QeyGNh694j9fFNCRp2xDcYa_FGZWrkznyAo4zaVDE1Ni-qtjjSqt9_2QAb1cy2Ys

Request Chain 130

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEDNk9oWafI2wi_-0iAaXeBk&google_cver=1&google_push=AYg5qPJxyGBBbYNG-y9yZW834sPI6dM3xCR2PVDVi4e9gdyZHyFk2Ktw_p0MR5mURdt-NyWAuvXztpVZXUx2HPuaxuY7VlGJ8Lg HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEDNk9oWafI2wi_-0iAaXeBk&google_push=AYg5qPJxyGBBbYNG-y9yZW834sPI6dM3xCR2PVDVi4e9gdyZHyFk2Ktw_p0MR5mURdt-NyWAuvXztpVZXUx2HPuaxuY7VlGJ8Lg&s=184023&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YjiPoC_TpvJkZfw8O1wkKgAABGYAAAIB&google_push=AYg5qPJxyGBBbYNG-y9yZW834sPI6dM3xCR2PVDVi4e9gdyZHyFk2Ktw_p0MR5mURdt-NyWAuvXztpVZXUx2HPuaxuY7VlGJ8Lg&google_cver=1&google_gid=CAESEDNk9oWafI2wi_-0iAaXeBk HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YjiPoC_TpvJkZfw8O1wkKgAABGYAAAIB&google_push=AYg5qPJxyGBBbYNG-y9yZW834sPI6dM3xCR2PVDVi4e9gdyZHyFk2Ktw_p0MR5mURdt-NyWAuvXztpVZXUx2HPuaxuY7VlGJ8Lg&google_cver=1&google_gid=CAESEDNk9oWafI2wi_-0iAaXeBk HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YjiPoC_TpvJkZfw8O1wkKgAABGYAAAIB&google_push=AYg5qPJxyGBBbYNG-y9yZW834sPI6dM3xCR2PVDVi4e9gdyZHyFk2Ktw_p0MR5mURdt-NyWAuvXztpVZXUx2HPuaxuY7VlGJ8Lg&google_cver=1&google_gid=CAESEDNk9oWafI2wi_-0iAaXeBk HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YjiPoC_TpvJkZfw8O1wkKgAABGYAAAIB&google_push=AYg5qPJxyGBBbYNG-y9yZW834sPI6dM3xCR2PVDVi4e9gdyZHyFk2Ktw_p0MR5mURdt-NyWAuvXztpVZXUx2HPuaxuY7VlGJ8Lg&google_cver=1&google_gid=CAESEDNk9oWafI2wi_-0iAaXeBk HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YjiPoC_TpvJkZfw8O1wkKgAABGYAAAIB&google_push=AYg5qPJxyGBBbYNG-y9yZW834sPI6dM3xCR2PVDVi4e9gdyZHyFk2Ktw_p0MR5mURdt-NyWAuvXztpVZXUx2HPuaxuY7VlGJ8Lg&google_cver=1&google_gid=CAESEDNk9oWafI2wi_-0iAaXeBk HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YjiPoC_TpvJkZfw8O1wkKgAABGYAAAIB&google_push=AYg5qPJxyGBBbYNG-y9yZW834sPI6dM3xCR2PVDVi4e9gdyZHyFk2Ktw_p0MR5mURdt-NyWAuvXztpVZXUx2HPuaxuY7VlGJ8Lg&google_cver=1&google_gid=CAESEDNk9oWafI2wi_-0iAaXeBk HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YjiPoC_TpvJkZfw8O1wkKgAABGYAAAIB&google_push=AYg5qPJxyGBBbYNG-y9yZW834sPI6dM3xCR2PVDVi4e9gdyZHyFk2Ktw_p0MR5mURdt-NyWAuvXztpVZXUx2HPuaxuY7VlGJ8Lg&google_cver=1&google_gid=CAESEDNk9oWafI2wi_-0iAaXeBk HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YjiPoC_TpvJkZfw8O1wkKgAABGYAAAIB&google_push=AYg5qPJxyGBBbYNG-y9yZW834sPI6dM3xCR2PVDVi4e9gdyZHyFk2Ktw_p0MR5mURdt-NyWAuvXztpVZXUx2HPuaxuY7VlGJ8Lg&google_cver=1&google_gid=CAESEDNk9oWafI2wi_-0iAaXeBk HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YjiPoC_TpvJkZfw8O1wkKgAABGYAAAIB&google_push=AYg5qPJxyGBBbYNG-y9yZW834sPI6dM3xCR2PVDVi4e9gdyZHyFk2Ktw_p0MR5mURdt-NyWAuvXztpVZXUx2HPuaxuY7VlGJ8Lg&google_cver=1&google_gid=CAESEDNk9oWafI2wi_-0iAaXeBk HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YjiPoC_TpvJkZfw8O1wkKgAABGYAAAIB&google_push=AYg5qPJxyGBBbYNG-y9yZW834sPI6dM3xCR2PVDVi4e9gdyZHyFk2Ktw_p0MR5mURdt-NyWAuvXztpVZXUx2HPuaxuY7VlGJ8Lg&google_cver=1&google_gid=CAESEDNk9oWafI2wi_-0iAaXeBk HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YjiPoC_TpvJkZfw8O1wkKgAABGYAAAIB&google_push=AYg5qPJxyGBBbYNG-y9yZW834sPI6dM3xCR2PVDVi4e9gdyZHyFk2Ktw_p0MR5mURdt-NyWAuvXztpVZXUx2HPuaxuY7VlGJ8Lg&google_cver=1&google_gid=CAESEDNk9oWafI2wi_-0iAaXeBk HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YjiPoC_TpvJkZfw8O1wkKgAABGYAAAIB&google_push=AYg5qPJxyGBBbYNG-y9yZW834sPI6dM3xCR2PVDVi4e9gdyZHyFk2Ktw_p0MR5mURdt-NyWAuvXztpVZXUx2HPuaxuY7VlGJ8Lg&google_cver=1&google_gid=CAESEDNk9oWafI2wi_-0iAaXeBk HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YjiPoC_TpvJkZfw8O1wkKgAABGYAAAIB&google_push=AYg5qPJxyGBBbYNG-y9yZW834sPI6dM3xCR2PVDVi4e9gdyZHyFk2Ktw_p0MR5mURdt-NyWAuvXztpVZXUx2HPuaxuY7VlGJ8Lg&google_cver=1&google_gid=CAESEDNk9oWafI2wi_-0iAaXeBk HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YjiPoC_TpvJkZfw8O1wkKgAABGYAAAIB&google_push=AYg5qPJxyGBBbYNG-y9yZW834sPI6dM3xCR2PVDVi4e9gdyZHyFk2Ktw_p0MR5mURdt-NyWAuvXztpVZXUx2HPuaxuY7VlGJ8Lg&google_cver=1&google_gid=CAESEDNk9oWafI2wi_-0iAaXeBk HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YjiPoC_TpvJkZfw8O1wkKgAABGYAAAIB&google_push=AYg5qPJxyGBBbYNG-y9yZW834sPI6dM3xCR2PVDVi4e9gdyZHyFk2Ktw_p0MR5mURdt-NyWAuvXztpVZXUx2HPuaxuY7VlGJ8Lg&google_cver=1&google_gid=CAESEDNk9oWafI2wi_-0iAaXeBk HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YjiPoC_TpvJkZfw8O1wkKgAABGYAAAIB&google_push=AYg5qPJxyGBBbYNG-y9yZW834sPI6dM3xCR2PVDVi4e9gdyZHyFk2Ktw_p0MR5mURdt-NyWAuvXztpVZXUx2HPuaxuY7VlGJ8Lg&google_cver=1&google_gid=CAESEDNk9oWafI2wi_-0iAaXeBk HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YjiPoC_TpvJkZfw8O1wkKgAABGYAAAIB&google_push=AYg5qPJxyGBBbYNG-y9yZW834sPI6dM3xCR2PVDVi4e9gdyZHyFk2Ktw_p0MR5mURdt-NyWAuvXztpVZXUx2HPuaxuY7VlGJ8Lg&google_cver=1&google_gid=CAESEDNk9oWafI2wi_-0iAaXeBk HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YjiPoC_TpvJkZfw8O1wkKgAABGYAAAIB&google_push=AYg5qPJxyGBBbYNG-y9yZW834sPI6dM3xCR2PVDVi4e9gdyZHyFk2Ktw_p0MR5mURdt-NyWAuvXztpVZXUx2HPuaxuY7VlGJ8Lg&google_cver=1&google_gid=CAESEDNk9oWafI2wi_-0iAaXeBk HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YjiPoC_TpvJkZfw8O1wkKgAABGYAAAIB&google_push=AYg5qPJxyGBBbYNG-y9yZW834sPI6dM3xCR2PVDVi4e9gdyZHyFk2Ktw_p0MR5mURdt-NyWAuvXztpVZXUx2HPuaxuY7VlGJ8Lg&google_cver=1&google_gid=CAESEDNk9oWafI2wi_-0iAaXeBk

Request Chain 151

https://gcdn.2mdn.net/videoplayback/id/1010c898234a80bf/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1679409952/sparams/ip,ipbits,expire,id,itag,source,ctier,acao/signature/35B1D7343645561D2D6BA8D8C361D06F6D058852.AE0C12CD141682B6495719F4C56CC1BAA04E8F74/key/ck2/file/file.mp4 HTTP 302
https://r2---sn-5hne6nzd.c.2mdn.net/videoplayback/id/1010c898234a80bf/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1679409952/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/492E89A08B45712F8A80E23FD6A64D0B5EC48E03.25ECE5B0E15354BCCF1C08CF8A82253C13EB84C2/key/cms1/cms_redirect/yes/mh/Vv/mip/2a03:1b20:6:f011::6e/mm/42/mn/sn-5hne6nzd/ms/onc/mt/1647873552/mv/u/mvi/2/pl/48/file/file.mp4

Request Chain 178

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESENgT5nvEYON7o8s82iyTU3k&google_cver=1&google_push=AYg5qPKO8RZK10GPJapGe-or1_lvIOGHQLL4nGD2zdoMr9sp1pQ9f09_N1kIydrMRs6fFY5xzHvX92_c5VwYrvIn8R1N8PJ82Uw HTTP 302
https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESENgT5nvEYON7o8s82iyTU3k&google_cver=1&google_push=AYg5qPKO8RZK10GPJapGe-or1_lvIOGHQLL4nGD2zdoMr9sp1pQ9f09_N1kIydrMRs6fFY5xzHvX92_c5VwYrvIn8R1N8PJ82Uw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=Z1Z3SXFDVVkxTndqaTg1&google_gid=CAESENgT5nvEYON7o8s82iyTU3k&google_cver=1&google_push=AYg5qPKO8RZK10GPJapGe-or1_lvIOGHQLL4nGD2zdoMr9sp1pQ9f09_N1kIydrMRs6fFY5xzHvX92_c5VwYrvIn8R1N8PJ82Uw

Request Chain 179

https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEC9tjCMDg2axAmBMyOhYyZU&google_cver=1&google_push=AYg5qPJr6mYveyBWN61Fk_l07C1PquOz1ct_D0Y9696Ji-3EQqf4yRAaCOPf4xXxHOIDlMfTR8GbNPGFxiyG8GRDR06_w_u_-nG9 HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=google&google_gid=CAESEC9tjCMDg2axAmBMyOhYyZU&google_cver=1&google_push=AYg5qPJr6mYveyBWN61Fk_l07C1PquOz1ct_D0Y9696Ji-3EQqf4yRAaCOPf4xXxHOIDlMfTR8GbNPGFxiyG8GRDR06_w_u_-nG9 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AYg5qPJr6mYveyBWN61Fk_l07C1PquOz1ct_D0Y9696Ji-3EQqf4yRAaCOPf4xXxHOIDlMfTR8GbNPGFxiyG8GRDR06_w_u_-nG9&google_hm=12dUSOtZSf2Ca0K7EIf-Ww==

Request Chain 180

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEOo0LstSDOB-uaVOcAny6Jg&google_cver=1&google_push=AYg5qPJEOP8O-Pai570JVPEqxPKzELAg2lGimDKhaLEbEOP9iIBM2u18oxGS0ZD0ec2oaehCoMS0ftn0EM75NA7lfn5Bq0PEbKQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDEwVExRVUktVi1KSDQw&google_push=AYg5qPJEOP8O-Pai570JVPEqxPKzELAg2lGimDKhaLEbEOP9iIBM2u18oxGS0ZD0ec2oaehCoMS0ftn0EM75NA7lfn5Bq0PEbKQ

Request Chain 181

https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESEIeroQbLyDPsduMRwws2gjs&google_cver=1&google_push=AYg5qPLwSK56ksm5Qc9aRImMrhJ24leuuPM6Hvs1P1Ik5blOfK-pnLG3joa44sQvI_90tZekH3lXQ2e3NBElRz0Cp9BFcWbyfe5p HTTP 302
https://sync.1rx.io/usersync2/rmpssp?sub=google&zcc=1&google_push=AYg5qPLwSK56ksm5Qc9aRImMrhJ24leuuPM6Hvs1P1Ik5blOfK-pnLG3joa44sQvI_90tZekH3lXQ2e3NBElRz0Cp9BFcWbyfe5p&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&cb=1647873952997 HTTP 302
https://sync.targeting.unrulymedia.com/csync/RX-0844808e-b714-4afc-86dd-865b883f2efc-003?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DAYg5qPLwSK56ksm5Qc9aRImMrhJ24leuuPM6Hvs1P1Ik5blOfK-pnLG3joa44sQvI_90tZekH3lXQ2e3NBElRz0Cp9BFcWbyfe5p%26google_hm%3DAwhEgI63FEr8ht2GW4g_Lvw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AYg5qPLwSK56ksm5Qc9aRImMrhJ24leuuPM6Hvs1P1Ik5blOfK-pnLG3joa44sQvI_90tZekH3lXQ2e3NBElRz0Cp9BFcWbyfe5p&google_hm=AwhEgI63FEr8ht2GW4g_Lvw

Request Chain 182

https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEO4RuqIC-T7KmCcOeEbGO5M&google_cver=1&google_push=AYg5qPJuoEqTEWXaYHF5BDex7qXi52iiTifnAl1b5bAXEjvkQWQS7U9S2zHFq7yEwESx3w3ctjeLazLzjd_ekUTjkf5iodotxic HTTP 302
https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=1&cmp_cs=&us_privacy=&sync=1&google_push=AYg5qPJuoEqTEWXaYHF5BDex7qXi52iiTifnAl1b5bAXEjvkQWQS7U9S2zHFq7yEwESx3w3ctjeLazLzjd_ekUTjkf5iodotxic&google_gid=CAESEO4RuqIC-T7KmCcOeEbGO5M HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MjQ1NjQ4MTY2MzczMjI0MDI1MzY5Nw%3D%3D&google_push=AYg5qPJuoEqTEWXaYHF5BDex7qXi52iiTifnAl1b5bAXEjvkQWQS7U9S2zHFq7yEwESx3w3ctjeLazLzjd_ekUTjkf5iodotxic

Request Chain 183

https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESELMEnerFxYrSqieu0GI4bHg&google_cver=1&google_push=AYg5qPJsVIYGNbw2tphjCrP48EHMBirpqTr0Z5cC_mMrlTS3hgpxT5dw485C2TbchxSjz07IiDfMYnUKLe8TkDGE7vqf4GTTsSojNg HTTP 302
https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESELMEnerFxYrSqieu0GI4bHg&google_cver=1&google_push=AYg5qPJsVIYGNbw2tphjCrP48EHMBirpqTr0Z5cC_mMrlTS3hgpxT5dw485C2TbchxSjz07IiDfMYnUKLe8TkDGE7vqf4GTTsSojNg&verify=true HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1TMVo0cjhwRTJ1RjhjQnlMUjFGVTlRWjFxSDhYc0xlMX5B&google_push=AYg5qPJsVIYGNbw2tphjCrP48EHMBirpqTr0Z5cC_mMrlTS3hgpxT5dw485C2TbchxSjz07IiDfMYnUKLe8TkDGE7vqf4GTTsSojNg

Request Chain 227

https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEAyP_1LVBhS4U7cGoYlbfGg&google_cver=1&google_push=AYg5qPJbYTMku55O3HgKjmuxYg0AERv1XvGomeg7h7FfFXbKGnU2hlyQJ8Wq37RJ5oR-OsSYHPdQB7ioPtRFXytDUy2_QemZvZ8 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzA3NzU2NDczNjA3NzY5MTAyMg%3D%3D&google_push=AYg5qPJbYTMku55O3HgKjmuxYg0AERv1XvGomeg7h7FfFXbKGnU2hlyQJ8Wq37RJ5oR-OsSYHPdQB7ioPtRFXytDUy2_QemZvZ8

Request Chain 228

https://d5p.de17a.com/cookies/google?google_gid=CAESEHevAlT4IwM0rSKFPIQROFo&google_cver=1&google_push=AYg5qPL9RXOCTPTWBpzK32Gk5jbzcrzXEmqpWGQWYQeYw-Ha6l47_dJQj3zcH-BH3SUU9Ky8ZzERkkUKaSID-_8eCtf4ehUFTw HTTP 302
https://d5p.de17a.com/cookies/google;c?google_gid=CAESEHevAlT4IwM0rSKFPIQROFo&google_cver=1&google_push=AYg5qPL9RXOCTPTWBpzK32Gk5jbzcrzXEmqpWGQWYQeYw-Ha6l47_dJQj3zcH-BH3SUU9Ky8ZzERkkUKaSID-_8eCtf4ehUFTw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AYg5qPL9RXOCTPTWBpzK32Gk5jbzcrzXEmqpWGQWYQeYw-Ha6l47_dJQj3zcH-BH3SUU9Ky8ZzERkkUKaSID-_8eCtf4ehUFTw

Request Chain 229

https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESEHenhQVnOE3CynWcrV5IlCk&google_cver=1&google_push=AYg5qPK6GKh0UCQRJfbGqXpUdp3xI2MOx6so-E0HgCpZuPz5RS9A4gVv_a3yUXK-nf4kdKbmfrunYxPSty0vym76gtXJAxyjzLg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AYg5qPK6GKh0UCQRJfbGqXpUdp3xI2MOx6so-E0HgCpZuPz5RS9A4gVv_a3yUXK-nf4kdKbmfrunYxPSty0vym76gtXJAxyjzLg

Request Chain 230

https://match.360yield.com/match/ebda?google_gid=CAESECQbbiCX9EuXCWz0lnnLTGs&google_cver=1&google_push=AYg5qPIL1RzQcjmsb-NXFWhV7CCxQVBNzDEgpEeraRld3wEV5gDFkPkRoGjI_IMW1jXLhBnJ7TuzVIlZDFAZM-XuGYSsAP8__Q HTTP 302
https://match.360yield.com/ul_cb/match/ebda?google_gid=CAESECQbbiCX9EuXCWz0lnnLTGs&google_cver=1&google_push=AYg5qPIL1RzQcjmsb-NXFWhV7CCxQVBNzDEgpEeraRld3wEV5gDFkPkRoGjI_IMW1jXLhBnJ7TuzVIlZDFAZM-XuGYSsAP8__Q HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=mdd2sQhGS6yxiv-ZHlUtGQ&google_push=AYg5qPIL1RzQcjmsb-NXFWhV7CCxQVBNzDEgpEeraRld3wEV5gDFkPkRoGjI_IMW1jXLhBnJ7TuzVIlZDFAZM-XuGYSsAP8__Q HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=mdd2sQhGS6yxiv-ZHlUtGQ&google_push=AYg5qPIL1RzQcjmsb-NXFWhV7CCxQVBNzDEgpEeraRld3wEV5gDFkPkRoGjI_IMW1jXLhBnJ7TuzVIlZDFAZM-XuGYSsAP8__Q HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=mdd2sQhGS6yxiv-ZHlUtGQ&google_push=AYg5qPIL1RzQcjmsb-NXFWhV7CCxQVBNzDEgpEeraRld3wEV5gDFkPkRoGjI_IMW1jXLhBnJ7TuzVIlZDFAZM-XuGYSsAP8__Q HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=mdd2sQhGS6yxiv-ZHlUtGQ&google_push=AYg5qPIL1RzQcjmsb-NXFWhV7CCxQVBNzDEgpEeraRld3wEV5gDFkPkRoGjI_IMW1jXLhBnJ7TuzVIlZDFAZM-XuGYSsAP8__Q HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=mdd2sQhGS6yxiv-ZHlUtGQ&google_push=AYg5qPIL1RzQcjmsb-NXFWhV7CCxQVBNzDEgpEeraRld3wEV5gDFkPkRoGjI_IMW1jXLhBnJ7TuzVIlZDFAZM-XuGYSsAP8__Q HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=mdd2sQhGS6yxiv-ZHlUtGQ&google_push=AYg5qPIL1RzQcjmsb-NXFWhV7CCxQVBNzDEgpEeraRld3wEV5gDFkPkRoGjI_IMW1jXLhBnJ7TuzVIlZDFAZM-XuGYSsAP8__Q HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=mdd2sQhGS6yxiv-ZHlUtGQ&google_push=AYg5qPIL1RzQcjmsb-NXFWhV7CCxQVBNzDEgpEeraRld3wEV5gDFkPkRoGjI_IMW1jXLhBnJ7TuzVIlZDFAZM-XuGYSsAP8__Q HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=mdd2sQhGS6yxiv-ZHlUtGQ&google_push=AYg5qPIL1RzQcjmsb-NXFWhV7CCxQVBNzDEgpEeraRld3wEV5gDFkPkRoGjI_IMW1jXLhBnJ7TuzVIlZDFAZM-XuGYSsAP8__Q HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=mdd2sQhGS6yxiv-ZHlUtGQ&google_push=AYg5qPIL1RzQcjmsb-NXFWhV7CCxQVBNzDEgpEeraRld3wEV5gDFkPkRoGjI_IMW1jXLhBnJ7TuzVIlZDFAZM-XuGYSsAP8__Q HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=mdd2sQhGS6yxiv-ZHlUtGQ&google_push=AYg5qPIL1RzQcjmsb-NXFWhV7CCxQVBNzDEgpEeraRld3wEV5gDFkPkRoGjI_IMW1jXLhBnJ7TuzVIlZDFAZM-XuGYSsAP8__Q HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=mdd2sQhGS6yxiv-ZHlUtGQ&google_push=AYg5qPIL1RzQcjmsb-NXFWhV7CCxQVBNzDEgpEeraRld3wEV5gDFkPkRoGjI_IMW1jXLhBnJ7TuzVIlZDFAZM-XuGYSsAP8__Q HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=mdd2sQhGS6yxiv-ZHlUtGQ&google_push=AYg5qPIL1RzQcjmsb-NXFWhV7CCxQVBNzDEgpEeraRld3wEV5gDFkPkRoGjI_IMW1jXLhBnJ7TuzVIlZDFAZM-XuGYSsAP8__Q HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=mdd2sQhGS6yxiv-ZHlUtGQ&google_push=AYg5qPIL1RzQcjmsb-NXFWhV7CCxQVBNzDEgpEeraRld3wEV5gDFkPkRoGjI_IMW1jXLhBnJ7TuzVIlZDFAZM-XuGYSsAP8__Q HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=mdd2sQhGS6yxiv-ZHlUtGQ&google_push=AYg5qPIL1RzQcjmsb-NXFWhV7CCxQVBNzDEgpEeraRld3wEV5gDFkPkRoGjI_IMW1jXLhBnJ7TuzVIlZDFAZM-XuGYSsAP8__Q HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=mdd2sQhGS6yxiv-ZHlUtGQ&google_push=AYg5qPIL1RzQcjmsb-NXFWhV7CCxQVBNzDEgpEeraRld3wEV5gDFkPkRoGjI_IMW1jXLhBnJ7TuzVIlZDFAZM-XuGYSsAP8__Q HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=mdd2sQhGS6yxiv-ZHlUtGQ&google_push=AYg5qPIL1RzQcjmsb-NXFWhV7CCxQVBNzDEgpEeraRld3wEV5gDFkPkRoGjI_IMW1jXLhBnJ7TuzVIlZDFAZM-XuGYSsAP8__Q HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=mdd2sQhGS6yxiv-ZHlUtGQ&google_push=AYg5qPIL1RzQcjmsb-NXFWhV7CCxQVBNzDEgpEeraRld3wEV5gDFkPkRoGjI_IMW1jXLhBnJ7TuzVIlZDFAZM-XuGYSsAP8__Q HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=mdd2sQhGS6yxiv-ZHlUtGQ&google_push=AYg5qPIL1RzQcjmsb-NXFWhV7CCxQVBNzDEgpEeraRld3wEV5gDFkPkRoGjI_IMW1jXLhBnJ7TuzVIlZDFAZM-XuGYSsAP8__Q HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=mdd2sQhGS6yxiv-ZHlUtGQ&google_push=AYg5qPIL1RzQcjmsb-NXFWhV7CCxQVBNzDEgpEeraRld3wEV5gDFkPkRoGjI_IMW1jXLhBnJ7TuzVIlZDFAZM-XuGYSsAP8__Q

Request Chain 231

https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESEIeroQbLyDPsduMRwws2gjs&google_cver=1&google_push=AYg5qPKFuaJgTjz2bebuijM-C6AH4GAaFq3xKCp7iSsrWdDQVvvzJtW3LmZ5LBYytpYzkCoSwTvAQLyxkxPdI6b9YAkmpsCzA8I HTTP 302
https://sync.targeting.unrulymedia.com/csync/RX-0844808e-b714-4afc-86dd-865b883f2efc-003?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DAYg5qPKFuaJgTjz2bebuijM-C6AH4GAaFq3xKCp7iSsrWdDQVvvzJtW3LmZ5LBYytpYzkCoSwTvAQLyxkxPdI6b9YAkmpsCzA8I%26google_hm%3DAwhEgI63FEr8ht2GW4g_Lvw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AYg5qPKFuaJgTjz2bebuijM-C6AH4GAaFq3xKCp7iSsrWdDQVvvzJtW3LmZ5LBYytpYzkCoSwTvAQLyxkxPdI6b9YAkmpsCzA8I&google_hm=AwhEgI63FEr8ht2GW4g_Lvw

Request Chain 241

https://eb2.3lift.com/ebda?sync=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MjQ1NjQ4MTY2MzczMjI0MDI1MzY5Nw%3D%3D

Request Chain 243

https://eb2.3lift.com/sync/google/demand?sync=1&gdpr=1&gdpr_consent= HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MjQ1NjQ4MTY2MzczMjI0MDI1MzY5Nw%3D%3D

Request Chain 245

https://pr-bh.ybp.yahoo.com/sync/triplelift/2456481663732240253697?gdpr=1&gdpr_consent= HTTP 302
https://eb2.3lift.com/xuid?mid=2662&xuid=y-u02p8M1E2oRsIiRQve5Eg0rUpC8IJByGmT97hMW3Tg--~A&dongle=0883

Request Chain 248

https://s.amazon-adsystem.com/x/757c0557066e95cfd4c7?gdpr=1&gdpr_consent=&uid=2456481663732240253697 HTTP 302
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=1&gdpr_consent=&uid=2456481663732240253697&dcc=t

Request Chain 249

https://b1sync.zemanta.com/usersync/triplelift?gdpr=1&gdpr_consent= HTTP 302
https://eb2.3lift.com/xuid?mid=2460&dongle=dba8&xuid=&gdpr=1

Request Chain 274

https://ads.travelaudience.com/google_pixel?google_gid=CAESEBaENlKOyBSV8L_KFg47lXI&google_cver=1&google_push=AYg5qPJRY9QZpJFYyaJ5sh1R5yLwC2LVD34CKo2HMvsBnZgMhbm5Pm14nnFOd4BvUPybaDmngESCxkmWfhK1bsO5WKrR6220iMYm HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=xzBxhOVOTHOYIImDkljO-Q2&google_push=AYg5qPJRY9QZpJFYyaJ5sh1R5yLwC2LVD34CKo2HMvsBnZgMhbm5Pm14nnFOd4BvUPybaDmngESCxkmWfhK1bsO5WKrR6220iMYm

Request Chain 275

https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEC9tjCMDg2axAmBMyOhYyZU&google_cver=1&google_push=AYg5qPKKLnPBIlEhCakw72UnOXFvrUnkhlA8BldHuW_H5G1oJAxDGVxkianmRct9v113bKFH0q_6jknDUWhtSXXo9Fp4EFKqxP5b HTTP 302
https://a.sportradarserving.com/sync?ssp=bidswitch&bidswitch_ssp_id=google HTTP 302
https://a.sportradarserving.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=google HTTP 302
https://x.bidswitch.net/sync?dsp_id=409&expires=14&user_group=1&user_id=d02d3ff2-4f08-4f31-92c9-bd402199c4c3&ssp=google HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AYg5qPKKLnPBIlEhCakw72UnOXFvrUnkhlA8BldHuW_H5G1oJAxDGVxkianmRct9v113bKFH0q_6jknDUWhtSXXo9Fp4EFKqxP5b&google_hm=12dUSOtZSf2Ca0K7EIf-Ww==

Request Chain 276

https://d5p.de17a.com/cookies/google?google_gid=CAESEHevAlT4IwM0rSKFPIQROFo&google_cver=1&google_push=AYg5qPJDPdXCkXgjJBrP7P8vRtyemPEI0aoNHaGweZ5zZZE3jFcdZjh7LuNpYLEXeDULZxPbzOPi9jhCl3ehywyO7xgH7J21ZH97 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AYg5qPJDPdXCkXgjJBrP7P8vRtyemPEI0aoNHaGweZ5zZZE3jFcdZjh7LuNpYLEXeDULZxPbzOPi9jhCl3ehywyO7xgH7J21ZH97

Request Chain 277

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEDNk9oWafI2wi_-0iAaXeBk&google_cver=1&google_push=AYg5qPIIHqDqXfQ-ZCxovg8ZCWiHasuFq9Cg84C-17qEK0aY4ZM6BDaIBcg70parS8icdyET_Zq2k5_fjz3rWrqoOL0LmKV5DOE HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YjiPoC_TpvJkZfw8O1wkKgAABGYAAAIB&google_gid=CAESEDNk9oWafI2wi_-0iAaXeBk&google_cver=1&google_push=AYg5qPIIHqDqXfQ-ZCxovg8ZCWiHasuFq9Cg84C-17qEK0aY4ZM6BDaIBcg70parS8icdyET_Zq2k5_fjz3rWrqoOL0LmKV5DOE HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YjiPoC_TpvJkZfw8O1wkKgAABGYAAAIB&google_gid=CAESEDNk9oWafI2wi_-0iAaXeBk&google_cver=1&google_push=AYg5qPIIHqDqXfQ-ZCxovg8ZCWiHasuFq9Cg84C-17qEK0aY4ZM6BDaIBcg70parS8icdyET_Zq2k5_fjz3rWrqoOL0LmKV5DOE HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YjiPoC_TpvJkZfw8O1wkKgAABGYAAAIB&google_gid=CAESEDNk9oWafI2wi_-0iAaXeBk&google_cver=1&google_push=AYg5qPIIHqDqXfQ-ZCxovg8ZCWiHasuFq9Cg84C-17qEK0aY4ZM6BDaIBcg70parS8icdyET_Zq2k5_fjz3rWrqoOL0LmKV5DOE HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YjiPoC_TpvJkZfw8O1wkKgAABGYAAAIB&google_gid=CAESEDNk9oWafI2wi_-0iAaXeBk&google_cver=1&google_push=AYg5qPIIHqDqXfQ-ZCxovg8ZCWiHasuFq9Cg84C-17qEK0aY4ZM6BDaIBcg70parS8icdyET_Zq2k5_fjz3rWrqoOL0LmKV5DOE HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YjiPoC_TpvJkZfw8O1wkKgAABGYAAAIB&google_gid=CAESEDNk9oWafI2wi_-0iAaXeBk&google_cver=1&google_push=AYg5qPIIHqDqXfQ-ZCxovg8ZCWiHasuFq9Cg84C-17qEK0aY4ZM6BDaIBcg70parS8icdyET_Zq2k5_fjz3rWrqoOL0LmKV5DOE HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YjiPoC_TpvJkZfw8O1wkKgAABGYAAAIB&google_gid=CAESEDNk9oWafI2wi_-0iAaXeBk&google_cver=1&google_push=AYg5qPIIHqDqXfQ-ZCxovg8ZCWiHasuFq9Cg84C-17qEK0aY4ZM6BDaIBcg70parS8icdyET_Zq2k5_fjz3rWrqoOL0LmKV5DOE HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YjiPoC_TpvJkZfw8O1wkKgAABGYAAAIB&google_gid=CAESEDNk9oWafI2wi_-0iAaXeBk&google_cver=1&google_push=AYg5qPIIHqDqXfQ-ZCxovg8ZCWiHasuFq9Cg84C-17qEK0aY4ZM6BDaIBcg70parS8icdyET_Zq2k5_fjz3rWrqoOL0LmKV5DOE HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YjiPoC_TpvJkZfw8O1wkKgAABGYAAAIB&google_gid=CAESEDNk9oWafI2wi_-0iAaXeBk&google_cver=1&google_push=AYg5qPIIHqDqXfQ-ZCxovg8ZCWiHasuFq9Cg84C-17qEK0aY4ZM6BDaIBcg70parS8icdyET_Zq2k5_fjz3rWrqoOL0LmKV5DOE HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YjiPoC_TpvJkZfw8O1wkKgAABGYAAAIB&google_gid=CAESEDNk9oWafI2wi_-0iAaXeBk&google_cver=1&google_push=AYg5qPIIHqDqXfQ-ZCxovg8ZCWiHasuFq9Cg84C-17qEK0aY4ZM6BDaIBcg70parS8icdyET_Zq2k5_fjz3rWrqoOL0LmKV5DOE HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YjiPoC_TpvJkZfw8O1wkKgAABGYAAAIB&google_gid=CAESEDNk9oWafI2wi_-0iAaXeBk&google_cver=1&google_push=AYg5qPIIHqDqXfQ-ZCxovg8ZCWiHasuFq9Cg84C-17qEK0aY4ZM6BDaIBcg70parS8icdyET_Zq2k5_fjz3rWrqoOL0LmKV5DOE HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YjiPoC_TpvJkZfw8O1wkKgAABGYAAAIB&google_gid=CAESEDNk9oWafI2wi_-0iAaXeBk&google_cver=1&google_push=AYg5qPIIHqDqXfQ-ZCxovg8ZCWiHasuFq9Cg84C-17qEK0aY4ZM6BDaIBcg70parS8icdyET_Zq2k5_fjz3rWrqoOL0LmKV5DOE HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YjiPoC_TpvJkZfw8O1wkKgAABGYAAAIB&google_gid=CAESEDNk9oWafI2wi_-0iAaXeBk&google_cver=1&google_push=AYg5qPIIHqDqXfQ-ZCxovg8ZCWiHasuFq9Cg84C-17qEK0aY4ZM6BDaIBcg70parS8icdyET_Zq2k5_fjz3rWrqoOL0LmKV5DOE HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YjiPoC_TpvJkZfw8O1wkKgAABGYAAAIB&google_gid=CAESEDNk9oWafI2wi_-0iAaXeBk&google_cver=1&google_push=AYg5qPIIHqDqXfQ-ZCxovg8ZCWiHasuFq9Cg84C-17qEK0aY4ZM6BDaIBcg70parS8icdyET_Zq2k5_fjz3rWrqoOL0LmKV5DOE HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YjiPoC_TpvJkZfw8O1wkKgAABGYAAAIB&google_gid=CAESEDNk9oWafI2wi_-0iAaXeBk&google_cver=1&google_push=AYg5qPIIHqDqXfQ-ZCxovg8ZCWiHasuFq9Cg84C-17qEK0aY4ZM6BDaIBcg70parS8icdyET_Zq2k5_fjz3rWrqoOL0LmKV5DOE HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YjiPoC_TpvJkZfw8O1wkKgAABGYAAAIB&google_gid=CAESEDNk9oWafI2wi_-0iAaXeBk&google_cver=1&google_push=AYg5qPIIHqDqXfQ-ZCxovg8ZCWiHasuFq9Cg84C-17qEK0aY4ZM6BDaIBcg70parS8icdyET_Zq2k5_fjz3rWrqoOL0LmKV5DOE HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YjiPoC_TpvJkZfw8O1wkKgAABGYAAAIB&google_gid=CAESEDNk9oWafI2wi_-0iAaXeBk&google_cver=1&google_push=AYg5qPIIHqDqXfQ-ZCxovg8ZCWiHasuFq9Cg84C-17qEK0aY4ZM6BDaIBcg70parS8icdyET_Zq2k5_fjz3rWrqoOL0LmKV5DOE HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YjiPoC_TpvJkZfw8O1wkKgAABGYAAAIB&google_gid=CAESEDNk9oWafI2wi_-0iAaXeBk&google_cver=1&google_push=AYg5qPIIHqDqXfQ-ZCxovg8ZCWiHasuFq9Cg84C-17qEK0aY4ZM6BDaIBcg70parS8icdyET_Zq2k5_fjz3rWrqoOL0LmKV5DOE HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YjiPoC_TpvJkZfw8O1wkKgAABGYAAAIB&google_gid=CAESEDNk9oWafI2wi_-0iAaXeBk&google_cver=1&google_push=AYg5qPIIHqDqXfQ-ZCxovg8ZCWiHasuFq9Cg84C-17qEK0aY4ZM6BDaIBcg70parS8icdyET_Zq2k5_fjz3rWrqoOL0LmKV5DOE HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YjiPoC_TpvJkZfw8O1wkKgAABGYAAAIB&google_gid=CAESEDNk9oWafI2wi_-0iAaXeBk&google_cver=1&google_push=AYg5qPIIHqDqXfQ-ZCxovg8ZCWiHasuFq9Cg84C-17qEK0aY4ZM6BDaIBcg70parS8icdyET_Zq2k5_fjz3rWrqoOL0LmKV5DOE HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YjiPoC_TpvJkZfw8O1wkKgAABGYAAAIB&google_gid=CAESEDNk9oWafI2wi_-0iAaXeBk&google_cver=1&google_push=AYg5qPIIHqDqXfQ-ZCxovg8ZCWiHasuFq9Cg84C-17qEK0aY4ZM6BDaIBcg70parS8icdyET_Zq2k5_fjz3rWrqoOL0LmKV5DOE

Request Chain 278

https://match.360yield.com/match/ebda?google_gid=CAESECQbbiCX9EuXCWz0lnnLTGs&google_cver=1&google_push=AYg5qPL8PpPWhPWxw-MHJoludsY4ISoHOKH1326UvkUUiWZGtBfCh43CtpCfsxMw-kNygH9v4ULJsBtS4D0RzCwI7PqxrwO5bEY HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=mdd2sQhGS6yxiv-ZHlUtGQ&google_push=AYg5qPL8PpPWhPWxw-MHJoludsY4ISoHOKH1326UvkUUiWZGtBfCh43CtpCfsxMw-kNygH9v4ULJsBtS4D0RzCwI7PqxrwO5bEY HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=mdd2sQhGS6yxiv-ZHlUtGQ&google_push=AYg5qPL8PpPWhPWxw-MHJoludsY4ISoHOKH1326UvkUUiWZGtBfCh43CtpCfsxMw-kNygH9v4ULJsBtS4D0RzCwI7PqxrwO5bEY HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=mdd2sQhGS6yxiv-ZHlUtGQ&google_push=AYg5qPL8PpPWhPWxw-MHJoludsY4ISoHOKH1326UvkUUiWZGtBfCh43CtpCfsxMw-kNygH9v4ULJsBtS4D0RzCwI7PqxrwO5bEY HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=mdd2sQhGS6yxiv-ZHlUtGQ&google_push=AYg5qPL8PpPWhPWxw-MHJoludsY4ISoHOKH1326UvkUUiWZGtBfCh43CtpCfsxMw-kNygH9v4ULJsBtS4D0RzCwI7PqxrwO5bEY HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=mdd2sQhGS6yxiv-ZHlUtGQ&google_push=AYg5qPL8PpPWhPWxw-MHJoludsY4ISoHOKH1326UvkUUiWZGtBfCh43CtpCfsxMw-kNygH9v4ULJsBtS4D0RzCwI7PqxrwO5bEY HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=mdd2sQhGS6yxiv-ZHlUtGQ&google_push=AYg5qPL8PpPWhPWxw-MHJoludsY4ISoHOKH1326UvkUUiWZGtBfCh43CtpCfsxMw-kNygH9v4ULJsBtS4D0RzCwI7PqxrwO5bEY HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=mdd2sQhGS6yxiv-ZHlUtGQ&google_push=AYg5qPL8PpPWhPWxw-MHJoludsY4ISoHOKH1326UvkUUiWZGtBfCh43CtpCfsxMw-kNygH9v4ULJsBtS4D0RzCwI7PqxrwO5bEY HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=mdd2sQhGS6yxiv-ZHlUtGQ&google_push=AYg5qPL8PpPWhPWxw-MHJoludsY4ISoHOKH1326UvkUUiWZGtBfCh43CtpCfsxMw-kNygH9v4ULJsBtS4D0RzCwI7PqxrwO5bEY HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=mdd2sQhGS6yxiv-ZHlUtGQ&google_push=AYg5qPL8PpPWhPWxw-MHJoludsY4ISoHOKH1326UvkUUiWZGtBfCh43CtpCfsxMw-kNygH9v4ULJsBtS4D0RzCwI7PqxrwO5bEY HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=mdd2sQhGS6yxiv-ZHlUtGQ&google_push=AYg5qPL8PpPWhPWxw-MHJoludsY4ISoHOKH1326UvkUUiWZGtBfCh43CtpCfsxMw-kNygH9v4ULJsBtS4D0RzCwI7PqxrwO5bEY HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=mdd2sQhGS6yxiv-ZHlUtGQ&google_push=AYg5qPL8PpPWhPWxw-MHJoludsY4ISoHOKH1326UvkUUiWZGtBfCh43CtpCfsxMw-kNygH9v4ULJsBtS4D0RzCwI7PqxrwO5bEY HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=mdd2sQhGS6yxiv-ZHlUtGQ&google_push=AYg5qPL8PpPWhPWxw-MHJoludsY4ISoHOKH1326UvkUUiWZGtBfCh43CtpCfsxMw-kNygH9v4ULJsBtS4D0RzCwI7PqxrwO5bEY HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=mdd2sQhGS6yxiv-ZHlUtGQ&google_push=AYg5qPL8PpPWhPWxw-MHJoludsY4ISoHOKH1326UvkUUiWZGtBfCh43CtpCfsxMw-kNygH9v4ULJsBtS4D0RzCwI7PqxrwO5bEY HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=mdd2sQhGS6yxiv-ZHlUtGQ&google_push=AYg5qPL8PpPWhPWxw-MHJoludsY4ISoHOKH1326UvkUUiWZGtBfCh43CtpCfsxMw-kNygH9v4ULJsBtS4D0RzCwI7PqxrwO5bEY HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=mdd2sQhGS6yxiv-ZHlUtGQ&google_push=AYg5qPL8PpPWhPWxw-MHJoludsY4ISoHOKH1326UvkUUiWZGtBfCh43CtpCfsxMw-kNygH9v4ULJsBtS4D0RzCwI7PqxrwO5bEY HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=mdd2sQhGS6yxiv-ZHlUtGQ&google_push=AYg5qPL8PpPWhPWxw-MHJoludsY4ISoHOKH1326UvkUUiWZGtBfCh43CtpCfsxMw-kNygH9v4ULJsBtS4D0RzCwI7PqxrwO5bEY HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=mdd2sQhGS6yxiv-ZHlUtGQ&google_push=AYg5qPL8PpPWhPWxw-MHJoludsY4ISoHOKH1326UvkUUiWZGtBfCh43CtpCfsxMw-kNygH9v4ULJsBtS4D0RzCwI7PqxrwO5bEY HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=mdd2sQhGS6yxiv-ZHlUtGQ&google_push=AYg5qPL8PpPWhPWxw-MHJoludsY4ISoHOKH1326UvkUUiWZGtBfCh43CtpCfsxMw-kNygH9v4ULJsBtS4D0RzCwI7PqxrwO5bEY HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=mdd2sQhGS6yxiv-ZHlUtGQ&google_push=AYg5qPL8PpPWhPWxw-MHJoludsY4ISoHOKH1326UvkUUiWZGtBfCh43CtpCfsxMw-kNygH9v4ULJsBtS4D0RzCwI7PqxrwO5bEY HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=mdd2sQhGS6yxiv-ZHlUtGQ&google_push=AYg5qPL8PpPWhPWxw-MHJoludsY4ISoHOKH1326UvkUUiWZGtBfCh43CtpCfsxMw-kNygH9v4ULJsBtS4D0RzCwI7PqxrwO5bEY

Request Chain 279

https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESELMEnerFxYrSqieu0GI4bHg&google_cver=1&google_push=AYg5qPJeigA587Ut8i0RD5Wl15Vvqc6DvAAicmCilYVgL8Q4b58vumIRCBoKQwaHGQi7gApy27P3XkT0ZjJ4OerxF-CpS5ELunwSzA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1TMVo0cjhwRTJ1RjhjQnlMUjFGVTlRWjFxSDhYc0xlMX5B&google_push=AYg5qPJeigA587Ut8i0RD5Wl15Vvqc6DvAAicmCilYVgL8Q4b58vumIRCBoKQwaHGQi7gApy27P3XkT0ZjJ4OerxF-CpS5ELunwSzA

Request Chain 292

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEIIem0X9lqeCoHSX0r_K5L0&google_cver=1&google_push=AYg5qPJIX0DW9h8sdjmPtheqATgJbj38KVXmVtR6ksl4xpeE-o8QrDI27Efsu1M3vdLFzH_Y79AIaf-qOV3coA7RZ44tqeDmCQ HTTP 302
https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=AYg5qPJIX0DW9h8sdjmPtheqATgJbj38KVXmVtR6ksl4xpeE-o8QrDI27Efsu1M3vdLFzH_Y79AIaf-qOV3coA7RZ44tqeDmCQ&google_hm=q2q6-uTuLyamfLSAMMbcgg

Request Chain 293

https://um.simpli.fi/gp_match?google_gid=CAESEFH7NiqxwZ5t2mXWvikH3VE&google_cver=1&google_push=AYg5qPIaTORmXJZsPRVdoxYsW35R_sCD6T_3Uj4gNeDLpPshp4OlLBVWyYbp3HBXTjhj9DH5XYfY-er0ZMDoJtFwDjxROzIo8ic HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=F8BF38D9B45B484595C8337844ED8500&google_push=AYg5qPIaTORmXJZsPRVdoxYsW35R_sCD6T_3Uj4gNeDLpPshp4OlLBVWyYbp3HBXTjhj9DH5XYfY-er0ZMDoJtFwDjxROzIo8ic

Request Chain 295

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEIJcZ6-rD_f8pG3StuaRkxQ&google_cver=1&google_push=AYg5qPI5_uqVdBQaQKY74VxxEheuDZN5WiFO349N_8IMxa6q6HuKS15-TIGwaVuCVcknwb3Gle-pIhKyRpDpv40CvbF5_XR4NvE HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AYg5qPI5_uqVdBQaQKY74VxxEheuDZN5WiFO349N_8IMxa6q6HuKS15-TIGwaVuCVcknwb3Gle-pIhKyRpDpv40CvbF5_XR4NvE&google_hm=NTUwMjcxMDcxNDM1ODg3OTc3Nw%3D%3D

Request Chain 296

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEKCD34BoeSKHnfEbOLHPZCg&google_cver=1&google_push=AYg5qPJ37osjJ6vjuA3SzJlBzsy6a71OkqCqgL6-wFs4N0qexfkgFWJ4jFsT69lPC7GrXFiekwS73jLy4f8roCxZhGUiMA9B0CY HTTP 302
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEKCD34BoeSKHnfEbOLHPZCg&google_cver=1&google_push=AYg5qPJ37osjJ6vjuA3SzJlBzsy6a71OkqCqgL6-wFs4N0qexfkgFWJ4jFsT69lPC7GrXFiekwS73jLy4f8roCxZhGUiMA9B0CY HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NTc2OTIxMjU3MzY1NjQ1NjQzMg&google_push=AYg5qPJ37osjJ6vjuA3SzJlBzsy6a71OkqCqgL6-wFs4N0qexfkgFWJ4jFsT69lPC7GrXFiekwS73jLy4f8roCxZhGUiMA9B0CY

Request Chain 297

https://match.360yield.com/match/ebda?google_gid=CAESECQbbiCX9EuXCWz0lnnLTGs&google_cver=1&google_push=AYg5qPIxTu2LD5GeWwK5scsQL04LK3o5j9RkSQXtbJWlue_SXPp5k9dZIJyR5IjKnoSCKEmY0cY1bMAWtTUZjpVpPBYINjLBHmI HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=mdd2sQhGS6yxiv-ZHlUtGQ&google_push=AYg5qPIxTu2LD5GeWwK5scsQL04LK3o5j9RkSQXtbJWlue_SXPp5k9dZIJyR5IjKnoSCKEmY0cY1bMAWtTUZjpVpPBYINjLBHmI HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=mdd2sQhGS6yxiv-ZHlUtGQ&google_push=AYg5qPIxTu2LD5GeWwK5scsQL04LK3o5j9RkSQXtbJWlue_SXPp5k9dZIJyR5IjKnoSCKEmY0cY1bMAWtTUZjpVpPBYINjLBHmI HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=mdd2sQhGS6yxiv-ZHlUtGQ&google_push=AYg5qPIxTu2LD5GeWwK5scsQL04LK3o5j9RkSQXtbJWlue_SXPp5k9dZIJyR5IjKnoSCKEmY0cY1bMAWtTUZjpVpPBYINjLBHmI HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=mdd2sQhGS6yxiv-ZHlUtGQ&google_push=AYg5qPIxTu2LD5GeWwK5scsQL04LK3o5j9RkSQXtbJWlue_SXPp5k9dZIJyR5IjKnoSCKEmY0cY1bMAWtTUZjpVpPBYINjLBHmI HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=mdd2sQhGS6yxiv-ZHlUtGQ&google_push=AYg5qPIxTu2LD5GeWwK5scsQL04LK3o5j9RkSQXtbJWlue_SXPp5k9dZIJyR5IjKnoSCKEmY0cY1bMAWtTUZjpVpPBYINjLBHmI HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=mdd2sQhGS6yxiv-ZHlUtGQ&google_push=AYg5qPIxTu2LD5GeWwK5scsQL04LK3o5j9RkSQXtbJWlue_SXPp5k9dZIJyR5IjKnoSCKEmY0cY1bMAWtTUZjpVpPBYINjLBHmI HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=mdd2sQhGS6yxiv-ZHlUtGQ&google_push=AYg5qPIxTu2LD5GeWwK5scsQL04LK3o5j9RkSQXtbJWlue_SXPp5k9dZIJyR5IjKnoSCKEmY0cY1bMAWtTUZjpVpPBYINjLBHmI HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=mdd2sQhGS6yxiv-ZHlUtGQ&google_push=AYg5qPIxTu2LD5GeWwK5scsQL04LK3o5j9RkSQXtbJWlue_SXPp5k9dZIJyR5IjKnoSCKEmY0cY1bMAWtTUZjpVpPBYINjLBHmI HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=mdd2sQhGS6yxiv-ZHlUtGQ&google_push=AYg5qPIxTu2LD5GeWwK5scsQL04LK3o5j9RkSQXtbJWlue_SXPp5k9dZIJyR5IjKnoSCKEmY0cY1bMAWtTUZjpVpPBYINjLBHmI HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=mdd2sQhGS6yxiv-ZHlUtGQ&google_push=AYg5qPIxTu2LD5GeWwK5scsQL04LK3o5j9RkSQXtbJWlue_SXPp5k9dZIJyR5IjKnoSCKEmY0cY1bMAWtTUZjpVpPBYINjLBHmI HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=mdd2sQhGS6yxiv-ZHlUtGQ&google_push=AYg5qPIxTu2LD5GeWwK5scsQL04LK3o5j9RkSQXtbJWlue_SXPp5k9dZIJyR5IjKnoSCKEmY0cY1bMAWtTUZjpVpPBYINjLBHmI HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=mdd2sQhGS6yxiv-ZHlUtGQ&google_push=AYg5qPIxTu2LD5GeWwK5scsQL04LK3o5j9RkSQXtbJWlue_SXPp5k9dZIJyR5IjKnoSCKEmY0cY1bMAWtTUZjpVpPBYINjLBHmI HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=mdd2sQhGS6yxiv-ZHlUtGQ&google_push=AYg5qPIxTu2LD5GeWwK5scsQL04LK3o5j9RkSQXtbJWlue_SXPp5k9dZIJyR5IjKnoSCKEmY0cY1bMAWtTUZjpVpPBYINjLBHmI HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=mdd2sQhGS6yxiv-ZHlUtGQ&google_push=AYg5qPIxTu2LD5GeWwK5scsQL04LK3o5j9RkSQXtbJWlue_SXPp5k9dZIJyR5IjKnoSCKEmY0cY1bMAWtTUZjpVpPBYINjLBHmI HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=mdd2sQhGS6yxiv-ZHlUtGQ&google_push=AYg5qPIxTu2LD5GeWwK5scsQL04LK3o5j9RkSQXtbJWlue_SXPp5k9dZIJyR5IjKnoSCKEmY0cY1bMAWtTUZjpVpPBYINjLBHmI HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=mdd2sQhGS6yxiv-ZHlUtGQ&google_push=AYg5qPIxTu2LD5GeWwK5scsQL04LK3o5j9RkSQXtbJWlue_SXPp5k9dZIJyR5IjKnoSCKEmY0cY1bMAWtTUZjpVpPBYINjLBHmI HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=mdd2sQhGS6yxiv-ZHlUtGQ&google_push=AYg5qPIxTu2LD5GeWwK5scsQL04LK3o5j9RkSQXtbJWlue_SXPp5k9dZIJyR5IjKnoSCKEmY0cY1bMAWtTUZjpVpPBYINjLBHmI HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=mdd2sQhGS6yxiv-ZHlUtGQ&google_push=AYg5qPIxTu2LD5GeWwK5scsQL04LK3o5j9RkSQXtbJWlue_SXPp5k9dZIJyR5IjKnoSCKEmY0cY1bMAWtTUZjpVpPBYINjLBHmI HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=mdd2sQhGS6yxiv-ZHlUtGQ&google_push=AYg5qPIxTu2LD5GeWwK5scsQL04LK3o5j9RkSQXtbJWlue_SXPp5k9dZIJyR5IjKnoSCKEmY0cY1bMAWtTUZjpVpPBYINjLBHmI HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=mdd2sQhGS6yxiv-ZHlUtGQ&google_push=AYg5qPIxTu2LD5GeWwK5scsQL04LK3o5j9RkSQXtbJWlue_SXPp5k9dZIJyR5IjKnoSCKEmY0cY1bMAWtTUZjpVpPBYINjLBHmI

Request Chain 298

https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEO4RuqIC-T7KmCcOeEbGO5M&google_cver=1&google_push=AYg5qPIIFtE2J9HtfGMJCzL6R7fthJ9YrsPMs7XNIi0_mul1zuTCmfcnwSOloicoXsiabVO_R0xTdJYG4E_JafgGdVsUIcPrZtM HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MjQ1NjQ4MTY2MzczMjI0MDI1MzY5Nw%3D%3D&google_push=AYg5qPIIFtE2J9HtfGMJCzL6R7fthJ9YrsPMs7XNIi0_mul1zuTCmfcnwSOloicoXsiabVO_R0xTdJYG4E_JafgGdVsUIcPrZtM

Request Chain 304

https://gum.criteo.com/sid/json?origin=publishertag&domain=portalsemakan.com&sn=ChromeSyncframe&so=3&topUrl=portalsemakan.com&bundle=_XVV5V9CWklnV0YzckU5SUQyS0dUS2F0NzJWa2ZxRnBmd1Q4SHRMREJtSVR0ME9Pa05yY0J3MWZCajIzMm5lREpvYU1CMXRQZ2hEdm5vcmpIYXhEWDQyY1FRN1Z0ZXhjSVNyRHVoUTl4ZTZUN0p3UVNDalNTMVZ4anVXMlRZdnAxdk1xaw&cw=1&lsw=1 HTTP 302
https://mug.criteo.com/sid?cpp=kCavqXw5aTh3cW0vWFFZUGg5VFEwZVlsVjN2TTFtVU4vd25OVlZVZkp6UFdERFk1clplbW1WRHM2N1VHSzRLei9FN0JXZUE2WHllNkR4RnlhZDUxVFZUWGRWNE5RYmZMT2N0VWd6Z3YvcFZXNEI1bGlGRG5YQThUamoyV1QrWjlLWG1UUHliMzJoQWZVUHhFVjlSeFg5S3NESytDanpCZUcvM1BiUHoySzlyQkRPWEtMQ0pLZ2YzaDk4eEZyOUlJbXRPY1ZiVjl4ZDBqb3h3VWxvcWJENW5jK3hhWVhmaEVzTUVtUldJWUR3d3dxN2FoUVFJQkROVlExbUJjU041TzEwNTdiaGNOQlIvemk4aWkwQk4rVDdJcy9WL1YvS003RUZrVC9yeEtrSjVIZjExQT18&cppv=2

Request Chain 319

https://ad.turn.com/r/cs?pid=49&gdpr=1&gdpr_consent= HTTP 302
https://eb2.3lift.com/xuid?mid=4771&xuid=9000801265669109281&dongle=d407

Request Chain 322

https://match.prod.bidr.io/cookie-sync/trl HTTP 303
https://match.prod.bidr.io/cookie-sync/trl?_bee_ppp=1 HTTP 303
https://eb2.3lift.com/xuid?mid=7255&xuid=AAFkMU7EcR8AADD5lg4-2A&dongle=bzwx

Request Chain 323

https://sync.ipredictive.com/d/sync/cookie/generic?https://eb2.3lift.com/xuid?mid=3702&xuid=${ADELPHIC_CUID}&dongle=d54f&gdpr=1&gdpr_consent= HTTP 302
https://eb2.3lift.com/xuid?mid=3702&xuid=9cade9e8-a925-11ec-acef-2731f15be632&dongle=d54f&gdpr=1&gdpr_consent=

Request Chain 324

https://rtb.mfadsrvr.com/sync?ssp=triplelift&gdpr=1&gdpr_consent= HTTP 302
https://rtb.mfadsrvr.com/ul_cb/sync?ssp=triplelift&gdpr=1&gdpr_consent= HTTP 302
https://eb2.3lift.com/xuid?mid=4945&xuid=fc0601c6-8167-4604-b087-665fa668a7ed&dongle=31ac

Request Chain 326

https://ib.adnxs.com/getuid?https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D3335%26xuid%3D%24UID%26dongle%3D4d58%26gdpr=1%26gdpr_consent= HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Feb2.3lift.com%252Fxuid%253Fmid%253D3335%2526xuid%253D%2524UID%2526dongle%253D4d58%2526gdpr%3D1%2526gdpr_consent%3D HTTP 302
https://eb2.3lift.com/xuid?mid=3335&xuid=2164802784335980141&dongle=4d58&gdpr=1&gdpr_consent=

Request Chain 327

https://sync.srv.stackadapt.com/sync?nid=13&gdpr=1&gdpr_consent= HTTP 302
https://eb2.3lift.com/xuid?mid=2319&xuid=0-e37a6537-d40f-4e98-47c2-3f4b11d0d740$ip$185.213.155.166&dongle=4430

Request Chain 328

https://sync.mathtag.com/sync/img?mt_exid=62&redir=%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D3690%26xuid%3D%5BMM_UUID%5D%26dongle%3D3995%26gdpr=1%26gdpr_consent= HTTP 302
https://eb2.3lift.com/xuid?mid=3690&xuid=2e1b6238-8fa2-4f00-8b78-f55dd9c91e8e&dongle=3995&gdpr=1&gdpr_consent=

Request Chain 330

https://pixel-sync.sitescout.com/dmp/pixelSync?nid=83&gdpr=1&gdpr_consent= HTTP 302
https://eb2.3lift.com/xuid?mid=3646&xuid=no-consent&dongle=1fa5&gdpr=1&gdpr_consent=

Request Chain 331

https://sync.hgrtb.com/triplelift?redir=http%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D7666%26xuid%3Dmy_external_user_id%26dongle%3D8f7 HTTP 302
https://eb2.3lift.com/xuid?mid=7666&xuid=37696f3e-9ead-4e3d-8f13-23df4311f85d&dongle=8f7

Request Chain 333

https://cms.quantserve.com/pixel/p-VtN-a_yLd-GB-.gif?idmatch=0&gdpr=1&gdpr_consent= HTTP 302
https://eb2.3lift.com/xuid?&mid=5316&dongle=fa68&xuid=VgIjzlhWccZNCXHBUVQ9xFYEcsVNBSjAWABLM89M

Request Chain 334

https://sportradarserving.com/sync?ssp=triplelift HTTP 302
https://eb2.3lift.com/xuid?mid=7963&xuid=d02d3ff2-4f08-4f31-92c9-bd402199c4c3&dongle=3oy7

Request Chain 335

https://pm.w55c.net/ping_match.gif?st=TRIPLELIFT&rurl=https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D6019%26xuid%3D_wfivefivec_%26dongle%3D465e%26gdpr=1%26gdpr_consent= HTTP 302
https://eb2.3lift.com/xuid?mid=6019&xuid=gVwIqCUY1Nwji85&dongle=465e&gdpr=1&gdpr_consent=

Request Chain 336

https://aax-eu.amazon-adsystem.com/s/x/757c0557066e95cfd4c7?gdpr=1&gdpr_consent=&uid=2456481663732240253697 HTTP 302
https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=1&gdpr_consent=&uid=2456481663732240253697&dcc=t

Request Chain 338

https://sasinator.realestate.com.au/rea/setid/external=TRIPLELIFT/value=2456481663732240253697 HTTP 302
https://sasinator.realestate.com.au/rea/lserver/setid/external=TRIPLELIFT/value=2456481663732240253697

Request Chain 340

https://pixel-sync.sitescout.com/dmp/pixelSync?nid=83&gdpr=1&gdpr_consent= HTTP 302
https://eb2.3lift.com/xuid?mid=3646&xuid=no-consent&dongle=1fa5&gdpr=1&gdpr_consent=

Request Chain 341

https://sync.hgrtb.com/triplelift?redir=http%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D7666%26xuid%3Dmy_external_user_id%26dongle%3D8f7 HTTP 302
https://eb2.3lift.com/xuid?mid=7666&xuid=82a1d883-121a-4cdc-a924-d360cf032612&dongle=8f7

Request Chain 343

https://cms.quantserve.com/pixel/p-VtN-a_yLd-GB-.gif?idmatch=0&gdpr=1&gdpr_consent= HTTP 302
https://eb2.3lift.com/xuid?&mid=5316&dongle=fa68&xuid=VgIjzlhWccZNCXHBUVQ9xFYEcsVNBSjAWABLM89M

Request Chain 344

https://sportradarserving.com/sync?ssp=triplelift HTTP 302
https://eb2.3lift.com/xuid?mid=7963&xuid=d02d3ff2-4f08-4f31-92c9-bd402199c4c3&dongle=3oy7

Request Chain 345

https://pm.w55c.net/ping_match.gif?st=TRIPLELIFT&rurl=https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D6019%26xuid%3D_wfivefivec_%26dongle%3D465e%26gdpr=1%26gdpr_consent= HTTP 302
https://eb2.3lift.com/xuid?mid=6019&xuid=gVwIqCUY1Nwji85&dongle=465e&gdpr=1&gdpr_consent=

Request Chain 346

https://aax-eu.amazon-adsystem.com/s/x/757c0557066e95cfd4c7?gdpr=1&gdpr_consent=&uid=2456481663732240253697 HTTP 302
https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=1&gdpr_consent=&uid=2456481663732240253697&dcc=t

Request Chain 348

https://sasinator.realestate.com.au/rea/setid/external=TRIPLELIFT/value=2456481663732240253697 HTTP 302
https://sasinator.realestate.com.au/rea/lserver/setid/external=TRIPLELIFT/value=2456481663732240253697

Request Chain 366

https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=1038671538451992436

Request Chain 367

https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%3Duid%3A%5BMM_UUID%5D HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:2e1b6238-8fa2-4f00-8b78-f55dd9c91e8e&gdpr=0&gdpr_consent=

Request Chain 368

https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@ HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=

Request Chain 369

https://dsp.adfarm1.adition.com/cookie/?ssp=9 HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=7077564736077691022

Request Chain 370

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=aT9_jD6mTCyb73hM_COghg%3D%3D HTTP 302
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=

Request Chain 371

https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D HTTP 302
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=2e1b6238-8fa2-4f00-8b78-f55dd9c91e8e

Request Chain 372

https://pixel.onaudience.com/?partner=214&mapped=693F7F8C-3EA6-4C2C-9BEF-784CFC23A086 HTTP 302
https://sync.crwdcntrl.net/map/c=8587/tp=CLOD/gdpr=1/gdpr_consent=?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3D%24%7Bgdpr%7D HTTP 302
https://sync.crwdcntrl.net/map/ct=y/c=8587/tp=CLOD/gdpr=1/gdpr_consent=?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3D%24%7Bgdpr%7D HTTP 302
https://pixel.onaudience.com/?partner=104&icm&cver&mapped=29b9fe51850f24148da6ad0178b902ee&gdpr=1

Request Chain 373

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=NjkzRjdGOEMtM0VBNi00QzJDLTlCRUYtNzg0Q0ZDMjNBMDg2&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=

Request Chain 374

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEI39IjqGyQzhtb7OvZsD7As&google_cver=1

Request Chain 376

https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=5769212573656456432

Request Chain 377

https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=4b0a2518-cedf-41c8-a309-0063fb5b5a2f

Request Chain 378

https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=2164802784335980141&gdpr=0&gdpr_consent=

Request Chain 379

https://pixel.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=ccghqn-cc6Jqw3Oldp4_oHHOcKFqzyqkf8pDSp-d

Request Chain 381

https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=693F7F8C-3EA6-4C2C-9BEF-784CFC23A086&redir=true&gdpr=0&gdpr_consent= HTTP 302
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-ZTWWliRE2uX6jVRN6FYYvXMveWZ.u_0-~A&gdpr=0&gdpr_consent=

Request Chain 382

https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
https://a.volvelle.tech/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic&bsw_uid=d7675448-eb59-49fd-826b-42bb1087fe5b HTTP 302
https://a.volvelle.tech/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic&bsw_uid=d7675448-eb59-49fd-826b-42bb1087fe5b HTTP 302
https://x.bidswitch.net/sync?dsp_id=190&expires=14&user_group=1&user_id=d1c76154-915e-47af-8287-98fd837c71b2&ssp=pubmatic HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=d7675448-eb59-49fd-826b-42bb1087fe5b&gdpr=&gdpr_consent=&gdpr_pd=

Request Chain 383

https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:c60d01bc-35d8-41e6-b012-ba2929b9a249&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw

Request Chain 384

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YjiPoC_TpvJkZfw8O1wkKgAABGYAAAIB HTTP 302
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YjiPoC_TpvJkZfw8O1wkKgAABGYAAAIB&dcc=t

Request Chain 386

https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1 HTTP 302
https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YjiPoC-TpvJkZfw8O1wkKgAA HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEKETw1MLDXikeD2kdvghvno&google_cver=1&gdpr=1

Request Chain 390

https://dmp.brand-display.com/cm/api/index?cm_dsp_id=191&cm_user_id=%3CIndex_user_id%3E&gdpr=1 HTTP 302
https://dsum.casalemedia.com/crum?cm_dsp_id=191&external_user_id=aa5caa1a-4c1e-627b-89d6fbc8

Request Chain 393

https://token.rubiconproject.com/token?pid=36584 HTTP 302
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=L10TLQUI-V-JH40

Request Chain 395

https://token.rubiconproject.com/token?pid=26594 HTTP 302
https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=L10TLQUI-V-JH40&sigv=1&esig=2~4ed689c217fe8656eec1ec9620d42d320922d7d0

Request Chain 396

https://token.rubiconproject.com/token?pid=2249&pt=n HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=OWU1NDZlYWQyMWY0YTkxYWE5M2RjNmJlOTJlY2EzNzAwNDM1YTcxNQ

Request Chain 397

https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id= HTTP 302
https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&dcc=t HTTP 302
https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=Y2h-qFmqTPKyKMLFX5HBqA&rk=usync-other HTTP 302
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=Y2h-qFmqTPKyKMLFX5HBqA

Request Chain 398

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc HTTP 302
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEHCLD5IBsBw5su0M30NatYg&google_cver=1

Request Chain 399

https://token.rubiconproject.com/token?pid=25470 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDEwVExRVUktVi1KSDQw

Request Chain 400

https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id= HTTP 302
https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&dcc=t

392 HTTP transactions
11 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
portalsemakan.com/permohonan-pelan-data-pelajar/
Redirect Chain

http://telekom.com.my/
https://portalsemakan.com/permohonan-pelan-data-pelajar/

58 KB
13 KB

739ms
670ms

Document
text/html

2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://portalsemakan.com/permohonan-pelan-data-pelajar/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1f8eec76f31b10119ae9981e97c2ce3cfc937114c4c60753e901b2e10ccde822

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

date: Mon, 21 Mar 2022 14:45:49 GMT
content-type: text/html; charset=UTF-8
x-dns-prefetch-control: on
x-ua-compatible: IE=edge
x-pingback: https://portalsemakan.com/xmlrpc.php
link: <https://portalsemakan.com/wp-json/>; rel="https://api.w.org/" <https://portalsemakan.com/wp-json/wp/v2/posts/1921>; rel="alternate"; type="application/json" <https://portalsemakan.com/?p=1921>; rel=shortlink
x-litespeed-cache: hit
vary: Accept-Encoding,User-Agent
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-turbo-charged-by: LiteSpeed
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cgF9XJf%2FAuGt3RGNWJAJSVbDdiY8Yw0uTM%2FOh0NB07ZJgXkriNm9jACrkPB2LCIa431rqQBQRX74xXvIX%2FUajeFyhzyfRZkkoIBsWi0ST7IUMHHle%2FeQvyHwhV1nLj5NzyMwqdxRg8G6omBbOaw33g%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 6ef77936fbf99b70-FRA
content-encoding: br

Redirect headers

Connection: Keep-Alive
Content-Type: text/html
Content-Length: 706
Date: Mon, 21 Mar 2022 14:45:49 GMT
Server: LiteSpeed
Location: https://portalsemakan.com/permohonan-pelan-data-pelajar/

GET
H2 200 US5uBX0RInHFzEq4nJpEypGL6hg.js Show response
portalsemakan.com/cdn-cgi/apps/head/ 6 KB
2 KB 22ms
19ms Script
application/javascript 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://portalsemakan.com/cdn-cgi/apps/head/US5uBX0RInHFzEq4nJpEypGL6hg.js
Requested by: Host: portalsemakan.com
URL: https://portalsemakan.com/permohonan-pelan-data-pelajar/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ae72a2bc3c1ab0291872b9998f163bc790d07c316e8b629e38a3f2f761e49f6c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://portalsemakan.com/permohonan-pelan-data-pelajar/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 21 Mar 2022 14:45:49 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 451174
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: EM5CQGNGNA3A9F1Y
x-amz-id-2: JHdu2RZ696rz+BdmcrTih6EnkY4e7i9Zajcv6j8UbFDzjFrzDfGRWVmDR1wcfZydnJ+8p/cyz2s=
last-modified: Wed, 15 Sep 2021 03:29:10 GMT
server: cloudflare
etag: W/"ab04f2cf3678997bd61360038cc99b93"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9ydRTecpYwCpBXRGLPVsQnhIK2xw%2FHagfUH%2BXA6WQL%2Fa6f1VL%2Bex1AsTuJ0vVdfsrrfiCMgjlX%2BIWzsYbjdxIvHsFnjXDFs44COylr%2FzD1ExjVVPRna6u3RaRj9xcmHVzBaAJojbjyoZr8kaM8%2Bvcw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
x-amz-version-id: yrJ_nMHm9KI2FIqAbVIqrfFl6CDAkC65
cf-ray: 6ef7793b5c9d9b70-FRA

GET
H2 200 css
fonts.googleapis.com/ 14 KB
1 KB 138ms
50ms Stylesheet
text/css 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:300,regular,italic,600,700|Oleo+Script:regular,700

Requested by

Host: portalsemakan.com
URL: https://portalsemakan.com/permohonan-pelan-data-pelajar/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

3463aecfd16d3464c8fba9c16df693086482649d04cdfd461b5a71fb0bdeef2e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://portalsemakan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 21 Mar 2022 14:45:50 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Mon, 21 Mar 2022 14:45:50 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 21 Mar 2022 14:45:50 GMT

GET
H2 200 96505f41af0ff1aa6afcd92112ceff55.css
portalsemakan.com/wp-content/litespeed/css/ 81 KB
11 KB 29ms
26ms Stylesheet
text/css 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://portalsemakan.com/wp-content/litespeed/css/96505f41af0ff1aa6afcd92112ceff55.css?ver=d774f
Requested by: Host: portalsemakan.com
URL: https://portalsemakan.com/permohonan-pelan-data-pelajar/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1e811ad01cdb86c2e3371c21e43125f873f1e6668400fe6d40b5e34878f960b5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://portalsemakan.com/permohonan-pelan-data-pelajar/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 21 Mar 2022 14:45:49 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 451174
cf-bgj: minify
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Wed, 16 Mar 2022 09:25:51 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FriH5Zbr4MrGhhKHqxc56q%2FrLujAzbSzDbEb0MLJKSDH1BryglvgqZeJh%2FZkVGYkge1RPs1MfLJFbRRKtPGUkQpsDf0w2wzUI%2FuHEB9%2BQh0P%2F1XFXB8X6cTwSHGBG2iLEGDY7iqZIwvDEGROx2RPUQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=31557600
x-turbo-charged-by: LiteSpeed
cf-ray: 6ef7793b5ca39b70-FRA
expires: Thu, 16 Mar 2023 15:26:15 GMT

GET
H2 200 70c56241757a25e393f50439435b8fda.css
portalsemakan.com/wp-content/litespeed/css/ 11 KB
3 KB 23ms
20ms Stylesheet
text/css 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://portalsemakan.com/wp-content/litespeed/css/70c56241757a25e393f50439435b8fda.css?ver=5908c
Requested by: Host: portalsemakan.com
URL: https://portalsemakan.com/permohonan-pelan-data-pelajar/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 98231b091bf8da0873d415bd50577540cfd620aecb6a978c3e29aa3e52173b2e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://portalsemakan.com/permohonan-pelan-data-pelajar/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 21 Mar 2022 14:45:49 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 451174
cf-bgj: minify
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Wed, 16 Mar 2022 09:25:51 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wbo8DrieiyJKVOSWe0AM3hfLEBTpBXcd5JOM4VR6G0%2BuUiLVLSrzOYU5VfgM2ezT8ToNNsofaagj9S0NTKEVYOyX98tBye9i0oy3%2B%2BG3nB%2FNOG7QpIuCLYp6EPaGh9YmfbYFpyygdw%2BW9wlATiqoew%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=31557600
x-turbo-charged-by: LiteSpeed
cf-ray: 6ef7793b5ca79b70-FRA
expires: Thu, 16 Mar 2023 15:26:15 GMT

GET
H2 200 72ea471976ae077ece831fd215cfa1ab.css
portalsemakan.com/wp-content/litespeed/css/ 4 KB
1 KB 28ms
25ms Stylesheet
text/css 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://portalsemakan.com/wp-content/litespeed/css/72ea471976ae077ece831fd215cfa1ab.css?ver=b7417
Requested by: Host: portalsemakan.com
URL: https://portalsemakan.com/permohonan-pelan-data-pelajar/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2e10d353ff038c2cad3492fc17801af3e6ef2669c9e9713bdb78b1dcb104c4fe

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://portalsemakan.com/permohonan-pelan-data-pelajar/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 21 Mar 2022 14:45:49 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 451174
cf-bgj: minify
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Wed, 16 Mar 2022 09:25:51 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DWGZ%2Bd3AZAp5PUxY94BA34oaHXr%2B5WVpOAXum1fSE2MDVY%2BRMqU2WbiXh6oS6YSNv9%2FMXHO7B29JjjvT8ZWFCajt4Gao0Tvx4TjL92A94fN4CAddRfraTcxMNcyyngRl7ufKrJ6gvcBMIMcvCEzPgw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=31557600
x-turbo-charged-by: LiteSpeed
cf-ray: 6ef7793b5ca99b70-FRA
expires: Thu, 16 Mar 2023 15:26:15 GMT

GET
H2 200 bbcbbf556f258184eb7812076835798b.css
portalsemakan.com/wp-content/litespeed/css/ 0
303 B 23ms
21ms Stylesheet
text/css 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://portalsemakan.com/wp-content/litespeed/css/bbcbbf556f258184eb7812076835798b.css?ver=aa744
Requested by: Host: portalsemakan.com
URL: https://portalsemakan.com/permohonan-pelan-data-pelajar/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://portalsemakan.com/permohonan-pelan-data-pelajar/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 21 Mar 2022 14:45:49 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 451174
cf-bgj: minify
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
last-modified: Wed, 16 Mar 2022 09:25:51 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: User-Agent, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BfmIL06%2Btb%2Ba38yt%2FwzmizAHxKuFTbucXHEpFJV3j9fsIf0CUt26eDPwfHqGt5ommvFT9uh%2FkztuINQveFIjZ99OibwSn8AeByTJETaC3iNKJOyqZyeA27RUkb%2B82QBo63UKvhTzk8M2GLbtZEM1bA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=31557600
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 6ef7793b5caa9b70-FRA
expires: Thu, 16 Mar 2023 15:26:15 GMT

GET
H2 200 d5dcfabafa088d87285a1166ec18a1ca.css
portalsemakan.com/wp-content/litespeed/css/ 31 KB
7 KB 24ms
22ms Stylesheet
text/css 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://portalsemakan.com/wp-content/litespeed/css/d5dcfabafa088d87285a1166ec18a1ca.css?ver=ea2c9
Requested by: Host: portalsemakan.com
URL: https://portalsemakan.com/permohonan-pelan-data-pelajar/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8a249ef5d6ecd934e2b64f5883ee3eb3f07db0441011edaeeb01ee0048f84828

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://portalsemakan.com/permohonan-pelan-data-pelajar/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 21 Mar 2022 14:45:49 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 451174
cf-polished: origSize=31321
cf-bgj: minify
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Wed, 16 Mar 2022 09:25:51 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=O%2Brzqt83PXEFJApCN4RVCZFuC9YzKGZCE8If0WXbxxZcpJNGD5wZqHNV4CEeq%2BoV%2F6mp3kp4FUsZCyDAvekbEba%2BxlpngWKycxNHvnyAV%2BXwLXzzzs%2BnLBYFKMn%2FUSdNoqYFpEc%2BJTgSS5IHz%2BgGFg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=31557600
x-turbo-charged-by: LiteSpeed
cf-ray: 6ef7793b5cac9b70-FRA
expires: Thu, 16 Mar 2023 15:26:15 GMT

GET
H2 200 1aa77b9b28e472f8070866c15837e261.css
portalsemakan.com/wp-content/litespeed/css/ 3 KB
1 KB 22ms
20ms Stylesheet
text/css 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://portalsemakan.com/wp-content/litespeed/css/1aa77b9b28e472f8070866c15837e261.css?ver=1da46
Requested by: Host: portalsemakan.com
URL: https://portalsemakan.com/permohonan-pelan-data-pelajar/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4fadc70587c09a1b36d035bf43b2bc0a22f306c07fc8d18043389504de3d35a1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://portalsemakan.com/permohonan-pelan-data-pelajar/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 21 Mar 2022 14:45:49 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 451174
cf-polished: origSize=3168
cf-bgj: minify
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Wed, 16 Mar 2022 09:25:51 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FvZ895d8%2FhiGQQjggCTKjxUboFu73LLnOH45JHE8dl1ueT2N6SncDHCac6YdZWnwuFFI2YwY0BWxUByKEkBlDLorfOkgyErDGX%2BSulYvZmSd0W5dUk%2FSxpEuiIkTLNmvoLeiHZVnQFMUqTQ0Nwh0lQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=31557600
x-turbo-charged-by: LiteSpeed
cf-ray: 6ef7793b5cad9b70-FRA
expires: Thu, 16 Mar 2023 15:26:15 GMT

GET
H2 200 35cc9cb5070245213fcff02ef9eebb81.css
portalsemakan.com/wp-content/litespeed/css/ 1 KB
828 B 28ms
26ms Stylesheet
text/css 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://portalsemakan.com/wp-content/litespeed/css/35cc9cb5070245213fcff02ef9eebb81.css?ver=5d259
Requested by: Host: portalsemakan.com
URL: https://portalsemakan.com/permohonan-pelan-data-pelajar/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 12b4b4e7e185dd82c01c946b699fec57ad102914547ad6d5bc01c33e6ae49d66

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://portalsemakan.com/permohonan-pelan-data-pelajar/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 21 Mar 2022 14:45:49 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 451174
cf-polished: origSize=1034
cf-bgj: minify
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Wed, 16 Mar 2022 09:25:51 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7rKnYwNbnvRrJfzmM9hvGcA6rOugA6Rmiv78EhGLk1BxHRKeG2H0viCwzWQSVKy%2FnX%2FzCWDAqfsw2ws90dAkKUP6rKaVXnHoY6XHg1e5g79m2cArqocdcNeS8zzXlcVq4HEmLBPXF5rebv0ZPXthuQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=31557600
x-turbo-charged-by: LiteSpeed
cf-ray: 6ef7793b5cae9b70-FRA
expires: Thu, 16 Mar 2023 15:26:15 GMT

GET
H2 200 22057ec19691fbd3f02848de7481e7c7.css
portalsemakan.com/wp-content/litespeed/css/ 3 KB
1010 B 26ms
24ms Stylesheet
text/css 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://portalsemakan.com/wp-content/litespeed/css/22057ec19691fbd3f02848de7481e7c7.css?ver=55d45
Requested by: Host: portalsemakan.com
URL: https://portalsemakan.com/permohonan-pelan-data-pelajar/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4c80c27456e44686b378b1024534b69cdff323748c808afb6ea4db2fe974890b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://portalsemakan.com/permohonan-pelan-data-pelajar/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 21 Mar 2022 14:45:49 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 451174
cf-polished: origSize=3383
cf-bgj: minify
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Wed, 16 Mar 2022 09:25:51 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kxpoIN23ehMOY0JTNzyF3dpe1T%2B1fjLJ3aIBm3bvZlmETMkQpftWpBoHBZaocQj9ALpmLhGFF%2Fs4ZCV1p%2BZgfmVVzL5jF5tZ4oN8BYdJIoZoRnitv053KPdnuCCAmWnE1t1iBvFK6ruhgoOy2siVyg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=31557600
x-turbo-charged-by: LiteSpeed
cf-ray: 6ef7793b5cb09b70-FRA
expires: Thu, 16 Mar 2023 15:26:15 GMT

GET
H2 200 03f743f42770c7d9e71c7dfd96af7049.css
portalsemakan.com/wp-content/litespeed/css/ 2 KB
766 B 23ms
21ms Stylesheet
text/css 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://portalsemakan.com/wp-content/litespeed/css/03f743f42770c7d9e71c7dfd96af7049.css?ver=99ff3
Requested by: Host: portalsemakan.com
URL: https://portalsemakan.com/permohonan-pelan-data-pelajar/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2e858a3bf02390ad4f8a5db4f1b4b979d96db387f48f1c6069557bc369ee6662

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://portalsemakan.com/permohonan-pelan-data-pelajar/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 21 Mar 2022 14:45:49 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 451174
cf-bgj: minify
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Wed, 16 Mar 2022 09:25:51 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0Xf4%2FSJ0fwR54XGsXJbR18d%2FfRk2RwDwQgZXYlzGmpaOVk9hwaJbk%2FcLZrulfNoetfO2CscN4jjZ37jzKBat3Q2ENDdodjxTRLNK%2FBwxEzHwQ5WwisDMjgmjAbuOAgOVQanCBaLwnpO1xBaH4XVrhg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=31557600
x-turbo-charged-by: LiteSpeed
cf-ray: 6ef7793b5cb19b70-FRA
expires: Thu, 16 Mar 2023 15:26:15 GMT

GET
H2 200 f1eba2edcafcae96f64fb07f3da9392d.css
portalsemakan.com/wp-content/litespeed/css/ 3 KB
977 B 32ms
31ms Stylesheet
text/css 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://portalsemakan.com/wp-content/litespeed/css/f1eba2edcafcae96f64fb07f3da9392d.css?ver=a96f1
Requested by: Host: portalsemakan.com
URL: https://portalsemakan.com/permohonan-pelan-data-pelajar/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1cc5fba1b17b26c8975d63d581f375152c583264b4ba58a2d2eacac2d11d90ee

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://portalsemakan.com/permohonan-pelan-data-pelajar/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 21 Mar 2022 14:45:49 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 451173
cf-bgj: minify
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Wed, 16 Mar 2022 09:25:51 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kVoIB7va91gkQqIdJf5nM0yalZv21tF7jGs7m2B%2FRawW%2BTIT7qCMQ%2F9II1HlfDhvMTTFcAnZ%2FZLHDHluXU4oCp9zcslZwX4tQm8i%2FwRIBLRY02lhCkL1D%2F%2FTY1w4O0ju1OAuoG%2F2KHVDVoNRLTAcFA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=31557600
x-turbo-charged-by: LiteSpeed
cf-ray: 6ef7793b6ccd9b70-FRA
expires: Thu, 16 Mar 2023 15:26:16 GMT

GET
H2 200 4d9e679b873673927fe1e724bb0cbbb0.css
portalsemakan.com/wp-content/litespeed/css/ 86 KB
17 KB 32ms
31ms Stylesheet
text/css 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://portalsemakan.com/wp-content/litespeed/css/4d9e679b873673927fe1e724bb0cbbb0.css?ver=90c71
Requested by: Host: portalsemakan.com
URL: https://portalsemakan.com/permohonan-pelan-data-pelajar/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c5b2b6e46cb835975b0b93ce77220260fe33be687bf4b0a591e9ea67075d396f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://portalsemakan.com/permohonan-pelan-data-pelajar/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 21 Mar 2022 14:45:49 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 315811
cf-bgj: minify
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Thu, 17 Mar 2022 23:00:39 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ynHpxrDPdCIOMyeDCAYEgv1mjLh9rJQ6Auz0zWymJrwhnlwvHfR9y6ybolFNwZjCkKYfdZJyZmTmPDjQuQ3OldVCttclb5ZIH12C%2B%2F%2ByMGH7SWgaUsISB0Hq4xyso7eq748Qmhcp5RJMK0KLBxAuEA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=31557600
x-turbo-charged-by: LiteSpeed
cf-ray: 6ef7793b6cce9b70-FRA
expires: Sat, 18 Mar 2023 05:02:18 GMT

GET
H3 200 Unifi-Pakej-Pelajar-IPT-950x1072-1-768x867.jpg.webp
portalsemakan.com/wp-content/uploads/2020/11/ 54 KB
55 KB 829ms
828ms Image
image/webp 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://portalsemakan.com/wp-content/uploads/2020/11/Unifi-Pakej-Pelajar-IPT-950x1072-1-768x867.jpg.webp
Requested by: Host: portalsemakan.com
URL: https://portalsemakan.com/permohonan-pelan-data-pelajar/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 16dd323fc179f4da7111503bdc1a8e2a8b034540ad3e1cf0a040d4d0ce7d04e3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://portalsemakan.com/permohonan-pelan-data-pelajar/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 21 Mar 2022 14:45:50 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 55446
last-modified: Tue, 07 Sep 2021 08:38:12 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: User-Agent, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wRHUCcZ3JvzO%2Bvfyl4pp0d3hGGXWhcUd%2FpMSI2dQI%2FSFmMTvdPVrO8Zf5rUtVj6PMHmqpEyA2ekxt2EgxxvOlho5qaUUO%2BJPplMznFPaLJ9XB7UUQp79wSC4uAyf4KemBy7gHVEP77lbmZIwVsnN3Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=31557600
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 6ef7793b88ac9110-FRA
expires: Tue, 21 Mar 2023 20:45:50 GMT

GET
H3 200 71234af64ece948365f23ba19dd8522e.css
portalsemakan.com/wp-content/litespeed/css/ 3 KB
1 KB 23ms
22ms Stylesheet
text/css 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://portalsemakan.com/wp-content/litespeed/css/71234af64ece948365f23ba19dd8522e.css?ver=b69b0
Requested by: Host: portalsemakan.com
URL: https://portalsemakan.com/permohonan-pelan-data-pelajar/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ec30306c113e15d84c044b4c4f6b751be424968f89ad404d99ce4528227f83f4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://portalsemakan.com/permohonan-pelan-data-pelajar/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 21 Mar 2022 14:45:50 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 451175
cf-polished: origSize=3029
cf-bgj: minify
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Wed, 16 Mar 2022 09:23:47 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mcf0fMBVcjxPTXBQl7YH6jaOafC6jxhDFiP%2FC1pufE3sMxvfzvrMG3s9fuod3TWBOjHGdetz%2FDoRkPPAo%2B295f8BGOd9KH6nItK8OdJRHiCk29Z%2BAOaMbLrZMp%2BwC%2BHj03%2B%2BuVREBZJVWrqS8Glccw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=31557600
x-turbo-charged-by: LiteSpeed
cf-ray: 6ef7793b88a99110-FRA
expires: Thu, 16 Mar 2023 15:26:15 GMT

GET
H3 200 rocket-loader.min.js Show response
portalsemakan.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/ 12 KB
4 KB 19ms
19ms Script
application/javascript 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://portalsemakan.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Requested by

Host: portalsemakan.com
URL: https://portalsemakan.com/permohonan-pelan-data-pelajar/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://portalsemakan.com/permohonan-pelan-data-pelajar/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 21 Mar 2022 14:45:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 17 Mar 2022 12:28:09 GMT
server: cloudflare
etag: W/"62332959-302c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: DENY
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=moZMtmS2QchxlK%2BFxsM%2FJHhOYjwv4vqFa%2FBuOdSDJrjf0TMTBCeJf8bDYxfRACyUa%2B8mFy8IGN%2FfpnraLKRkvjpymL5HYFgSyoUtXUdHqfkXEzVDxOyetv5TcbMQLbwUuQ2S2QnmXuuURIae%2BWCOKQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=172800, public
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6ef7793b88ad9110-FRA
vary: Accept-Encoding
expires: Wed, 23 Mar 2022 14:45:50 GMT

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v28/ 44 KB
44 KB 120ms
36ms Font
font/woff2 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v28/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:300,regular,italic,600,700|Oleo+Script:regular,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

88915cdc03fc5b9a20aec966fe93ee38aa3fd76bfef296e41d305271b3541c96

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://portalsemakan.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 15 Mar 2022 22:45:07 GMT
x-content-type-options: nosniff
age: 489643
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44656
x-xss-protection: 0
last-modified: Tue, 01 Mar 2022 22:03:03 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 15 Mar 2023 22:45:07 GMT

GET
H2 200 raxkHieDvtMOe0iICsUccCDmnlrf0Ts.woff2
fonts.gstatic.com/s/oleoscript/v12/ 13 KB
13 KB 170ms
87ms Font
font/woff2 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/oleoscript/v12/raxkHieDvtMOe0iICsUccCDmnlrf0Ts.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:300,regular,italic,600,700|Oleo+Script:regular,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bae37be456f6c4ce883098b5777f99d940beb781832c20fe1824b4ac6f6c854f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://portalsemakan.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 15 Mar 2022 18:30:21 GMT
x-content-type-options: nosniff
age: 504929
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12900
x-xss-protection: 0
last-modified: Mon, 24 Jan 2022 19:52:34 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 15 Mar 2023 18:30:21 GMT

GET
H3 200 generatepress.woff2
portalsemakan.com/wp-content/themes/generatepress/assets/fonts/ 1 KB
2 KB 24ms
24ms Font
font/woff2 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://portalsemakan.com/wp-content/themes/generatepress/assets/fonts/generatepress.woff2
Requested by: Host: portalsemakan.com
URL: https://portalsemakan.com/wp-content/litespeed/css/1aa77b9b28e472f8070866c15837e261.css?ver=1da46
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ac990171fc2a8993d659ce8f10bc0a7815c43835ba1dc00c2246f3556c6eeecd

Request headers

Referer: https://portalsemakan.com/wp-content/litespeed/css/1aa77b9b28e472f8070866c15837e261.css?ver=1da46
Origin: https://portalsemakan.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 21 Mar 2022 14:45:50 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 451174
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1264
last-modified: Fri, 25 Feb 2022 15:32:06 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: User-Agent, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YnTZkUFkTk6JCHviDMmrwAz4MYb%2FjK0l3Voe%2BX6CO7rdNhAnzyFtD2TEJ0Rr1eebLXF5qMK5LISnIWcrjW0jW6%2FA6u9v0ZBSsEL%2Fma8jEzzYKsZ%2F9r%2B4rfU0zFtO8ds78rXDbOHZe0aYub2zkJHrAA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
cache-control: public, max-age=31557600
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 6ef7793c598d9110-FRA
expires: Thu, 16 Mar 2023 15:26:16 GMT

GET
H3 200 Senarai-Pakej-Pelan-Data-Khas-Buat-Pelajar-IPT.-Dapatkan-Sekarang-1200x720-1.png.webp
portalsemakan.com/wp-content/uploads/2020/11/ 62 KB
63 KB 862ms
861ms Image
image/webp 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://portalsemakan.com/wp-content/uploads/2020/11/Senarai-Pakej-Pelan-Data-Khas-Buat-Pelajar-IPT.-Dapatkan-Sekarang-1200x720-1.png.webp
Requested by: Host: portalsemakan.com
URL: https://portalsemakan.com/permohonan-pelan-data-pelajar/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 202f0cba1f0b9349dcf368c51767ee39e9834fc529d9adb7b0bc1ee10be2ccf6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://portalsemakan.com/permohonan-pelan-data-pelajar/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 21 Mar 2022 14:45:50 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 63772
last-modified: Tue, 07 Sep 2021 08:35:06 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: User-Agent, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=O%2B0zZENxmxbuHptB%2B42sFEQn%2FuHVNtriAYBw2zYr7K%2FI0P485cpIaQogr70lB%2BXKL4vMSsGfIOweOATJ7nyEeEo9ANCXp7w04qIDHCecB7FKxKRm6WmDuV1M6%2FIQ0RW1qw9lJntc6oE4Vg3x%2BDXPUA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=31557600
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 6ef7793c79c19110-FRA
expires: Tue, 21 Mar 2023 20:45:50 GMT

GET
H3 200 Hotlink-Pakej-Pelajar-IPT-950x1045-1-931x1024.jpg.webp
portalsemakan.com/wp-content/uploads/2020/11/ 73 KB
73 KB 846ms
845ms Image
image/webp 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://portalsemakan.com/wp-content/uploads/2020/11/Hotlink-Pakej-Pelajar-IPT-950x1045-1-931x1024.jpg.webp
Requested by: Host: portalsemakan.com
URL: https://portalsemakan.com/permohonan-pelan-data-pelajar/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c0e9e6bd77d4e918b61a958c0fafbc9fe9793f4a142f77fafb206835514db608

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://portalsemakan.com/permohonan-pelan-data-pelajar/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 21 Mar 2022 14:45:50 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 74358
last-modified: Tue, 07 Sep 2021 08:35:44 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: User-Agent, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FuYnHWWP7P3bjX9u0Wc51CuKiGTD8PLpJZlchqoO7D8BIqvi4BV28%2BBh6kua3iYwN4M67Kuc0UIsHuvfE20yBOa4vf0OBnK6HedRfrRJJjQdoPImWOhulgKKfCfFyXOKY63M0%2F28Ij%2FheDkayrPxYA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=31557600
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 6ef7793c79c39110-FRA
expires: Tue, 21 Mar 2023 20:45:50 GMT

GET
H3 200 Digi-Pelan-Pelajar-IPT-950x569-1.jpg.webp
portalsemakan.com/wp-content/uploads/2020/11/ 50 KB
51 KB 847ms
846ms Image
image/webp 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://portalsemakan.com/wp-content/uploads/2020/11/Digi-Pelan-Pelajar-IPT-950x569-1.jpg.webp
Requested by: Host: portalsemakan.com
URL: https://portalsemakan.com/permohonan-pelan-data-pelajar/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a12a37513b1a7e415907551deecc000268672bac723bfea99cd7af6c742f5b36

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://portalsemakan.com/permohonan-pelan-data-pelajar/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 21 Mar 2022 14:45:50 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 51210
last-modified: Tue, 07 Sep 2021 08:35:29 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: User-Agent, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=I52%2FwW8WZjInOI%2FRJxzrenQ1sdaIbXHsucK26%2FQV%2BFbxemR84wjlC2CXP428GO4Q8CDJxdlcU3xJbeG7DSY63Tq8Q8QnEMpAWx6MZdnOX0LMQBF2LWiIQD%2FbinNaUVwPW2Hl6FsHYLWT8B7IBsea5Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=31557600
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 6ef7793c79c59110-FRA
expires: Tue, 21 Mar 2023 20:45:50 GMT

GET
H3 200 SEMAKAN-TATUS-MYSLAM-PERMOHONAN-PENYAKIT-KRITIKAL-COVID-19-150x150.jpg.webp
portalsemakan.com/wp-content/uploads/2021/10/ 5 KB
6 KB 21ms
20ms Image
image/webp 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://portalsemakan.com/wp-content/uploads/2021/10/SEMAKAN-TATUS-MYSLAM-PERMOHONAN-PENYAKIT-KRITIKAL-COVID-19-150x150.jpg.webp
Requested by: Host: portalsemakan.com
URL: https://portalsemakan.com/permohonan-pelan-data-pelajar/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e52e2ca4270e3f093313f9eb0b90af8a72ff61350c783dadb41eefd018402f01

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://portalsemakan.com/permohonan-pelan-data-pelajar/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 21 Mar 2022 14:45:50 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 454
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 5496
last-modified: Sun, 17 Oct 2021 22:07:41 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: User-Agent, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OHeQmx3EtRKrIu7HxnhclApNb83e77mYfs59jKyWnuIEHk5eVGiYFWpSvbGUbbPeNmueUoKIg9WbmY%2BjrQdCH4o2CLfVybEjOi6CErdJg25cF6Ogu%2B9fs7%2B1C0Xuj%2Bu9NynW9NIXsXt2NH1FvvLDdw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=31557600
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 6ef7793c79c89110-FRA
expires: Tue, 21 Mar 2023 20:38:16 GMT

GET
H3 200 Screenshot-2020-04-02-at-5.55.58-PM-150x150.png.webp
portalsemakan.com/wp-content/uploads/2020/04/ 4 KB
5 KB 49ms
49ms Image
image/webp 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://portalsemakan.com/wp-content/uploads/2020/04/Screenshot-2020-04-02-at-5.55.58-PM-150x150.png.webp
Requested by: Host: portalsemakan.com
URL: https://portalsemakan.com/permohonan-pelan-data-pelajar/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e1b25adac4aee63a1b3a4677caa83858e025df42fd9caf0163781d35585e5343

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://portalsemakan.com/permohonan-pelan-data-pelajar/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 21 Mar 2022 14:45:50 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5842
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 4126
last-modified: Tue, 07 Sep 2021 09:10:37 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: User-Agent, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BtJVQVCgGhxuxuGdCAV37RW86w9XK%2FwTOCBWu4wyROYNrCelM1Ib98%2B33kO86IdQsgR2ddK%2FOkOcUJ8fi2%2FJo0eGIzSFj0fGaUiSYBXJFjNENYz7Z9EqX3SS11ed9pXAhijtMmwVa4qvg1yFdrHQxQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=31557600
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 6ef7793c79ca9110-FRA
expires: Tue, 21 Mar 2023 19:08:28 GMT

GET
H3 200 PENGELUARAN-150x150.jpg.webp
portalsemakan.com/wp-content/uploads/2022/03/ 7 KB
8 KB 36ms
35ms Image
image/webp 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://portalsemakan.com/wp-content/uploads/2022/03/PENGELUARAN-150x150.jpg.webp
Requested by: Host: portalsemakan.com
URL: https://portalsemakan.com/permohonan-pelan-data-pelajar/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4c090138c104cc66f39ee1413bb6efb3c892ebc54fa6527e3be4566aac040aef

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://portalsemakan.com/permohonan-pelan-data-pelajar/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 21 Mar 2022 14:45:50 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 395322
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 7062
last-modified: Wed, 16 Mar 2022 07:12:40 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: User-Agent, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2npUViqOTIBlA1dP2TQCdDIQ7o9bvdLQbs2RgSmIBVk9ifEsRT3U9iSZ%2FEnoeKO0fG%2FW6PqivnF7q%2FBkLtEAt%2B8OtnS6wayInFqr%2B%2FNuY1qq%2FxCS89Qvazg%2B0N1Fp9SRH2sBAgIe%2BkNKIUj6z86wNg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=31557600
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 6ef7793c79cb9110-FRA
expires: Fri, 17 Mar 2023 06:57:08 GMT

GET
H3 200 BKM-2022-150x150.jpg.webp
portalsemakan.com/wp-content/uploads/2021/11/ 4 KB
5 KB 22ms
21ms Image
image/webp 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://portalsemakan.com/wp-content/uploads/2021/11/BKM-2022-150x150.jpg.webp
Requested by: Host: portalsemakan.com
URL: https://portalsemakan.com/permohonan-pelan-data-pelajar/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ab6dd3ce1c2ddd590db04549b0472eef0774692c1189a83d7b9705e02e3c6f53

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://portalsemakan.com/permohonan-pelan-data-pelajar/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 21 Mar 2022 14:45:50 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 81648
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 4606
last-modified: Mon, 29 Nov 2021 08:09:32 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: User-Agent, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=n6QEL2hQhwg1%2FP2sDlYcQWa3LMe9OLJ%2BknlqzBQ%2FBCEdXDKd%2Fk2nehzOTWkerbxYe9%2BQIV22WSegosPLd0ha6%2FoK4O%2BPEJC4shwwOvlBy%2FbTAI%2FXQMADOY%2FEIwx3wla31gg2bA4iobxZ1zi6LMamdg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=31557600
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 6ef7793c79cd9110-FRA
expires: Mon, 20 Mar 2023 22:05:02 GMT

GET
H3 200 BKM-2022-SEMAKAN-STATUS-BAYARAN-KEMASKINI-1-150x150.jpg.webp
portalsemakan.com/wp-content/uploads/2022/03/ 6 KB
7 KB 34ms
33ms Image
image/webp 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://portalsemakan.com/wp-content/uploads/2022/03/BKM-2022-SEMAKAN-STATUS-BAYARAN-KEMASKINI-1-150x150.jpg.webp
Requested by: Host: portalsemakan.com
URL: https://portalsemakan.com/permohonan-pelan-data-pelajar/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1fe9162057c0bb787bda01e2098226be4b37bd2da37b04cafe35867f46b6b8cc

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://portalsemakan.com/permohonan-pelan-data-pelajar/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 21 Mar 2022 14:45:50 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 81648
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 6642
last-modified: Sun, 20 Mar 2022 15:15:39 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: User-Agent, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=saZM%2Br2NSdL8qT1OOBID7U8bk7o%2F1NuZ%2B%2FdB3MxvRSv0KYI0kCJ%2FmUedXqIq5rBN8fYOeYG7o2GR6yqakboIv4m47PmJ8uRPmOJxi%2Brg0YbXc%2B2ILPtmHGhdkvDpZq48eVel%2F3SQmbpt4TrNQ3feBA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=31557600
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 6ef7793c79ce9110-FRA
expires: Mon, 20 Mar 2023 22:05:02 GMT

GET
H3 200 9cb4915548dd4d539f0db8e25e411486.js Show response
portalsemakan.com/wp-content/litespeed/js/ 44 KB
14 KB 687ms
687ms Script
application/javascript 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://portalsemakan.com/wp-content/litespeed/js/9cb4915548dd4d539f0db8e25e411486.js?ver=dc26b
Requested by: Host: portalsemakan.com
URL: https://portalsemakan.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8fbe33313bd0708170444d76e920e57146bfc95b2a3105cbedd920144bf0b01d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://portalsemakan.com/permohonan-pelan-data-pelajar/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 21 Mar 2022 14:45:50 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Mon, 21 Mar 2022 02:52:50 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=b16H924KdnXT4a90TuBWVf8mvjWsbylz9ptS4N94MBtsJKXsynYMxROm%2FjjUBqqmjJNRu5pW9R9m4x15l2ExzZkvsxqkyMach0fivhblaS%2FVGfTgMbrfev3i3S2Sb0aIFIpItICdj8279WxXbV1xBg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=31557600
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-turbo-charged-by: LiteSpeed
cf-ray: 6ef7793c89cf9110-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Tue, 21 Mar 2023 20:45:50 GMT

GET
H2 200 e-202212.js Show response
stats.wp.com/ 9 KB
3 KB 23ms
7ms Script
application/javascript 192.0.76.3
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.wp.com/e-202212.js
Requested by: Host: portalsemakan.com
URL: https://portalsemakan.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 82d0aae1e7b8cfc0574d6548d1f35096f5e4310321aa964ff3fdb46c4d12e302

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://portalsemakan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-nc: HIT hhn
date: Mon, 21 Mar 2022 14:45:50 GMT
content-encoding: br
server: nginx
etag: W/"6197c5cf-3508"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
expires: Sun, 12 Mar 2023 22:57:55 GMT

GET
H2 200 ats.js Show response
anymind360.com/js/4961/ 122 KB
29 KB 280ms
261ms Script
application/javascript 2a04:4e42:400::645
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://anymind360.com/js/4961/ats.js

Requested by

Host: portalsemakan.com
URL: https://portalsemakan.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:400::645 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

080d8bc28812d9e7aff55c468d183de77b357ee528a8794278268f9be0466b07

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://portalsemakan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 21 Mar 2022 14:45:50 GMT
content-encoding: gzip
age: 58752
x-guploader-uploadid: ADPycducpIYNgArGv7adkJt-PPdNzd_w-QYiW5W3LmccnzzXxo4rTYXz4RLzdm1oebmNV9ap8IEUz8oCDnMWxdLw-A
x-cache: HIT, MISS
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
strict-transport-security: max-age=300
content-length: 28638
x-served-by: cache-tyo11941-TYO, cache-hhn4046-HHN
access-control-allow-origin: *
expires: Sun, 20 Mar 2022 22:26:38 GMT
last-modified: Mon, 14 Mar 2022 09:13:58 GMT
server: UploadServer
x-timer: S1647873950.183515,VS0,VE254
etag: "7533b5e5047f194700b383a7dd227307"
vary: Accept-Encoding
x-goog-hash: crc32c=l299BQ==, md5=dTO15QR/GUcAs4On3SJzBw==
x-goog-generation: 1647249238424723
via: 1.1 varnish, 1.1 varnish
access-control-expose-headers: Content-Type
cache-control: max-age=43200
x-goog-stored-content-length: 28638
accept-ranges: bytes
content-type: application/javascript; charset=UTF-8
x-cache-hits: 1, 0

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 95 KB
37 KB 143ms
57ms Script
application/javascript 2a00:1450:4001:830::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-55620648-23

Requested by

Host: portalsemakan.com
URL: https://portalsemakan.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

a5c874df6a77647778dadf697aa77de082fb37dfe6bd81fa305c7f4020b1d2ce

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://portalsemakan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 21 Mar 2022 14:45:50 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37850
x-xss-protection: 0
expires: Mon, 21 Mar 2022 14:45:50 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 156 KB
54 KB 216ms
132ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: portalsemakan.com
URL: https://portalsemakan.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3e388f4018a2601fe39782f58944811871994b2f37dd69a7445e329f8447e048

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://portalsemakan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 21 Mar 2022 14:45:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 54696
x-xss-protection: 0
server: cafe
etag: 13268520163000412165
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Mon, 21 Mar 2022 14:45:50 GMT

GET
H3 200 jquery.min.js Show response
portalsemakan.com/wp-includes/js/jquery/ 87 KB
32 KB 31ms
30ms Script
application/javascript 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://portalsemakan.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
Requested by: Host: portalsemakan.com
URL: https://portalsemakan.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://portalsemakan.com/permohonan-pelan-data-pelajar/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 21 Mar 2022 14:45:50 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 451174
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Wed, 10 Mar 2021 15:07:24 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lQZh%2B7PNTuCZnqTd95dXLo2gtxO3GmeOAvO%2BeCOcPe58qwxbJpurpdEWSfKtFY3btUBEepyxKjKGjxYp3lw81L0rZTU9mnjMmQ9cpfFzLf3XL6r6ZPjjJxRwF5hwG73rqNDKY2CkQuELcqsYkVFZFw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=31557600
x-turbo-charged-by: LiteSpeed
cf-ray: 6ef7793c89d29110-FRA
expires: Thu, 16 Mar 2023 15:26:15 GMT

GET
H3 200 show_ads_impl_with_ama_fy2019.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202203140101/ 294 KB
106 KB 119ms
74ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202203140101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-9427148377333143&plah=portalsemakan.com&bust=31065636

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

19b9238deeb36d92542e553d53152af605571302660d7742debd1daf242a3095

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://portalsemakan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 21 Mar 2022 14:45:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 108641
x-xss-protection: 0
server: cafe
etag: 6428481730260764204
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Mon, 21 Mar 2022 14:45:50 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20220316/r20190131/ Frame B6DF 10 KB
5 KB 126ms
39ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20220316/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0ce5fc08d0f617e71e1d61bcd79fc7cc1855f4221945b0c09ac774685fe7f52c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://portalsemakan.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4502
x-xss-protection: 0
date: Sun, 20 Mar 2022 20:47:02 GMT
expires: Sun, 03 Apr 2022 20:47:02 GMT
cache-control: public, max-age=1209600
age: 64729
etag: 4044455266028820542
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 pwt.js Show response
ads.pubmatic.com/AdServer/js/pwt/158497/6011/ 245 KB
76 KB 360ms
8ms Script
text/javascript 184.30.24.198
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/pwt/158497/6011/pwt.js
Requested by: Host: anymind360.com
URL: https://anymind360.com/js/4961/ats.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.30.24.198 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-24-198.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 815564293529e8a1273e2d86754ea536392b6bfa1e9d98dadd708d3268e30c21

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://portalsemakan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 21 Mar 2022 14:45:51 GMT
content-encoding: gzip
last-modified: Thu, 11 Nov 2021 08:09:07 GMT
server: Apache/2.2.15 (CentOS)
etag: "15c1ea0-3d366-5d07edb4c618e"
vary: Accept-Encoding
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: public, max-age=55801
accept-ranges: bytes
content-type: text/javascript
content-length: 77259
expires: Tue, 22 Mar 2022 06:15:52 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 170 KB
63 KB 106ms
57ms Script
application/javascript 2a00:1450:4001:830::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-9BPNW7KP57&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-55620648-23

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e7001a855943aa3bc75c88cfa75ec8454c409aa330ad354689d9860ec5966945

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://portalsemakan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 21 Mar 2022 14:45:50 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 64306
x-xss-protection: 0
expires: Mon, 21 Mar 2022 14:45:50 GMT

GET
H3 200 wp-emoji-release.min.js Show response
portalsemakan.com/wp-includes/js/ 18 KB
5 KB 30ms
29ms Script
application/javascript 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://portalsemakan.com/wp-includes/js/wp-emoji-release.min.js?ver=5.9.2
Requested by: Host: portalsemakan.com
URL: https://portalsemakan.com/wp-content/litespeed/js/9cb4915548dd4d539f0db8e25e411486.js?ver=dc26b
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: def5de6254be138b8b35d680d1fdd8b07827d03b8626daebfeeb4157ec330ea7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://portalsemakan.com/permohonan-pelan-data-pelajar/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 21 Mar 2022 14:45:51 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 451174
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Tue, 08 Jun 2021 22:15:12 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xJ2sj2gzYjFz50Bry%2FFCVDFKq1itWSn57i6HSKwJZ%2Fc9SAjUnFtolGjgmuot%2FrlBFEYNnIsJWWtbmNyzaOJB91cOmPed4IvqHGG7QovEL%2F%2F4drL0SFYlcoCUbUH3dSDqgeWjBLjuPfi%2BcBi23hDDhg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=31557600
x-turbo-charged-by: LiteSpeed
cf-ray: 6ef77941b89f9110-FRA
expires: Thu, 16 Mar 2023 15:26:17 GMT

GET
H2 200 portalsemakan.com.1233564.es6.js Show response
jsc.mgid.com/p/o/ 249 KB
74 KB 265ms
224ms Script
text/javascript 104.19.132.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://jsc.mgid.com/p/o/portalsemakan.com.1233564.es6.js
Requested by: Host: portalsemakan.com
URL: https://portalsemakan.com/wp-content/litespeed/js/9cb4915548dd4d539f0db8e25e411486.js?ver=dc26b
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.132.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dad3f70d0cd67683406ae1321078f0e101a6c4718c5608e83d2e454ad2c7c29f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://portalsemakan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 21 Mar 2022 14:45:51 GMT
content-encoding: br
cf-cache-status: HIT
x-amz-request-id: 79VK0QQ3FS2MSTJQ
last-modified: Tue, 15 Mar 2022 11:51:26 GMT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: 7wu1TH270mY8Yvxkb+AlAFG1ViLz6KQo8bSLKqHwyDOPWc1rdpZmM1J0EaDC48lELKer1FghUlQ=
cf-bgj: minify
server: cloudflare
etag: W/"7e8eff8aa19b747198ccb884ca2ce7af"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=10800
cf-ray: 6ef77941f9549220-FRA
expires: Mon, 21 Mar 2022 17:45:51 GMT

GET
H2 200 mgWidget_1.11.86.es6.js Show response
cdn.mgid.com/js/wglibs/ 319 KB
64 KB 88ms
44ms Script
text/javascript 104.19.135.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.mgid.com/js/wglibs/mgWidget_1.11.86.es6.js
Requested by: Host: portalsemakan.com
URL: https://portalsemakan.com/wp-content/litespeed/js/9cb4915548dd4d539f0db8e25e411486.js?ver=dc26b
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.135.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5965008f49fc5dacad0690c57debaae8e02ab950d984453ea752de4369c07f2f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://portalsemakan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 21 Mar 2022 14:45:51 GMT
content-encoding: br
cf-cache-status: HIT
age: 3615
last-modified: Wed, 09 Mar 2022 09:11:57 GMT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: T94SEDEE3BRQAJ71
x-amz-id-2: 0cQwctAVG7TfAuRgslucIKOcA97PTlFEMldAY/x6FpyotHMQ7+7TS42dC4UOc+QADuIx6NDzB1I=
cf-bgj: minify
server: cloudflare
etag: W/"88ba11b6ca79cf5a9311022c94f18e95"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=86400
cf-ray: 6ef779420abd9158-FRA
expires: Tue, 22 Mar 2022 14:45:51 GMT

GET
H2 200 portalsemakan.com.1233814.es6.js Show response
jsc.mgid.com/p/o/ 242 KB
71 KB 484ms
444ms Script
text/javascript 104.19.132.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://jsc.mgid.com/p/o/portalsemakan.com.1233814.es6.js
Requested by: Host: portalsemakan.com
URL: https://portalsemakan.com/wp-content/litespeed/js/9cb4915548dd4d539f0db8e25e411486.js?ver=dc26b
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.132.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5052494ff09c4b59c4dfcd8b00ae07c79c26b63b99fb1a1369e908e8880e05a1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://portalsemakan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 21 Mar 2022 14:45:51 GMT
content-encoding: br
cf-cache-status: HIT
x-amz-request-id: C80D49A0DR919FMT
last-modified: Tue, 15 Mar 2022 11:56:39 GMT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: LwMgOonnw6ggW7MZpyXybGRw668jtYvdonR2yHwLbqzOiDCZ91pe1Q3ECXNuzNkRpKJtOOUyrqA=
cf-bgj: minify
server: cloudflare
etag: W/"8c4fe4e56c189e924105dc097cd5d518"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=10800
cf-ray: 6ef77941f9579220-FRA
expires: Mon, 21 Mar 2022 17:45:51 GMT

GET
H2 200 g.gif
pixel.wp.com/ 50 B
116 B 13ms
7ms Image
image/gif 192.0.76.3
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.wp.com/g.gif?v=ext&j=1%3A10.7&blog=175155631&post=1921&tz=8&srv=portalsemakan.com&host=portalsemakan.com&ref=&fcp=1307&rand=0.6948344219469211
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://portalsemakan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

access-control-allow-origin: *
date: Mon, 21 Mar 2022 14:45:51 GMT
cache-control: no-cache
server: nginx
content-length: 50
content-type: image/gif

GET
DATA 200
OK truncated
/ 273 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: fe50466edcdac1192aa7a5bebb69e57134216d66dc920c3611ce267751d1643b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 221 B
647 B 134ms
49ms Script
text/javascript 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=portalsemakan.com&callback=_gfp_s_&client=ca-pub-9427148377333143

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202203140101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-9427148377333143&plah=portalsemakan.com&bust=31065636

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

cba54a89263ad75d7173f3c416543953bd10e04f6ace980243ce94474a3787be

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://portalsemakan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 21 Mar 2022 14:45:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 203
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
792 B 138ms
48ms Script
application/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=portalsemakan.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://portalsemakan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 21 Mar 2022 14:45:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 136ms
47ms Script
application/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=portalsemakan.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://portalsemakan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 21 Mar 2022 14:45:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 9CEB 23 KB
5 KB 183ms
136ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9427148377333143&output=html&adk=1812271804&adf=3025194257&lmt=1647873950&plat=9%3A32904%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fportalsemakan.com%2Fpermohonan-pelan-data-pelajar%2F&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1647873950195&bpp=4&bdt=931&idt=217&shv=r20220316&mjsv=m202203140101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=1546548480197&frm=20&pv=2&ga_vid=501444452.1647873950&ga_sid=1647873950&ga_hid=2070634736&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531397%2C44750773%2C31065636%2C31062931&oid=2&pvsid=2369941670710697&pem=206&tmod=21303447&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=242

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b1c62ac4c4ead92ca6e5a6c9815052f448bc4d8a15de5c1cdd3095916859242c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://portalsemakan.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Mon, 21 Mar 2022 14:45:51 GMT
server: cafe
content-length: 5012
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Mon, 21 Mar 2022 14:45:51 GMT
cache-control: private

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 13 KB
10 KB 99ms
55ms XHR
application/json 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20220316&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ade428303f9c76d8491646313b7d889af35bcebb14cd3bec474150ea2cb523f9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://portalsemakan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 21 Mar 2022 14:45:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10401
x-xss-protection: 0

POST
H2 204 collect
www.google-analytics.com/g/ 0
172 B 299ms
72ms Ping
text/plain 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-9BPNW7KP57&gtm=2oe3e0&_p=2070634736&sr=1600x1200&ul=en-us&cid=501444452.1647873950&_s=1&dl=https%3A%2F%2Fportalsemakan.com%2Fpermohonan-pelan-data-pelajar%2F&dt=Permohonan%20Pelan%20Data%20dan%20Peranti%20Percuma%20Pelajar%20IPT%20B40%202021&sid=1647873950&sct=1&seg=0&en=page_view&_fv=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-9BPNW7KP57&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://portalsemakan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 21 Mar 2022 14:45:51 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://portalsemakan.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 261ms
36ms Script
text/javascript 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-55620648-23

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://portalsemakan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Nov 2021 17:39:06 GMT
server: Golfe2
age: 2465
date: Mon, 21 Mar 2022 14:04:46 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Mon, 21 Mar 2022 16:04:46 GMT

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 245ms
67ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://portalsemakan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 21 Mar 2022 14:45:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 21 Mar 2022 14:45:51 GMT

GET
H2 200 outstream.css
video-native.mgid.com/mgPlayer/css/1.11/ 18 KB
3 KB 128ms
8ms Stylesheet
text/css 2a03:90c0:41:2801::254
GCORE

General

Check archive.org

Show headers Download Go to

Full URL: https://video-native.mgid.com/mgPlayer/css/1.11/outstream.css
Requested by: Host: cdn.mgid.com
URL: https://cdn.mgid.com/js/wglibs/mgWidget_1.11.86.es6.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: daef238eaa5fe22f8304c0c9cae17157ba58b44188f67eb11f17b59fb1d248be

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://portalsemakan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-id: fr5-up-gc38
date: Mon, 21 Mar 2022 14:45:51 GMT
content-encoding: gzip
last-modified: Wed, 15 Sep 2021 15:08:40 GMT
server: nginx
etag: "4885-5cc0a12ca1c8c-gzip"
vary: Accept-Encoding
x-cached-since: 2022-03-18T12:11:59+00:00
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=290304000, public
cache: HIT
accept-ranges: bytes
content-length: 2617
expires: Sat, 18 Mar 2023 12:11:59 GMT

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 81 KB
28 KB 152ms
49ms Script
text/javascript 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: anymind360.com
URL: https://anymind360.com/js/4961/ats.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

sffe /

Resource Hash

69c0a8d5284b247bd724d3c3742bdb8d61c5cd8cc5df7fe1144679ec3531d7dc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://portalsemakan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 21 Mar 2022 14:45:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27819
x-xss-protection: 0
server: sffe
etag: "1164 / 761 of 1000 / last-modified: 1647861146"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Mon, 21 Mar 2022 14:45:51 GMT

GET
H2 200 prebid_2022_3_14_9_13_53.js Show response
anymind360.com/js/4961/ 288 KB
91 KB 8ms
8ms Script
application/javascript 2a04:4e42:400::645
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://anymind360.com/js/4961/prebid_2022_3_14_9_13_53.js

Requested by

Host: anymind360.com
URL: https://anymind360.com/js/4961/ats.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:400::645 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

0e891d90fd990f2642959e9f11eb7f5158bb0d1403a50e3dd2c0d2a13732e02c

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://portalsemakan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 21 Mar 2022 14:45:51 GMT
content-encoding: gzip
age: 232212
x-guploader-uploadid: ADPycdshc2F9nDI5T2JT5g8mp7MRcSgzBaZJlH4_hwysxG-fDKfr_i4JA1JiCIEATJjgibEek8PBPwV5FsQcYJtrcxoHqAapwA
x-cache: HIT, HIT
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
strict-transport-security: max-age=300
content-length: 92356
x-served-by: cache-tyo11976-TYO, cache-hhn4046-HHN
access-control-allow-origin: *
expires: Thu, 17 Mar 2022 21:11:50 GMT
last-modified: Mon, 14 Mar 2022 09:13:58 GMT
server: UploadServer
x-timer: S1647873951.313935,VS0,VE1
etag: "707f3cfecc84f3bb23fd1fec18d737ce"
vary: Accept-Encoding
x-goog-hash: crc32c=EDINtg==, md5=cH88/syE87sj/R/sGNc3zg==
x-goog-generation: 1647249238540412
via: 1.1 varnish, 1.1 varnish
access-control-expose-headers: Content-Type
cache-control: max-age=31536000, public
x-goog-stored-content-length: 92356
accept-ranges: bytes
content-type: application/javascript; charset=UTF-8
x-cache-hits: 1, 1

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 125ms
73ms Script
application/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=portalsemakan.com

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://portalsemakan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 21 Mar 2022 14:45:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 123ms
72ms Script
application/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=portalsemakan.com

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://portalsemakan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 21 Mar 2022 14:45:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 78B5 75 KB
24 KB 402ms
402ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9427148377333143&output=html&h=280&adk=4181226519&adf=619340566&pi=t.aa~a.1381849204~i.3~rp.4&w=668&fwrn=4&fwrnh=100&lmt=1647873950&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=6421966292&psa=0&ad_type=text_image&format=668x280&url=https%3A%2F%2Fportalsemakan.com%2Fpermohonan-pelan-data-pelajar%2F&flash=0&fwr=0&pra=3&rh=167&rw=668&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1647873950773&bpp=5&bdt=1509&idt=5&shv=r20220316&mjsv=m202203140101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dfcd06c51c05991a7-22348e9962cd00f4%3AT%3D1647873951%3ART%3D1647873951%3AS%3DALNI_MZi8O8l3zDjrt19u8o_ud9CyufgXA&prev_fmts=0x0&nras=2&correlator=1546548480197&frm=20&pv=1&ga_vid=501444452.1647873950&ga_sid=1647873950&ga_hid=2070634736&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=291&ady=1319&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531397%2C44750773%2C31065636%2C31062931&oid=2&pvsid=2369941670710697&pem=206&tmod=21303447&uas=0&nvt=1&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=CxSphkvNw4&p=https%3A//portalsemakan.com&dtd=62

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

256e0e83dfacee11b77dd365ca6df28b68b53aba9f28fdfcc9bb2f2e7e700cd2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://portalsemakan.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Mon, 21 Mar 2022 14:45:51 GMT
server: cafe
content-length: 25009
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Mon, 21 Mar 2022 14:45:51 GMT
cache-control: private

OPTIONS
H2 200 json
gum.criteo.com/sid/ Frame 0
0 77ms
18ms Preflight
application/json 2a02:2638::1c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fportalsemakan.com%2F&domain=portalsemakan.com&cw=1&lsw=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Origin: https://portalsemakan.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
content-type: application/json; charset=utf-8
expires: 0
access-control-allow-origin: https://portalsemakan.com
access-control-allow-headers: content-type
access-control-allow-credentials: true
access-control-allow-methods: GET
server-processing-duration-in-ticks: 1711
date: Mon, 21 Mar 2022 14:45:50 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding

GET
H2 200 latest.json Show response
cdn.jsdelivr.net/gh/prebid/currency-file@1/ 2 KB
1 KB 79ms
22ms XHR
application/json 2606:4700::6810:5914
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json

Requested by

Host: anymind360.com
URL: https://anymind360.com/js/4961/prebid_2022_3_14_9_13_53.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5914 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6aaaf19d843c5492519bd4c991e9d13375cf302b1c92b6284bf9cccd3ca0a048

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://portalsemakan.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 21 Mar 2022 14:45:51 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 19454
x-jsd-version: 1.0.1286
x-cache: HIT
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by: cache-fra19134-FRA
timing-allow-origin: *
x-jsd-version-type: version
server: cloudflare
etag: W/"669-wGGgWQkPe87reTGXXUKEpRMh2k8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
cf-ray: 6ef77945dd58993f-FRA

GET
H2

200

sid Show response
mug.criteo.com/
Redirect Chain

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fportalsemakan.com%2F&domain=portalsemakan.com&cw=1&lsw=1
https://mug.criteo.com/sid?cpp=xqaiEXx6RFFwUWVWNnB1Z1AzMGJyMFYyYjBQZVFRWmU1VWZnZTdidnBzKzFIY0ZSYjdOK0ZNSXZmQmN0WTN4a2x3NTNIQ0FTY0Nyb29DeTVGNWZVcjU1djhrRTlucFM0K25DRzJ1dmd2OFlwOWNDRWx2cndUcHMwTkcyNl...

348 B
618 B

65ms
18ms

XHR
application/json

178.250.2.146
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=xqaiEXx6RFFwUWVWNnB1Z1AzMGJyMFYyYjBQZVFRWmU1VWZnZTdidnBzKzFIY0ZSYjdOK0ZNSXZmQmN0WTN4a2x3NTNIQ0FTY0Nyb29DeTVGNWZVcjU1djhrRTlucFM0K25DRzJ1dmd2OFlwOWNDRWx2cndUcHMwTkcyNlpUeGVmOTdlWU0wNXhxSkI2c0ZyanZ3cWVaTWpRcUtCTExpaXdOeVltR29PT1NldFZHK0FPWHp5R1A3TE05U0VDUFB2eDgyTFAvYXgzZUJjeVJJUFR3SVFnNGV1aWNXUVlONW9iSXp1RDg0Y1EvbTNnVHYwPXw&cppv=2

Protocol

Server

178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

7b780ae8f2af1b1eb61f0dcf3cd268c3200592f8fdebb274611bd2a495f93d9d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://portalsemakan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 21 Mar 2022 14:45:51 GMT
content-encoding: gzip
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: null
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 3206
strict-transport-security: max-age=31536000; preload;
expires: 0

Redirect headers

pragma: no-cache
date: Mon, 21 Mar 2022 14:45:51 GMT
location: https://mug.criteo.com/sid?cpp=xqaiEXx6RFFwUWVWNnB1Z1AzMGJyMFYyYjBQZVFRWmU1VWZnZTdidnBzKzFIY0ZSYjdOK0ZNSXZmQmN0WTN4a2x3NTNIQ0FTY0Nyb29DeTVGNWZVcjU1djhrRTlucFM0K25DRzJ1dmd2OFlwOWNDRWx2cndUcHMwTkcyNlpUeGVmOTdlWU0wNXhxSkI2c0ZyanZ3cWVaTWpRcUtCTExpaXdOeVltR29PT1NldFZHK0FPWHp5R1A3TE05U0VDUFB2eDgyTFAvYXgzZUJjeVJJUFR3SVFnNGV1aWNXUVlONW9iSXp1RDg0Y1EvbTNnVHYwPXw&cppv=2
strict-transport-security: max-age=31536000; preload;
access-control-allow-methods: GET
content-type: text/html; charset=utf-8
access-control-allow-origin: https://portalsemakan.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 1750
content-length: 482
expires: 0

POST
H2 204 cdb Show response
bidder.criteo.com/ 0
219 B 73ms
19ms XHR
text/plain 178.250.2.131
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?profileId=207&av=33&wv=4.43.4&cb=84808790551

Requested by

Host: anymind360.com
URL: https://anymind360.com/js/4961/prebid_2022_3_14_9_13_53.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.131 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

bidder.am5.vip.prod.criteo.com

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://portalsemakan.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 21 Mar 2022 14:45:51 GMT
server: Finatra
vary: Origin
access-control-allow-origin: https://portalsemakan.com
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *

POST
H/1.1 400 prebid Show response
prebid.ad.smaato.net/oapi/ 0
460 B 131ms
26ms XHR
text/plain 54.76.14.137
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.ad.smaato.net/oapi/prebid
Requested by: Host: anymind360.com
URL: https://anymind360.com/js/4961/prebid_2022_3_14_9_13_53.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.76.14.137 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-76-14-137.eu-west-1.compute.amazonaws.com
Software: SOMA /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://portalsemakan.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

Date: Mon, 21 Mar 2022 14:45:51 GMT
Server: SOMA
X-SMT-MESSAGE: GDPR inventory not enabled for Application. Please contact your Account Manager.
Access-Control-Allow-Origin: https://portalsemakan.com
Access-Control-Expose-Headers: X-SMT-DivId,X-SMT-SessionId,X-SMT-ADTYPE,X-SMT-MESSAGE,X-SMT-Expires
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0
X-SMT-SessionId: 2f893536-a42f-4b26-853c-27c5fbc61d04

POST
H/1.1 400 prebid Show response
prebid.ad.smaato.net/oapi/ 0
460 B 138ms
30ms XHR
text/plain 54.76.14.137
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.ad.smaato.net/oapi/prebid
Requested by: Host: anymind360.com
URL: https://anymind360.com/js/4961/prebid_2022_3_14_9_13_53.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.76.14.137 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-76-14-137.eu-west-1.compute.amazonaws.com
Software: SOMA /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://portalsemakan.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

Date: Mon, 21 Mar 2022 14:45:51 GMT
Server: SOMA
X-SMT-MESSAGE: GDPR inventory not enabled for Application. Please contact your Account Manager.
Access-Control-Allow-Origin: https://portalsemakan.com
Access-Control-Expose-Headers: X-SMT-DivId,X-SMT-SessionId,X-SMT-ADTYPE,X-SMT-MESSAGE,X-SMT-Expires
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0
X-SMT-SessionId: e47aa02b-4919-4195-a2c0-fc232ebc0285

POST
H/1.1 400 prebid Show response
prebid.ad.smaato.net/oapi/ 0
460 B 157ms
43ms XHR
text/plain 54.76.14.137
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.ad.smaato.net/oapi/prebid
Requested by: Host: anymind360.com
URL: https://anymind360.com/js/4961/prebid_2022_3_14_9_13_53.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.76.14.137 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-76-14-137.eu-west-1.compute.amazonaws.com
Software: SOMA /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://portalsemakan.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

Date: Mon, 21 Mar 2022 14:45:51 GMT
Server: SOMA
X-SMT-MESSAGE: GDPR inventory not enabled for Application. Please contact your Account Manager.
Access-Control-Allow-Origin: https://portalsemakan.com
Access-Control-Expose-Headers: X-SMT-DivId,X-SMT-SessionId,X-SMT-ADTYPE,X-SMT-MESSAGE,X-SMT-Expires
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0
X-SMT-SessionId: 2de44086-c261-4a35-8da5-e34765c12468

POST
H/1.1 400 prebid Show response
prebid.ad.smaato.net/oapi/ 0
460 B 172ms
58ms XHR
text/plain 54.76.14.137
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.ad.smaato.net/oapi/prebid
Requested by: Host: anymind360.com
URL: https://anymind360.com/js/4961/prebid_2022_3_14_9_13_53.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.76.14.137 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-76-14-137.eu-west-1.compute.amazonaws.com
Software: SOMA /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://portalsemakan.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

Date: Mon, 21 Mar 2022 14:45:50 GMT
Server: SOMA
X-SMT-MESSAGE: GDPR inventory not enabled for Application. Please contact your Account Manager.
Access-Control-Allow-Origin: https://portalsemakan.com
Access-Control-Expose-Headers: X-SMT-DivId,X-SMT-SessionId,X-SMT-ADTYPE,X-SMT-MESSAGE,X-SMT-Expires
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0
X-SMT-SessionId: 5a947876-dba8-4e3b-aa0d-291118d0d6f2

POST
H/1.1 400 prebid Show response
prebid.ad.smaato.net/oapi/ 0
460 B 156ms
43ms XHR
text/plain 54.76.14.137
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.ad.smaato.net/oapi/prebid
Requested by: Host: anymind360.com
URL: https://anymind360.com/js/4961/prebid_2022_3_14_9_13_53.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.76.14.137 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-76-14-137.eu-west-1.compute.amazonaws.com
Software: SOMA /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://portalsemakan.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

Date: Mon, 21 Mar 2022 14:45:50 GMT
Server: SOMA
X-SMT-MESSAGE: GDPR inventory not enabled for Application. Please contact your Account Manager.
Access-Control-Allow-Origin: https://portalsemakan.com
Access-Control-Expose-Headers: X-SMT-DivId,X-SMT-SessionId,X-SMT-ADTYPE,X-SMT-MESSAGE,X-SMT-Expires
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0
X-SMT-SessionId: ec64d627-c2b1-427c-a033-df79a1ff85a9

POST
H/1.1 400 prebid Show response
prebid.ad.smaato.net/oapi/ 0
460 B 171ms
56ms XHR
text/plain 54.76.14.137
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.ad.smaato.net/oapi/prebid
Requested by: Host: anymind360.com
URL: https://anymind360.com/js/4961/prebid_2022_3_14_9_13_53.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.76.14.137 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-76-14-137.eu-west-1.compute.amazonaws.com
Software: SOMA /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://portalsemakan.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

Date: Mon, 21 Mar 2022 14:45:50 GMT
Server: SOMA
X-SMT-MESSAGE: GDPR inventory not enabled for Application. Please contact your Account Manager.
Access-Control-Allow-Origin: https://portalsemakan.com
Access-Control-Expose-Headers: X-SMT-DivId,X-SMT-SessionId,X-SMT-ADTYPE,X-SMT-MESSAGE,X-SMT-Expires
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0
X-SMT-SessionId: 1a29f932-c185-4019-b1ec-5715d4d68b2b

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ 0
117 B 169ms
99ms XHR
text/plain 185.64.189.112
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: anymind360.com
URL: https://anymind360.com/js/4961/prebid_2022_3_14_9_13_53.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://portalsemakan.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://portalsemakan.com
date: Mon, 21 Mar 2022 14:45:50 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

GET
H2 200 arj Show response
adasia-d.openx.net/w/1.0/ 73 B
380 B 98ms
31ms XHR
application/json 34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://adasia-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fportalsemakan.com%2Fpermohonan-pelan-data-pelajar%2F&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=0cba3d40-9fcd-4cb9-8f2f-d5d3e5c7af01%2Cf42610ec-839f-42eb-b435-c1396aa8ca2a%2C6308aac7-c657-460f-ae31-18587d5fc52f%2Cf148ffc8-8d58-4780-82aa-1701a6612e76&nocache=1647873950938&schain=1.0%2C1!anymanager.io%2C4961%2C1%2C%2C%2C&aus=728x90%7C728x90%2C728x250%7C300x250%2C336x280%7C300x250%2C336x280&divids=ats-overlay_bottom-0%2Cats-insert_ads-1%2Cats-insert_ads-3%2Cats-insert_ads-4&aucs=%252F21622890900%252C21781000793%252FMY_portalsemakan.com_pc_allpages_anchor_728x90%2C%252F21622890900%252C21781000793%252FMY_portalsemakan.com_res_article_below_728x90%252F%252F728x250%252F%252F300x250%252F%252F336x280%2C%252F21622890900%252C21781000793%252FMY_portalsemakan.com_pc_article_right_sticky_300x250%252F%252F300x600%2C%252F21622890900%252C21781000793%252FMY_portalsemakan.com_res_article_mid1_300x250%252F%252F300x600%252F%252F320x50%252F%252F320x100&auid=545707241%2C545687228%2C545707243%2C545707246
Requested by: Host: anymind360.com
URL: https://anymind360.com/js/4961/prebid_2022_3_14_9_13_53.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/17.2.1 /
Resource Hash: c13f3beffaddfe0d83d2cfea67f4e621693826f4245fc36ee4096ce31a9123fd

Request headers

Referer: https://portalsemakan.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 21 Mar 2022 14:45:51 GMT
content-encoding: gzip
server: OXGW/17.2.1
vary: Accept, Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://portalsemakan.com
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
content-type: application/json
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 79
via: 1.1 google
expires: Mon, 26 Jul 1997 05:00:00 GMT

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ 171 B
559 B 118ms
30ms XHR
application/json 185.86.138.16
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: anymind360.com
URL: https://anymind360.com/js/4961/prebid_2022_3_14_9_13_53.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.138.16 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer: https://portalsemakan.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 21 Mar 2022 14:45:51 GMT
content-encoding: br
vary: Accept-Encoding, Origin
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin: https://portalsemakan.com
cache-control: no-cache,no-store
transfer-encoding: chunked
access-control-allow-credentials: true
content-type: application/json; charset=UTF-8

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ 171 B
559 B 117ms
30ms XHR
application/json 185.86.138.16
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: anymind360.com
URL: https://anymind360.com/js/4961/prebid_2022_3_14_9_13_53.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.138.16 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer: https://portalsemakan.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 21 Mar 2022 14:45:51 GMT
content-encoding: br
vary: Accept-Encoding, Origin
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin: https://portalsemakan.com
cache-control: no-cache,no-store
transfer-encoding: chunked
access-control-allow-credentials: true
content-type: application/json; charset=UTF-8

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ 171 B
559 B 114ms
28ms XHR
application/json 185.86.138.16
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: anymind360.com
URL: https://anymind360.com/js/4961/prebid_2022_3_14_9_13_53.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.138.16 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer: https://portalsemakan.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 21 Mar 2022 14:45:50 GMT
content-encoding: br
vary: Accept-Encoding, Origin
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin: https://portalsemakan.com
cache-control: no-cache,no-store
transfer-encoding: chunked
access-control-allow-credentials: true
content-type: application/json; charset=UTF-8

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ 171 B
559 B 113ms
29ms XHR
application/json 185.86.138.16
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: anymind360.com
URL: https://anymind360.com/js/4961/prebid_2022_3_14_9_13_53.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.138.16 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer: https://portalsemakan.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 21 Mar 2022 14:45:51 GMT
content-encoding: br
vary: Accept-Encoding, Origin
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin: https://portalsemakan.com
cache-control: no-cache,no-store
transfer-encoding: chunked
access-control-allow-credentials: true
content-type: application/json; charset=UTF-8

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ 171 B
564 B 113ms
29ms XHR
application/json 185.86.138.16
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: anymind360.com
URL: https://anymind360.com/js/4961/prebid_2022_3_14_9_13_53.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.138.16 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer: https://portalsemakan.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 21 Mar 2022 14:45:51 GMT
content-encoding: br
vary: Accept-Encoding, Origin
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin: https://portalsemakan.com
cache-control: no-cache,no-store
transfer-encoding: chunked
access-control-allow-credentials: true
content-type: application/json; charset=UTF-8

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ 171 B
559 B 112ms
29ms XHR
application/json 185.86.138.16
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: anymind360.com
URL: https://anymind360.com/js/4961/prebid_2022_3_14_9_13_53.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.138.16 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer: https://portalsemakan.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 21 Mar 2022 14:45:51 GMT
content-encoding: br
vary: Accept-Encoding, Origin
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin: https://portalsemakan.com
cache-control: no-cache,no-store
transfer-encoding: chunked
access-control-allow-credentials: true
content-type: application/json; charset=UTF-8

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 53 B
749 B 68ms
46ms XHR
application/json 37.252.172.38
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: anymind360.com
URL: https://anymind360.com/js/4961/prebid_2022_3_14_9_13_53.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.38 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

690.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

a68a70f7be9281f3f7148b38d7f5971f1dc946d3034a40e55021d0fb6fb78d73

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://portalsemakan.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Mon, 21 Mar 2022 14:45:51 GMT
X-Proxy-Origin: 185.213.155.166; 185.213.155.166; 690.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid: 3f3c6c2b-cd36-4c07-8e7a-cdcb1491c0e2
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://portalsemakan.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 53
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 cygnus Show response
htlb.casalemedia.com/ 37 B
334 B 144ms
102ms XHR
application/json 184.31.84.150
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://htlb.casalemedia.com/cygnus?s=713261&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%2234a8a02e7961af6%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fportalsemakan.com%2Fpermohonan-pelan-data-pelajar%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22mfu%22%3A0%2C%22bu%22%3A4%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A4%2C%22ren%22%3Afalse%2C%22version%22%3A%224.43.4%22%2C%22userIds%22%3A%5B%5D%2C%22msd%22%3A0%2C%22msi%22%3A0%7D%7D%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22anymanager.io%22%2C%22sid%22%3A%224961%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%2235b603861fe5616%22%2C%22ext%22%3A%7B%22siteID%22%3A%22713261%22%2C%22sid%22%3A%2222396288492%22%2C%22dfp_ad_unit_code%22%3A%22%2F21622890900%2C21781000793%2FMY_portalsemakan.com_pc_allpages_anchor_728x90%22%7D%2C%22banner%22%3A%7B%22w%22%3A728%2C%22h%22%3A90%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%22362ba1f66a04a2e%22%2C%22ext%22%3A%7B%22siteID%22%3A%22713261%22%2C%22sid%22%3A%2222396223427%22%2C%22dfp_ad_unit_code%22%3A%22%2F21622890900%2C21781000793%2FMY_portalsemakan.com_res_article_below_728x90%2F%2F728x250%2F%2F300x250%2F%2F336x280%22%7D%2C%22banner%22%3A%7B%22w%22%3A728%2C%22h%22%3A90%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%22378e41ca27c7e91%22%2C%22ext%22%3A%7B%22siteID%22%3A%22713261%22%2C%22sid%22%3A%2222396223427%22%2C%22dfp_ad_unit_code%22%3A%22%2F21622890900%2C21781000793%2FMY_portalsemakan.com_res_article_below_728x90%2F%2F728x250%2F%2F300x250%2F%2F336x280%22%7D%2C%22banner%22%3A%7B%22w%22%3A728%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%223878a1d5ba83764%22%2C%22ext%22%3A%7B%22siteID%22%3A%22713261%22%2C%22sid%22%3A%2222487813512%22%2C%22dfp_ad_unit_code%22%3A%22%2F21622890900%2C21781000793%2FMY_portalsemakan.com_pc_article_right_sticky_300x250%2F%2F300x600%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%2239feedb898b3628%22%2C%22ext%22%3A%7B%22siteID%22%3A%22713261%22%2C%22sid%22%3A%2222487813512%22%2C%22dfp_ad_unit_code%22%3A%22%2F21622890900%2C21781000793%2FMY_portalsemakan.com_pc_article_right_sticky_300x250%2F%2F300x600%22%7D%2C%22banner%22%3A%7B%22w%22%3A336%2C%22h%22%3A280%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%2240631526c5b6d1b%22%2C%22ext%22%3A%7B%22siteID%22%3A%22713261%22%2C%22sid%22%3A%2222577361859%22%2C%22dfp_ad_unit_code%22%3A%22%2F21622890900%2C21781000793%2FMY_portalsemakan.com_res_article_mid1_300x250%2F%2F300x600%2F%2F320x50%2F%2F320x100%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%2241566b839726a65%22%2C%22ext%22%3A%7B%22siteID%22%3A%22713261%22%2C%22sid%22%3A%2222577361859%22%2C%22dfp_ad_unit_code%22%3A%22%2F21622890900%2C21781000793%2FMY_portalsemakan.com_res_article_mid1_300x250%2F%2F300x600%2F%2F320x50%2F%2F320x100%22%7D%2C%22banner%22%3A%7B%22w%22%3A336%2C%22h%22%3A280%2C%22topframe%22%3A1%7D%7D%5D%7D
Requested by: Host: anymind360.com
URL: https://anymind360.com/js/4961/prebid_2022_3_14_9_13_53.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.31.84.150 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-31-84-150.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: bd3ac8e7dafda40a1392832cef2bdd23d2c437e0e0ccdaccfb0e02e8fa43eeb1

Request headers

Referer: https://portalsemakan.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 21 Mar 2022 14:45:51 GMT
x-ak-initial-geo: CC:[DE], RC:[HE], CN:[EU], CIP:[185.213.155.166], XFF:[]
server: Apache
content-type: application/json
access-control-allow-origin: https://portalsemakan.com
x-cs-client-geo: 12
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 37
x-ak-client-geo: 12
expires: Mon, 21 Mar 2022 14:45:51 GMT

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 808 B
3 KB 185ms
67ms XHR
application/json 2602:803:c003:200::31
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17692&site_id=387140&zone_id=2174606%3B2157226%3B2174614%3B2174634&size_id=2%3B2%3B15%3B15&alt_size_ids=%3B%3B16%3B16&rp_schain=1.0,1!anymanager.io,4961,1,,,&rf=https%3A%2F%2Fportalsemakan.com%2Fpermohonan-pelan-data-pelajar%2F&tg_i.dfp_ad_unit_code=21622890900%2C21781000793%2FMY_portalsemakan.com_pc_allpages_anchor_728x90%3B21622890900%2C21781000793%2FMY_portalsemakan.com_res_article_below_728x90%2F%2F728x250%2F%2F300x250%2F%2F336x280%3B21622890900%2C21781000793%2FMY_portalsemakan.com_pc_article_right_sticky_300x250%2F%2F300x600%3B21622890900%2C21781000793%2FMY_portalsemakan.com_res_article_mid1_300x250%2F%2F300x600%2F%2F320x50%2F%2F320x100&tg_i.pbadslot=21622890900%2C21781000793%2FMY_portalsemakan.com_pc_allpages_anchor_728x90%3B21622890900%2C21781000793%2FMY_portalsemakan.com_res_article_below_728x90%2F%2F728x250%2F%2F300x250%2F%2F336x280%3B21622890900%2C21781000793%2FMY_portalsemakan.com_pc_article_right_sticky_300x250%2F%2F300x600%3B21622890900%2C21781000793%2FMY_portalsemakan.com_res_article_mid1_300x250%2F%2F300x600%2F%2F320x50%2F%2F320x100&tk_flint=pbjs_lite_v4.43.4&x_source.tid=0cba3d40-9fcd-4cb9-8f2f-d5d3e5c7af01%3Bf42610ec-839f-42eb-b435-c1396aa8ca2a%3B6308aac7-c657-460f-ae31-18587d5fc52f%3Bf148ffc8-8d58-4780-82aa-1701a6612e76&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=4&rand=0.2562304151537038
Requested by: Host: anymind360.com
URL: https://anymind360.com/js/4961/prebid_2022_3_14_9_13_53.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 2602:803:c003:200::31 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: d74d25d117887582f90eb768c504c42e024a9bdb1b1dc469fbffb69acdb9cbb4

Request headers

Referer: https://portalsemakan.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Mon, 21 Mar 2022 14:45:51 GMT
Server: nginx/1.21.4
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://portalsemakan.com
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Content-Length: 808
Expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 1 B
21 B 104ms
53ms XHR
text/plain 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=2070634736&t=pageview&_s=1&dl=https%3A%2F%2Fportalsemakan.com%2Fpermohonan-pelan-data-pelajar%2F&ul=en-us&de=UTF-8&dt=Permohonan%20Pelan%20Data%20dan%20Peranti%20Percuma%20Pelajar%20IPT%20B40%202021&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAAC~&jid=1958523750&gjid=814200391&cid=501444452.1647873950&tid=UA-55620648-23&_gid=1833555791.1647873951&_r=1&gtm=2ou3e0&z=1042242165

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://portalsemakan.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 21 Mar 2022 14:45:51 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://portalsemakan.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 57F4 13 KB
5 KB 94ms
42ms Document
text/html 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://portalsemakan.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length: 5046
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 21 Mar 2022 13:17:04 GMT
expires: Tue, 21 Mar 2023 13:17:04 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
content-type: text/html
age: 5327
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame C6B4 783 B
1 KB 192ms
65ms Document
text/html 2a00:1450:4001:801::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

82a97b8af9b9acec415f756e9b7e5ffcc8570e956073863a2b44f3fafd02c271

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-9EE/nnrn/vM5nfXy0N8sEg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://portalsemakan.com/

Response headers

cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires: Mon, 21 Mar 2022 14:45:51 GMT
date: Mon, 21 Mar 2022 14:45:51 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-9EE/nnrn/vM5nfXy0N8sEg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 510
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 pubads_impl_2022031501.js Show response
securepubads.g.doubleclick.net/gpt/ 365 KB
124 KB 105ms
53ms Script
text/javascript 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031501.js?cb=31065673

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

sffe /

Resource Hash

4b6c2cabe35ab603f2cff6d7b73775bca1d81016b1f1e06fe4da4bbf3c5766eb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://portalsemakan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 21 Mar 2022 08:41:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 21855
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 126660
x-xss-protection: 0
last-modified: Tue, 15 Mar 2022 08:35:06 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Tue, 21 Mar 2023 08:41:36 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 156 B
132 B 103ms
52ms XHR
application/json 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=portalsemakan.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

f88c354e9a9e14b8642be19f6f016658c812ffd019462cdde7d953ef294f06f8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://portalsemakan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 21 Mar 2022 14:45:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 107
x-xss-protection: 0
expires: Mon, 21 Mar 2022 14:45:51 GMT

OPTIONS
H2 200 sid
mug.criteo.com/ Frame 0
0 114ms
20ms Preflight
application/json 178.250.2.146
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Origin: null
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
content-type: application/json; charset=utf-8
expires: 0
access-control-allow-origin: null
access-control-allow-headers: content-type
access-control-allow-credentials: true
access-control-allow-methods: GET
server-processing-duration-in-ticks: 1094
date: Mon, 21 Mar 2022 14:45:51 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding

GET
H3 200 c9SOW3fm-cIOlp3tvRsibzkEuEO1MqMyQpfRRVluBWQ.js Show response
pagead2.googlesyndication.com/bg/ Frame 57F4 35 KB
14 KB 38ms
38ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/c9SOW3fm-cIOlp3tvRsibzkEuEO1MqMyQpfRRVluBWQ.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

73d48e5b77e6f9c20e969dedbd1b226f3904b843b532a3324297d145596e0564

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 20 Mar 2022 10:37:34 GMT
content-encoding: br
x-content-type-options: nosniff
age: 101297
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13819
x-xss-protection: 0
last-modified: Mon, 14 Mar 2022 11:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 20 Mar 2023 10:37:34 GMT

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 48ms
48ms Script
application/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=portalsemakan.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031501.js?cb=31065673

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://portalsemakan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 21 Mar 2022 14:45:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 50ms
50ms Script
application/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=portalsemakan.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031501.js?cb=31065673

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://portalsemakan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 21 Mar 2022 14:45:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 28 KB
13 KB 412ms
412ms XHR
text/plain 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2369941670710697&correlator=3039021371906607&eid=31064685%2C31065485%2C31065673%2C31062931&output=ldjh&gdfp_req=1&vrg=2022031501&ptt=17&impl=fifs&iu_parts=21622890900%3A21781000793%2CMY_portalsemakan.com_pc_allpages_anchor_728x90&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90&ifi=4&adks=2963130588&sfv=1-0-38&ecs=20220321&fsapi=false&eri=1&cust_params=url%3D%252Fpermohonan-pelan-data-pelajar%252F%26ref%3Dnull&sc=1&cookie=ID%3Dfcd06c51c05991a7-22348e9962cd00f4%3AT%3D1647873951%3ART%3D1647873951%3AS%3DALNI_MZi8O8l3zDjrt19u8o_ud9CyufgXA&abxe=1&dt=1647873951363&lmt=1647873951&dlt=1647873949264&idt=2043&biw=1600&bih=1200&adxs=0&adys=4&oid=2&ucis=1&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&url=https%3A%2F%2Fportalsemakan.com%2Fpermohonan-pelan-data-pelajar%2F&frm=20&vis=1&scr_x=0&scr_y=0&psz=1600x1&msz=728x0&fws=128&ohw=0&ga_vid=501444452.1647873950&ga_sid=1647873950&ga_hid=2070634736&ga_fc=true&btvi=0&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031501.js?cb=31065673

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

9fa15142d4d1f8aba5ba7f10e72bacaba0ab9265f8ebfc853a7aa2f4230b13f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://portalsemakan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 21 Mar 2022 14:45:52 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: 211995
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13626
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-mediationtag-id: 314490
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://portalsemakan.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 28 KB
13 KB 920ms
920ms XHR
text/plain 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2369941670710697&correlator=3039021371906607&eid=31064685%2C31065485%2C31065673%2C31062931&output=ldjh&gdfp_req=1&vrg=2022031501&ptt=17&impl=fifs&iu_parts=21622890900%3A21781000793%2CMY_portalsemakan.com_res_article_below_728x90%2C728x250%2C300x250%2C336x280&enc_prev_ius=%2F0%2F1%2F%2F2%2F%2F3%2F%2F4&prev_iu_szs=728x90%7C728x250&ifi=5&adks=1272540897&sfv=1-0-38&ecs=20220321&fsapi=false&eri=1&cust_params=url%3D%252Fpermohonan-pelan-data-pelajar%252F%26ref%3Dnull&sc=1&cookie=ID%3Dfcd06c51c05991a7-22348e9962cd00f4%3AT%3D1647873951%3ART%3D1647873951%3AS%3DALNI_MZi8O8l3zDjrt19u8o_ud9CyufgXA&abxe=1&dt=1647873951390&lmt=1647873951&dlt=1647873949264&idt=2043&biw=1600&bih=1200&adxs=291&adys=5479&oid=2&ucis=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&url=https%3A%2F%2Fportalsemakan.com%2Fpermohonan-pelan-data-pelajar%2F&frm=20&vis=1&scr_x=0&scr_y=0&psz=668x0&msz=728x0&fws=128&ohw=0&ga_vid=501444452.1647873950&ga_sid=1647873950&ga_hid=2070634736&ga_fc=true&btvi=1&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031501.js?cb=31065673

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

c56c52a55f7816319d1c1d4eced53dd1ffcc336f902e68e2db71f07c56c55de2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://portalsemakan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 21 Mar 2022 14:45:52 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: 211995
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13545
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-mediationtag-id: 314490
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://portalsemakan.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 17 KB
8 KB 1251ms
1251ms XHR
text/plain 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2369941670710697&correlator=3039021371906607&eid=31064685%2C31065485%2C31065673%2C31062931&output=ldjh&gdfp_req=1&vrg=2022031501&ptt=17&impl=fifs&iu_parts=21622890900%3A21781000793%2CMY_portalsemakan.com_res_article_1x1&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ifi=6&adks=1383592160&sfv=1-0-38&ecs=20220321&fsapi=false&eri=1&cust_params=url%3D%252Fpermohonan-pelan-data-pelajar%252F%26ref%3Dnull&sc=1&cookie=ID%3Dfcd06c51c05991a7-22348e9962cd00f4%3AT%3D1647873951%3ART%3D1647873951%3AS%3DALNI_MZi8O8l3zDjrt19u8o_ud9CyufgXA&abxe=1&dt=1647873951405&lmt=1647873951&dlt=1647873949264&idt=2043&biw=1600&bih=1200&adxs=1600&adys=1200&oid=2&ucis=3&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&url=https%3A%2F%2Fportalsemakan.com%2Fpermohonan-pelan-data-pelajar%2F&frm=20&vis=1&scr_x=0&scr_y=0&psz=0x-1&msz=0x-1&fws=640&ohw=0&ga_vid=501444452.1647873950&ga_sid=1647873950&ga_hid=2070634736&ga_fc=true&btvi=2&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031501.js?cb=31065673

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

c6cf9a12bba6f42fa17faf4d1777121a1297a17c51f5a0af493724138f815295

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://portalsemakan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 21 Mar 2022 14:45:53 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8136
x-xss-protection: 0
google-lineitem-id: 5943277188
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138384451135
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://portalsemakan.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 28 KB
13 KB 1135ms
1135ms XHR
text/plain 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2369941670710697&correlator=3039021371906607&eid=31064685%2C31065485%2C31065673%2C31062931&output=ldjh&gdfp_req=1&vrg=2022031501&ptt=17&impl=fifs&iu_parts=21622890900%3A21781000793%2CMY_portalsemakan.com_res_article_mid1_300x250%2C300x600%2C320x50%2C320x100&enc_prev_ius=%2F0%2F1%2F%2F2%2F%2F3%2F%2F4&prev_iu_szs=300x250%7C336x280&ifi=7&adks=1412468635&sfv=1-0-38&ecs=20220321&fsapi=false&eri=1&cust_params=url%3D%252Fpermohonan-pelan-data-pelajar%252F%26ref%3Dnull&sc=1&cookie=ID%3Dfcd06c51c05991a7-22348e9962cd00f4%3AT%3D1647873951%3ART%3D1647873951%3AS%3DALNI_MZi8O8l3zDjrt19u8o_ud9CyufgXA&abxe=1&dt=1647873951410&lmt=1647873951&dlt=1647873949264&idt=2043&biw=1600&bih=1200&adxs=291&adys=826&oid=2&ucis=4&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&url=https%3A%2F%2Fportalsemakan.com%2Fpermohonan-pelan-data-pelajar%2F&frm=20&vis=1&scr_x=0&scr_y=0&psz=668x0&msz=300x0&fws=128&ohw=0&ga_vid=501444452.1647873950&ga_sid=1647873950&ga_hid=2070634736&ga_fc=true&btvi=0&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031501.js?cb=31065673

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

21736339df5742973ef0a07c9100f0b201934ce3b857bc6b6ffce5235e6a3d84

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://portalsemakan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 21 Mar 2022 14:45:53 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: 211995
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13630
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-mediationtag-id: 314490
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://portalsemakan.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 28 KB
13 KB 644ms
644ms XHR
text/plain 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2369941670710697&correlator=3039021371906607&eid=31064685%2C31065485%2C31065673%2C31062931&output=ldjh&gdfp_req=1&vrg=2022031501&ptt=17&impl=fifs&iu_parts=21622890900%3A21781000793%2CMY_portalsemakan.com_pc_article_right_sticky_300x250%2C300x600&enc_prev_ius=%2F0%2F1%2F%2F2&prev_iu_szs=300x250%7C336x280&ifi=8&adks=1639631207&sfv=1-0-38&ecs=20220321&fsapi=false&eri=1&cust_params=url%3D%252Fpermohonan-pelan-data-pelajar%252F%26ref%3Dnull&sc=1&cookie=ID%3Dfcd06c51c05991a7-22348e9962cd00f4%3AT%3D1647873951%3ART%3D1647873951%3AS%3DALNI_MZi8O8l3zDjrt19u8o_ud9CyufgXA&abxe=1&dt=1647873951419&lmt=1647873951&dlt=1647873949264&idt=2043&biw=1600&bih=1200&adxs=1020&adys=778&oid=2&ucis=5&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&url=https%3A%2F%2Fportalsemakan.com%2Fpermohonan-pelan-data-pelajar%2F&frm=20&vis=1&scr_x=0&scr_y=0&psz=330x0&msz=300x0&fws=128&ohw=0&ga_vid=501444452.1647873950&ga_sid=1647873950&ga_hid=2070634736&ga_fc=true&btvi=0&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031501.js?cb=31065673

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

964f315ce94016a7bf010a92af0640dd11f1045b514fc4016880b6a9f2018501

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://portalsemakan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 21 Mar 2022 14:45:52 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: 211995
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13687
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-mediationtag-id: 314490
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://portalsemakan.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
4ff8e811445a9b61eb0bed126f8b9447.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame CD36 6 KB
4 KB 148ms
47ms Document
text/html 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://4ff8e811445a9b61eb0bed126f8b9447.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031501.js?cb=31065673

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://portalsemakan.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
date: Mon, 21 Mar 2022 14:45:52 GMT
expires: Tue, 21 Mar 2023 14:45:52 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220316/r20110914/ Frame 78B5 19 KB
8 KB 41ms
40ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220316/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9427148377333143&output=html&h=280&adk=4181226519&adf=619340566&pi=t.aa~a.1381849204~i.3~rp.4&w=668&fwrn=4&fwrnh=100&lmt=1647873950&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=6421966292&psa=0&ad_type=text_image&format=668x280&url=https%3A%2F%2Fportalsemakan.com%2Fpermohonan-pelan-data-pelajar%2F&flash=0&fwr=0&pra=3&rh=167&rw=668&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1647873950773&bpp=5&bdt=1509&idt=5&shv=r20220316&mjsv=m202203140101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dfcd06c51c05991a7-22348e9962cd00f4%3AT%3D1647873951%3ART%3D1647873951%3AS%3DALNI_MZi8O8l3zDjrt19u8o_ud9CyufgXA&prev_fmts=0x0&nras=2&correlator=1546548480197&frm=20&pv=1&ga_vid=501444452.1647873950&ga_sid=1647873950&ga_hid=2070634736&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=291&ady=1319&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531397%2C44750773%2C31065636%2C31062931&oid=2&pvsid=2369941670710697&pem=206&tmod=21303447&uas=0&nvt=1&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=CxSphkvNw4&p=https%3A//portalsemakan.com&dtd=62

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7a1471ca7e22e8d7fbd213278b0ae7fb0aceb5315df9342f27b5c935f572a873

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 21 Mar 2022 14:13:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1960
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7837
x-xss-protection: 0
server: cafe
etag: 11989895151606364259
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 04 Apr 2022 14:13:12 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 78B5 8 KB
714 B 105ms
48ms Stylesheet
text/css 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:700,500,400,300

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

32bc7c1c64fd1b755d48d6025b86b7e7a28ad35d1f420cf85cdc1123aa7dfcd7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 21 Mar 2022 13:22:41 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Mon, 21 Mar 2022 14:45:52 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 21 Mar 2022 14:45:52 GMT

GET
H2 200 outstream.min.css
imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20211103_RC00/ Frame 78B5 14 KB
3 KB 220ms
39ms Stylesheet
text/css 2a00:1450:4001:809::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20211103_RC00/outstream.min.css

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

48ca4c570f2d58d8ff837e1c8f7d73e418a485ae23b2c9322f2f351d71d93aa7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 21 Mar 2022 13:09:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 5764
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2798
x-xss-protection: 0
last-modified: Wed, 03 Nov 2021 10:36:35 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 21 Mar 2023 13:09:48 GMT

GET
H2 200 outstream.min.js Show response
imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20211103_RC00/ Frame 78B5 355 KB
123 KB 220ms
40ms Script
text/javascript 2a00:1450:4001:809::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20211103_RC00/outstream.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

425d7478422a02b8592686dd947b18cae0ca66ab39dc437067219356fb7a0a61

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 21 Mar 2022 13:09:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 5764
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 125995
x-xss-protection: 0
last-modified: Wed, 03 Nov 2021 10:36:35 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 21 Mar 2023 13:09:48 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220316/r20110914/client/ Frame 78B5 15 KB
6 KB 41ms
40ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220316/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c82a58123e9f042fb6f68695578cff668b16b22915e0a8cb8acca14741df2bac

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 21 Mar 2022 14:16:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1750
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6367
x-xss-protection: 0
server: cafe
etag: 1939740185073438140
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 04 Apr 2022 14:16:42 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 78B5 0
0 242ms
70ms Image
text/html 2a00:1450:4001:801::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRkzA-9MInWWsz5ZL-o9_B84_M9X1QaHVgvdVSdlVYW3JkL4xel_4KPpUy6jyb8XKdMX0AdFhfLV_F548aEefLLkz4s0g
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9427148377333143&output=html&h=280&adk=4181226519&adf=619340566&pi=t.aa~a.1381849204~i.3~rp.4&w=668&fwrn=4&fwrnh=100&lmt=1647873950&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=6421966292&psa=0&ad_type=text_image&format=668x280&url=https%3A%2F%2Fportalsemakan.com%2Fpermohonan-pelan-data-pelajar%2F&flash=0&fwr=0&pra=3&rh=167&rw=668&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1647873950773&bpp=5&bdt=1509&idt=5&shv=r20220316&mjsv=m202203140101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dfcd06c51c05991a7-22348e9962cd00f4%3AT%3D1647873951%3ART%3D1647873951%3AS%3DALNI_MZi8O8l3zDjrt19u8o_ud9CyufgXA&prev_fmts=0x0&nras=2&correlator=1546548480197&frm=20&pv=1&ga_vid=501444452.1647873950&ga_sid=1647873950&ga_hid=2070634736&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=291&ady=1319&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531397%2C44750773%2C31065636%2C31062931&oid=2&pvsid=2369941670710697&pem=206&tmod=21303447&uas=0&nvt=1&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=CxSphkvNw4&p=https%3A//portalsemakan.com&dtd=62
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:801::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

POST
H3 200 admin-ajax.php Show response
portalsemakan.com/wp-admin/ 0
737 B 1878ms
1877ms XHR
text/html 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://portalsemakan.com/wp-admin/admin-ajax.php

Requested by

Host: portalsemakan.com
URL: https://portalsemakan.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://portalsemakan.com/permohonan-pelan-data-pelajar/
X-Requested-With: XMLHttpRequest
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Mon, 21 Mar 2022 14:45:54 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-litespeed-cache-control: no-cache
x-litespeed-tag: f1f_HTTP.200
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
referrer-policy: strict-origin-when-cross-origin
x-robots-tag: noindex
server: cloudflare
x-frame-options: SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1iVB5LhDAIt1TbKIumrmulc8PK%2B5CwcCix5f34HJrNfViSq1xhRFbkzPTxpzWTI84JVifPed2YBxenknsVp60%2BN5kVsjzaQsJCI0tBQDRDk5NdOC9iQ6rKX3jXVw3qPgTGWjcHbLAsRglOrWws8yZw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://portalsemakan.com
cache-control: no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
x-turbo-charged-by: LiteSpeed
cf-ray: 6ef77948fa729110-FRA
expires: Wed, 11 Jan 1984 05:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame C6B4 0
0 74ms
73ms Image
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20220316&jk=2369941670710697&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 57F4 0
9 B 39ms
38ms Image
text/plain 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?O4O9qA
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 21 Mar 2022 14:45:52 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H2 200 / Show response
c.mgid.com/pv/ 0
303 B 119ms
110ms Script
text/plain 104.19.132.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://c.mgid.com/pv/?pv=5&cbuster=1647873951600308993067&uniqId=053bf&niet=4g&nisd=false&jsv=es6&ref=&cxurl=https%3A%2F%2Fportalsemakan.com%2Fpermohonan-pelan-data-pelajar%2F&lu=https%3A%2F%2Fportalsemakan.com%2Fpermohonan-pelan-data-pelajar%2F&sessionId=62388fa0-0d161&pageView=1&pvid=17facf10770a74c859f&site=765693&implVersion=11&dpr=1
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/p/o/portalsemakan.com.1233564.es6.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.132.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://portalsemakan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 21 Mar 2022 14:45:52 GMT
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cf-ray: 6ef77949d9799220-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 mgid_ua.svg
cdn.mgid.com/images/mgid/ 2 KB
1 KB 42ms
21ms Image
image/svg+xml 104.19.135.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.mgid.com/images/mgid/mgid_ua.svg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.19.135.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 70d5c4de881e718d0b7638959680ba86722d44eecbe4058d20dd77b8d0d97155

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://portalsemakan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 21 Mar 2022 14:45:52 GMT
content-encoding: br
cf-cache-status: HIT
age: 3355
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: FY75M483VQ0RS4R6
x-amz-id-2: 3td4GNUX2tJJZai6Tif2rz0qn3ro67myUS5cc5EioymHV19ydIdJYSwLJRKhk0xdu1fu45gSc6g=
last-modified: Tue, 08 Mar 2022 17:05:01 GMT
server: cloudflare
x-amz-meta-s3cmd-attrs: atime:1646759091/ctime:1646759091/gid:0/gname:root/md5:617c205137825561208ef7c1a2d8f319/mode:33206/mtime:1646759091/uid:0/uname:root
etag: W/"617c205137825561208ef7c1a2d8f319"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=86400
cf-ray: 6ef7794a1ce29158-FRA
expires: Tue, 22 Mar 2022 14:45:52 GMT

GET
H3 200 Adchoices.svg
cdn.mgid.com/images/logos/ 836 B
1 KB 45ms
25ms Image
image/svg+xml 104.19.135.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.mgid.com/images/logos/Adchoices.svg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.19.135.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7992a4430843ef8b4bbae534358be3193aa1ae9c78f273e8e8a70b6af1244ac5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://portalsemakan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 21 Mar 2022 14:45:52 GMT
content-encoding: br
cf-cache-status: HIT
age: 6833
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: G7XVAWHV2A1TM5YQ
x-amz-id-2: YTUD+eplGac2nzDoCf6mNAS+SFRWUcCYJKczG3n8f/90lY7q4TeiITaNexYchgGjMS0Xbxxxcvw=
last-modified: Wed, 17 Feb 2021 18:15:53 GMT
server: cloudflare
x-amz-meta-s3cmd-attrs: atime:1613585745/ctime:1613585745/gid:0/gname:root/md5:7d59364b7ed2df3f02507c9f92560df9/mode:33206/mtime:1613585745/uid:0/uname:root
etag: W/"7d59364b7ed2df3f02507c9f92560df9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=86400
cf-ray: 6ef7794a1ce09158-FRA
expires: Tue, 22 Mar 2022 14:45:52 GMT

GET
H2 200 1 Show response
servicer.mgid.com/1233564/ 4 KB
2 KB 44ms
34ms Script
application/x-javascript 104.19.132.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://servicer.mgid.com/1233564/1?pv=5&cbuster=1647873951687347257790&uniqId=053bf&niet=4g&nisd=false&jsv=es6&w=668&h=261&cols=2&ref=&cxurl=https%3A%2F%2Fportalsemakan.com%2Fpermohonan-pelan-data-pelajar%2F&lu=https%3A%2F%2Fportalsemakan.com%2Fpermohonan-pelan-data-pelajar%2F&sessionId=62388fa0-0d161&pageView=1&pvid=17facf10770a74c859f&implVersion=11&dpr=1
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/p/o/portalsemakan.com.1233564.es6.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.132.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bd11730f230b002a5e28a44535872d454f1b4d61cbbaf2b823b50ae87b39fe3f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://portalsemakan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 21 Mar 2022 14:45:52 GMT
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type: application/x-javascript; charset=utf-8
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cf-ray: 6ef7794a6a3b9220-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 outstream.css
video-native.mgid.com/mgPlayer/css/1.11/ 18 KB
3 KB 9ms
9ms Stylesheet
text/css 2a03:90c0:41:2801::254
GCORE

General

Check archive.org

Show headers Download Go to

Full URL: https://video-native.mgid.com/mgPlayer/css/1.11/outstream.css
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/p/o/portalsemakan.com.1233564.es6.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: daef238eaa5fe22f8304c0c9cae17157ba58b44188f67eb11f17b59fb1d248be

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://portalsemakan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-id: fr5-up-gc38
date: Mon, 21 Mar 2022 14:45:52 GMT
content-encoding: gzip
last-modified: Wed, 15 Sep 2021 15:08:40 GMT
server: nginx
etag: "4885-5cc0a12ca1c8c-gzip"
vary: Accept-Encoding
x-cached-since: 2022-03-18T12:11:59+00:00
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=290304000, public
cache: HIT
accept-ranges: bytes
content-length: 2617
expires: Sat, 18 Mar 2023 12:11:59 GMT

GET
H2 200 mgPlayer_v2.css
video-native.mgid.com/mgPlayer/css/ 24 KB
3 KB 10ms
9ms Stylesheet
text/css 2a03:90c0:41:2801::254
GCORE

General

Check archive.org

Show headers Download Go to

Full URL: https://video-native.mgid.com/mgPlayer/css/mgPlayer_v2.css
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/p/o/portalsemakan.com.1233564.es6.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: 46b8c54b65b5fd3bbe9242cee35773736c5997c027128c7b852df478c6398b4b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://portalsemakan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-id: fr5-up-gc38
date: Mon, 21 Mar 2022 14:45:52 GMT
content-encoding: gzip
last-modified: Tue, 28 Sep 2021 08:55:19 GMT
server: nginx
etag: "6184-5cd0a5f7ec588-gzip"
vary: Accept-Encoding
x-cached-since: 2022-03-18T12:12:00+00:00
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=290304000, public
cache: HIT
accept-ranges: bytes
content-length: 3405
expires: Sat, 18 Mar 2023 12:12:00 GMT

GET
H3 200 mgid_ua.svg
cdn.mgid.com/images/mgid/ 2 KB
1 KB 23ms
22ms Image
image/svg+xml 104.19.135.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.mgid.com/images/mgid/mgid_ua.svg
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/p/o/portalsemakan.com.1233564.es6.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.19.135.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 70d5c4de881e718d0b7638959680ba86722d44eecbe4058d20dd77b8d0d97155

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://portalsemakan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 21 Mar 2022 14:45:52 GMT
content-encoding: br
cf-cache-status: HIT
age: 3355
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: FY75M483VQ0RS4R6
x-amz-id-2: 3td4GNUX2tJJZai6Tif2rz0qn3ro67myUS5cc5EioymHV19ydIdJYSwLJRKhk0xdu1fu45gSc6g=
last-modified: Tue, 08 Mar 2022 17:05:01 GMT
server: cloudflare
x-amz-meta-s3cmd-attrs: atime:1646759091/ctime:1646759091/gid:0/gname:root/md5:617c205137825561208ef7c1a2d8f319/mode:33206/mtime:1646759091/uid:0/uname:root
etag: W/"617c205137825561208ef7c1a2d8f319"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=86400
cf-ray: 6ef7794ade7d9158-FRA
expires: Tue, 22 Mar 2022 14:45:52 GMT

GET
H3 200 Adchoices.svg
cdn.mgid.com/images/logos/ 836 B
1 KB 22ms
21ms Image
image/svg+xml 104.19.135.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.mgid.com/images/logos/Adchoices.svg
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/p/o/portalsemakan.com.1233564.es6.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.19.135.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7992a4430843ef8b4bbae534358be3193aa1ae9c78f273e8e8a70b6af1244ac5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://portalsemakan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 21 Mar 2022 14:45:52 GMT
content-encoding: br
cf-cache-status: HIT
age: 6833
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: G7XVAWHV2A1TM5YQ
x-amz-id-2: YTUD+eplGac2nzDoCf6mNAS+SFRWUcCYJKczG3n8f/90lY7q4TeiITaNexYchgGjMS0Xbxxxcvw=
last-modified: Wed, 17 Feb 2021 18:15:53 GMT
server: cloudflare
x-amz-meta-s3cmd-attrs: atime:1613585745/ctime:1613585745/gid:0/gname:root/md5:7d59364b7ed2df3f02507c9f92560df9/mode:33206/mtime:1613585745/uid:0/uname:root
etag: W/"7d59364b7ed2df3f02507c9f92560df9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=86400
cf-ray: 6ef7794ade819158-FRA
expires: Tue, 22 Mar 2022 14:45:52 GMT

GET
H2 200 aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMS0xMC8xMDE5MjQvZWY3MjY0NzRjMmYyODJhY...
s-img.mgid.com/g/11739844/492x277/-/ 28 KB
28 KB 670ms
629ms Image
image/webp 104.19.135.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/11739844/492x277/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMS0xMC8xMDE5MjQvZWY3MjY0NzRjMmYyODJhYmVlYWIxYzQ4ZjM5OTlmYWIuanBlZw.webp?v=1647873952-DRiUqFGJY3-afQe25-E_GtX0kUDUDR1zGc3KYHgXeoM
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.135.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 38dad5baf5936c66486d5bd9fdcad18bc12abe9e097beb43da851e5523f06c6c

Request headers

Referer: https://portalsemakan.com/
Origin: https://portalsemakan.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 21 Mar 2022 14:45:53 GMT
cf-cache-status: MISS
last-modified: Tue, 21 Dec 2021 12:52:46 GMT
x-mg-request-uuid: dda178ff-cd4d-4eb5-8557-7397e7bd1de8
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 6ef7794b19498fe9-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 28782
server: cloudflare

GET
H2 200 aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMS0xMS8xMDE5MjQvMWU4OTYyMjJjMmMzNmY0Z...
s-img.mgid.com/g/11739868/492x277/-/ 21 KB
21 KB 631ms
590ms Image
image/webp 104.19.135.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/11739868/492x277/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMS0xMS8xMDE5MjQvMWU4OTYyMjJjMmMzNmY0ZWRhMGM2MTNiZjk1Nzg4NzEuanBn.webp?v=1647873952-tgyXKiYw8vcMiFlvaAUTWEzkd6z3TRvoqGyap2edYaM
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.135.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d2683f94ce8822ebc0d92d7c16c84ac4cddfb20b7c483cb4800e34fa16b47190

Request headers

Referer: https://portalsemakan.com/
Origin: https://portalsemakan.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 21 Mar 2022 14:45:53 GMT
cf-cache-status: MISS
last-modified: Tue, 21 Dec 2021 12:46:40 GMT
x-mg-request-uuid: cb2b54d9-71bf-452d-aeef-1daccddfaf49
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 6ef7794b194b8fe9-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 21192
server: cloudflare

GET
H2 200 aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfaW1wcm92ZSxmX2pwZyxnX2ZhY2VzOmF1dG8sd18xMDIwL2h0dHA6Ly9pbWdob3N0cy5jb20vdC8yMDIxLTA1LzEwMTkyNC85OWE1ZDBiMTJhODhhYjJiZWUwN...
s-img.mgid.com/g/11739847/492x277/-/ 11 KB
12 KB 576ms
535ms Image
image/webp 104.19.135.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/11739847/492x277/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfaW1wcm92ZSxmX2pwZyxnX2ZhY2VzOmF1dG8sd18xMDIwL2h0dHA6Ly9pbWdob3N0cy5jb20vdC8yMDIxLTA1LzEwMTkyNC85OWE1ZDBiMTJhODhhYjJiZWUwNDYyZGQwNTllMDllOS5qcGVn.webp?v=1647873952-sns6YwBbndyt1JWmiADg5lz8Awa8B09AVuOXbyAjTtQ
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.135.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f85ba0ceffd219c9c856bc45824aef485152c3636f123a98bd42bfb7676f2177

Request headers

Referer: https://portalsemakan.com/
Origin: https://portalsemakan.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 21 Mar 2022 14:45:53 GMT
cf-cache-status: MISS
last-modified: Tue, 21 Dec 2021 12:45:37 GMT
x-mg-request-uuid: 0b3a924b-fefc-465b-90ad-df01fd387780
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 6ef7794b194d8fe9-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 11400
server: cloudflare

GET
H2 200 aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ194eV9jZW50ZXIsd18xMDIwLHhfNjIzLHlfNTE2L2h0dHA6Ly9pbWdob3N0cy5jb20vdC8yMDIxLTExLzEwMTkyNC81OGNkZ...
s-img.mgid.com/g/11739861/492x277/-/ 12 KB
13 KB 590ms
550ms Image
image/webp 104.19.135.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/11739861/492x277/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ194eV9jZW50ZXIsd18xMDIwLHhfNjIzLHlfNTE2L2h0dHA6Ly9pbWdob3N0cy5jb20vdC8yMDIxLTExLzEwMTkyNC81OGNkZGZiZjQwZTBjNDFmZTUzZDljZTZlY2VjZmM1Ni5wbmc.webp?v=1647873952-BDznmdCsd2d1IURX-Q6Jiwj0JDweupBBJgGogaEQTJI
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.135.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 586799c13e83606a88fdaf81995fc8b6b62afc99860c083d62fc6f9da40d67d7

Request headers

Referer: https://portalsemakan.com/
Origin: https://portalsemakan.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 21 Mar 2022 14:45:53 GMT
cf-cache-status: MISS
last-modified: Tue, 21 Dec 2021 12:52:38 GMT
x-mg-request-uuid: b81bec2a-c49e-4b11-abf6-f8284a5f21fe
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 6ef7794b194f8fe9-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 12762
server: cloudflare

POST
H2 204 csi
csi.gstatic.com/ Frame 78B5 0
327 B 402ms
131ms Ping
image/gif 2607:f8b0:4003:c05::78
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=1~l10tlqvg&c=227494504798&slotId=113747252399&qqid=CLCvkuy41_YCFU4ZewodzaMCAg&fb=outstream-lima&sei=44729911%2C44730425%2C44730426%2C420706098&nsei=44714510%2C72811302%2C75259405%2C75259407%2C75259408%2C318491509%2C447279544&bi=outstream
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20211103_RC00/outstream.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4003:c05::78 Tulsa, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 21 Mar 2022 14:45:52 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v29/ Frame 78B5 15 KB
15 KB 86ms
40ms Font
font/woff2 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:700,500,400,300

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 16 Mar 2022 17:56:19 GMT
x-content-type-options: nosniff
age: 420573
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15828
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:13:28 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 16 Mar 2023 17:56:19 GMT

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v29/ Frame 78B5 15 KB
15 KB 83ms
37ms Font
font/woff2 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v29/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:700,500,400,300

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Mar 2022 09:48:03 GMT
x-content-type-options: nosniff
age: 277069
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15688
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:13:19 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Sat, 18 Mar 2023 09:48:03 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 78B5 0
20 B 71ms
71ms Image
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=osv-info&clickstring=C50f8n484YvDjIs6y7APNx4oQyv2ijWmEmoSr2g-S6dLgsgEQASCGqrwjYJXikIKgB6AB08z3zwHIAQWpAiEq_vz3jLI-qAMByAObBKoE9wFP0G2vFhFyi2e7A1M9s77Nr4V_tIHT8Yb6UTKqweYN1pn2u95L4K5ZeINrZbeag_I9qOJFU_-B6VMywW3uiHM0KqoWb7SXIT5e5XwFwtbthgk-QFDYvElEBQJ4M2asGigojrO_0ARgPRZ6nhrszscSDkD2CdEoobaUefTdt6pLul5WA76vpnnjtcl0UWOo1wA-I4q0jzBPuUjW6WWFdShqCYC1GseGBoEEHZRfB6V99GScTJE51vqdvbNyGijuNpl0pJCD0WtzvZi_pCKqw9c8lAMLc0r-gqaYXwZZWssfaYDgISyR111pXTd0AhgZ_h8ZcyRBENUtwATt4_W-4wPgBAOQBgGgBnaAB5WziLACqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB_PRG6gHltgbqAeqm7ECqAffn7EC2AcA0ggJCIDhgBAQARgfgAoByAsB4AsBgAwBsBPE0K8O0BMA2BMNiBQE2BQB0BUB-BYBgBcB&eventType=clickstring&clientTime=1647873951836&ai=C50f8n484YvDjIs6y7APNx4oQyv2ijWmEmoSr2g-S6dLgsgEQASCGqrwjYJXikIKgB6AB08z3zwHIAQWpAiEq_vz3jLI-qAMByAObBKoE9wFP0G2vFhFyi2e7A1M9s77Nr4V_tIHT8Yb6UTKqweYN1pn2u95L4K5ZeINrZbeag_I9qOJFU_-B6VMywW3uiHM0KqoWb7SXIT5e5XwFwtbthgk-QFDYvElEBQJ4M2asGigojrO_0ARgPRZ6nhrszscSDkD2CdEoobaUefTdt6pLul5WA76vpnnjtcl0UWOo1wA-I4q0jzBPuUjW6WWFdShqCYC1GseGBoEEHZRfB6V99GScTJE51vqdvbNyGijuNpl0pJCD0WtzvZi_pCKqw9c8lAMLc0r-gqaYXwZZWssfaYDgISyR111pXTd0AhgZ_h8ZcyRBENUtwATt4_W-4wPgBAOQBgGgBnaAB5WziLACqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB_PRG6gHltgbqAeqm7ECqAffn7EC2AcA0ggJCIDhgBAQARgfgAoByAsB4AsBgAwBsBPE0K8O0BMA2BMNiBQE2BQB0BUB-BYBgBcB

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 21 Mar 2022 14:45:52 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 vast Show response
bid.g.doubleclick.net/dbm/ Frame 78B5 29 KB
16 KB 103ms
49ms XHR
text/xml 66.102.1.157
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://bid.g.doubleclick.net/dbm/vast?dbm_c=AKAmf-C9BoTAtopvUmtWBm1NiV60jDPuUnRHIgSmXFT3V99JviGLKXx_lVhA9tkt2rZ_GM-3yazeA_EOYougJSOvIxZUfEg3GQ&cry=1&dbm_d=AKAmf-BjF4AwnmVMOHUbChFRnIXYinsW9BLybBo8SFJieybDCY-j6Coz78CTEjOyD49S4ezrA_HGixXt4O33j_CttDHGMnXYwHqtdFTne7_7qlg4TY2ln_cZOIg_w1pwvtlEgKj0xKfZTVkBT_Ach4SLTjLR_rQaSEWf1pTG7a6tQGT7laCl9IFodnAU0J0fj2az262XpZ6VjEsl-iTPdkTfmdNZlKKovmakYu2xSsWXMuiUJcgl9RqON9MwLTzTP5Oua8XVdICWStjvL7-60sRZ7MNuOHX4J9KB3s4ZBdY-A7pgGT581P-wjsbxCcZjatkzc178w_TuLCirYfcXNSb-JRSMmU-HVzMl7vBgfA5_w3DVuFnrQND3CTWtNZpSvIZh1lMZGKqXszwGUYwmRK4O8GlHNB3TqdJhVqpv7vfsMHVoFnDQkOzK8LkexnvLBvJPUTbHzuxNUCbg-P4Uj3Gm2f9PhSaiWK55rL-KNjZr5vPSFs91ACBzwU0IJvDL5HuPQP0notwqOLyAEEaAZpmFPevBYR4inzsJ8eDOhGLdRJ0dY0G4jF2abWLvf2F86sLAvD5aYQFJKooVsI0wq9bK5pLxmLmU0Hp--7z9uRMjnKzrUMt1riT936UfZ8ob_myiKtHWdqOk0JqxyNUbPlNNxa6DY2njV1-vU3ZEuk5xIbEe_SSnMrJlWSPKoq-EtAzjg25yt00fiBR1bFQ2sEHFfQBSQU4vCy9N3JY9_Vur4XZNg5DqXCideaUpWLmL-7szbopopRagp1_Sqomn64hvAjDnKE7DBHPQUaJ5QpGyKfHOL5bl51zmPRPLMtLqqxhVgLiQS7DCSWaWFYs0j3WfmtP_mmw5kOk_qA5-C22Ye330wTNSLgeAc_NCO1xPCErfMPoWC5nF1HDAOBHuQhwXXeZFepmj-PSOGooeweei-yv7BCDLoD7n0jsErce7yp9dyERmA1blg7RabKqML1DVO4ialU394riig6ArKNweqNDQflwYUq4w_mM0xrCxZfyOLqoJ8qvcOTti7TLeVo-B9PVRDKgRSfTcimJJ6y8T6rQlh-z0DziARHmc3cyStAoGZkQDHMqfwM-BerTdSzkJzCf_lpL3JWJwDqB2JX1cMyXXsuhinDcpIT-OwiRMXd1yHU7YRTV0lYfGUysm5qJgMqQhPBgQiM_610Kx3sv6_CsncNoQSHPvBI6aYgmF-gLY_5vceE_th7WDId7QrlHR6sXfNvXRQyu9YP8J9ea96ed0gZH1s379WiClM2QIyUL-GQqPBI0JDnq8v5MBY0C1YCe6M9YFLU_I-3huIgu_JRaHNHjMsGiF3HinGtH7Q6V38JMnenaSX-TP0AmDzVSfQg709PtLdwatyM-b4F7ISXmc3FD7GrrUzC5Ld9KgomLDZ86flzefEVhFSndbDsQBeIpdqHhV6OMGlJ03IhoWcwmliOrB_gSuSof42rvghbPbQm2rgajQ1HPjJkBPNiggk2tOenLOEEtk4BOSb9ucJk8la-U0NtJS4x2QlrjGxhnj6P9rd61aPBickcATSIjDfKPSC-Njplsjr90-W2zHw-SnBRCHbNt6qCbPWQ3_2TkAoQ2smR1qy1WRdMnt-KzAjAk9O3cao1560VH2EVNmdtudHwmzeEaxHHIcUJ29bBLPlWc5a-2oOErcDLlYHXUX4Z83iYYg9x5i17P5J4WWRmOCRDoPlZd82A_-f-xEU_B7qp80wPtTBcPvkxGKZmSiDDOo3EvkbJoTvzqlaOIl5PLcd33a82xUMFFyOJxOrxWz11MzDalI7QRWupwQWJrMqdddWXtL083HHFPUlUGwtZpO9SxPrujMu4872h9qGYTyi0AE1uSItQs8BX18QPGzQhl-hPo7EotGSALlal2j-KFZRxYFmjCtLgSBc9EwiLpbV9sWhSFkzdKj9SZblKPrBHQQZ5qHLJlFq7zwuxRUl32Ica9Hb64zSys_lTjeu_63UDaP98xGe9_-z3X5lRrZYXPcpFrQlCItu-NQhcWIVSl-ELtKaAqYA_HGRnQhxeDCHmnQJxi3TUNyEsXbMLD6ZrYwYJp_Vrj0IJiDpyQgtk2txXm6qYG3SeIrsW5xGZO0a-eUmbMpf6-0LjsqyPJC9ex5zsxX_KxTpYYZq_anxGwOz3iMJ-HRSBl7BieBeyNWF9QuKSmrD3exLQ_T5fQVziobMKI-0RqIOxdAKZcgLcWxOODmsxqt66F45chXJ8OnsSnaID7KYmUI7J4du99Tj9qF88YPHI4RkbIyrw2sObtzMcMTzznMGIpv229NM24jBg1lnSZLnQamapKYfTeWieEi7eLGNN5D5UGeYp1uBvtQPMhMRK2L7yECgUx9hwJEn5z_b7GK0RR2rs1i2FjM5hEPGRC7rDrZmfbW6kL0IJWnKpX_vDH--FMfKpN9txH7hn-fWtYqSFgViFP1KNaAwkklwjeCrtu5TgLp4K1vFfFw_wvJ3agKWh5WB9-Rt-vWDC0IWdE4GCsR1ZPmGi5D9SmtxhfH26KLdvN_NDq3HxGvcqJLqGQMRQjnzFdlL1suT7wliSnodCXu6OSZxBY_jGY-xU79MALQOlw081ip4BMYSVwVzY4hMWam-I6VxwuU7ufpPH_ibv1dFb4HCQovikdpSLr88hyE_RhacOqLzrIPE5EFBhirj5vorVUMmSqNQ3sRuywf1KKlp24ok3Ud83yUYIioxiJuuHJ2Ik9e2t3Cz0Bokz_qxlwhtzjH2FmUEPQwQnyQd3N8RQ4PGnK0w2lr2IA5Asy_I_5fGdNAy_1uTDmU6wxy9PAV4SFXx2a_xzRsrxYNfadfHA4aSBBa2MemLRKb8bnaLrc80C2Yh-o0vyJAtXPB7AchXUr0KvnEmNB8mM_KckTHwK19_8Msnjk8B_xunsqd_dzEJGtszELdND6eOXnVHGoQTwOAxJG4O2gqn97T8MsdlVRdKOcxT0zXvCF99agBjZPBuF-UiuMfnEjELe7niOpjX3KU4S2CUNoKaehlS19EoUKhQtY9l8vTTr-Z8-iMH9jYXAC2-TF5dM8XwNshNC5b4FFYowOnUOexQf38lVsMfb7rl39-8Fc1cxDn9e3DF_7I4Yvr9ahZ1DS1TUEgjtDoGyveFpfpW--RhxQ80-NKsm0FfWrQLtdSb6JqSlXvBCEs3eOvqlMdGODQKsHvsMsGyPRYcNSilcz_XfQlcuiZwEK3NqKwrZoeCYF2WjgMA4UNVKESBlWfYQrHLcGRriKFS1qFHGaoguYOoShwz4ym0MgEyRS0dtJLhQLU3upV1q0N_fZvya5-hhIss4cis1u-eoltnlyJ-5o0J21iQHfMS_B39B5EV0s7wyPKVx1Df9jSB-G3VgF2snp9mzLY7rhhd9WWQOJ6F3FT_ahHDsuB7BVgS3ghExlDNZPaG3z95DpcAp0MzAPeu_PjedT9n0NSqqySXYNJekrspb8ql5vxDjaoxBZ0lev8E4F_1AnV5CCQ_niOm3XR1fXfY2UhbfDo4H1Nj5EnuvL1Dd_wtVdnZaqgkWXGSslTzepoZHBT4brPGW996E7m6FkdZpivM8qvo1ZpWPSkSPpOGPen&cid=CAASJeRogan_KS-yJW3Gba_gjZyR98u01aI4ns-zBcPmJhZ7LvBvmUc&sdkv=h.0.0.0&osd=2&frm=2&vis=1&sdr=1

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20211103_RC00/outstream.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

66.102.1.157 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

wb-in-f157.1e100.net

Software

cafe /

Resource Hash

81c076add5829b12e14b8bdb25bf0acb14afa5c0e370c051ed51efcf2f5dbc3f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 21 Mar 2022 14:45:52 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15726
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 78B5 0
0 77ms
76ms Fetch
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CwgBKn484YvDjIs6y7APNx4oQyv2ijWmEmoSr2g-S6dLgsgEQASCGqrwjYJXikIKgB6AB08z3zwHIAQWpAiEq_vz3jLI-qAMBqgT0AU_Qba8WEXKLZ7sDUz2zvs2vhX-0gdPxhvpRMqrB5g3Wmfa73kvgrll4g2tlt5qD8j2o4kVT_4HpUzLBbe6IczQqqhZvtJchPl7lfAXC1u2GCT5AUNi8SUQFAngzZqwaKCiOs7_QBGA9FnqeGuzOxxIOQPYJ0SihtpR59N23qku6XlYDvq-meeO1yXRRY6jXAD4jirSPME-5SNbpZYV1KGoJgLUax4YGgQQdlF8HpX30ZJxMkTnW-p2963OoQuYceUY2MB0uZMdC4ncXAGZw6vpZYc6WXOKIGpJ2Ho6IYD2lERU0Aokfgrw_8puoDjXmvbKUK_XABO3j9b7jA-AEA4gFoL659TuSBQYIAxABGAGSBQYIGxACGAGSBQYIHRAEGAGSBQYIHRABGAGSBQYIHhABGAGQBgGgBnaAB5WziLACqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwDyBwoQtK9BGMmK98EB0ggJCIDhgBAQARgfgAoByAsBsBPE0K8OyBONlafeA9ATANgTDYgUBNgUAdAVAYAXAbIXHAoaCAASFHB1Yi05NDI3MTQ4Mzc3MzMzMTQzGAA&sigh=dw1xFVTmasY&uach_m=[UACH]&cid=CAQSPACNIrLM6_rypo5nYHntSC-4T5UIyTbI6O24HSmZeMLwbyJIADHQDsBEynqLAQtsB7tG1TkCE5lkqQwRZQ&vt=10

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9427148377333143&output=html&h=280&adk=4181226519&adf=619340566&pi=t.aa~a.1381849204~i.3~rp.4&w=668&fwrn=4&fwrnh=100&lmt=1647873950&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=6421966292&psa=0&ad_type=text_image&format=668x280&url=https%3A%2F%2Fportalsemakan.com%2Fpermohonan-pelan-data-pelajar%2F&flash=0&fwr=0&pra=3&rh=167&rw=668&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1647873950773&bpp=5&bdt=1509&idt=5&shv=r20220316&mjsv=m202203140101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dfcd06c51c05991a7-22348e9962cd00f4%3AT%3D1647873951%3ART%3D1647873951%3AS%3DALNI_MZi8O8l3zDjrt19u8o_ud9CyufgXA&prev_fmts=0x0&nras=2&correlator=1546548480197&frm=20&pv=1&ga_vid=501444452.1647873950&ga_sid=1647873950&ga_hid=2070634736&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=291&ady=1319&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531397%2C44750773%2C31065636%2C31062931&oid=2&pvsid=2369941670710697&pem=206&tmod=21303447&uas=0&nvt=1&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=CxSphkvNw4&p=https%3A//portalsemakan.com&dtd=62
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Mon, 21 Mar 2022 14:45:52 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 1657 1 KB
749 B 37ms
36ms Document
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/

Response headers

p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 724
x-xss-protection: 0
date: Mon, 21 Mar 2022 13:26:12 GMT
expires: Tue, 22 Mar 2022 13:26:12 GMT
cache-control: public, max-age=86400
age: 4780
etag: 48472445140208031
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 container.html Show response
4ff8e811445a9b61eb0bed126f8b9447.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 0478 6 KB
3 KB 87ms
40ms Document
text/html 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://4ff8e811445a9b61eb0bed126f8b9447.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031501.js?cb=31065673

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://portalsemakan.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 21 Mar 2022 14:45:52 GMT
expires: Tue, 21 Mar 2023 14:45:52 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
content-type: text/html
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame 78B5 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 75ccc20325c148c3816404b6fc879d73628d1933be3b4127c3ca71a82121abcd

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 1 Show response
servicer.mgid.com/1233814/ 12 KB
4 KB 40ms
39ms Script
application/x-javascript 104.19.135.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://servicer.mgid.com/1233814/1?w=668&h=2894&maxw_6=300&maxh_6=250&cols=1&pv=5&cbuster=1647873951889130991879&uniqId=05d2e&niet=4g&nisd=false&jsv=es6&ref=&cxurl=https%3A%2F%2Fportalsemakan.com%2Fpermohonan-pelan-data-pelajar%2F&lu=https%3A%2F%2Fportalsemakan.com%2Fpermohonan-pelan-data-pelajar%2F&sessionId=62388fa0-0d161&pageView=0&pvid=17facf10770a74c859f&implVersion=11&dpr=1
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/p/o/portalsemakan.com.1233814.es6.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.19.135.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: eb4d5ec3e93841ed121f7ba1daa2defc043d92ab79d0a4cfdbd910313c6423a2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://portalsemakan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 21 Mar 2022 14:45:52 GMT
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type: application/x-javascript; charset=utf-8
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cf-ray: 6ef7794b982e9158-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 dpixel
cms.quantserve.com/ Frame 1657 35 B
465 B 44ms
9ms Image
image/gif 2620:116:800d:21:3175:5196:e3fd:8c1d
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEIIem0X9lqeCoHSX0r_K5L0&google_cver=1&google_push=AYg5qPIW4HbuAln_DsUWWP0PrS-001l7ZZWxA2EfZrfrtM4uVdJiWJKh4teVmDK_jIjNQl9Y3GwZXzzzoiMsRTTcZIVSYDOYYGc

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:3175:5196:e3fd:8c1d , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 21 Mar 2022 14:45:52 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control: private, no-cache, no-store, proxy-revalidate
content-type: image/gif
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 1657
Redirect Chain

https://pixel.everesttech.net/1/m?url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Deverest%26google_hm%3D__EFGSURFER_USB64__%26google_push%3DAYg5qPJdRJlxEvwoe_01RaWj4Bv0_1yKVCMRI1v6BN4...
https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WWppUG9BQUFBY0RmM2wwNw&google_push=AYg5qPJdRJlxEvwoe_01RaWj4Bv0_1yKVCMRI1v6BN4uOLsqSzZ4iSGeh7D8y56E4JmldvwszWfMtIgpy3bSIt4jbJvXlfWfFu0

170 B
188 B

52ms
52ms

Image
image/png

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WWppUG9BQUFBY0RmM2wwNw&google_push=AYg5qPJdRJlxEvwoe_01RaWj4Bv0_1yKVCMRI1v6BN4uOLsqSzZ4iSGeh7D8y56E4JmldvwszWfMtIgpy3bSIt4jbJvXlfWfFu0

Protocol

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 21 Mar 2022 14:45:52 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WWppUG9BQUFBY0RmM2wwNw&google_push=AYg5qPJdRJlxEvwoe_01RaWj4Bv0_1yKVCMRI1v6BN4uOLsqSzZ4iSGeh7D8y56E4JmldvwszWfMtIgpy3bSIt4jbJvXlfWfFu0
Date: Mon, 21 Mar 2022 14:45:52 GMT
Server: Apache
Connection: keep-alive
Content-Length: 390
Content-Type: text/html; charset=iso-8859-1

GET
H2 200 sync
odr.mookie1.com/t/v2/ Frame 1657 43 B
324 B 52ms
20ms Image
image/gif 34.98.67.61
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://odr.mookie1.com/t/v2/sync?tagid=V2_4531&src.visitorid=CAESEBv8H0iEYGLgWBC-rm_8OMk&google_push=AYg5qPJ2Ju3J1oy2bHpzRt2At5fs68LHTjHuoaiEJhdC08fpD6tdfHCRh2ks3XzXNWDBoEVT6D4YSj7NLY7E_YnnJQtdaxXLRjM&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9427148377333143&output=html&h=280&adk=4181226519&adf=619340566&pi=t.aa~a.1381849204~i.3~rp.4&w=668&fwrn=4&fwrnh=100&lmt=1647873950&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=6421966292&psa=0&ad_type=text_image&format=668x280&url=https%3A%2F%2Fportalsemakan.com%2Fpermohonan-pelan-data-pelajar%2F&flash=0&fwr=0&pra=3&rh=167&rw=668&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1647873950773&bpp=5&bdt=1509&idt=5&shv=r20220316&mjsv=m202203140101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dfcd06c51c05991a7-22348e9962cd00f4%3AT%3D1647873951%3ART%3D1647873951%3AS%3DALNI_MZi8O8l3zDjrt19u8o_ud9CyufgXA&prev_fmts=0x0&nras=2&correlator=1546548480197&frm=20&pv=1&ga_vid=501444452.1647873950&ga_sid=1647873950&ga_hid=2070634736&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=291&ady=1319&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531397%2C44750773%2C31065636%2C31062931&oid=2&pvsid=2369941670710697&pem=206&tmod=21303447&uas=0&nvt=1&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=CxSphkvNw4&p=https%3A//portalsemakan.com&dtd=62
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.67.61 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 61.67.98.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 21 Mar 2022 14:45:52 GMT
via: 1.1 google
server: Apache
p3p: CP="NON DSP COR NID CURa PSAa PSDa OUR STP UNI COM NAV STA LOC OTC",policyref="/w3c/p3p.xml"
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif;charset=UTF-8
alt-svc: clear
content-length: 43
x-application-context: application
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 dds
rtb.openx.net/sync/ Frame 1657 43 B
351 B 59ms
21ms Image
image/gif 35.186.253.211
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.openx.net/sync/dds?google_gid=CAESEERK4lU7hvyH1jOYQYic3iE&google_cver=1&google_push=AYg5qPJpVttF2rxEJrW95p0g_1QWzRfvj30bsVfsodPFAmUHxHHxCSC9tahUtaGILhzglMsH9JCVA2fLpSZEuFy147QV2x09exw
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9427148377333143&output=html&h=280&adk=4181226519&adf=619340566&pi=t.aa~a.1381849204~i.3~rp.4&w=668&fwrn=4&fwrnh=100&lmt=1647873950&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=6421966292&psa=0&ad_type=text_image&format=668x280&url=https%3A%2F%2Fportalsemakan.com%2Fpermohonan-pelan-data-pelajar%2F&flash=0&fwr=0&pra=3&rh=167&rw=668&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1647873950773&bpp=5&bdt=1509&idt=5&shv=r20220316&mjsv=m202203140101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dfcd06c51c05991a7-22348e9962cd00f4%3AT%3D1647873951%3ART%3D1647873951%3AS%3DALNI_MZi8O8l3zDjrt19u8o_ud9CyufgXA&prev_fmts=0x0&nras=2&correlator=1546548480197&frm=20&pv=1&ga_vid=501444452.1647873950&ga_sid=1647873950&ga_hid=2070634736&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=291&ady=1319&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531397%2C44750773%2C31065636%2C31062931&oid=2&pvsid=2369941670710697&pem=206&tmod=21303447&uas=0&nvt=1&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=CxSphkvNw4&p=https%3A//portalsemakan.com&dtd=62
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 211.253.186.35.bc.googleusercontent.com
Software: Cowboy /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 21 Mar 2022 14:45:52 GMT
via: 1.1 google
server: Cowboy
vary: Origin
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: null
access-control-expose-headers
cache-control: private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials: true
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
x-request-id: uqgm5hhb7s8dcphl3rvcfl0aj7032bmt

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 1657
Redirect Chain

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=aT9_jD6mTCyb73hM_COghg%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...

170 B
188 B

50ms
50ms

Image
image/png

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=aT9_jD6mTCyb73hM_COghg%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPJZc2y6UVtVL9tbqZSh1sepyLN7jTMk1nOSpJ75VfwD86PSny_IX9_4nBLu1P9Ybgbm6g30Y_YCbv34f8KGcYsW6STsSCk

Protocol

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 21 Mar 2022 14:45:52 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=aT9_jD6mTCyb73hM_COghg%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPJZc2y6UVtVL9tbqZSh1sepyLN7jTMk1nOSpJ75VfwD86PSny_IX9_4nBLu1P9Ybgbm6g30Y_YCbv34f8KGcYsW6STsSCk
date: Mon, 21 Mar 2022 14:45:51 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 0
content-type: text/html; charset=UTF-8

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 1657
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEOo0LstSDOB-uaVOcAny6Jg&google_cver=1&google_push=AYg5qPJhpDsCMIYEqHPCoppIP8q7MPNBOG0QeyGNh694j9fFNCRp2xDcYa_FGZWrkznyAo4zaVD...
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDEwVExRVUktVi1KSDQw&google_push=AYg5qPJhpDsCMIYEqHPCoppIP8q7MPNBOG0QeyGNh694j9fFNCRp2xDcYa_FGZWrkznyAo4zaVDE1Ni-qtjjSqt9_2QAb1cy2Ys

170 B
298 B

51ms
49ms

Image
image/png

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDEwVExRVUktVi1KSDQw&google_push=AYg5qPJhpDsCMIYEqHPCoppIP8q7MPNBOG0QeyGNh694j9fFNCRp2xDcYa_FGZWrkznyAo4zaVDE1Ni-qtjjSqt9_2QAb1cy2Ys

Requested by

Protocol

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 21 Mar 2022 14:45:52 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDEwVExRVUktVi1KSDQw&google_push=AYg5qPJhpDsCMIYEqHPCoppIP8q7MPNBOG0QeyGNh694j9fFNCRp2xDcYa_FGZWrkznyAo4zaVDE1Ni-qtjjSqt9_2QAb1cy2Ys
Cache-Control: no-cache,no-store,must-revalidate
Content-Type: text/html
content-length: 0
X-RPHost: 37b22a0c36bd84993dd2cda4a5e04b1d
Expires: 0

GET

pixel
cm.g.doubleclick.net/ Frame 1657
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEDNk9oWafI2wi_-0iAaXeBk&google_cver=1&googl...
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEDNk9oWafI2wi_-0iAaXeBk&google_push=AY...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YjiPoC_TpvJkZfw8O1wkKgAABGYAAAIB&google_push=AYg5qPJxyGBBbYNG-y9yZW834sPI6dM3xCR2PVDVi4e9gdyZHyFk2Ktw_p0MR5mURdt-NyWAuvXztpVZXUx2HPuaxu...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YjiPoC_TpvJkZfw8O1wkKgAABGYAAAIB&google_push=AYg5qPJxyGBBbYNG-y9yZW834sPI6dM3xCR2PVDVi4e9gdyZHyFk2Ktw_p0MR5mURdt-NyWAuvXztpVZXUx2HPuaxu...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YjiPoC_TpvJkZfw8O1wkKgAABGYAAAIB&google_push=AYg5qPJxyGBBbYNG-y9yZW834sPI6dM3xCR2PVDVi4e9gdyZHyFk2Ktw_p0MR5mURdt-NyWAuvXztpVZXUx2HPuaxu...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YjiPoC_TpvJkZfw8O1wkKgAABGYAAAIB&google_push=AYg5qPJxyGBBbYNG-y9yZW834sPI6dM3xCR2PVDVi4e9gdyZHyFk2Ktw_p0MR5mURdt-NyWAuvXztpVZXUx2HPuaxu...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YjiPoC_TpvJkZfw8O1wkKgAABGYAAAIB&google_push=AYg5qPJxyGBBbYNG-y9yZW834sPI6dM3xCR2PVDVi4e9gdyZHyFk2Ktw_p0MR5mURdt-NyWAuvXztpVZXUx2HPuaxu...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YjiPoC_TpvJkZfw8O1wkKgAABGYAAAIB&google_push=AYg5qPJxyGBBbYNG-y9yZW834sPI6dM3xCR2PVDVi4e9gdyZHyFk2Ktw_p0MR5mURdt-NyWAuvXztpVZXUx2HPuaxu...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YjiPoC_TpvJkZfw8O1wkKgAABGYAAAIB&google_push=AYg5qPJxyGBBbYNG-y9yZW834sPI6dM3xCR2PVDVi4e9gdyZHyFk2Ktw_p0MR5mURdt-NyWAuvXztpVZXUx2HPuaxu...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YjiPoC_TpvJkZfw8O1wkKgAABGYAAAIB&google_push=AYg5qPJxyGBBbYNG-y9yZW834sPI6dM3xCR2PVDVi4e9gdyZHyFk2Ktw_p0MR5mURdt-NyWAuvXztpVZXUx2HPuaxu...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YjiPoC_TpvJkZfw8O1wkKgAABGYAAAIB&google_push=AYg5qPJxyGBBbYNG-y9yZW834sPI6dM3xCR2PVDVi4e9gdyZHyFk2Ktw_p0MR5mURdt-NyWAuvXztpVZXUx2HPuaxu...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YjiPoC_TpvJkZfw8O1wkKgAABGYAAAIB&google_push=AYg5qPJxyGBBbYNG-y9yZW834sPI6dM3xCR2PVDVi4e9gdyZHyFk2Ktw_p0MR5mURdt-NyWAuvXztpVZXUx2HPuaxu...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YjiPoC_TpvJkZfw8O1wkKgAABGYAAAIB&google_push=AYg5qPJxyGBBbYNG-y9yZW834sPI6dM3xCR2PVDVi4e9gdyZHyFk2Ktw_p0MR5mURdt-NyWAuvXztpVZXUx2HPuaxu...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YjiPoC_TpvJkZfw8O1wkKgAABGYAAAIB&google_push=AYg5qPJxyGBBbYNG-y9yZW834sPI6dM3xCR2PVDVi4e9gdyZHyFk2Ktw_p0MR5mURdt-NyWAuvXztpVZXUx2HPuaxu...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YjiPoC_TpvJkZfw8O1wkKgAABGYAAAIB&google_push=AYg5qPJxyGBBbYNG-y9yZW834sPI6dM3xCR2PVDVi4e9gdyZHyFk2Ktw_p0MR5mURdt-NyWAuvXztpVZXUx2HPuaxu...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YjiPoC_TpvJkZfw8O1wkKgAABGYAAAIB&google_push=AYg5qPJxyGBBbYNG-y9yZW834sPI6dM3xCR2PVDVi4e9gdyZHyFk2Ktw_p0MR5mURdt-NyWAuvXztpVZXUx2HPuaxu...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YjiPoC_TpvJkZfw8O1wkKgAABGYAAAIB&google_push=AYg5qPJxyGBBbYNG-y9yZW834sPI6dM3xCR2PVDVi4e9gdyZHyFk2Ktw_p0MR5mURdt-NyWAuvXztpVZXUx2HPuaxu...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YjiPoC_TpvJkZfw8O1wkKgAABGYAAAIB&google_push=AYg5qPJxyGBBbYNG-y9yZW834sPI6dM3xCR2PVDVi4e9gdyZHyFk2Ktw_p0MR5mURdt-NyWAuvXztpVZXUx2HPuaxu...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YjiPoC_TpvJkZfw8O1wkKgAABGYAAAIB&google_push=AYg5qPJxyGBBbYNG-y9yZW834sPI6dM3xCR2PVDVi4e9gdyZHyFk2Ktw_p0MR5mURdt-NyWAuvXztpVZXUx2HPuaxu...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YjiPoC_TpvJkZfw8O1wkKgAABGYAAAIB&google_push=AYg5qPJxyGBBbYNG-y9yZW834sPI6dM3xCR2PVDVi4e9gdyZHyFk2Ktw_p0MR5mURdt-NyWAuvXztpVZXUx2HPuaxu...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YjiPoC_TpvJkZfw8O1wkKgAABGYAAAIB&google_push=AYg5qPJxyGBBbYNG-y9yZW834sPI6dM3xCR2PVDVi4e9gdyZHyFk2Ktw_p0MR5mURdt-NyWAuvXztpVZXUx2HPuaxu...

0
0

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame 1657 0
78 B 48ms
47ms Image
text/html 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JtUdpXemlUZBxUJ47dV6RWwlGd2zZgJcZNhSpQ6aRF4COfpDCn7Tk20rnGc-LrtiYY2Oqu

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 21 Mar 2022 14:45:52 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2 200 i.js Show response
cm.mgid.com/ 0
122 B 119ms
110ms Script
application/javascript 104.19.132.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cm.mgid.com/i.js?&cbuster=164787395191559285355
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/p/o/portalsemakan.com.1233564.es6.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.132.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://portalsemakan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 21 Mar 2022 14:45:52 GMT
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type: application/javascript
cache-control: no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
cf-ray: 6ef7794bcc209220-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 i-noref.js Show response
cm.mgid.com/ Frame 1ACD 0
71 B 116ms
115ms Script
application/javascript 104.19.132.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cm.mgid.com/i-noref.js?cbuster=1647873951932133567048
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/p/o/portalsemakan.com.1233564.es6.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.132.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 21 Mar 2022 14:45:52 GMT
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type: application/javascript
cache-control: no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
cf-ray: 6ef7794bdc289220-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 mgid_ua.svg
cdn.mgid.com/images/mgid/ 2 KB
1 KB 21ms
21ms Image
image/svg+xml 104.19.135.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.mgid.com/images/mgid/mgid_ua.svg
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/p/o/portalsemakan.com.1233814.es6.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.19.135.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 70d5c4de881e718d0b7638959680ba86722d44eecbe4058d20dd77b8d0d97155

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://portalsemakan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 21 Mar 2022 14:45:52 GMT
content-encoding: br
cf-cache-status: HIT
age: 3355
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: FY75M483VQ0RS4R6
x-amz-id-2: 3td4GNUX2tJJZai6Tif2rz0qn3ro67myUS5cc5EioymHV19ydIdJYSwLJRKhk0xdu1fu45gSc6g=
last-modified: Tue, 08 Mar 2022 17:05:01 GMT
server: cloudflare
x-amz-meta-s3cmd-attrs: atime:1646759091/ctime:1646759091/gid:0/gname:root/md5:617c205137825561208ef7c1a2d8f319/mode:33206/mtime:1646759091/uid:0/uname:root
etag: W/"617c205137825561208ef7c1a2d8f319"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=86400
cf-ray: 6ef7794bf8fb9158-FRA
expires: Tue, 22 Mar 2022 14:45:52 GMT

GET
H3 200 Adchoices.svg
cdn.mgid.com/images/logos/ 836 B
1 KB 22ms
22ms Image
image/svg+xml 104.19.135.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.mgid.com/images/logos/Adchoices.svg
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/p/o/portalsemakan.com.1233814.es6.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.19.135.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7992a4430843ef8b4bbae534358be3193aa1ae9c78f273e8e8a70b6af1244ac5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://portalsemakan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 21 Mar 2022 14:45:52 GMT
content-encoding: br
cf-cache-status: HIT
age: 6833
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: G7XVAWHV2A1TM5YQ
x-amz-id-2: YTUD+eplGac2nzDoCf6mNAS+SFRWUcCYJKczG3n8f/90lY7q4TeiITaNexYchgGjMS0Xbxxxcvw=
last-modified: Wed, 17 Feb 2021 18:15:53 GMT
server: cloudflare
x-amz-meta-s3cmd-attrs: atime:1613585745/ctime:1613585745/gid:0/gname:root/md5:7d59364b7ed2df3f02507c9f92560df9/mode:33206/mtime:1613585745/uid:0/uname:root
etag: W/"7d59364b7ed2df3f02507c9f92560df9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=86400
cf-ray: 6ef7794bf8fd9158-FRA
expires: Tue, 22 Mar 2022 14:45:52 GMT

GET
H2 200 aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ194eV9jZW50ZXIsd18xMDIwLHhfNTUzLHlfMzYyL2h0dHA6Ly9pbWdob3N0cy5jb20vdC8yMDIxLTExLzEwMTkyNC9jZmJmN...
s-img.mgid.com/g/11739858/492x277/-/ 10 KB
10 KB 544ms
542ms Image
image/webp 104.19.135.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/11739858/492x277/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ194eV9jZW50ZXIsd18xMDIwLHhfNTUzLHlfMzYyL2h0dHA6Ly9pbWdob3N0cy5jb20vdC8yMDIxLTExLzEwMTkyNC9jZmJmNjA4NTE0YWE1OGY0YjExMGIwOTZkNzc4MzZkZi5qcGc.webp?v=1647873952-YFAqezq6CQJc3sJszYY3SJ66GFSQni4B_H_USnCu30c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.135.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: df3d3b69af70099e96d03640dc42a6940e419d81a29a9ca545330163e0bf08e0

Request headers

Referer: https://portalsemakan.com/
Origin: https://portalsemakan.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 21 Mar 2022 14:45:53 GMT
cf-cache-status: MISS
last-modified: Tue, 21 Dec 2021 12:46:05 GMT
x-mg-request-uuid: 8efbe1fb-1bb6-4811-8b0e-c332799a1bd2
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 6ef7794bfa858fe9-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 10314
server: cloudflare

GET
H2 200 aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMS0xMS8xMDE5MjQvOGMzMTc0MWYzMjg0OWQwZ...
s-img.mgid.com/g/11739872/492x277/-/ 32 KB
32 KB 568ms
565ms Image
image/webp 104.19.135.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/11739872/492x277/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMS0xMS8xMDE5MjQvOGMzMTc0MWYzMjg0OWQwZDFhYmE2NTkzNWYyNDNiODgucG5n.webp?v=1647873952-dOhDf1v4PIfXKlUgh81G2KXcTsH3jCeDU8ZqoCFTFCw
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.135.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4066c90f570d82554427cb534ec0d886d569f53c9d5b06fae0ac41a10061c913

Request headers

Referer: https://portalsemakan.com/
Origin: https://portalsemakan.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 21 Mar 2022 14:45:53 GMT
cf-cache-status: MISS
last-modified: Tue, 21 Dec 2021 12:52:38 GMT
x-mg-request-uuid: 7a6fff4c-0b71-4c51-8a8d-2aa1add3fdef
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 6ef7794bfa888fe9-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 32530
server: cloudflare

GET
H2 200 aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMS0wOS8xMDE5MjQvMDg5ZmU5ODYyNTBjZjBiZ...
s-img.mgid.com/g/11739846/492x277/-/ 21 KB
21 KB 595ms
591ms Image
image/webp 104.19.135.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/11739846/492x277/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMS0wOS8xMDE5MjQvMDg5ZmU5ODYyNTBjZjBiZDk0YjM0OTkyMDNmZGI2ZWUuanBlZw.webp?v=1647873952-KM9c6bsR1JqaPEHSWkkIqu_EG2EWGuCbAg6m1cQRebM
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.135.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3711a93caeaa494d7ed37c044fb9121f596628f38c0bd77134d5a62a43873839

Request headers

Referer: https://portalsemakan.com/
Origin: https://portalsemakan.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 21 Mar 2022 14:45:53 GMT
cf-cache-status: MISS
last-modified: Tue, 21 Dec 2021 12:46:05 GMT
x-mg-request-uuid: 9bc906cb-f26d-4c73-bd83-e7fbf0755194
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 6ef7794bfa8a8fe9-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 21038
server: cloudflare

GET
H2 200 aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ194eV9jZW50ZXIsd18xMDIwLHhfNzMyLHlfNjA2L2h0dHA6Ly9pbWdob3N0cy5jb20vdC8yMDIxLTEwLzEwMTkyNC84OTljZ...
s-img.mgid.com/g/11739840/492x277/-/ 26 KB
27 KB 547ms
544ms Image
image/webp 104.19.135.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/11739840/492x277/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ194eV9jZW50ZXIsd18xMDIwLHhfNzMyLHlfNjA2L2h0dHA6Ly9pbWdob3N0cy5jb20vdC8yMDIxLTEwLzEwMTkyNC84OTljZTIxMTkwOTY0NWQ3ODhiOTM4OTk1NGZmMWYxMy5qcGVn.webp?v=1647873952-JFZSfuMh5oJiRvAS1SIBFrwMPqLywfwQHsnL1o5K064
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.135.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: caaff507d173d0ec1f1ebd383b702e37f4ce982c9ad743bf290e4c500fc62be6

Request headers

Referer: https://portalsemakan.com/
Origin: https://portalsemakan.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 21 Mar 2022 14:45:53 GMT
cf-cache-status: MISS
last-modified: Tue, 21 Dec 2021 12:45:37 GMT
x-mg-request-uuid: 93bffb51-bff2-40a0-bcb6-887686a7af58
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 6ef7794bfa8c8fe9-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 27110
server: cloudflare

GET
H2 200 aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMS0xMS8xMDE5MjQvODJhYmJlYTdjZWZkMTYwM...
s-img.mgid.com/g/11739856/492x277/-/ 22 KB
22 KB 531ms
528ms Image
image/webp 104.19.135.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/11739856/492x277/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMS0xMS8xMDE5MjQvODJhYmJlYTdjZWZkMTYwMThlYjc2NjBkNTdkZjIwNTAuanBn.webp?v=1647873952-fHWQeLI-tgmCM9lgzcYHIwU-4edmJVshyJZNsB1BVbc
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.135.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 51c86712e4508547b5a2f8771a44a83cbbde1b79b62248027c6a5c3a6ae72b99

Request headers

Referer: https://portalsemakan.com/
Origin: https://portalsemakan.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 21 Mar 2022 14:45:53 GMT
cf-cache-status: MISS
last-modified: Tue, 21 Dec 2021 12:52:38 GMT
x-mg-request-uuid: b41306e2-4970-44ec-922f-c3704e9d337b
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 6ef7794bfa8d8fe9-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 22206
server: cloudflare

GET
H2 200 aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMS0wNy8xMDE5MjQvZmU2N2U1NmZhYjE4NTc2N...
s-img.mgid.com/g/11739839/492x277/-/ 11 KB
12 KB 559ms
556ms Image
image/webp 104.19.135.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/11739839/492x277/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMS0wNy8xMDE5MjQvZmU2N2U1NmZhYjE4NTc2NGI0NTA1MTc0ZmExNjc2YTguanBlZw.webp?v=1647873952-r4zkk1HaHlw7j4Y6czJmwf3GNBjhwwdEL2iTwpcZsls
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.135.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3e724d102e9bdc7dfaddd395c778e2e16c041aac0be0e5694811d0ad0e376c61

Request headers

Referer: https://portalsemakan.com/
Origin: https://portalsemakan.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 21 Mar 2022 14:45:53 GMT
cf-cache-status: MISS
last-modified: Tue, 21 Dec 2021 12:52:38 GMT
x-mg-request-uuid: fa8e783f-5612-426b-b721-9dd8d734d630
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 6ef7794bfa8e8fe9-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 11548
server: cloudflare

GET
H2 200 aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMS0xMS8xMDE5MjQvZTUwNzcyMjA1ZDE1YmNmM...
s-img.mgid.com/g/11739859/492x277/-/ 20 KB
20 KB 566ms
564ms Image
image/webp 104.19.135.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/11739859/492x277/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMS0xMS8xMDE5MjQvZTUwNzcyMjA1ZDE1YmNmMjA4NTU2ODdmZWI5MGU2YjQuanBlZw.webp?v=1647873952-9HH9AnBdjWlR7HRDBgh2riZs0gpP-w7vuNSPxnrFJio
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.135.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 08ca0c73f89f5bc5963159017015d8a2367b34a502c940b7052082c40c927939

Request headers

Referer: https://portalsemakan.com/
Origin: https://portalsemakan.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 21 Mar 2022 14:45:53 GMT
cf-cache-status: MISS
last-modified: Tue, 21 Dec 2021 12:46:05 GMT
x-mg-request-uuid: 2a1ee193-93de-41d0-bba7-1baa373c9dbe
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 6ef7794bfa8f8fe9-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 20140
server: cloudflare

GET
H2 200 aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMS0xMC8xMDE5MjQvMDZmMjAzZWRjNjcwOTExZ...
s-img.mgid.com/g/11739848/492x277/-/ 21 KB
21 KB 548ms
545ms Image
image/webp 104.19.135.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/11739848/492x277/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMS0xMC8xMDE5MjQvMDZmMjAzZWRjNjcwOTExZjUyZjFmZjdiZDllNGM1YzUuanBlZw.webp?v=1647873952-Gk8xBo3Qjy_zhI5V4Ic35gyF25ybEdSU0VYLYgJQOq4
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.135.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 28e95c0c629214fd64fe7c628cc37357d903aa65fb950d35d2e43d9c07e10e3e

Request headers

Referer: https://portalsemakan.com/
Origin: https://portalsemakan.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 21 Mar 2022 14:45:53 GMT
cf-cache-status: MISS
last-modified: Tue, 21 Dec 2021 12:46:40 GMT
x-mg-request-uuid: 20f5913b-112c-4c56-87d9-1b5e6d4fa36d
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 6ef7794bfa908fe9-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 21486
server: cloudflare

GET
H2 200 aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMS0xMS8xMDE5MjQvMjQ2ODcyOTczZmI0ZTEwO...
s-img.mgid.com/g/11739851/492x277/-/ 19 KB
19 KB 564ms
561ms Image
image/webp 104.19.135.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/11739851/492x277/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMS0xMS8xMDE5MjQvMjQ2ODcyOTczZmI0ZTEwODQ5OGYwYzcyNTBlNDJiNTAuanBlZw.webp?v=1647873952-NDoZc3eppeh0oUAsVLksqML9nmQw5HEt_3fswhS734Y
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.135.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 398e6060166aeeffc7d50d05767beebf0ed9e31a1d528f649c93898d6f526317

Request headers

Referer: https://portalsemakan.com/
Origin: https://portalsemakan.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 21 Mar 2022 14:45:53 GMT
cf-cache-status: MISS
last-modified: Tue, 21 Dec 2021 12:52:46 GMT
x-mg-request-uuid: d5e45dc4-3653-4aff-92ac-9d8ad6fe231b
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 6ef7794bfa918fe9-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 18968
server: cloudflare

GET
H2 200 aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMDYvMTAxOTI0L2YzOGE2MjQxYmM2N2MwNjEzNmU1ZGU2OTRiZjUxMzgxLmpwZWc.webp
s-img.mgid.com/g/11739838/492x277/0x0x1200x800/ 22 KB
23 KB 547ms
544ms Image
image/webp 104.19.135.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/11739838/492x277/0x0x1200x800/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMDYvMTAxOTI0L2YzOGE2MjQxYmM2N2MwNjEzNmU1ZGU2OTRiZjUxMzgxLmpwZWc.webp?v=1647873952-GavoZDqZZgE0XnXWESVn4wTOyieVvr_BHyPI5eDc1Vc
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.135.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2fb3bb7d1c60c2a620ee6e97071dd6bff7b2043dfbc68ac8048f2a84fb42008e

Request headers

Referer: https://portalsemakan.com/
Origin: https://portalsemakan.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 21 Mar 2022 14:45:53 GMT
cf-cache-status: MISS
last-modified: Tue, 21 Dec 2021 12:46:40 GMT
x-mg-request-uuid: 827fafdf-188d-417c-8313-e2c9b5fe21eb
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 6ef7794bfa938fe9-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 22742
server: cloudflare

GET
H2 200 aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMS0wNS8xMDE5MjQvYzRiNDcyOTA3NGM4MTYyN...
s-img.mgid.com/g/11739834/492x277/-/ 18 KB
19 KB 555ms
553ms Image
image/webp 104.19.135.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/11739834/492x277/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMS0wNS8xMDE5MjQvYzRiNDcyOTA3NGM4MTYyNDBhYjIyODE3OTJlNThmZDQuanBlZw.webp?v=1647873952-DRnk5Y_ahrpE8GpVEj4ajE73_NQtMB313QtzGXR49YA
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.135.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b7bb77c311cf88e0d0dad0bec5d5bc03e41394f92724a91750d387ba558d9e19

Request headers

Referer: https://portalsemakan.com/
Origin: https://portalsemakan.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 21 Mar 2022 14:45:53 GMT
cf-cache-status: MISS
last-modified: Tue, 21 Dec 2021 12:46:41 GMT
x-mg-request-uuid: 2a0b65c9-41e0-46ed-9bea-a01d0ff54e97
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 6ef7794bfa948fe9-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 18872
server: cloudflare

GET
H2 200 aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ194eV9jZW50ZXIsd18xMDIwLHhfNjEyLHlfNTc2L2h0dHA6Ly9pbWdob3N0cy5jb20vdC8yMDIxLTExLzEwMTkyNC82ZDNkY...
s-img.mgid.com/g/11739863/492x277/-/ 19 KB
20 KB 553ms
551ms Image
image/webp 104.19.135.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/11739863/492x277/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ194eV9jZW50ZXIsd18xMDIwLHhfNjEyLHlfNTc2L2h0dHA6Ly9pbWdob3N0cy5jb20vdC8yMDIxLTExLzEwMTkyNC82ZDNkYjRlMDQ0MmUwYjE2ZTcyZDI4ZTFiZjQyYjcyZC5wbmc.webp?v=1647873952-ZpeZgDEhYqk0n6Um5u4w8nRSXdCT6zZ3U-4nJmmPgxg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.135.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ae67ac9818c817005f81e3dd18298662f9c525f3cd73ba216228a29cee460f52

Request headers

Referer: https://portalsemakan.com/
Origin: https://portalsemakan.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 21 Mar 2022 14:45:53 GMT
cf-cache-status: MISS
last-modified: Tue, 21 Dec 2021 12:55:09 GMT
x-mg-request-uuid: aae2205e-1daf-4cea-b7c6-60e10f481508
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 6ef7794bfa958fe9-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 19702
server: cloudflare

GET
H2 200 aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ194eV9jZW50ZXIsd18xMDIwLHhfNTM3LHlfNDk0L2h0dHA6Ly9pbWdob3N0cy5jb20vdC8yMDIxLTEwLzEwMTkyNC9lOGE2N...
s-img.mgid.com/g/11739842/492x277/-/ 13 KB
14 KB 567ms
564ms Image
image/webp 104.19.135.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/11739842/492x277/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ194eV9jZW50ZXIsd18xMDIwLHhfNTM3LHlfNDk0L2h0dHA6Ly9pbWdob3N0cy5jb20vdC8yMDIxLTEwLzEwMTkyNC9lOGE2NWU4NjU5ZjcxOWZiMTFmNDMzNmZhZDIyZTNkZS5qcGc.webp?v=1647873952-fVRPnlqG9HU5Jh6C-N7zW87Xk9QVO27cmKEPzO2WAEo
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.135.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7fee5488f247de155c84a033494401076018c81062f48180373e3cf05ae47c69

Request headers

Referer: https://portalsemakan.com/
Origin: https://portalsemakan.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 21 Mar 2022 14:45:53 GMT
cf-cache-status: MISS
last-modified: Tue, 21 Dec 2021 12:45:37 GMT
x-mg-request-uuid: 0be925ec-4699-439a-93e1-d62b63ef6aee
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 6ef7794c0aa68fe9-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 13508
server: cloudflare

GET
H2 200 aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMS0xMS8xMDE5MjQvNWRiMTQ0ZWRhM2MzMDdlN...
s-img.mgid.com/g/11739862/492x277/-/ 10 KB
10 KB 568ms
565ms Image
image/webp 104.19.135.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/11739862/492x277/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMS0xMS8xMDE5MjQvNWRiMTQ0ZWRhM2MzMDdlNjRkODVjZDk2OTQyMTA0NTIucG5n.webp?v=1647873952-i2FFTYCyO72RBhtVerrBgtnb8BQSMbEHJnzmcQ9o_7A
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.135.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ce452421ffc53808c61795729eef02db9132d6d2cbc68198b158dce56b519272

Request headers

Referer: https://portalsemakan.com/
Origin: https://portalsemakan.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 21 Mar 2022 14:45:53 GMT
cf-cache-status: MISS
last-modified: Tue, 21 Dec 2021 12:46:40 GMT
x-mg-request-uuid: 5e808a7d-6e23-4359-92d8-0351e7b6e758
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 6ef7794c0aa78fe9-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 9756
server: cloudflare

GET
H3 200 HdsydzJK.js Show response
tpc.googlesyndication.com/sodar/ Frame 78B5 41 KB
15 KB 40ms
40ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/HdsydzJK.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20211103_RC00/outstream.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1ddb3277324a871335ef0b7e680de58c9a79b3c1355b4082ca5425818c8a0306

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 19 Mar 2022 18:05:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 160806
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15407
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 19 Mar 2023 18:05:46 GMT

HEAD
H/1.1

200
OK

file.mp4
r2---sn-5hne6nzd.c.2mdn.net/videoplayback/id/1010c898234a80bf/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1679409952/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip... Frame 78B5
Redirect Chain

https://gcdn.2mdn.net/videoplayback/id/1010c898234a80bf/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1679409952/sparams/ip,ipbits,expire,id,itag,source,ctier,acao/signa...
https://r2---sn-5hne6nzd.c.2mdn.net/videoplayback/id/1010c898234a80bf/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1679409952/sparams/acao,ctier,expire,id,ip,ipbits,ita...

0
0

85ms
14ms

Fetch
video/mp4

2a00:1450:400e:13::7
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://r2---sn-5hne6nzd.c.2mdn.net/videoplayback/id/1010c898234a80bf/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1679409952/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/492E89A08B45712F8A80E23FD6A64D0B5EC48E03.25ECE5B0E15354BCCF1C08CF8A82253C13EB84C2/key/cms1/cms_redirect/yes/mh/Vv/mip/2a03:1b20:6:f011::6e/mm/42/mn/sn-5hne6nzd/ms/onc/mt/1647873552/mv/u/mvi/2/pl/48/file/file.mp4

Protocol

HTTP/1.1

Server

2a00:1450:400e:13::7 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Mon, 21 Mar 2022 14:45:52 GMT
X-Content-Type-Options: nosniff
Connection: close
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length: 4483753
Last-Modified: Fri, 11 Feb 2022 11:46:46 GMT
Server: gvs 1.0
Vary: Origin
Content-Type: video/mp4
Access-Control-Allow-Origin: null
Access-Control-Expose-Headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Cache-Control: private, max-age=86400
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Timing-Allow-Origin: null
Expires: Mon, 21 Mar 2022 14:45:52 GMT

Redirect headers

date: Mon, 21 Mar 2022 14:45:52 GMT
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 650
x-xss-protection: 0
pragma: no-cache
server: ClientMapServer
location: https://r2---sn-5hne6nzd.c.2mdn.net/videoplayback/id/1010c898234a80bf/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1679409952/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/492E89A08B45712F8A80E23FD6A64D0B5EC48E03.25ECE5B0E15354BCCF1C08CF8A82253C13EB84C2/key/cms1/cms_redirect/yes/mh/Vv/mip/2a03:1b20:6:f011::6e/mm/42/mn/sn-5hne6nzd/ms/onc/mt/1647873552/mv/u/mvi/2/pl/48/file/file.mp4
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: https://googleads.g.doubleclick.net
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 0478 0
0 86ms
86ms Fetch
text/html 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=C3ajroI84YonfCYer3gOs8pOQCO6StZNcv6KFx-QFwI23ARABIABgleKQgqAHggEXY2EtcHViLTkwNTgyOTE4NTQ0NDM4ODHIAQngAgCoAwGqBK8CT9ApczaNRkeOYl1gPGaawlSI9d5Ji3wbYAgdVjO6OwLyB9xPeZmdjATY_XerzGPxcfdjvEIczBJ3Klc5yqkLrO5yuljAkmwt65bidcJSf-qNXLV_OBwNr5UdsycbDoodaDVnMaJoTCHnUZWW_N-zFYfrCjH9rUs1Xr2mFeXXa3Ly1OaJ3nBb0Q-r1jVxqDejrEiM7rsdWHVfcxAPcmdmOyU3l2fbQXMInISMGSIdZAaGvmmlvNzHgAs1BOZK39Qp_1PBiBl1iC21Wu64Tum__v4BK6qTBIl5sbbsoQaF3qsnzHGeQjcIn_v6RmM-fSVGaU4wR1KGNUB4RsRqzfkw3ilPsa6G1G-YcN0_cLjKKrlgseEZ7FT-a6q5Zo6CaizeSgWsc0wjtH05IUYzakRK4AQBgAbfyYTLuLCs_ssBoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAHyCBthZHgtc3Vic3luLTI3MTgyMTg1ODUwNzU1OTSACgP6CwIIAYAMAdAVAYAXAbIXHAoaEhRwdWItOTA1ODI5MTg1NDQ0Mzg4MRi212k&sigh=9eYEKJk4Xf8&uach_m=[UACH]&cid=CAQSPACNIrLM3FUTpe9sWB5oSdHkt0_mQKeZ6Zks3udJM6eNRYMt2jvEPr0DacdRwUAYOGBN0g52MeJh0KmgZhgB
Requested by: Host: portalsemakan.com
URL: https://portalsemakan.com/permohonan-pelan-data-pelajar/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s08-in-f2.1e100.net
Software: /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://4ff8e811445a9b61eb0bed126f8b9447.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H2 200 ttj Show response
ib.3lift.com/ Frame 0478 4 KB
2 KB 34ms
8ms Script
application/javascript 18.66.112.66
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ib.3lift.com/ttj?inv_code=adasia_allpublishers_display
Requested by: Host: 4ff8e811445a9b61eb0bed126f8b9447.safeframe.googlesyndication.com
URL: https://4ff8e811445a9b61eb0bed126f8b9447.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.66 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-66.fra56.r.cloudfront.net
Software: /
Resource Hash: ccaa51271b339a3d0f1c244e679e062d2664aa1db8b42ccec98f8fcfca18d16b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://4ff8e811445a9b61eb0bed126f8b9447.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 21 Mar 2022 14:43:59 GMT
via: 1.1 fd080e20137c93d47ed43a67821248f0.cloudfront.net (CloudFront)
age: 113
etag: "94267aee749cf372b3e05b509cc83f77"
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=900
x-amz-cf-pop: FRA56-P5
content-encoding: gzip
content-length: 2011
x-amz-cf-id: e0SMR8_cybwErPr9yKiArkFJLtKr5cuY4bg-HgO0MxyzrG4GObN4eg==

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220316/r20110914/client/ Frame 0478 2 KB
1 KB 53ms
52ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220316/r20110914/client/window_focus_fy2021.js

Requested by

Host: 4ff8e811445a9b61eb0bed126f8b9447.safeframe.googlesyndication.com
URL: https://4ff8e811445a9b61eb0bed126f8b9447.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

68026f99511fbc5c2275b7068b5fac19797d638977ffb9db12c5c1523614c18f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://4ff8e811445a9b61eb0bed126f8b9447.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 21 Mar 2022 13:19:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 5173
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1233
x-xss-protection: 0
server: cafe
etag: 16517525077337815633
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 04 Apr 2022 13:19:39 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 0478 117 KB
36 KB 56ms
55ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 4ff8e811445a9b61eb0bed126f8b9447.safeframe.googlesyndication.com
URL: https://4ff8e811445a9b61eb0bed126f8b9447.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bc68a3e6e6f0074ff46c18beea2033fc4e8c6ee513dc0617758f45e2bdd8b88a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://4ff8e811445a9b61eb0bed126f8b9447.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 21 Mar 2022 14:45:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36344
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1647431472276194"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 21 Mar 2022 14:45:52 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220316/r20110914/client/ Frame 0478 15 KB
6 KB 39ms
38ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220316/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 4ff8e811445a9b61eb0bed126f8b9447.safeframe.googlesyndication.com
URL: https://4ff8e811445a9b61eb0bed126f8b9447.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c82a58123e9f042fb6f68695578cff668b16b22915e0a8cb8acca14741df2bac

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://4ff8e811445a9b61eb0bed126f8b9447.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 21 Mar 2022 14:16:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1750
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6367
x-xss-protection: 0
server: cafe
etag: 1939740185073438140
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 04 Apr 2022 14:16:42 GMT

GET
H3 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-38/js/ Frame 0478 22 KB
7 KB 46ms
45ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-38/js/ext.js

Requested by

Host: 4ff8e811445a9b61eb0bed126f8b9447.safeframe.googlesyndication.com
URL: https://4ff8e811445a9b61eb0bed126f8b9447.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://4ff8e811445a9b61eb0bed126f8b9447.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 21 Mar 2022 11:46:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 10777
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7022
x-xss-protection: 0
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Tue, 21 Mar 2023 11:46:15 GMT

GET
H2 200 notify
tlx.3lift.com/s2s/ Frame 0478 37 B
184 B 32ms
8ms Image
image/gif 18.197.113.18
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tlx.3lift.com/s2s/notify?px=1&pr=YjiPoAACb4kKd5WHAAT5LEwkFpLdLZ-YQyzJJg&ts=1647873952&aid=25795656294880711728720&ec=2460_15241_67379644&n=GvQEaHR0cDovL2IxLWV1ZGMxLnplbWFudGEuY29tL2JpZGRlci93aW4vdHJpcGxlbGlmdF9kaXNwbGF5LzliMWE2NGViLWE5MjUtMTFlYy04NjM1LTc5MTRkOTA0MTZlMS8wLjAxNC9ISE9ST0JGUkJIMlgyVTRGT0dFQk1OR1hTVTI2R09LMkxZRUc2QjJKNzJUM0NRTkpSVFlNRTRVWTJBQkhLR1BVREFXMzZNVFlMMlRCQlJDNUFCWlhaWUhUWjRJQVVBM1BZVEFQVFJRRjZCNTNQTEI1N0VDSlZFSElFUU5ZRkJPWk1JRkhVTU5RQ1RRWVo2NFBTQlZES0tBT0lYSUdMU0hBVkE2MlBOTUpEVDU2VUpCVk42TVpPRlUyRzVGRVlPRFA0RVZEWlNCNzQ3WUZWTkVOWUVINTdJQkJGWFFGWlJGTE0zWEVFUElWNU1QUkhDVlozWVRRR1ZJNTRUS0Y3SE9YVUE3UlFaQUpOSldRVU9RN0FFUlZXWDJKMlk0N1ROU05HUkhDSVI1TUpaVDRFSUo1UzZNSjVNVkZaV1hUSldHU1E3Q1pHV1RUTUJUMlhOUk5IQ1pXWFhRUVQ0VFdWTVBCMlQ3VVRHRlhONldMTFFMRjNOWDZaVkFDVjNSNkdMR0pDV1NVRUdSRVRYNDRSUlNKRUlLSzVYWURYS05WS0NaRkE2RjY3R0ZQWk9QWDZWQlVIM1I1MzdWRDRIM09FSEpQSkRWV1o2WFRQUjNDSE5VSFBaNjdFRFlUVTdOVTNER1pGUEdXRDJFV0pWVVNTNE0yWVdNVUFZM0FOU0tKWU9RS0hKUkNSNzNURDJMMjIvP%2FICzgEIABIXMjU3OTU2NTYyOTQ4ODA3MTE3Mjg3MjAYACABKJwTMIl3QAFIAFAAYApoAHCd4iKQAQCYAQCoAQCwAQ64AQnAAQzIAQ7gAQzwAQD4AQ6AAgyIAgyRAgAAAAAAAPA%2FmQIK16NwPQrHP6ECAAAAAAAA8D%2BoAgCwAgDIAgTYAgDxAmZmZmZmZuY%2F%2BAK%2FMYAD2AWIA1qQAwKYAwCgAwC4A7TkD8ADAMgDANIDCDY3Mzc5NjQ04AP%2F%2F%2F%2F%2F%2F%2F%2F%2F%2F%2F8B6QMAAAAAAAAAAPADDvgCBYgDAJIDBGRiYTiYAwA%3D
Requested by: Host: 4ff8e811445a9b61eb0bed126f8b9447.safeframe.googlesyndication.com
URL: https://4ff8e811445a9b61eb0bed126f8b9447.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.197.113.18 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-197-113-18.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://4ff8e811445a9b61eb0bed126f8b9447.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 21 Mar 2022 14:45:52 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-length: 37
expires: Thu, 15 Oct 1992 20:10:00 GMT

GET
H2 200 pe
eb2.3lift.com/ Frame 0478 37 B
140 B 32ms
8ms Image
image/gif 13.248.245.213
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/pe?fid=10&peid=0&aid=25795656294880711728720
Requested by: Host: 4ff8e811445a9b61eb0bed126f8b9447.safeframe.googlesyndication.com
URL: https://4ff8e811445a9b61eb0bed126f8b9447.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://4ff8e811445a9b61eb0bed126f8b9447.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 21 Mar 2022 14:45:52 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 37
content-type: image/gif

GET
H3 200 H0ZEmIz7.html Show response
tpc.googlesyndication.com/sodar/ Frame EAC6 23 KB
9 KB 39ms
39ms Document
text/html 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/HdsydzJK.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1f4644988cfb9648d5236c12056f9ca31317c75544ef8776f4fec148322bb954

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
timing-allow-origin: *
content-length: 8727
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sun, 20 Mar 2022 23:00:35 GMT
expires: Mon, 20 Mar 2023 23:00:35 GMT
cache-control: public, max-age=31536000
age: 56717
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
content-type: text/html
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 bundle.js Show response
ib.3lift.com/rev/b5dbcaaad667d54756cc1e78e73a1e2616cc2b6d/dist/ Frame 0478 254 KB
81 KB 8ms
8ms Script
application/javascript 18.66.112.66
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ib.3lift.com/rev/b5dbcaaad667d54756cc1e78e73a1e2616cc2b6d/dist/bundle.js
Requested by: Host: ib.3lift.com
URL: https://ib.3lift.com/ttj?inv_code=adasia_allpublishers_display
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.66 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-66.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 325e6a7b68748a169ffb84eef16a6aa2042e2fd8ee1819a61c7a5fb399ba5e54

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://4ff8e811445a9b61eb0bed126f8b9447.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 10 Mar 2022 15:56:45 GMT
content-encoding: gzip
last-modified: Thu, 10 Mar 2022 15:56:23 GMT
server: AmazonS3
age: 946148
etag: "72ce81d7d81987b2256ad6fa329008bc"
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 fd080e20137c93d47ed43a67821248f0.cloudfront.net (CloudFront)
cache-control: max-age=31536000, immutable
x-amz-cf-pop: FRA56-P5
accept-ranges: bytes
content-length: 82367
x-amz-cf-id: vs9PEjZ6hxXe46eWWTfur9MXuEeg6495S7wi7h94lk4KNDplK2R91w==

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame D7BC 1 KB
749 B 36ms
36ms Document
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: 4ff8e811445a9b61eb0bed126f8b9447.safeframe.googlesyndication.com
URL: https://4ff8e811445a9b61eb0bed126f8b9447.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://4ff8e811445a9b61eb0bed126f8b9447.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 724
x-xss-protection: 0
date: Mon, 21 Mar 2022 13:26:12 GMT
expires: Tue, 22 Mar 2022 13:26:12 GMT
cache-control: public, max-age=86400
age: 4780
etag: 48472445140208031
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 r
eb2.3lift.com/ Frame 0478 37 B
139 B 8ms
8ms Image
image/gif 13.248.245.213
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/r?inv_code=adasia_allpublishers_display&aid=25795656294880711728720&rev=b5dbcaa&pr=can%27t%2520access%2520top%2520document&bc=0.014&bmid=2460&biid=6335&sid=15241&brid=569629&adid=67379644&crid=-1&ts=1647873952&bcud=14&ss=5&caid=0&unid=0&domain=4ff8e811445a9b61eb0bed126f8b9447.safeframe.googlesyndication.com&ref=https%253A%252F%252Fportalsemakan.com%252F&rr=creative&fid=10&rb=0&g=0&cb=99868
Requested by: Host: 4ff8e811445a9b61eb0bed126f8b9447.safeframe.googlesyndication.com
URL: https://4ff8e811445a9b61eb0bed126f8b9447.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://4ff8e811445a9b61eb0bed126f8b9447.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 21 Mar 2022 14:45:52 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 37
content-type: image/gif

GET
DATA 200
OK truncated Show response
/ Frame F09D 26 B
0 Script
image/gif

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c00a759275b8628823a9809f24cbeca08cb48b52713adf221f70284e66d9c82f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/gif

GET
H2 200 OBA_TRANS.png
ib.3lift.com/static/buttons/edaa/ Frame 0478 3 KB
3 KB 7ms
7ms Image
image/png 18.66.112.66
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ib.3lift.com/static/buttons/edaa/OBA_TRANS.png
Requested by: Host: 4ff8e811445a9b61eb0bed126f8b9447.safeframe.googlesyndication.com
URL: https://4ff8e811445a9b61eb0bed126f8b9447.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.66 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-66.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 2fd4c3ae6afc2b4026d9f0b64b8ff1110ecfcf47b90bc988c06e844b3921cbf6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://4ff8e811445a9b61eb0bed126f8b9447.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 15 Mar 2022 12:57:19 GMT
via: 1.1 fd080e20137c93d47ed43a67821248f0.cloudfront.net (CloudFront)
last-modified: Thu, 05 Aug 2021 17:23:36 GMT
server: AmazonS3
age: 524914
etag: "ddf020e069f1706b72b7698b28fede09"
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=604800,s-maxage=604800,public
x-amz-cf-pop: FRA56-P5
accept-ranges: bytes
content-length: 3125
x-amz-cf-id: M-HDd9GKtC3NAQvRWZndE8J0U7A-BsWQ8juAqyugm1upzqwGT0KpsQ==

GET
H2 200 OBA_UK.png
ib.3lift.com/static/buttons/edaa/ Frame 0478 3 KB
4 KB 8ms
7ms Image
image/png 18.66.112.66
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ib.3lift.com/static/buttons/edaa/OBA_UK.png
Requested by: Host: 4ff8e811445a9b61eb0bed126f8b9447.safeframe.googlesyndication.com
URL: https://4ff8e811445a9b61eb0bed126f8b9447.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.66 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-66.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 08285afd2f0c11a2a9d89f00dce769479e4d164e62caa39eceea9f1eb551afa9

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://4ff8e811445a9b61eb0bed126f8b9447.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 14 Mar 2022 19:36:19 GMT
via: 1.1 fd080e20137c93d47ed43a67821248f0.cloudfront.net (CloudFront)
last-modified: Thu, 05 Aug 2021 17:23:31 GMT
server: AmazonS3
age: 587374
etag: "7ceab27af00fa466072a3c3360041755"
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=604800,s-maxage=604800,public
x-amz-cf-pop: FRA56-P5
accept-ranges: bytes
content-length: 3518
x-amz-cf-id: iSbREDieBeoCC2OkPTldgXUg5RlXPghJl4_Nt-cGwGupNJvgmhmuOA==

GET
H2 200 ctar
eb2.3lift.com/ Frame 0478 37 B
139 B 8ms
8ms Image
image/gif 13.248.245.213
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/ctar?inv_code=adasia_allpublishers_display&aid=25795656294880711728720&rev=b5dbcaa&cta_render_method=1&cta_render_text=&cb=61623
Requested by: Host: 4ff8e811445a9b61eb0bed126f8b9447.safeframe.googlesyndication.com
URL: https://4ff8e811445a9b61eb0bed126f8b9447.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://4ff8e811445a9b61eb0bed126f8b9447.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 21 Mar 2022 14:45:52 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 37
content-type: image/gif

GET
H2 200 widget-728x90.js Show response
widgets.zemanta.com/1646288090/ Frame B159 6 KB
3 KB 34ms
7ms Script
application/javascript 151.101.194.132
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://widgets.zemanta.com/1646288090/widget-728x90.js
Requested by: Host: ib.3lift.com
URL: https://ib.3lift.com/rev/b5dbcaaad667d54756cc1e78e73a1e2616cc2b6d/dist/bundle.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.194.132 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 5f15f4fd8772df9f8469e085c9dcec9ac2b070009ca290d447898bf5400c4021

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://4ff8e811445a9b61eb0bed126f8b9447.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-version-id: 6gjTgAWv8q0YdgBr3LK0Sms13tYGH2W1
content-encoding: gzip
etag: "9d9eccc5fd836c7aede279135dfdc306"
age: 1296
x-cache: HIT
content-length: 2400
x-amz-id-2: semRpHwIPX4tofG/KEd8kpJkqlwemQkYt1WjoLW9HaV+jRlX/0muoVvYiQKs0Qrg8C/Ph537ti0=
x-served-by: cache-hhn4047-HHN
last-modified: Thu, 03 Mar 2022 08:30:50 GMT
server: AmazonS3
x-timer: S1647873953.850691,VS0,VE0
date: Mon, 21 Mar 2022 14:45:52 GMT
vary: Accept-Encoding
x-amz-request-id: TZ8NQ3NCHHMWGG3T
via: 1.1 varnish
accept-ranges: bytes
content-type: application/javascript
x-cache-hits: 270

GET
H2 200 aop
eb2.3lift.com/ Frame 0478 37 B
139 B 8ms
8ms Image
image/gif 13.248.245.213
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/aop?inv_code=adasia_allpublishers_display&aid=25795656294880711728720&rev=b5dbcaa&pr=can%27t%2520access%2520top%2520document&bc=0.014&bmid=2460&biid=6335&sid=15241&brid=569629&adid=67379644&crid=-1&ts=1647873952&bcud=14&ss=5&caid=0&unid=0&domain=4ff8e811445a9b61eb0bed126f8b9447.safeframe.googlesyndication.com&ref=https%253A%252F%252Fportalsemakan.com%252F&rr=creative&fid=10&rb=0&g=0&cb=16250
Requested by: Host: 4ff8e811445a9b61eb0bed126f8b9447.safeframe.googlesyndication.com
URL: https://4ff8e811445a9b61eb0bed126f8b9447.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://4ff8e811445a9b61eb0bed126f8b9447.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 21 Mar 2022 14:45:52 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 37
content-type: image/gif

GET
H2 200 moatad.js Show response
z.moatads.com/triplelift879988051105/ Frame 0478 314 KB
106 KB 22ms
7ms Script
application/x-javascript 184.30.25.161
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://z.moatads.com/triplelift879988051105/moatad.js
Requested by: Host: ib.3lift.com
URL: https://ib.3lift.com/rev/b5dbcaaad667d54756cc1e78e73a1e2616cc2b6d/dist/bundle.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.30.25.161 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-25-161.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 51b52c1cb093ce109440b8e3cce4d8b0a1214db41abbf327fdbab226e6a71a8c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://4ff8e811445a9b61eb0bed126f8b9447.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 21 Mar 2022 14:45:52 GMT
content-encoding: gzip
last-modified: Mon, 07 Mar 2022 17:24:27 GMT
server: AmazonS3
x-amz-request-id: AZVSQZV152J50SAG
etag: "e47bc2182717b467aa52028d44d2d8ed"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=7365
accept-ranges: bytes
content-length: 107735
x-amz-id-2: WITo6nTexFKDvnYpOaalICINko0pruLLLLFV3HP16+5NK/9HKZQkRutyKhtaJykSHF9QBYGByhQ=

GET
H2 200 tpvpx
eb2.3lift.com/ Frame 0478 37 B
139 B 8ms
8ms Image
image/gif 13.248.245.213
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/tpvpx?inv_code=adasia_allpublishers_display&aid=25795656294880711728720&rev=b5dbcaa&pid=39761&unid=0&vid=1&sr=10&cb=70397
Requested by: Host: 4ff8e811445a9b61eb0bed126f8b9447.safeframe.googlesyndication.com
URL: https://4ff8e811445a9b61eb0bed126f8b9447.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://4ff8e811445a9b61eb0bed126f8b9447.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 21 Mar 2022 14:45:52 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 37
content-type: image/gif

GET
H3 200 container.html Show response
4ff8e811445a9b61eb0bed126f8b9447.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 2E26 6 KB
3 KB 41ms
40ms Document
text/html 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://4ff8e811445a9b61eb0bed126f8b9447.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031501.js?cb=31065673

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://portalsemakan.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 21 Mar 2022 14:45:52 GMT
expires: Tue, 21 Mar 2023 14:45:52 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
content-type: text/html
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame 0478 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3ee2d4d49ebb277239f215da1bcbd8b744738c6f2b70d64e6d54ec6140e9428b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

GET
H/1.1 200
OK writeStatistics
stas.outbrain.com/Stas/api/ Frame B159 43 B
274 B 341ms
81ms Image
image/gif 70.42.32.255
INTERNAP-BLK3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://stas.outbrain.com/Stas/api/writeStatistics?p=YdM2MOF2YWQqbG0A-dHPHUyOMYyTzQSrpoED9Ez0lRZqEsmI96edBKdCQ_mOphc_doTOCEpaF-tY6HOZlY_JTJgFIsUdc3onqxlA8Ju3KJT6pZ0WY3AmB5udsHbWJkzvkLvvkZ7ALyF08NQkse1Ku8huQ7nEk66xqIrgJH5tKhBR7o-59N54HpB3MEg6GL-Ew58gUjgTnttmQJLqmlmVdU9IxgTl-b5OObkMP1-xvUAHMPNiQgz4z7C1hu9YwdueUByQ0igIQlBPO8omQtRoOnKirD94fM9UZX7dIgiURR-BI4K-SFeChUDAGgUu0aYJ5Gh2yDpMAVCqj-i3I03ut3l6qe26QlDYNCFRqExU2Cm5X48sBODI76yHONZ9Tvfd_Sx5h0KNWsoRRgK9R9yH37hD3vk-z9wkla1oZKrmza-CHxAOt5PeqOVU3Q1o0u8Uu82gYampf65vWVyPLgyttYuYthWVLwvzphosHNW8DEvW4kEKmoUG3hjzW8i2v1kheTp_orif9CByg7pKLW4qStv0m5QH7KHvXEngxwFCFPEnBGJLqWOQq10dNIre-ImEPm8OkG8xIalOR6-V96sEpm2TmfY-7AknQNPLaIRjSx72KR-l3Ma0zaIi_5W-CyKDT8pFGkJwAF2hNtgLFSIAoJGsf9zSGLqq7CEuTrkGrDJP7_WP2naJyiy61G5exSZi3zeOINOSTV_FDeYPjcHk_Y1-LVSQIHQpDjDq94Vpv5__o498Lbu-9KKrjPPxXBNq&c=1a0064ec&v=3
Requested by: Host: 4ff8e811445a9b61eb0bed126f8b9447.safeframe.googlesyndication.com
URL: https://4ff8e811445a9b61eb0bed126f8b9447.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 70.42.32.255 , United States, ASN13789 (INTERNAP-BLK3, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: 33ca751ed175a163bef530ebdcdbd0a2d15997ccbcbf8d50a6f504e8ffac5a5c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://4ff8e811445a9b61eb0bed126f8b9447.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Mon, 21 Mar 2022 14:45:53 GMT
Cache-Control: no-cache
Connection: close
X-TraceId: 026d07bf23dd82fe90eccdf4c5cd3807
content-encoding: gzip
Content-Length: 60
Content-Type: image/gif

GET
H/1.1 200
OK /
b1t-eudc1.zemanta.com/t/imp/impression/FPGHAAMTLPW5GQKQWMTZMKQ6ASECQALMTTXIGVEO76VIOA4R6FA337H2MCRNVAHLUSLITCZXD7IFVA5BIHJMHMTATAP3JA25SBWWRS6J65FJ2NM3IMPD6KVFBIURJ25EPSR6W32UAXX3NNARBAD65NEL44PRJG... Frame B159 26 B
151 B 65ms
14ms Image
image/gif 213.227.153.223
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://b1t-eudc1.zemanta.com/t/imp/impression/FPGHAAMTLPW5GQKQWMTZMKQ6ASECQALMTTXIGVEO76VIOA4R6FA337H2MCRNVAHLUSLITCZXD7IFVA5BIHJMHMTATAP3JA25SBWWRS6J65FJ2NM3IMPD6KVFBIURJ25EPSR6W32UAXX3NNARBAD65NEL44PRJGEVPBEBIZNZTEZLQMR3JTF5L6SAZHSHOQ4UMWWI7IGQO6FAKG5X7L7RAHWXLTRKAKUL3V5LILKTB24UZXQBKFWLND2BNF3E4ADYNLG7X26OIWYMZJTD6MHMC2DTTLCCZFPA4WFK5ZJ36GDUN3AAIDPKTEYJACP2MU2NCLNDK6SNC46ZFNYDAEKNNFJJTIXDNZ66Y2IWBVHFKNJTRU7Z74FXMFDYZC4IJQKKZJ34R6Q7CAPOW/?
Requested by: Host: 4ff8e811445a9b61eb0bed126f8b9447.safeframe.googlesyndication.com
URL: https://4ff8e811445a9b61eb0bed126f8b9447.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 213.227.153.223 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software: /
Resource Hash: 3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://4ff8e811445a9b61eb0bed126f8b9447.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Mon, 21 Mar 2022 14:45:52 GMT
Connection: keep-alive
Content-Length: 26
Content-Type: image/gif

GET
H2 200 925708f40833ce56df2b64b5f42b2fae72.jpg
zem.outbrainimg.com/p/srv/sha/2d/0a/7b/ Frame B159 6 KB
7 KB 35ms
6ms Image
image/jpeg 151.101.114.132
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://zem.outbrainimg.com/p/srv/sha/2d/0a/7b/925708f40833ce56df2b64b5f42b2fae72.jpg?w=159&h=88&fit=crop&crop=center&fm=jpg

Requested by

Host: 4ff8e811445a9b61eb0bed126f8b9447.safeframe.googlesyndication.com
URL: https://4ff8e811445a9b61eb0bed126f8b9447.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.114.132 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

imgix /

Resource Hash

0f4c134a1329fa98bc979f0e1e9d2b1ffdbcbbff36feafb1112e61d7d5896245

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://4ff8e811445a9b61eb0bed126f8b9447.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 21 Mar 2022 14:45:52 GMT
via: 1.1 varnish
x-content-type-options: nosniff
age: 548880
x-cache: HIT, MISS, HIT
x-imgix-id: 2db87e6b839cbf407721461bd5ad6e8b06443fd2
content-length: 6581
x-served-by: cache-sjc10044-SJC, cache-hhn4041-HHN, cache-hhn4025-HHN
last-modified: Tue, 15 Mar 2022 06:17:53 GMT
server: imgix
x-timer: S1647873953.960709,VS0,VE0
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
cross-origin-resource-policy: cross-origin
x-cache-hits: 650

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 72ms
71ms Image
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=225&t=2&li=gda_r20220316&jk=2369941670710697&bg=!OjmlOX3NAAba2mK92to7ACkAdvg8WqJENxBH-bpy9ZrAAOgP6UsC0Hm1aUHMOi0Vr_8GYC_cOWgSFAIAAACwUgAAAAtoAQeZAubAaDEGfTaoK8FVzAHsuyEpgSlawrsXYqHTy-xTpY1Imm6k9oR-vyPFkAtbyX46QH4vbQuPqoSGvX8ey_pdipG0TS4ysUpd6G9Abr8pgNK4edEJmfNzda7CIO2FraP8MG8O2T-yoLTmTTJf8133gQBMWL-jg6O1zHTftukt-rmYpURLWFLl2CII3-FybVZte-Wt8VBeGqse89DCChCBrxjOkYCOcyEtAgdvxYLUJi2tjpbryIojFDudEgZQMK2gfVzKUdph6mGlhzDhcTMKJN2XOqAJdeiS2R6y-rFZnysQ1-c0WIU8uYnMuvGpeyOj6pihekutIOR0N_3iFNJPWa-bT_sREuha33RaGDX3y1spFzkWx32Es3Qvcxdf3nLkLKUx3SJhGaUymWmh76Hve-xamU_ZNLsM96p3UVZAFzWfjMXNB7aBwVDauRBr1fRMiC6dIB_Lm2Yud5NQ4npj5PfLdt5Tvti9Tq89m1vwDUfP8YAi0u2ZrnWSrfPXUYqoMfrL1Ti2F4ljXs0k9_GdGRazCsENzkZCcSBgq2StO_pJXaHGf-10X8OqgRWkpTFTGas9atkXbAznC3Ntl7z9lZv2kXMxNGSFi9h8_8BZK7MH1M0ReQGI6U6XWPY6Mg7kXkCoD6rLefoItq80P0Y3O0AVYl9z1d91vakctICy-cODmcnd7zILTIPIyhZutlczhNJ78aAhLzLbkd59EIbkgvLVwHVtd8HSo7FIJBtqqNAWvFVZex4S5TLvPHUg4BE8IdzJ_Nz-1l3tBMpMuN9Nfv8oP7aV8Ihp_ODoWEkIdjKFHOJHASmJ94WJaIecPu1BCIHONU26nFoE1TkQoTw69Ogi_o1DWQzUM2v3chfdMCaA2wdQtm00Nly2ssrW7P8IYr_8NXQWnRdKvcY1MLxil3zxd37-lNysAERYKgSPU8-YRc48kKQomEUH48D9muvG8kV5KBDMPZ433bdXivFelYKyuf9Yl_ik

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://portalsemakan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 21 Mar 2022 14:45:52 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame D7BC
Redirect Chain

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESENgT5nvEYON7o8s82iyTU3k&google_cve...
https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESENgT5nvEYON7o8s82iyTU3k&goog...
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=Z1Z3SXFDVVkxTndqaTg1&google_gid=CAESENgT5nvEYON7o8s82iyTU3k&google_cver=1&google_push=AYg5qPKO8RZK10GPJapGe-or1_lvIOGHQLL4nGD2zdoMr9s...

170 B
188 B

51ms
50ms

Image
image/png

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=Z1Z3SXFDVVkxTndqaTg1&google_gid=CAESENgT5nvEYON7o8s82iyTU3k&google_cver=1&google_push=AYg5qPKO8RZK10GPJapGe-or1_lvIOGHQLL4nGD2zdoMr9sp1pQ9f09_N1kIydrMRs6fFY5xzHvX92_c5VwYrvIn8R1N8PJ82Uw

Requested by

Host: 4ff8e811445a9b61eb0bed126f8b9447.safeframe.googlesyndication.com
URL: https://4ff8e811445a9b61eb0bed126f8b9447.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 21 Mar 2022 14:45:53 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 21 Mar 2022 14:45:52 GMT
Server: PingMatch/v2.0.30-713-gdae83a2#rel-ec2-master i-022b0454a7aa0bd60@eu-central-1a@dxedge-app-eu-central-1-prod-asg
Strict-Transport-Security: max-age=2592000; includeSubDomains
Location: https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=Z1Z3SXFDVVkxTndqaTg1&google_gid=CAESENgT5nvEYON7o8s82iyTU3k&google_cver=1&google_push=AYg5qPKO8RZK10GPJapGe-or1_lvIOGHQLL4nGD2zdoMr9sp1pQ9f09_N1kIydrMRs6fFY5xzHvX92_c5VwYrvIn8R1N8PJ82Uw
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame D7BC
Redirect Chain

https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEC9tjCMDg2axAmBMyOhYyZU&google_cver=1&google_push=AYg5qPJr6mYveyBWN61Fk_l07C1PquOz1ct_D0Y9696Ji-3EQqf4yRAaCOPf4xXxHOIDlMfTR8GbNPGFxiyG8GRDR06_...
https://x.bidswitch.net/ul_cb/sync?ssp=google&google_gid=CAESEC9tjCMDg2axAmBMyOhYyZU&google_cver=1&google_push=AYg5qPJr6mYveyBWN61Fk_l07C1PquOz1ct_D0Y9696Ji-3EQqf4yRAaCOPf4xXxHOIDlMfTR8GbNPGFxiyG8G...
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AYg5qPJr6mYveyBWN61Fk_l07C1PquOz1ct_D0Y9696Ji-3EQqf4yRAaCOPf4xXxHOIDlMfTR8GbNPGFxiyG8GRDR06_w_u_-nG9&google_hm=12dUSOtZSf2Ca0K7EIf-Ww==

170 B
188 B

51ms
50ms

Image
image/png

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AYg5qPJr6mYveyBWN61Fk_l07C1PquOz1ct_D0Y9696Ji-3EQqf4yRAaCOPf4xXxHOIDlMfTR8GbNPGFxiyG8GRDR06_w_u_-nG9&google_hm=12dUSOtZSf2Ca0K7EIf-Ww==

Requested by

Host: 4ff8e811445a9b61eb0bed126f8b9447.safeframe.googlesyndication.com
URL: https://4ff8e811445a9b61eb0bed126f8b9447.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 21 Mar 2022 14:45:53 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: //cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AYg5qPJr6mYveyBWN61Fk_l07C1PquOz1ct_D0Y9696Ji-3EQqf4yRAaCOPf4xXxHOIDlMfTR8GbNPGFxiyG8GRDR06_w_u_-nG9&google_hm=12dUSOtZSf2Ca0K7EIf-Ww==
Date: Mon, 21 Mar 2022 14:45:53 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame D7BC
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEOo0LstSDOB-uaVOcAny6Jg&google_cver=1&google_push=AYg5qPJEOP8O-Pai570JVPEqxPKzELAg2lGimDKhaLEbEOP9iIBM2u18oxGS0ZD0ec2oaehCoMS...
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDEwVExRVUktVi1KSDQw&google_push=AYg5qPJEOP8O-Pai570JVPEqxPKzELAg2lGimDKhaLEbEOP9iIBM2u18oxGS0ZD0ec2oaehCoMS0ftn0EM75NA7lfn5Bq0PEbKQ

170 B
188 B

49ms
49ms

Image
image/png

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDEwVExRVUktVi1KSDQw&google_push=AYg5qPJEOP8O-Pai570JVPEqxPKzELAg2lGimDKhaLEbEOP9iIBM2u18oxGS0ZD0ec2oaehCoMS0ftn0EM75NA7lfn5Bq0PEbKQ

Requested by

Host: 4ff8e811445a9b61eb0bed126f8b9447.safeframe.googlesyndication.com
URL: https://4ff8e811445a9b61eb0bed126f8b9447.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 21 Mar 2022 14:45:53 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDEwVExRVUktVi1KSDQw&google_push=AYg5qPJEOP8O-Pai570JVPEqxPKzELAg2lGimDKhaLEbEOP9iIBM2u18oxGS0ZD0ec2oaehCoMS0ftn0EM75NA7lfn5Bq0PEbKQ
Cache-Control: no-cache,no-store,must-revalidate
Content-Type: text/html
content-length: 0
X-RPHost: 37b22a0c36bd84993dd2cda4a5e04b1d
Expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame D7BC
Redirect Chain

https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESEI...
https://sync.1rx.io/usersync2/rmpssp?sub=google&zcc=1&google_push=AYg5qPLwSK56ksm5Qc9aRImMrhJ24leuuPM6Hvs1P1Ik5blOfK-pnLG3joa44sQvI_90tZekH3lXQ2e3NBElRz0Cp9BFcWbyfe5p&redir=https%3A%2F%2Fcm.g.doubl...
https://sync.targeting.unrulymedia.com/csync/RX-0844808e-b714-4afc-86dd-865b883f2efc-003?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DAYg5qPLwSK56ksm5Qc9aRImMr...
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AYg5qPLwSK56ksm5Qc9aRImMrhJ24leuuPM6Hvs1P1Ik5blOfK-pnLG3joa44sQvI_90tZekH3lXQ2e3NBElRz0Cp9BFcWbyfe5p&google_hm=AwhEgI63FEr8ht2GW4g_Lvw

170 B
188 B

52ms
51ms

Image
image/png

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AYg5qPLwSK56ksm5Qc9aRImMrhJ24leuuPM6Hvs1P1Ik5blOfK-pnLG3joa44sQvI_90tZekH3lXQ2e3NBElRz0Cp9BFcWbyfe5p&google_hm=AwhEgI63FEr8ht2GW4g_Lvw

Protocol

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 21 Mar 2022 14:45:54 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AYg5qPLwSK56ksm5Qc9aRImMrhJ24leuuPM6Hvs1P1Ik5blOfK-pnLG3joa44sQvI_90tZekH3lXQ2e3NBElRz0Cp9BFcWbyfe5p&google_hm=AwhEgI63FEr8ht2GW4g_Lvw
date: Mon, 21 Mar 2022 14:45:54 GMT
server: Tengine
p3p: CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag: RX0844808eb7144afc86dd865b883f2efc003
content-type: text/html

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame D7BC
Redirect Chain

https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEO4RuqIC-T7KmCcOeEbGO5M&google_cver=1&google_push=AYg5qPJuoEqTEWXaYHF5BDex7qXi52iiTifnAl1b5bAXEjvkQWQS7U9S2zHFq7yEwESx3w3ctjeLazLzjd_ekUTjkf5iodotxic
https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=1&cmp_cs=&us_privacy=&sync=1&google_push=AYg5qPJuoEqTEWXaYHF5BDex7qXi52iiTifnAl1b5bAXEjvkQWQS7U9S2zHFq7yEwESx3w3ctjeLazLzjd_ekUTjkf5iodotxic&googl...
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MjQ1NjQ4MTY2MzczMjI0MDI1MzY5Nw%3D%3D&google_push=AYg5qPJuoEqTEWXaYHF5BDex7qXi52iiTifnAl1b5bAXEjvkQWQS7U9S...

170 B
188 B

50ms
50ms

Image
image/png

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MjQ1NjQ4MTY2MzczMjI0MDI1MzY5Nw%3D%3D&google_push=AYg5qPJuoEqTEWXaYHF5BDex7qXi52iiTifnAl1b5bAXEjvkQWQS7U9S2zHFq7yEwESx3w3ctjeLazLzjd_ekUTjkf5iodotxic

Requested by

Host: 4ff8e811445a9b61eb0bed126f8b9447.safeframe.googlesyndication.com
URL: https://4ff8e811445a9b61eb0bed126f8b9447.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 21 Mar 2022 14:45:53 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MjQ1NjQ4MTY2MzczMjI0MDI1MzY5Nw%3D%3D&google_push=AYg5qPJuoEqTEWXaYHF5BDex7qXi52iiTifnAl1b5bAXEjvkQWQS7U9S2zHFq7yEwESx3w3ctjeLazLzjd_ekUTjkf5iodotxic
date: Mon, 21 Mar 2022 14:45:53 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame D7BC
Redirect Chain

https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESELMEnerFxYrSqieu0GI4bHg&google_cver=1&google_push=AYg5qPJsVIYGNbw2tphjCrP48EHMBirpqTr0Z5cC_mMrlTS3hgpxT5dw485C2TbchxSjz07IiD...
https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESELMEnerFxYrSqieu0GI4bHg&google_cver=1&google_push=AYg5qPJsVIYGNbw2tphjCrP48EHMBirpqTr0Z5cC_mMrlTS3hgpxT5dw485C2TbchxSjz07IiD...
https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1TMVo0cjhwRTJ1RjhjQnlMUjFGVTlRWjFxSDhYc0xlMX5B&google_push=AYg5qPJsVIYGNbw2tphjCrP48EHMBirpqTr0Z5cC_mMrlTS3hgpxT5dw4...

170 B
188 B

51ms
51ms

Image
image/png

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1TMVo0cjhwRTJ1RjhjQnlMUjFGVTlRWjFxSDhYc0xlMX5B&google_push=AYg5qPJsVIYGNbw2tphjCrP48EHMBirpqTr0Z5cC_mMrlTS3hgpxT5dw485C2TbchxSjz07IiDfMYnUKLe8TkDGE7vqf4GTTsSojNg

Requested by

Host: 4ff8e811445a9b61eb0bed126f8b9447.safeframe.googlesyndication.com
URL: https://4ff8e811445a9b61eb0bed126f8b9447.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 21 Mar 2022 14:45:53 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1TMVo0cjhwRTJ1RjhjQnlMUjFGVTlRWjFxSDhYc0xlMX5B&google_push=AYg5qPJsVIYGNbw2tphjCrP48EHMBirpqTr0Z5cC_mMrlTS3hgpxT5dw485C2TbchxSjz07IiDfMYnUKLe8TkDGE7vqf4GTTsSojNg
date: Mon, 21 Mar 2022 14:45:53 GMT
server: ATS/9.1.0.33
age: 0
content-length: 0
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2 200 dot.gif
s0.2mdn.net/ Frame D7BC 43 B
577 B 135ms
48ms Image
image/gif 2a00:1450:4001:803::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dot.gif?google_gid=CAESEDKhPusNq7fMNodnplaaO1s&google_cver=1&google_push=AYg5qPJvI0mqdzfguS6U0ELtzvWEZRFMDiLg_xG_OcokB__9UoT-oZndwyTo6eJuB7nVnAb2qqimOsTMuKWuh1GFfDWEWrnSWZsT

Requested by

Host: 4ff8e811445a9b61eb0bed126f8b9447.safeframe.googlesyndication.com
URL: https://4ff8e811445a9b61eb0bed126f8b9447.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 21 Mar 2022 14:45:53 GMT
x-content-type-options: nosniff
last-modified: Sun, 01 Feb 2009 08:00:00 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 22 Mar 2022 14:45:53 GMT

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame D7BC 0
12 B 49ms
47ms Image
text/html 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13K1YsRRzX1FrYrt_OpRpugTsghsTYxwwpEYhvxt3Zh7muTaoK5FAhcAQOJtDiIqwt9ffJ5Dq_c

Requested by

Host: 4ff8e811445a9b61eb0bed126f8b9447.safeframe.googlesyndication.com
URL: https://4ff8e811445a9b61eb0bed126f8b9447.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 21 Mar 2022 14:45:52 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 2E26 0
0 80ms
80ms Fetch
text/html 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CcRfjoI84YpPAHceCjuwPxZul0A7ukrWTXL-ihcfkBcCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi05MDU4MjkxODU0NDQzODgxyAEJ4AIAqAMBqgS_Ak_Qs9nXJPyFDYQ_ZrLu_chtGOLu0gfXhaFd-2MLM6SsYDnIrIMr-CIYj-U0d_tkuJxoQ4dYJvExyhqiUypxfFoCtJQx8MYgihcrn7-8dBW3UsnDGF8uvsTYtsgzFqngYa_p1aTl97Jhzcyj7avembZrSsWLFPQ-OpXjk4MfPJ3uNnFRzICP2WYad5_HJQOV4XPflKcLyzr60_47yr09JvGPtF3BcAZQuKWAEr8BfaxOLvt1AT0MKX-Lcm_sdOXD2VznBglOz8xI3g0qjbf7z55ixyMZFpnxy3ZBTZJQNc9tYeZbhCO49CZdzG1QrG-bNyUBaH5AnPBqeu3Ie_Bd-L_TBZ8Ub15zeeLNVMi7Rk268CulIlxPtiQdCJ-366wugimmlupTK3jjmV8rOBYzctS_NstwaKtS0kAb-0VQHDTgBAGABt_JhMu4sKz-ywGgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfIIG2FkeC1zdWJzeW4tMjcxODIxODU4NTA3NTU5NIAKA_oLAggBgAwB0BUBgBcBshccChoSFHB1Yi05MDU4MjkxODU0NDQzODgxGLbXaQ&sigh=6M3mzSBR2mY&uach_m=[UACH]&cid=CAQSPACNIrLMo5xMbBjYcqewclO0L6VHuFjZWl6B41dM9z7g5uJjsVme5yII6tKMz21Nu3_JhPwXF4StEj6wOxgB
Requested by: Host: portalsemakan.com
URL: https://portalsemakan.com/permohonan-pelan-data-pelajar/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s08-in-f2.1e100.net
Software: /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://4ff8e811445a9b61eb0bed126f8b9447.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H2 200 ttj Show response
ib.3lift.com/ Frame 2E26 4 KB
2 KB 7ms
7ms Script
application/javascript 18.66.112.66
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ib.3lift.com/ttj?inv_code=adasia_allpublishers_display
Requested by: Host: 4ff8e811445a9b61eb0bed126f8b9447.safeframe.googlesyndication.com
URL: https://4ff8e811445a9b61eb0bed126f8b9447.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.66 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-66.fra56.r.cloudfront.net
Software: /
Resource Hash: ccaa51271b339a3d0f1c244e679e062d2664aa1db8b42ccec98f8fcfca18d16b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://4ff8e811445a9b61eb0bed126f8b9447.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 21 Mar 2022 14:43:59 GMT
via: 1.1 fd080e20137c93d47ed43a67821248f0.cloudfront.net (CloudFront)
age: 113
etag: "94267aee749cf372b3e05b509cc83f77"
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=900
x-amz-cf-pop: FRA56-P5
content-encoding: gzip
content-length: 2011
x-amz-cf-id: 1fzto17VC1OCbxYf2kPWpxvUnvkgDemkAh03AjhTFHzleGewuaOdBQ==

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220316/r20110914/client/ Frame 2E26 2 KB
1 KB 39ms
38ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220316/r20110914/client/window_focus_fy2021.js

Requested by

Host: 4ff8e811445a9b61eb0bed126f8b9447.safeframe.googlesyndication.com
URL: https://4ff8e811445a9b61eb0bed126f8b9447.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

68026f99511fbc5c2275b7068b5fac19797d638977ffb9db12c5c1523614c18f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://4ff8e811445a9b61eb0bed126f8b9447.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 21 Mar 2022 13:19:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 5173
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1233
x-xss-protection: 0
server: cafe
etag: 16517525077337815633
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 04 Apr 2022 13:19:39 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 2E26 117 KB
36 KB 1380ms
1379ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 4ff8e811445a9b61eb0bed126f8b9447.safeframe.googlesyndication.com
URL: https://4ff8e811445a9b61eb0bed126f8b9447.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bc68a3e6e6f0074ff46c18beea2033fc4e8c6ee513dc0617758f45e2bdd8b88a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://4ff8e811445a9b61eb0bed126f8b9447.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 21 Mar 2022 14:45:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36344
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1647431472276194"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 21 Mar 2022 14:45:54 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220316/r20110914/client/ Frame 2E26 15 KB
6 KB 39ms
38ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220316/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 4ff8e811445a9b61eb0bed126f8b9447.safeframe.googlesyndication.com
URL: https://4ff8e811445a9b61eb0bed126f8b9447.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c82a58123e9f042fb6f68695578cff668b16b22915e0a8cb8acca14741df2bac

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://4ff8e811445a9b61eb0bed126f8b9447.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 21 Mar 2022 14:16:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1750
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6367
x-xss-protection: 0
server: cafe
etag: 1939740185073438140
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 04 Apr 2022 14:16:42 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 2E26 0
0 47ms
47ms Image
text/html 2a00:1450:4001:801::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTHmXhyd4bONa8BBMZOp79tRTXS4qMvjB_e36Hw15ESgOhe7IybQUWoYZqdgVims9lZ_LmbvbenpFLD4pI-Zz9G6m7rmQ
Requested by: Host: 4ff8e811445a9b61eb0bed126f8b9447.safeframe.googlesyndication.com
URL: https://4ff8e811445a9b61eb0bed126f8b9447.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:801::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://4ff8e811445a9b61eb0bed126f8b9447.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H3 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-38/js/ Frame 2E26 22 KB
7 KB 40ms
39ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-38/js/ext.js

Requested by

Host: 4ff8e811445a9b61eb0bed126f8b9447.safeframe.googlesyndication.com
URL: https://4ff8e811445a9b61eb0bed126f8b9447.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://4ff8e811445a9b61eb0bed126f8b9447.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 21 Mar 2022 11:46:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 10777
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7022
x-xss-protection: 0
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Tue, 21 Mar 2023 11:46:15 GMT

GET
H2 200 notify
tlx.3lift.com/s2s/ Frame 2E26 37 B
183 B 9ms
8ms Image
image/gif 18.197.113.18
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tlx.3lift.com/s2s/notify?px=1&pr=YjiPoAAHYBMHg4FHAAlNxWhFl_EZsUlJZoOR_Q&ts=1647873952&aid=3427386585540942390560&ec=2460_15241_67379644&n=GvQEaHR0cDovL2IxLWV1ZGMxLnplbWFudGEuY29tL2JpZGRlci93aW4vdHJpcGxlbGlmdF9kaXNwbGF5LzliNDhkOTE1LWE5MjUtMTFlYy1iNTMwLTg1MDgzYTY0YjEwYy8wLjAxNC9ISE9ST0JGUkJIMlgyTU1DNUVQRTY2UEhCUTI2R09LMkxZRUc2QjI3VE5GR080NERMU1dBTkxPRkkyS0RGQ1dGQklEUTY0VENaWU9SSkhLR0pEM1I0SkVNUU00MkFLVEdXNUVKMzc0UFdCWVFWR0M1TFhCWktDNURJV05WS1NOTzNJWko1REhEQ1ZOQkQ2NFBTQlZES0tBT0lYSUdMU0hBVkE2MlBOTUpEVDU2VUpCVk42TVpPRlUyRzVGRVlPRFA0RVZEWlNCNzQ3WUZWTkVOWUVINTdJQkJGWFFGWlJGTE0zWEVFUElWNU1QUkhDVlozWVRRR1ZJNTRUS0Y3SE9YVUE3UlFaQUpOSldRVU9RN0FFUlZXWDJKMlk0N1ROU05HUkhDSVI1TUpaVDRFSUo1UzZNSjVNVkZaV1hUSldHU1E3Q1pHV1RUTUJUMlhOUk5IQ1pXWFhRUVQ0VFdWTVBCMlQ3VVRHRlhONldMTFFMRjNOWDZaVkFDVjNSNkdMR0pDV1NVRUdSRVRYNDRSUlNKRUlLSzVYWURYS05WS0NaRkE2RjY3R0ZQWk9QWDZWQlVIM1I1MzdWRDRIM09FSEpQSkRWV1o2WFRQUjNDSE5VSFBaNjdFRFlUVTdOVTNER1pGUEdXRDJFV0pWVVNTNE0yWVdNVUFZM0FOU0tKWU9RS0hKUkNSNzNURDJMMjIvP%2FICzgEIABIWMzQyNzM4NjU4NTU0MDk0MjM5MDU2MBgAIAEonBMwiXdAAUgAUABgCmgAcJ3iIpABAJgBAKgBALABDrgBCcABDMgBDuABDPABAPgBDoACDIgCDJECAAAAAAAA8D%2BZAgrXo3A9Csc%2FoQIAAAAAAADwP6gCALACAMgCBNgCAPECZmZmZmZm5j%2F4Ar8xgAPQAogDmAKQAwKYAwCgAwC4A7TkD8ADAMgDANIDCDY3Mzc5NjQ04AP%2F%2F%2F%2F%2F%2F%2F%2F%2F%2F%2F8B6QMAAAAAAAAAAPADDvgCBYgDAJIDBGRiYTiYAwA%3D
Requested by: Host: 4ff8e811445a9b61eb0bed126f8b9447.safeframe.googlesyndication.com
URL: https://4ff8e811445a9b61eb0bed126f8b9447.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.197.113.18 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-197-113-18.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://4ff8e811445a9b61eb0bed126f8b9447.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 21 Mar 2022 14:45:52 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-length: 37
expires: Thu, 15 Oct 1992 20:10:00 GMT

GET
H2 200 pe
eb2.3lift.com/ Frame 2E26 37 B
139 B 9ms
8ms Image
image/gif 13.248.245.213
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/pe?fid=10&peid=0&aid=3427386585540942390560
Requested by: Host: 4ff8e811445a9b61eb0bed126f8b9447.safeframe.googlesyndication.com
URL: https://4ff8e811445a9b61eb0bed126f8b9447.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://4ff8e811445a9b61eb0bed126f8b9447.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 21 Mar 2022 14:45:52 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 37
content-type: image/gif

GET
H2 200 n.js Show response
geo.moatads.com/ Frame 0478 84 B
259 B 85ms
21ms Script
text/html 18.168.215.250
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://geo.moatads.com/n.js?e=35&ol=4130158442&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2FG)lKr%23l9jmUdTfN%5Bqir1fcSC%3AU%3FWOvTh%7CzFK%3F%5B%22l!j%3F%5DV%22%3BU!%2FBwj%5DUG0U20!9%3Am%5EG..%2C*%5D%407%25rxaxcpaO%2BZ%5EhG%22%3ExZq%224%7CQjw%60.%7Bi%3F%5DQZ%2CA2%2BNhloI%40s1%7CZ5*%3FVl%3Fe3%7CqL5%40J%3D%5B%2BxkrG%3DGfv)C%24%7CQJ%3BatASYUby%3D(tN%23V.x%3Bm_Qrw5.W%2F84VKp%40i6AKx!f%3EUYoo813_xB%2CN22Ib%40aFB&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=2%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-MyicW%2BgiY9PHPf0uHVjPGlx1P1tMeAYh8VIp1Vf7AbESGfrl5%2FmliBNlAlwWxmRnpyWz&rs=1-dbBp6wlWe0wLgg%3D%3D&sc=1&os=1-hg%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=728&qe=90&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&i=TRIPLELIFT1&hp=1&ra=1&pxm=8&sgs=3&vb=-1&kq=1&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&bq=0&f=1&nh=1&j=https%3A%2F%2Fportalsemakan.com&lp=https%3A%2F%2Fportalsemakan.com&t=1647873952277&de=892955060384&m=0&ar=359f21c1e97-clean&iw=06f1dbb&q=2&cb=0&ym=0&cu=1647873952277&ll=2&lm=1&ln=1&r=0&em=0&en=0&d=7207%3A39761%3Aundefined%3A10&zMoatTactic=undefined&zMoatPixelParams=aid%3A25795656294880711728720%3Bsr%3A10%3Buid%3A0%3B&zMoatOrigSlicer1=2460&zMoatOrigSlicer2=569629&zMoatJS=-&zGSRC=1&gu=https%3A%2F%2Fportalsemakan.com%2F&id=0&ii=3&bo=2460&bd=portalsemakan.com&gw=triplelift879988051105&fd=1&ac=1&it=500&ti=0&ih=1&pe=0%3A-%3A-%3A0%3A373&jm=-1&fs=197273&na=2065460582&cs=0&ord=1647873952277&jv=1714816649&callback=DOMlessLLDcallback_38849529
Requested by: Host: z.moatads.com
URL: https://z.moatads.com/triplelift879988051105/moatad.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.168.215.250 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-168-215-250.eu-west-2.compute.amazonaws.com
Software: TornadoServer/5.1.1 /
Resource Hash: cdd20577cb6b04ea622d854cf43c6773bf15b43e6eedea07ecf641087e697c72

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://4ff8e811445a9b61eb0bed126f8b9447.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 21 Mar 2022 14:45:53 GMT
cache-control: max-age=900
server: TornadoServer/5.1.1
timing-allow-origin: *
etag: "e7343b984c4688f2ef3125efa2f8fdf8d5df5169"
content-length: 84
content-type: text/html; charset=UTF-8

GET
H2 200 pixel.gif
px.moatads.com/ Frame 0478 43 B
260 B 16ms
7ms Image
image/gif 184.30.25.161
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=17&i=TRIPLELIFT1&hp=1&ra=1&pxm=8&sgs=3&vb=-1&kq=1&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&bq=0&f=1&nh=1&j=https%3A%2F%2Fportalsemakan.com&lp=https%3A%2F%2Fportalsemakan.com&t=1647873952277&de=892955060384&m=0&ar=359f21c1e97-clean&iw=06f1dbb&q=3&cb=0&ym=0&cu=1647873952277&ll=2&lm=1&ln=1&r=0&em=0&en=0&d=7207%3A39761%3Aundefined%3A10&zMoatTactic=undefined&zMoatPixelParams=aid%3A25795656294880711728720%3Bsr%3A10%3Buid%3A0%3B&zMoatOrigSlicer1=2460&zMoatOrigSlicer2=569629&zMoatJS=-&zGSRC=1&gu=https%3A%2F%2Fportalsemakan.com%2F&id=0&ii=3&bo=2460&bd=portalsemakan.com&gw=triplelift879988051105&fd=1&ac=1&it=500&ti=0&ih=1&pe=0%3A-%3A-%3A0%3A373&jm=-1&fs=197273&na=1948379385&cs=0
Requested by: Host: 4ff8e811445a9b61eb0bed126f8b9447.safeframe.googlesyndication.com
URL: https://4ff8e811445a9b61eb0bed126f8b9447.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.30.25.161 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-25-161.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://4ff8e811445a9b61eb0bed126f8b9447.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 21 Mar 2022 14:45:53 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Mon, 21 Mar 2022 14:45:53 GMT

GET
H3 200 J_qxQZjuUB_uQp7BvnBI0K8a5e4rJKdHhykRiRTCxyY.js Show response
pagead2.googlesyndication.com/bg/ Frame EAC6 36 KB
14 KB 37ms
37ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/J_qxQZjuUB_uQp7BvnBI0K8a5e4rJKdHhykRiRTCxyY.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

27fab14198ee501fee429ec1be7048d0af1ae5ee2b24a7478729118914c2c726

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 19 Mar 2022 22:49:53 GMT
content-encoding: br
x-content-type-options: nosniff
age: 143760
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13888
x-xss-protection: 0
last-modified: Mon, 14 Mar 2022 11:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 19 Mar 2023 22:49:53 GMT

GET
H3 200 container.html Show response
4ff8e811445a9b61eb0bed126f8b9447.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 7398 6 KB
3 KB 39ms
39ms Document
text/html 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://4ff8e811445a9b61eb0bed126f8b9447.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031501.js?cb=31065673

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://portalsemakan.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 21 Mar 2022 14:45:52 GMT
expires: Tue, 21 Mar 2023 14:45:52 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
content-type: text/html
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 bundle.js Show response
ib.3lift.com/rev/b5dbcaaad667d54756cc1e78e73a1e2616cc2b6d/dist/ Frame 2E26 254 KB
81 KB 9ms
8ms Script
application/javascript 18.66.112.66
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ib.3lift.com/rev/b5dbcaaad667d54756cc1e78e73a1e2616cc2b6d/dist/bundle.js
Requested by: Host: ib.3lift.com
URL: https://ib.3lift.com/ttj?inv_code=adasia_allpublishers_display
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.66 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-66.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 325e6a7b68748a169ffb84eef16a6aa2042e2fd8ee1819a61c7a5fb399ba5e54

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://4ff8e811445a9b61eb0bed126f8b9447.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 10 Mar 2022 15:56:45 GMT
content-encoding: gzip
last-modified: Thu, 10 Mar 2022 15:56:23 GMT
server: AmazonS3
age: 946149
etag: "72ce81d7d81987b2256ad6fa329008bc"
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 fd080e20137c93d47ed43a67821248f0.cloudfront.net (CloudFront)
cache-control: max-age=31536000, immutable
x-amz-cf-pop: FRA56-P5
accept-ranges: bytes
content-length: 82367
x-amz-cf-id: 7aY20I2aR28Qhu1-5c0OUeeX_UGmkel_LZKne0nm25gyDg_q5usHlg==

GET
H3 206 file.mp4
r2---sn-5hne6nzd.c.2mdn.net/videoplayback/id/1010c898234a80bf/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1679409952/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip... Frame 78B5 590 KB
0 32ms
15ms Media
video/mp4 2a00:1450:400e:13::7
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400e:13::7 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://googleads.g.doubleclick.net/
Accept-Encoding: identity;q=1, *;q=0
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Range: bytes=0-

Response headers

date: Mon, 21 Mar 2022 14:45:53 GMT
x-content-type-options: nosniff
Content-Range: bytes 0-4483752/4483753
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length: 4483753
expires: Mon, 21 Mar 2022 14:45:53 GMT
last-modified: Fri, 11 Feb 2022 11:46:46 GMT
server: gvs 1.0
vary: Origin
content-type: video/mp4
access-control-allow-origin: https://googleads.g.doubleclick.net
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: private, max-age=86400
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: https://googleads.g.doubleclick.net
client-protocol: quic

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 8980 1 KB
749 B 41ms
37ms Document
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: 4ff8e811445a9b61eb0bed126f8b9447.safeframe.googlesyndication.com
URL: https://4ff8e811445a9b61eb0bed126f8b9447.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://4ff8e811445a9b61eb0bed126f8b9447.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 724
x-xss-protection: 0
date: Mon, 21 Mar 2022 13:26:12 GMT
expires: Tue, 22 Mar 2022 13:26:12 GMT
cache-control: public, max-age=86400
age: 4781
etag: 48472445140208031
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 pixel.gif
px.moatads.com/ Frame 0478 43 B
260 B 11ms
6ms Image
image/gif 184.30.25.161
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=0&q=0&hp=1&ra=1&pxm=8&sgs=3&vb=-1&kq=1&lo=0&uk=null&pk=0&wk=0&rk=0&tk=0&ak=https%3A%2F%2F4ff8e811445a9b61eb0bed126f8b9447.safeframe.googlesyndication.com%2F%2Fsafeframe%2F1-0-38%2Fhtml%2F-&i=TRIPLELIFT1&ol=4130158442&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2FG)lKr%23l9jmUdTfN%5Bqir1fcSC%3AU%3FWOvTh%7CzFK%3F%5B%22l!j%3F%5DV%22%3BU!%2FBwj%5DUG0U20!9%3Am%5EG..%2C*%5D%407%25rxaxcpaO%2BZ%5EhG%22%3ExZq%224%7CQjw%60.%7Bi%3F%5DQZ%2CA2%2BNhloI%40s1%7CZ5*%3FVl%3Fe3%7CqL5%40J%3D%5B%2BxkrG%3DGfv)C%24%7CQJ%3BatASYUby%3D(tN%23V.x%3Bm_Qrw5.W%2F84VKp%40i6AKx!f%3EUYoo813_xB%2CN22Ib%40aFB&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=2%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-MyicW%2BgiY9PHPf0uHVjPGlx1P1tMeAYh8VIp1Vf7AbESGfrl5%2FmliBNlAlwWxmRnpyWz&rs=1-dbBp6wlWe0wLgg%3D%3D&sc=1&os=1-hg%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=728&qe=90&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&bq=0&g=0&h=90&w=728&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&zGSRC=1&gu=https%3A%2F%2Fportalsemakan.com%2F&id=0&ii=3&f=1&j=https%3A%2F%2Fportalsemakan.com&lp=https%3A%2F%2Fportalsemakan.com&t=1647873952277&de=892955060384&cu=1647873952277&m=84&ar=359f21c1e97-clean&iw=06f1dbb&cb=0&ym=0&ll=2&lm=1&ln=1&r=0&dl=0&nh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=94&le=1&gm=1&io=1&vv=3&vw=0%3A3%3A0&vp=-&vx=-%3A-%3A-&pe=0%3A-%3A-%3A0%3A373&aa=0&ad=0&cn=0&gk=0&gl=0&ik=0&ic=0&im=0&in=0&pd=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=63&cd=0&ah=63&am=0&xd=00&rf=0&re=1&wb=1&cl=0&at=0&d=7207%3A39761%3Aundefined%3A10&bo=2460&bd=portalsemakan.com&gw=triplelift879988051105&zMoatOrigSlicer1=2460&zMoatOrigSlicer2=569629&zMoatTactic=undefined&zMoatPixelParams=aid%3A25795656294880711728720%3Bsr%3A10%3Buid%3A0%3B&zMoatJS=3%3A-&hv=Triplelift%20Override%201&ab=2&ac=1&fd=1&kt=sframe&it=500&oq=0&ot=0&ti=0&ih=1&jm=-1&tc=0&fs=197273&na=1495649418&cs=0
Requested by: Host: 4ff8e811445a9b61eb0bed126f8b9447.safeframe.googlesyndication.com
URL: https://4ff8e811445a9b61eb0bed126f8b9447.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.30.25.161 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-25-161.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://4ff8e811445a9b61eb0bed126f8b9447.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 21 Mar 2022 14:45:53 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Mon, 21 Mar 2022 14:45:53 GMT

GET
H2 200 r
eb2.3lift.com/ Frame 2E26 37 B
139 B 8ms
7ms Image
image/gif 13.248.245.213
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/r?inv_code=adasia_allpublishers_display&aid=3427386585540942390560&rev=b5dbcaa&pr=can%27t%2520access%2520top%2520document&bc=0.014&bmid=2460&biid=6335&sid=15241&brid=569629&adid=67379644&crid=-1&ts=1647873952&bcud=14&ss=5&caid=0&unid=0&domain=4ff8e811445a9b61eb0bed126f8b9447.safeframe.googlesyndication.com&ref=https%253A%252F%252Fportalsemakan.com%252F&rr=creative&fid=10&rb=0&g=0&cb=92100
Requested by: Host: 4ff8e811445a9b61eb0bed126f8b9447.safeframe.googlesyndication.com
URL: https://4ff8e811445a9b61eb0bed126f8b9447.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://4ff8e811445a9b61eb0bed126f8b9447.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 21 Mar 2022 14:45:53 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 37
content-type: image/gif

GET
H2 200 OBA_TRANS.png
ib.3lift.com/static/buttons/edaa/ Frame 2E26 3 KB
3 KB 8ms
7ms Image
image/png 18.66.112.66
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ib.3lift.com/static/buttons/edaa/OBA_TRANS.png
Requested by: Host: ib.3lift.com
URL: https://ib.3lift.com/rev/b5dbcaaad667d54756cc1e78e73a1e2616cc2b6d/dist/bundle.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.66 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-66.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 2fd4c3ae6afc2b4026d9f0b64b8ff1110ecfcf47b90bc988c06e844b3921cbf6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://4ff8e811445a9b61eb0bed126f8b9447.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 15 Mar 2022 12:57:19 GMT
via: 1.1 fd080e20137c93d47ed43a67821248f0.cloudfront.net (CloudFront)
last-modified: Thu, 05 Aug 2021 17:23:36 GMT
server: AmazonS3
age: 524915
etag: "ddf020e069f1706b72b7698b28fede09"
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=604800,s-maxage=604800,public
x-amz-cf-pop: FRA56-P5
accept-ranges: bytes
content-length: 3125
x-amz-cf-id: ucO7uqGKulnXE9HN4xUkIbeNEIFopOC_daiDtfmRvHjshpWe0StWEA==

GET
H2 200 OBA_UK.png
ib.3lift.com/static/buttons/edaa/ Frame 2E26 3 KB
4 KB 8ms
8ms Image
image/png 18.66.112.66
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ib.3lift.com/static/buttons/edaa/OBA_UK.png
Requested by: Host: ib.3lift.com
URL: https://ib.3lift.com/rev/b5dbcaaad667d54756cc1e78e73a1e2616cc2b6d/dist/bundle.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.66 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-66.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 08285afd2f0c11a2a9d89f00dce769479e4d164e62caa39eceea9f1eb551afa9

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://4ff8e811445a9b61eb0bed126f8b9447.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 14 Mar 2022 19:36:19 GMT
via: 1.1 fd080e20137c93d47ed43a67821248f0.cloudfront.net (CloudFront)
last-modified: Thu, 05 Aug 2021 17:23:31 GMT
server: AmazonS3
age: 587375
etag: "7ceab27af00fa466072a3c3360041755"
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=604800,s-maxage=604800,public
x-amz-cf-pop: FRA56-P5
accept-ranges: bytes
content-length: 3518
x-amz-cf-id: ka1Pv3EqwHJeRVynulcVMUJSbXFbzOlCe-RLy3ATBYKeXDtLuIO3lA==

GET
DATA 200
OK truncated Show response
/ Frame 2B3A 26 B
0 Script
image/gif

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c00a759275b8628823a9809f24cbeca08cb48b52713adf221f70284e66d9c82f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/gif

GET
H2 200 ctar
eb2.3lift.com/ Frame 2E26 37 B
139 B 10ms
8ms Image
image/gif 13.248.245.213
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/ctar?inv_code=adasia_allpublishers_display&aid=3427386585540942390560&rev=b5dbcaa&cta_render_method=1&cta_render_text=&cb=48319
Requested by: Host: 4ff8e811445a9b61eb0bed126f8b9447.safeframe.googlesyndication.com
URL: https://4ff8e811445a9b61eb0bed126f8b9447.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://4ff8e811445a9b61eb0bed126f8b9447.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 21 Mar 2022 14:45:53 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 37
content-type: image/gif

GET
H2 200 widget-336x280.js Show response
widgets.zemanta.com/1646288090/ Frame 0ED0 6 KB
3 KB 8ms
7ms Script
application/javascript 151.101.194.132
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://widgets.zemanta.com/1646288090/widget-336x280.js
Requested by: Host: ib.3lift.com
URL: https://ib.3lift.com/rev/b5dbcaaad667d54756cc1e78e73a1e2616cc2b6d/dist/bundle.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.194.132 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 73c73a78933604fd0b0166bd30d9ddd5df2eb4ea29ad66b6fe959e6a2efd18c9

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://4ff8e811445a9b61eb0bed126f8b9447.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-version-id: NkfuTGezFwnvsp0_JQU5vMDr9uX6saeK
content-encoding: gzip
etag: "008a81d2770360fc8af601fb99ea9b96"
age: 2636
x-cache: HIT
content-length: 2492
x-amz-id-2: Xm/g93TxJudxfydy3HAl72nUEmUpN3LwB5uaeg97YBESukcF/dG5NNsGH7QEpeK8qs8rQOzvi/k=
x-served-by: cache-hhn4047-HHN
last-modified: Thu, 03 Mar 2022 08:30:49 GMT
server: AmazonS3
x-timer: S1647873953.167105,VS0,VE0
date: Mon, 21 Mar 2022 14:45:53 GMT
vary: Accept-Encoding
x-amz-request-id: 7KSXTR0EQQ3AAJDG
via: 1.1 varnish
accept-ranges: bytes
content-type: application/javascript
x-cache-hits: 532

GET
H2 200 aop
eb2.3lift.com/ Frame 2E26 37 B
139 B 9ms
8ms Image
image/gif 13.248.245.213
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/aop?inv_code=adasia_allpublishers_display&aid=3427386585540942390560&rev=b5dbcaa&pr=can%27t%2520access%2520top%2520document&bc=0.014&bmid=2460&biid=6335&sid=15241&brid=569629&adid=67379644&crid=-1&ts=1647873952&bcud=14&ss=5&caid=0&unid=0&domain=4ff8e811445a9b61eb0bed126f8b9447.safeframe.googlesyndication.com&ref=https%253A%252F%252Fportalsemakan.com%252F&rr=creative&fid=10&rb=0&g=0&cb=43057
Requested by: Host: 4ff8e811445a9b61eb0bed126f8b9447.safeframe.googlesyndication.com
URL: https://4ff8e811445a9b61eb0bed126f8b9447.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://4ff8e811445a9b61eb0bed126f8b9447.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 21 Mar 2022 14:45:53 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 37
content-type: image/gif

GET
H2 200 pixel.gif
px.moatads.com/ Frame 0478 43 B
260 B 11ms
10ms Image
image/gif 184.30.25.161
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=37&q=0&hp=1&ra=1&pxm=8&sgs=3&vb=-1&kq=1&lo=0&uk=null&pk=0&wk=0&rk=0&tk=0&ak=-&i=TRIPLELIFT1&ol=4130158442&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2FG)lKr%23l9jmUdTfN%5Bqir1fcSC%3AU%3FWOvTh%7CzFK%3F%5B%22l!j%3F%5DV%22%3BU!%2FBwj%5DUG0U20!9%3Am%5EG..%2C*%5D%407%25rxaxcpaO%2BZ%5EhG%22%3ExZq%224%7CQjw%60.%7Bi%3F%5DQZ%2CA2%2BNhloI%40s1%7CZ5*%3FVl%3Fe3%7CqL5%40J%3D%5B%2BxkrG%3DGfv)C%24%7CQJ%3BatASYUby%3D(tN%23V.x%3Bm_Qrw5.W%2F84VKp%40i6AKx!f%3EUYoo813_xB%2CN22Ib%40aFB&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=2%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-MyicW%2BgiY9PHPf0uHVjPGlx1P1tMeAYh8VIp1Vf7AbESGfrl5%2FmliBNlAlwWxmRnpyWz&rs=1-dbBp6wlWe0wLgg%3D%3D&sc=1&os=1-hg%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=728&qe=90&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&bq=0&g=1&h=90&w=728&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&zGSRC=1&gu=https%3A%2F%2Fportalsemakan.com%2F&id=0&ii=3&f=1&j=https%3A%2F%2Fportalsemakan.com&lp=https%3A%2F%2Fportalsemakan.com&t=1647873952277&de=892955060384&cu=1647873952277&m=249&ar=359f21c1e97-clean&iw=06f1dbb&cb=0&ym=0&ll=2&lm=1&ln=1&r=0&dl=0&nh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=94&le=1&lh=41&gm=1&io=1&ch=1&vv=3&vw=0%3A3%3A0&vp=100&vx=-%3A100%3A-&pe=0%3A384%3A384%3A0%3A373&aa=0&ad=79&cn=0&gk=79&gl=0&ik=79&ic=79&ez=1&cq=1&im=0&in=0&pd=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=63&cd=63&ah=63&am=63&xd=00&rf=0&re=1&wb=1&cl=0&at=0&d=7207%3A39761%3Aundefined%3A10&bo=2460&bd=portalsemakan.com&gw=triplelift879988051105&zMoatOrigSlicer1=2460&zMoatOrigSlicer2=569629&zMoatTactic=undefined&zMoatPixelParams=aid%3A25795656294880711728720%3Bsr%3A10%3Buid%3A0%3B&zMoatJS=3%3A-&hv=Triplelift%20Override%201&ab=2&ac=1&fd=1&kt=sframe&it=500&fz=1&oq=1&ot=ff&ti=0&ih=1&jm=-1&tc=0&fs=197273&na=2104316624&cs=0
Requested by: Host: 4ff8e811445a9b61eb0bed126f8b9447.safeframe.googlesyndication.com
URL: https://4ff8e811445a9b61eb0bed126f8b9447.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.30.25.161 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-25-161.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://4ff8e811445a9b61eb0bed126f8b9447.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 21 Mar 2022 14:45:53 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Mon, 21 Mar 2022 14:45:53 GMT

GET
H2 200 ev3
eb2.3lift.com/ Frame 0478 37 B
139 B 11ms
11ms Image
image/gif 13.248.245.213
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/ev3?vid=1&aid=25795656294880711728720&sr=10&uid=0&type=mi&ord=1647873952277
Requested by: Host: 4ff8e811445a9b61eb0bed126f8b9447.safeframe.googlesyndication.com
URL: https://4ff8e811445a9b61eb0bed126f8b9447.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://4ff8e811445a9b61eb0bed126f8b9447.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 21 Mar 2022 14:45:53 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 37
content-type: image/gif

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 7398 0
0 83ms
83ms Fetch
text/html 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CqIVvoI84Ypm2K-OB3gOXj7mgDe6StZNcv6KFx-QFwI23ARABIABgleKQgqAHggEXY2EtcHViLTkwNTgyOTE4NTQ0NDM4ODHIAQngAgCoAwGqBNACT9D-0FRjtSIdiJ5ILO5EyLpEhJ7hnxcky9cdmg6qZLBDCHbER7CN2j5nucXmGKOeHkCKBtDS0UzAEUarL5dl1Q3LtHujJ2j10MEE--hGbz1D-NifMU3AmexM8vtiAvII1Ym9xXXspSvRyGLIyV_VQ3Il6tIuUweoh07AqKlirxXDVqL1EM2YUfLjQVcUl9FlIABNXS-tjg1EZxZFX-IJOOLO8bptQ0POVzgzw8uoYGWVC_ZqBeC38pgBixy_nzX-0fxZzLsLtLkI1R15ndHPSAjGJM7uoswiz88bHdn9nZeLBmkIghlh48pmQJ7RU_Yd8wViPTgE7i1cF3m98r3YMKKw6ytcM6Tc5_Mfcd84hb5rLziIWGPbTiDprKlexTAo5feltee6fS636LfZC8CwgPiFEUVOYLSG_4pZI2FXemSDy7GaK56lUdfxlHYrRofS4AQBgAbfyYTLuLCs_ssBoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAHyCBthZHgtc3Vic3luLTI3MTgyMTg1ODUwNzU1OTSACgP6CwIIAYAMAdAVAYAXAbIXHAoaEhRwdWItOTA1ODI5MTg1NDQ0Mzg4MRi212k&sigh=Zd5jy6gPkbQ&uach_m=[UACH]&cid=CAQSPACNIrLMUmGsaSNT3YZmLPn5Ln4QpUoy6cWMfdZ_DH5AVLK-LEcZL2UtZVLqELQzTKHEwxebFHxHG-PUVRgB
Requested by: Host: portalsemakan.com
URL: https://portalsemakan.com/permohonan-pelan-data-pelajar/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s08-in-f2.1e100.net
Software: /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://4ff8e811445a9b61eb0bed126f8b9447.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H2 200 ttj Show response
ib.3lift.com/ Frame 7398 4 KB
2 KB 8ms
8ms Script
application/javascript 18.66.112.66
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ib.3lift.com/ttj?inv_code=adasia_allpublishers_display
Requested by: Host: 4ff8e811445a9b61eb0bed126f8b9447.safeframe.googlesyndication.com
URL: https://4ff8e811445a9b61eb0bed126f8b9447.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.66 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-66.fra56.r.cloudfront.net
Software: /
Resource Hash: ccaa51271b339a3d0f1c244e679e062d2664aa1db8b42ccec98f8fcfca18d16b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://4ff8e811445a9b61eb0bed126f8b9447.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 21 Mar 2022 14:43:59 GMT
via: 1.1 fd080e20137c93d47ed43a67821248f0.cloudfront.net (CloudFront)
age: 114
etag: "94267aee749cf372b3e05b509cc83f77"
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=900
x-amz-cf-pop: FRA56-P5
content-encoding: gzip
content-length: 2011
x-amz-cf-id: 3dSj-DtgWPrM4eN9GhtIJP4Y9PWll-_noAle-7sdE-jJiI_gKH6uQA==

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220316/r20110914/client/ Frame 7398 2 KB
1 KB 42ms
41ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220316/r20110914/client/window_focus_fy2021.js

Requested by

Host: 4ff8e811445a9b61eb0bed126f8b9447.safeframe.googlesyndication.com
URL: https://4ff8e811445a9b61eb0bed126f8b9447.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

68026f99511fbc5c2275b7068b5fac19797d638977ffb9db12c5c1523614c18f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://4ff8e811445a9b61eb0bed126f8b9447.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 21 Mar 2022 13:19:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 5174
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1233
x-xss-protection: 0
server: cafe
etag: 16517525077337815633
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 04 Apr 2022 13:19:39 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 7398 117 KB
36 KB 1141ms
1140ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 4ff8e811445a9b61eb0bed126f8b9447.safeframe.googlesyndication.com
URL: https://4ff8e811445a9b61eb0bed126f8b9447.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bc68a3e6e6f0074ff46c18beea2033fc4e8c6ee513dc0617758f45e2bdd8b88a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://4ff8e811445a9b61eb0bed126f8b9447.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 21 Mar 2022 14:45:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36344
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1647431472276194"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 21 Mar 2022 14:45:54 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220316/r20110914/client/ Frame 7398 15 KB
6 KB 45ms
43ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220316/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 4ff8e811445a9b61eb0bed126f8b9447.safeframe.googlesyndication.com
URL: https://4ff8e811445a9b61eb0bed126f8b9447.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c82a58123e9f042fb6f68695578cff668b16b22915e0a8cb8acca14741df2bac

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://4ff8e811445a9b61eb0bed126f8b9447.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 21 Mar 2022 14:16:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1751
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6367
x-xss-protection: 0
server: cafe
etag: 1939740185073438140
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 04 Apr 2022 14:16:42 GMT

GET
H3 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-38/js/ Frame 7398 22 KB
7 KB 47ms
45ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-38/js/ext.js

Requested by

Host: 4ff8e811445a9b61eb0bed126f8b9447.safeframe.googlesyndication.com
URL: https://4ff8e811445a9b61eb0bed126f8b9447.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://4ff8e811445a9b61eb0bed126f8b9447.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 21 Mar 2022 11:46:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 10778
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7022
x-xss-protection: 0
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Tue, 21 Mar 2023 11:46:15 GMT

GET
H2 200 notify
tlx.3lift.com/s2s/ Frame 7398 37 B
183 B 20ms
17ms Image
image/gif 18.197.113.18
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tlx.3lift.com/s2s/notify?px=1&pr=YjiPoAAK2xkKd4DjAA5Hl-npSbJmG9vG2oI27Q&ts=1647873952&aid=16084651616535906996650&ec=2460_15241_67379644&n=GvQEaHR0cDovL2IxLWV1ZGMxLnplbWFudGEuY29tL2JpZGRlci93aW4vdHJpcGxlbGlmdF9kaXNwbGF5LzliNjdkMDE4LWE5MjUtMTFlYy04ODk5LTM5M2Y3ZWY3YmFmNi8wLjAxNC9ISE9ST0JGUkJIMlgzUUNGRk5RM1NQUU1URTI2R09LMkxZRUc2QjY2MjRPQzY3V1BSTjZEQVNOWElNNVNMUE9TWFNOSzNURkE2UElTWDREWkhCQ1RPVlQzSU1XMzVBNE1IUlBWVkZOTDNNRVhOUjVNQVNJSktGRUlCRFZJS1JVNklLTUg3U1hLTEtQUFo2NFBTQlZES0tBT0lYSUdMU0hBVkE2MlBOTUpEVDU2VUpCVk42TVpPRlUyRzVGRVlPRFA0RVZEWlNCNzQ3WUZWTkVOWUVINTdJQkJGWFFGWlJGTE0zWEVFUElWNU1QUkhDVlozWVRRR1ZJNTRUS0Y3SE9YVUE3UlFaQUpOSldRVU9RN0FFUlZXWDJKMlk0N1ROU05HUkhDSVI1TUpaVDRFSUo1UzZNSjVNVkZaV1hUSldHU1E3Q1pHV1RUTUJUMlhOUk5IQ1pXWFhRUVQ0VFdWTVBCMlQ3VVRHRlhONldMTFFMRjNOWDZaVkFDVjNSNkdMR0pDV1NVRUdSRVRYNDRSUlNKRUlLSzVYWURYS05WS0NaRkE2RjY3R0ZQWk9QWDZWQlVIM1I1MzdWRDRIM09FSEpQSkRWV1o2WFRQUjNDSE5VSFBaNjdFRFlUVTdOVTNER1pGUEdXRDJFV0pWVVNTNE0yWVdNVUFZM0FOU0tKWU9RS0hKUkNSNzNURDJMMjIvP%2FICzgEIABIXMTYwODQ2NTE2MTY1MzU5MDY5OTY2NTAYACABKJwTMIl3QAFIAFAAYApoAHCd4iKQAQCYAQCoAQCwAQ64AQnAAQzIAQ7gAQzwAQD4AQ6AAgyIAgyRAgAAAAAAAPA%2FmQIK16NwPQrHP6ECAAAAAAAA8D%2BoAgCwAgDIAgTYAgDxAmZmZmZmZuY%2F%2BAK%2FMYAD2AWIA1qQAwKYAwCgAwC4A7TkD8ADAMgDANIDCDY3Mzc5NjQ04AP%2F%2F%2F%2F%2F%2F%2F%2F%2F%2F%2F8B6QMAAAAAAAAAAPADDvgCBYgDAJIDBGRiYTiYAwA%3D
Requested by: Host: 4ff8e811445a9b61eb0bed126f8b9447.safeframe.googlesyndication.com
URL: https://4ff8e811445a9b61eb0bed126f8b9447.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.197.113.18 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-197-113-18.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://4ff8e811445a9b61eb0bed126f8b9447.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 21 Mar 2022 14:45:53 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-length: 37
expires: Thu, 15 Oct 1992 20:10:00 GMT

GET
H2 200 pe
eb2.3lift.com/ Frame 7398 37 B
139 B 19ms
17ms Image
image/gif 13.248.245.213
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/pe?fid=10&peid=0&aid=16084651616535906996650
Requested by: Host: 4ff8e811445a9b61eb0bed126f8b9447.safeframe.googlesyndication.com
URL: https://4ff8e811445a9b61eb0bed126f8b9447.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://4ff8e811445a9b61eb0bed126f8b9447.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 21 Mar 2022 14:45:53 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 37
content-type: image/gif

GET
H/1.1 200
OK writeStatistics
stas.outbrain.com/Stas/api/ Frame 0ED0 43 B
274 B 346ms
86ms Image
image/gif 70.42.32.255
INTERNAP-BLK3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://stas.outbrain.com/Stas/api/writeStatistics?p=HpaTnIT9BQ21-srn7DRuKRdh3R8DS7zRXC5Yk_YBLbJkq-4BFMTdDO3LlIN-GOzG58tXifWADAh3dHUTmoDuluaQK3c8F45-5Gs_Y_LK_tFkTVZYC9o4t9UeTSCaHANe9m1pfZVI7Tfx1vfhp6ds7_5TbaXxNlns6qaN0eb2_r_x9ovFe8MGgG52dDK6a__TqylzziBnSriXV3LevFCvSS7lkOkyJKPDpalCSSTL3ONhGVZumblh9LZXlkKbrQeXuaeHxcjWtBeJleMF1VHXZjGOtpFNpfBnebDKigpjZ7ddbaUnuwnZL9vXPm7AAXos_cp8zQZ6UitRgaDyI5zfz6JrYFskVINHGQE6DZmH7GGexGeuWVK9ZRLsomLnPZhGqSi8qgxpxn9J2zozw4qMjKWXRc3iBY0ddVx6W63M98664sC2uojIliuH-cuPPm0aoZZOaCBaiFwneaUK7Zfl-0UrRQREtzpSAecrUdh_1A8xFrpxo4IrG988O6GwSAzzdn3bJE7MFOjwV0on7rVgMD_A0l5DPAFx2KSeeLbor7ujIrPaDaXGCt5bfS-YcxchePFniswm9PDPM7ggvKcclgJpqm2QYYDb9lje9TU7QnIiOYw6dAPrOHnKEjCAMlloRO1lPCm9CUoQhRzdhFbMNVlboMYzysHkKar-BjgffBlbjIwYxclJwexapf1A6LbuVtJ5Oq4Gtj7Euess9U32ygvfKKGyk_KwUpNP8ScRnkwtTfQjCZyrRMrzeIfRlDuu&c=ef9d68ec&v=3
Requested by: Host: 4ff8e811445a9b61eb0bed126f8b9447.safeframe.googlesyndication.com
URL: https://4ff8e811445a9b61eb0bed126f8b9447.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 70.42.32.255 , United States, ASN13789 (INTERNAP-BLK3, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: 33ca751ed175a163bef530ebdcdbd0a2d15997ccbcbf8d50a6f504e8ffac5a5c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://4ff8e811445a9b61eb0bed126f8b9447.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Mon, 21 Mar 2022 14:45:53 GMT
Cache-Control: no-cache
Connection: close
X-TraceId: e8ac33cb5bdb40990cd32925a1414d3e
content-encoding: gzip
Content-Length: 60
Content-Type: image/gif

GET
H/1.1 200
OK /
b1t-eudc1.zemanta.com/t/imp/impression/FPGHAAMTLPW5GKFRWY7YFV37PWECQALMTTXIGVHUMCFQIUOQLLPHQCB74WHUA6POAFWGGKJLOQVFUBSSW7IXBNDVMJHW5WC63C576PC7VLAW7MYFWYGMXEA5SGAI7QDWCTMPQPPX5FKGJNARBAD65NEL44PRJG... Frame 0ED0 26 B
151 B 15ms
14ms Image
image/gif 213.227.153.223
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://b1t-eudc1.zemanta.com/t/imp/impression/FPGHAAMTLPW5GKFRWY7YFV37PWECQALMTTXIGVHUMCFQIUOQLLPHQCB74WHUA6POAFWGGKJLOQVFUBSSW7IXBNDVMJHW5WC63C576PC7VLAW7MYFWYGMXEA5SGAI7QDWCTMPQPPX5FKGJNARBAD65NEL44PRJGEVPBEBIZNZTEZLQMR3JTF5L6SAZHSHOQ4UMWWI7IGQO6FAKG5X7L7RAHWXLTRKAKUL3V5LILKTB24UZXQBKFWLND2BNF3E4ADYNLG7X26OIWYMZJTD6MHMC2DTTLCCZFPA4WFK5ZJ36GDUN3AAIDPKTEYJACP2MU2NCLNDK6SNC46ZFNYDAEKNNFJJTIXDNZ66Y2IWBVHFKNJTRU7Z74FXMFDYZC4IJQKKZJ34R6Q7CAPOW/?
Requested by: Host: 4ff8e811445a9b61eb0bed126f8b9447.safeframe.googlesyndication.com
URL: https://4ff8e811445a9b61eb0bed126f8b9447.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 213.227.153.223 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software: /
Resource Hash: 3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://4ff8e811445a9b61eb0bed126f8b9447.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Mon, 21 Mar 2022 14:45:53 GMT
Connection: keep-alive
Content-Length: 26
Content-Type: image/gif

GET
H2 200 925708f40833ce56df2b64b5f42b2fae72.jpg
zem.outbrainimg.com/p/srv/sha/2d/0a/7b/ Frame 0ED0 17 KB
17 KB 9ms
7ms Image
image/jpeg 151.101.114.132
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://zem.outbrainimg.com/p/srv/sha/2d/0a/7b/925708f40833ce56df2b64b5f42b2fae72.jpg?w=334&h=160&fit=crop&crop=center&fm=jpg

Requested by

Host: 4ff8e811445a9b61eb0bed126f8b9447.safeframe.googlesyndication.com
URL: https://4ff8e811445a9b61eb0bed126f8b9447.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.114.132 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

imgix /

Resource Hash

6e090d4a97f92f7c44e951a486d5b17f3577c6b3d630f0c33010c45d8f1a0eaa

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://4ff8e811445a9b61eb0bed126f8b9447.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 21 Mar 2022 14:45:53 GMT
via: 1.1 varnish
x-content-type-options: nosniff
age: 329519
x-cache: HIT, MISS, HIT
x-imgix-id: e370cc0a661c2420f3e1a93fba4c75e6355486e1
content-length: 17231
x-served-by: cache-sjc10061-SJC, cache-hhn4028-HHN, cache-hhn4025-HHN
last-modified: Thu, 17 Mar 2022 19:13:54 GMT
server: imgix
x-timer: S1647873953.276122,VS0,VE1
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
cross-origin-resource-policy: cross-origin
x-cache-hits: 1

GET
H3 200 container.html Show response
4ff8e811445a9b61eb0bed126f8b9447.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 116C 6 KB
3 KB 39ms
39ms Document
text/html 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://4ff8e811445a9b61eb0bed126f8b9447.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031501.js?cb=31065673

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://portalsemakan.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 21 Mar 2022 14:45:52 GMT
expires: Tue, 21 Mar 2023 14:45:52 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
content-type: text/html
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 sync Show response
eb2.3lift.com/ Frame 83A5 1 KB
1 KB 9ms
8ms Document
text/html 13.248.245.213
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://eb2.3lift.com/sync?max=10&cb=92100
Requested by: Host: ib.3lift.com
URL: https://ib.3lift.com/rev/b5dbcaaad667d54756cc1e78e73a1e2616cc2b6d/dist/bundle.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: b702fb198f80286e149ccb83514c696eb89c6c5ca35a7f58257bc3a45d555afd

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://4ff8e811445a9b61eb0bed126f8b9447.safeframe.googlesyndication.com/

Response headers

date: Mon, 21 Mar 2022 14:45:53 GMT
content-type: text/html; charset=utf-8
content-length: 458
content-encoding: gzip
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
cache-control: no-cache, no-store, must-revalidate

GET
H2 200 bundle.js Show response
ib.3lift.com/rev/b5dbcaaad667d54756cc1e78e73a1e2616cc2b6d/dist/ Frame 7398 254 KB
81 KB 8ms
8ms Script
application/javascript 18.66.112.66
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ib.3lift.com/rev/b5dbcaaad667d54756cc1e78e73a1e2616cc2b6d/dist/bundle.js
Requested by: Host: ib.3lift.com
URL: https://ib.3lift.com/ttj?inv_code=adasia_allpublishers_display
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.66 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-66.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 325e6a7b68748a169ffb84eef16a6aa2042e2fd8ee1819a61c7a5fb399ba5e54

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://4ff8e811445a9b61eb0bed126f8b9447.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 10 Mar 2022 15:56:45 GMT
content-encoding: gzip
last-modified: Thu, 10 Mar 2022 15:56:23 GMT
server: AmazonS3
age: 946149
etag: "72ce81d7d81987b2256ad6fa329008bc"
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 fd080e20137c93d47ed43a67821248f0.cloudfront.net (CloudFront)
cache-control: max-age=31536000, immutable
x-amz-cf-pop: FRA56-P5
accept-ranges: bytes
content-length: 82367
x-amz-cf-id: lNfrYH9c9plG4cLd3q4ek0ZYHnqbOiD5N0hiIiRNal0aWrUExeuk9w==

GET
H2 204 pixelSync
pixel-sync.sitescout.com/dmp/ Frame 8980 0
191 B 74ms
19ms Image
text/plain 66.155.71.150
COGECO-PEER1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel-sync.sitescout.com/dmp/pixelSync?nid=8&google_gid=CAESEEnBBB0CPk5ohGU9tp9nxek&google_cver=1&google_push=AYg5qPJQstVSgWcdV6WGj1u8F_vF80phFA9PfdI-uh8DXfp76GvquxEmI-yY6K75XEhFieUVhSFEO5ItZnGOhpWIBY432SgPyjU
Requested by: Host: 4ff8e811445a9b61eb0bed126f8b9447.safeframe.googlesyndication.com
URL: https://4ff8e811445a9b61eb0bed126f8b9447.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 66.155.71.150 Portsmouth, United Kingdom, ASN13768 (COGECO-PEER1, CA),
Reverse DNS
Software: AC1.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 21 Mar 2022 14:45:53 GMT
cache-control: max-age=0,no-cache,no-store
server: AC1.1
p3p: CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
expires: Tue, 11 Oct 1977 12:34:56 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 8980
Redirect Chain

https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEAyP_1LVBhS4U7cGoYlbfGg&google_cver=1&google_push=AYg5qPJbYTMku55O3HgKjmuxYg0AERv1XvGomeg7h7FfFXbKGnU2hlyQJ8Wq37RJ5oR-OsSYHPdQB7ioPtRFXy...
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzA3NzU2NDczNjA3NzY5MTAyMg%3D%3D&google_push=AYg5qPJbYTMku55O3HgKjmuxYg0AERv1XvGomeg7h7FfFXbKGnU2hlyQJ8Wq37RJ5oR-OsSYHPdQB7ioPtRFXytDUy...

170 B
188 B

53ms
52ms

Image
image/png

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzA3NzU2NDczNjA3NzY5MTAyMg%3D%3D&google_push=AYg5qPJbYTMku55O3HgKjmuxYg0AERv1XvGomeg7h7FfFXbKGnU2hlyQJ8Wq37RJ5oR-OsSYHPdQB7ioPtRFXytDUy2_QemZvZ8

Requested by

Host: 4ff8e811445a9b61eb0bed126f8b9447.safeframe.googlesyndication.com
URL: https://4ff8e811445a9b61eb0bed126f8b9447.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 21 Mar 2022 14:45:53 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzA3NzU2NDczNjA3NzY5MTAyMg%3D%3D&google_push=AYg5qPJbYTMku55O3HgKjmuxYg0AERv1XvGomeg7h7FfFXbKGnU2hlyQJ8Wq37RJ5oR-OsSYHPdQB7ioPtRFXytDUy2_QemZvZ8
Date: Mon, 21 Mar 2022 14:45:53 GMT
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
p3p: policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 8980
Redirect Chain

https://d5p.de17a.com/cookies/google?google_gid=CAESEHevAlT4IwM0rSKFPIQROFo&google_cver=1&google_push=AYg5qPL9RXOCTPTWBpzK32Gk5jbzcrzXEmqpWGQWYQeYw-Ha6l47_dJQj3zcH-BH3SUU9Ky8ZzERkkUKaSID-_8eCtf4ehUFTw
https://d5p.de17a.com/cookies/google;c?google_gid=CAESEHevAlT4IwM0rSKFPIQROFo&google_cver=1&google_push=AYg5qPL9RXOCTPTWBpzK32Gk5jbzcrzXEmqpWGQWYQeYw-Ha6l47_dJQj3zcH-BH3SUU9Ky8ZzERkkUKaSID-_8eCtf4e...
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AYg5qPL9RXOCTPTWBpzK32Gk5jbzcrzXEmqpWGQWYQeYw-Ha6l47_dJQj3zcH-BH3SUU9Ky8ZzERkkUKaSID-_8eCtf4ehUFTw

170 B
188 B

59ms
59ms

Image
image/png

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AYg5qPL9RXOCTPTWBpzK32Gk5jbzcrzXEmqpWGQWYQeYw-Ha6l47_dJQj3zcH-BH3SUU9Ky8ZzERkkUKaSID-_8eCtf4ehUFTw

Requested by

Host: 4ff8e811445a9b61eb0bed126f8b9447.safeframe.googlesyndication.com
URL: https://4ff8e811445a9b61eb0bed126f8b9447.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 21 Mar 2022 14:45:53 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AYg5qPL9RXOCTPTWBpzK32Gk5jbzcrzXEmqpWGQWYQeYw-Ha6l47_dJQj3zcH-BH3SUU9Ky8ZzERkkUKaSID-_8eCtf4ehUFTw
content-length: 0
p3p: CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 8980
Redirect Chain

https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESEHenhQVnOE3CynWcrV5IlCk&google_cver=1&google_push=AYg5qPK6GKh0UCQRJfbGqXpUdp3xI2MOx6so-E0HgCpZuPz5RS9A4gVv_a3yUXK-nf4kdKbmfrunYxPSty0vym76...
https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AYg5qPK6GKh0UCQRJfbGqXpUdp3xI2MOx6so-E0HgCpZuPz5RS9A4gVv_a3yUXK-nf4kdKbmfrunYxPSty0vym76gtXJAxyjzLg

170 B
188 B

53ms
52ms

Image
image/png

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AYg5qPK6GKh0UCQRJfbGqXpUdp3xI2MOx6so-E0HgCpZuPz5RS9A4gVv_a3yUXK-nf4kdKbmfrunYxPSty0vym76gtXJAxyjzLg

Requested by

Host: 4ff8e811445a9b61eb0bed126f8b9447.safeframe.googlesyndication.com
URL: https://4ff8e811445a9b61eb0bed126f8b9447.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 21 Mar 2022 14:45:53 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Mon, 21 Mar 2022 14:45:53 GMT
via: 1.1 e65c822edea04e16936bdb4537763dd4.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: FRA60-P4
x-cache: FunctionGeneratedResponse from cloudfront
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AYg5qPK6GKh0UCQRJfbGqXpUdp3xI2MOx6so-E0HgCpZuPz5RS9A4gVv_a3yUXK-nf4kdKbmfrunYxPSty0vym76gtXJAxyjzLg
cache-control: no-cache, must-revalidate
content-length: 0
x-amz-cf-id: 7Uqxk8tQOIZnqSSngxWm2qlv6OOAToUE7R3SLX5oY7y0unXJflNUEA==

GET

pixel
cm.g.doubleclick.net/ Frame 8980
Redirect Chain

https://match.360yield.com/match/ebda?google_gid=CAESECQbbiCX9EuXCWz0lnnLTGs&google_cver=1&google_push=AYg5qPIL1RzQcjmsb-NXFWhV7CCxQVBNzDEgpEeraRld3wEV5gDFkPkRoGjI_IMW1jXLhBnJ7TuzVIlZDFAZM-XuGYSsAP...
https://match.360yield.com/ul_cb/match/ebda?google_gid=CAESECQbbiCX9EuXCWz0lnnLTGs&google_cver=1&google_push=AYg5qPIL1RzQcjmsb-NXFWhV7CCxQVBNzDEgpEeraRld3wEV5gDFkPkRoGjI_IMW1jXLhBnJ7TuzVIlZDFAZM-Xu...
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=mdd2sQhGS6yxiv-ZHlUtGQ&google_push=AYg5qPIL1RzQcjmsb-NXFWhV7CCxQVBNzDEgpEeraRld3wEV5gDFkPkRoGjI_IMW1jXLhBnJ7TuzVIlZDFAZM-X...
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=mdd2sQhGS6yxiv-ZHlUtGQ&google_push=AYg5qPIL1RzQcjmsb-NXFWhV7CCxQVBNzDEgpEeraRld3wEV5gDFkPkRoGjI_IMW1jXLhBnJ7TuzVIlZDFAZM-X...
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=mdd2sQhGS6yxiv-ZHlUtGQ&google_push=AYg5qPIL1RzQcjmsb-NXFWhV7CCxQVBNzDEgpEeraRld3wEV5gDFkPkRoGjI_IMW1jXLhBnJ7TuzVIlZDFAZM-X...
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=mdd2sQhGS6yxiv-ZHlUtGQ&google_push=AYg5qPIL1RzQcjmsb-NXFWhV7CCxQVBNzDEgpEeraRld3wEV5gDFkPkRoGjI_IMW1jXLhBnJ7TuzVIlZDFAZM-X...
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=mdd2sQhGS6yxiv-ZHlUtGQ&google_push=AYg5qPIL1RzQcjmsb-NXFWhV7CCxQVBNzDEgpEeraRld3wEV5gDFkPkRoGjI_IMW1jXLhBnJ7TuzVIlZDFAZM-X...
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=mdd2sQhGS6yxiv-ZHlUtGQ&google_push=AYg5qPIL1RzQcjmsb-NXFWhV7CCxQVBNzDEgpEeraRld3wEV5gDFkPkRoGjI_IMW1jXLhBnJ7TuzVIlZDFAZM-X...
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=mdd2sQhGS6yxiv-ZHlUtGQ&google_push=AYg5qPIL1RzQcjmsb-NXFWhV7CCxQVBNzDEgpEeraRld3wEV5gDFkPkRoGjI_IMW1jXLhBnJ7TuzVIlZDFAZM-X...
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=mdd2sQhGS6yxiv-ZHlUtGQ&google_push=AYg5qPIL1RzQcjmsb-NXFWhV7CCxQVBNzDEgpEeraRld3wEV5gDFkPkRoGjI_IMW1jXLhBnJ7TuzVIlZDFAZM-X...
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=mdd2sQhGS6yxiv-ZHlUtGQ&google_push=AYg5qPIL1RzQcjmsb-NXFWhV7CCxQVBNzDEgpEeraRld3wEV5gDFkPkRoGjI_IMW1jXLhBnJ7TuzVIlZDFAZM-X...
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=mdd2sQhGS6yxiv-ZHlUtGQ&google_push=AYg5qPIL1RzQcjmsb-NXFWhV7CCxQVBNzDEgpEeraRld3wEV5gDFkPkRoGjI_IMW1jXLhBnJ7TuzVIlZDFAZM-X...
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=mdd2sQhGS6yxiv-ZHlUtGQ&google_push=AYg5qPIL1RzQcjmsb-NXFWhV7CCxQVBNzDEgpEeraRld3wEV5gDFkPkRoGjI_IMW1jXLhBnJ7TuzVIlZDFAZM-X...
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=mdd2sQhGS6yxiv-ZHlUtGQ&google_push=AYg5qPIL1RzQcjmsb-NXFWhV7CCxQVBNzDEgpEeraRld3wEV5gDFkPkRoGjI_IMW1jXLhBnJ7TuzVIlZDFAZM-X...
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=mdd2sQhGS6yxiv-ZHlUtGQ&google_push=AYg5qPIL1RzQcjmsb-NXFWhV7CCxQVBNzDEgpEeraRld3wEV5gDFkPkRoGjI_IMW1jXLhBnJ7TuzVIlZDFAZM-X...
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=mdd2sQhGS6yxiv-ZHlUtGQ&google_push=AYg5qPIL1RzQcjmsb-NXFWhV7CCxQVBNzDEgpEeraRld3wEV5gDFkPkRoGjI_IMW1jXLhBnJ7TuzVIlZDFAZM-X...
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=mdd2sQhGS6yxiv-ZHlUtGQ&google_push=AYg5qPIL1RzQcjmsb-NXFWhV7CCxQVBNzDEgpEeraRld3wEV5gDFkPkRoGjI_IMW1jXLhBnJ7TuzVIlZDFAZM-X...
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=mdd2sQhGS6yxiv-ZHlUtGQ&google_push=AYg5qPIL1RzQcjmsb-NXFWhV7CCxQVBNzDEgpEeraRld3wEV5gDFkPkRoGjI_IMW1jXLhBnJ7TuzVIlZDFAZM-X...
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=mdd2sQhGS6yxiv-ZHlUtGQ&google_push=AYg5qPIL1RzQcjmsb-NXFWhV7CCxQVBNzDEgpEeraRld3wEV5gDFkPkRoGjI_IMW1jXLhBnJ7TuzVIlZDFAZM-X...
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=mdd2sQhGS6yxiv-ZHlUtGQ&google_push=AYg5qPIL1RzQcjmsb-NXFWhV7CCxQVBNzDEgpEeraRld3wEV5gDFkPkRoGjI_IMW1jXLhBnJ7TuzVIlZDFAZM-X...
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=mdd2sQhGS6yxiv-ZHlUtGQ&google_push=AYg5qPIL1RzQcjmsb-NXFWhV7CCxQVBNzDEgpEeraRld3wEV5gDFkPkRoGjI_IMW1jXLhBnJ7TuzVIlZDFAZM-X...

0
0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 8980
Redirect Chain

https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESEI...
https://sync.targeting.unrulymedia.com/csync/RX-0844808e-b714-4afc-86dd-865b883f2efc-003?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DAYg5qPKFuaJgTjz2bebuijM-C...
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AYg5qPKFuaJgTjz2bebuijM-C6AH4GAaFq3xKCp7iSsrWdDQVvvzJtW3LmZ5LBYytpYzkCoSwTvAQLyxkxPdI6b9YAkmpsCzA8I&google_hm=AwhEgI63FEr8ht2GW4g_Lvw

170 B
188 B

51ms
50ms

Image
image/png

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AYg5qPKFuaJgTjz2bebuijM-C6AH4GAaFq3xKCp7iSsrWdDQVvvzJtW3LmZ5LBYytpYzkCoSwTvAQLyxkxPdI6b9YAkmpsCzA8I&google_hm=AwhEgI63FEr8ht2GW4g_Lvw

Protocol

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 21 Mar 2022 14:45:56 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AYg5qPKFuaJgTjz2bebuijM-C6AH4GAaFq3xKCp7iSsrWdDQVvvzJtW3LmZ5LBYytpYzkCoSwTvAQLyxkxPdI6b9YAkmpsCzA8I&google_hm=AwhEgI63FEr8ht2GW4g_Lvw
date: Mon, 21 Mar 2022 14:45:56 GMT
server: Tengine
p3p: CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag: RX0844808eb7144afc86dd865b883f2efc003
content-type: text/html

GET
H/1.1 200
OK sync
ssbsync.smartadserver.com/api/ Frame 8980 0
75 B 114ms
17ms Image
text/plain 185.86.139.104
SMARTADSERVER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssbsync.smartadserver.com/api/sync?callerId=3&google_gid=CAESEFy1VoQJgOTJKueWUSz0bRk&google_cver=1&google_push=AYg5qPIcG7GaKoCppFh6VMocE2qppRbDfDGay8i1W5oXuMs056dLk4jTOsYglPypwkQRmyrq0ThcaZL2LkwWzPgRam3VBucmtw
Requested by: Host: 4ff8e811445a9b61eb0bed126f8b9447.safeframe.googlesyndication.com
URL: https://4ff8e811445a9b61eb0bed126f8b9447.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.139.104 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 21 Mar 2022 14:45:52 GMT
content-length: 0

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 8980 0
12 B 49ms
47ms Image
text/html 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13ITqLuZxYvBJ5IhcNgWW-dyBJ8FOUirSaejamFodtKPHjn70C3Q69lmgnh4SGFIO70nC4ed

Requested by

Host: 4ff8e811445a9b61eb0bed126f8b9447.safeframe.googlesyndication.com
URL: https://4ff8e811445a9b61eb0bed126f8b9447.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 21 Mar 2022 14:45:53 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2 200 rid Show response
match.adsrvr.org/track/ 109 B
544 B 107ms
41ms XHR
application/json 35.71.131.137
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://match.adsrvr.org/track/rid?ttd_pid=pubmatic&fmt=json
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/158497/6011/pwt.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: 398bff6f830c0175f8229d2eebea531a6ea9df1fcc674fbe08b2e54b8861d6bd

Request headers

Referer: https://portalsemakan.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 21 Mar 2022 14:45:53 GMT
x-aspnet-version: 4.0.30319
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://portalsemakan.com
cache-control: private
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length: 109
expires: Wed, 20 Apr 2022 14:45:53 GMT

GET
H3 204 1233564 Show response
servicer.mgid.com/vpaid/ 0
453 B 35ms
34ms XHR
text/html 104.19.135.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://servicer.mgid.com/vpaid/1233564
Requested by: Host: cdn.mgid.com
URL: https://cdn.mgid.com/js/wglibs/mgWidget_1.11.86.es6.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.19.135.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://portalsemakan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 21 Mar 2022 14:45:53 GMT
x-mg-204-reason: no bids
cf-cache-status: DYNAMIC
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: https://portalsemakan.com
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cf-ray: 6ef779509b849158-FRA
content-type: text/html

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 41F8 1 KB
749 B 36ms
36ms Document
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: 4ff8e811445a9b61eb0bed126f8b9447.safeframe.googlesyndication.com
URL: https://4ff8e811445a9b61eb0bed126f8b9447.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://4ff8e811445a9b61eb0bed126f8b9447.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 724
x-xss-protection: 0
date: Mon, 21 Mar 2022 13:26:12 GMT
expires: Tue, 22 Mar 2022 13:26:12 GMT
cache-control: public, max-age=86400
age: 4781
etag: 48472445140208031
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 1925 0
0 78ms
77ms Fetch
image/gif 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsv4uM3QLxkn1haatMXOayyT2TXUbMHXevzGrKSwfp5sqWQJrRCZZfcKehHSvWkwUpVEUcO-_FdiglKf4orkgKCL6uFz61vbaWcmlPCi8levClAJFeC8P9UYF1tMKyd_-GYLilH6HZr_W0FFVYvSdvg3Np09vdf8kWeGbIHs7gUYFjQjv_GvofJ4c1R66mjzBBtvDZAx8aoohI7suLQIGBFhNLlIMlyeB1o06lL7LYOcIE2Xdqbf2i5yaZ_sy3BShc0DQFqS3g6LLMITu4CSXZNUljhhRiyEhD_fLJWQUwUrszyILHIAylKt-WOY4qJ0gEXvYISj6GUdqD37NY8rnXLHgaTmfyqRw4o&sig=Cg0ArKJSzEmm2wtnpJa5EAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: portalsemakan.com
URL: https://portalsemakan.com/permohonan-pelan-data-pelajar/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://portalsemakan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 21 Mar 2022 14:45:53 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H2 200 5998.js Show response
cnt.trvdp.com/js/1273/ Frame 1925 3 KB
2 KB 47ms
8ms Script
application/javascript 2600:9000:223e:2e00:1e:6a6f:9700:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cnt.trvdp.com/js/1273/5998.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031501.js?cb=31065673
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223e:2e00:1e:6a6f:9700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f60d7bcc95b56519372589201bc6dbea3b108c1f20b474b8bcbc2a4fda5a7f1c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://portalsemakan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 14 Mar 2022 09:16:38 GMT
content-encoding: br
last-modified: Mon, 14 Mar 2022 08:31:25 GMT
server: AmazonS3
age: 624556
etag: W/"374d69336b678831057727e86193b2bc"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 a2cac9c5f0e90f8b7fede4ac9aca75ca.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P4
x-amz-cf-id: 7Pu5fZRm6iUEUP3TtEWQiugUQl2i2J3Eh-5fYqnARDuWJDGlY1AO1Q==

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 1925 117 KB
36 KB 960ms
960ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031501.js?cb=31065673

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bc68a3e6e6f0074ff46c18beea2033fc4e8c6ee513dc0617758f45e2bdd8b88a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://portalsemakan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 21 Mar 2022 14:45:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36344
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1647431472276194"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 21 Mar 2022 14:45:54 GMT

GET
H2 200 generic
match.adsrvr.org/track/cmf/ Frame 83A5 70 B
265 B 51ms
32ms Image
image/gif 35.71.131.137
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=svx9t50&ttd_tpi=1&gdpr=1&gdpr_consent=
Requested by: Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?max=10&cb=92100
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 21 Mar 2022 14:45:53 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 83A5
Redirect Chain

https://eb2.3lift.com/ebda?sync=1
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MjQ1NjQ4MTY2MzczMjI0MDI1MzY5Nw%3D%3D

170 B
188 B

76ms
75ms

Image
image/png

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MjQ1NjQ4MTY2MzczMjI0MDI1MzY5Nw%3D%3D

Requested by

Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?max=10&cb=92100

Protocol

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 21 Mar 2022 14:45:53 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MjQ1NjQ4MTY2MzczMjI0MDI1MzY5Nw%3D%3D
date: Mon, 21 Mar 2022 14:45:53 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H3 200 pixel
cm.g.doubleclick.net/ Frame 83A5 170 B
188 B 50ms
49ms Image
image/png 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=triplelift&google_cm&google_sc&gdpr=1&gdpr_consent=

Requested by

Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?max=10&cb=92100

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 21 Mar 2022 14:45:53 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 83A5
Redirect Chain

https://eb2.3lift.com/sync/google/demand?sync=1&gdpr=1&gdpr_consent=
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MjQ1NjQ4MTY2MzczMjI0MDI1MzY5Nw%3D%3D

170 B
188 B

70ms
70ms

Image
image/png

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MjQ1NjQ4MTY2MzczMjI0MDI1MzY5Nw%3D%3D

Requested by

Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?max=10&cb=92100

Protocol

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 21 Mar 2022 14:45:53 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MjQ1NjQ4MTY2MzczMjI0MDI1MzY5Nw%3D%3D
date: Mon, 21 Mar 2022 14:45:53 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H2 200 setuid
px.ads.linkedin.com/ Frame 83A5 0
706 B 206ms
184ms Image
text/plain 2620:1ec:21::14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.ads.linkedin.com/setuid?partner=tripleliftdbredirect&tlUid=2456481663732240253697&dbredirect=true&gdpr=1&consent=
Requested by: Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?max=10&cb=92100
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 21 Mar 2022 14:45:52 GMT
x-li-pop: afd-prod-lor1-x
x-msedge-ref: Ref A: 6F2BE5EA04364782AE2917E59FA2372D Ref B: FRAEDGE1317 Ref C: 2022-03-21T14:45:53Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-lor1
x-li-proto: http/2
content-length: 0
x-li-uuid: AAXau42ikob9eXnTCaBSlg==

GET
H2

200

xuid
eb2.3lift.com/ Frame 83A5
Redirect Chain

https://pr-bh.ybp.yahoo.com/sync/triplelift/2456481663732240253697?gdpr=1&gdpr_consent=
https://eb2.3lift.com/xuid?mid=2662&xuid=y-u02p8M1E2oRsIiRQve5Eg0rUpC8IJByGmT97hMW3Tg--~A&dongle=0883

37 B
355 B

9ms
9ms

Image
image/gif

13.248.245.213
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?mid=2662&xuid=y-u02p8M1E2oRsIiRQve5Eg0rUpC8IJByGmT97hMW3Tg--~A&dongle=0883
Requested by: Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?max=10&cb=92100
Protocol: H2
Server: 13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 21 Mar 2022 14:45:53 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-length: 37
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

date: Mon, 21 Mar 2022 14:45:53 GMT
referrer-policy: strict-origin-when-cross-origin
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=31536000
location: https://eb2.3lift.com/xuid?mid=2662&xuid=y-u02p8M1E2oRsIiRQve5Eg0rUpC8IJByGmT97hMW3Tg--~A&dongle=0883
x-xss-protection: 1; mode=block
content-length: 0
x-content-type-options: nosniff

GET
H/1.1 200
OK sync
x.bidswitch.net/ Frame 83A5 43 B
220 B 10ms
8ms Image
image/gif 3.122.58.109
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/sync?ssp=triplelift&user_id=2456481663732240253697&gdpr=1&gdpr_consent=
Requested by: Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?max=10&cb=92100
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.122.58.109 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-122-58-109.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Mon, 21 Mar 2022 14:45:53 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

GET
H2 200 c.gif
c.bing.com/ Frame 83A5 42 B
594 B 163ms
112ms Image
image/gif 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.bing.com/c.gif?xid=2456481663732240253697&Red3=TLMS_pd
Requested by: Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?max=10&cb=92100
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: / ASP.NET
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 21 Mar 2022 14:45:52 GMT
etag: "8120eaf0ff3ad81:0"
last-modified: Fri, 18 Mar 2022 19:39:54 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 86C4ED9797AE460D860CE66EAD1CA07A Ref B: FRAEDGE1311 Ref C: 2022-03-21T14:45:53Z
x-powered-by: ASP.NET
x-cache: CONFIG_NOCACHE
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: private, no-cache, proxy-revalidate, no-store
accept-ranges: bytes
content-type: image/gif
content-length: 42

GET
H/1.1

200
OK

iu3
s.amazon-adsystem.com/ Frame 83A5
Redirect Chain

https://s.amazon-adsystem.com/x/757c0557066e95cfd4c7?gdpr=1&gdpr_consent=&uid=2456481663732240253697
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=1&gdpr_consent=&uid=2456481663732240253697&dcc=t

0
0

106ms
106ms

Image
text/html

209.54.177.54
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=1&gdpr_consent=&uid=2456481663732240253697&dcc=t
Requested by: Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?max=10&cb=92100
Protocol: HTTP/1.1
Server: 209.54.177.54 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Redirect headers

Pragma: no-cache
Date: Mon, 21 Mar 2022 14:45:53 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: 6SJDG559TQZ85H1FJQ3M
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location: https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=1&gdpr_consent=&uid=2456481663732240253697&dcc=t
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2

200

xuid
eb2.3lift.com/ Frame 83A5
Redirect Chain

https://b1sync.zemanta.com/usersync/triplelift?gdpr=1&gdpr_consent=
https://eb2.3lift.com/xuid?mid=2460&dongle=dba8&xuid=&gdpr=1

37 B
139 B

8ms
7ms

Image
image/gif

13.248.245.213
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?mid=2460&dongle=dba8&xuid=&gdpr=1
Requested by: Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?max=10&cb=92100
Protocol: H2
Server: 13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 21 Mar 2022 14:45:53 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 37
content-type: image/gif

Redirect headers

Location: https://eb2.3lift.com/xuid?mid=2460&dongle=dba8&xuid=&gdpr=1
Pragma: no-cache
Date: Mon, 21 Mar 2022 14:45:53 GMT
Cache-Control: no-cache, no-store, must-revalidate
Expires: Thu, 01 Dec 1994 16:00:00 GMT
Content-Length: 95
Content-Type: text/html; charset=utf-8

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 116C 0
0 82ms
81ms Fetch
text/html 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CoLIroI84YvHCPJiT3gPqjqrwDu6StZNcv6KFx-QFwI23ARABIABgleKQgqAHggEXY2EtcHViLTkwNTgyOTE4NTQ0NDM4ODHIAQngAgCoAwGqBMkCT9B_W3oM8Sq6FzXX_8flGZxGQcLHIPWDQOLKEDA-npS_WQiUgtGRP7y7QrK3bTeSRsSjnO2DniONBmJrq7I04ld5VFeq5uenObggy39lTQvU8KpXPpn9L1dhtUc9fTgtr-Bc8xYXfkQK49U6ztTV3LB2Xr4wQsMLLyj1NeC__XV-0BgcXtt8L3az7b5JBj_mqYFUvZoI8c3G63e4kuMp2qsk71HoPaBOp4ouzHYo-ucBPB5PlAjyxL5mJGcovDLkUEdW3ENT-atZ4WZzz3k1HeyEwBw1l_AC54-qZkm5mpidZTJlwod0VOj89ZLNyDbtt2QOZr7CNVOixU69fNAVqHFtB8MqS7J8DA5q92p9YN5xzs39p3bsGSC-gAz2FYTqb-_1k9ExiK3v8gkXh67dxMnP50N7gZJDwm1x9y-iJ5HGS7MsCdUrPM7gBAGABt_JhMu4sKz-ywGgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfIIG2FkeC1zdWJzeW4tMjcxODIxODU4NTA3NTU5NIAKA_oLAggBgAwB0BUBgBcBshccChoSFHB1Yi05MDU4MjkxODU0NDQzODgxGLbXaQ&sigh=wwjwCnQXonI&uach_m=[UACH]&cid=CAQSPACNIrLMV9eu09NnDwKLZL7m83U1W8GF541rfiQx25aB5nFQ0BUb8dZjWWPJKifQkawmnn2UfAnFe9sprhgB
Requested by: Host: portalsemakan.com
URL: https://portalsemakan.com/permohonan-pelan-data-pelajar/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s08-in-f2.1e100.net
Software: /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://4ff8e811445a9b61eb0bed126f8b9447.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H2 200 ttj Show response
ib.3lift.com/ Frame 116C 4 KB
2 KB 7ms
7ms Script
application/javascript 18.66.112.66
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ib.3lift.com/ttj?inv_code=adasia_allpublishers_display
Requested by: Host: 4ff8e811445a9b61eb0bed126f8b9447.safeframe.googlesyndication.com
URL: https://4ff8e811445a9b61eb0bed126f8b9447.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.66 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-66.fra56.r.cloudfront.net
Software: /
Resource Hash: ccaa51271b339a3d0f1c244e679e062d2664aa1db8b42ccec98f8fcfca18d16b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://4ff8e811445a9b61eb0bed126f8b9447.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 21 Mar 2022 14:43:59 GMT
via: 1.1 fd080e20137c93d47ed43a67821248f0.cloudfront.net (CloudFront)
age: 114
etag: "94267aee749cf372b3e05b509cc83f77"
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=900
x-amz-cf-pop: FRA56-P5
content-encoding: gzip
content-length: 2011
x-amz-cf-id: 3aQHeyHFBa2MyG3mywcszrLAamYbbp0dmMO_857uzjcA_hXSbENT6Q==

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220316/r20110914/client/ Frame 116C 2 KB
1 KB 39ms
38ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220316/r20110914/client/window_focus_fy2021.js

Requested by

Host: 4ff8e811445a9b61eb0bed126f8b9447.safeframe.googlesyndication.com
URL: https://4ff8e811445a9b61eb0bed126f8b9447.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

68026f99511fbc5c2275b7068b5fac19797d638977ffb9db12c5c1523614c18f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://4ff8e811445a9b61eb0bed126f8b9447.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 21 Mar 2022 13:19:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 5174
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1233
x-xss-protection: 0
server: cafe
etag: 16517525077337815633
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 04 Apr 2022 13:19:39 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 116C 117 KB
36 KB 939ms
938ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 4ff8e811445a9b61eb0bed126f8b9447.safeframe.googlesyndication.com
URL: https://4ff8e811445a9b61eb0bed126f8b9447.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bc68a3e6e6f0074ff46c18beea2033fc4e8c6ee513dc0617758f45e2bdd8b88a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://4ff8e811445a9b61eb0bed126f8b9447.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 21 Mar 2022 14:45:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36344
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1647431472276194"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 21 Mar 2022 14:45:54 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220316/r20110914/client/ Frame 116C 15 KB
6 KB 39ms
38ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220316/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 4ff8e811445a9b61eb0bed126f8b9447.safeframe.googlesyndication.com
URL: https://4ff8e811445a9b61eb0bed126f8b9447.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c82a58123e9f042fb6f68695578cff668b16b22915e0a8cb8acca14741df2bac

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://4ff8e811445a9b61eb0bed126f8b9447.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 21 Mar 2022 14:16:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1751
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6367
x-xss-protection: 0
server: cafe
etag: 1939740185073438140
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 04 Apr 2022 14:16:42 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 116C 0
0 48ms
47ms Image
text/html 2a00:1450:4001:801::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSEcAgm3uhhR915OSjGdO3kVrFtCdnlktLhuqDSxV5hvD38x3W_gRIBa2x8SILZOpCeQCe1B2XCR-l7wz4UjbtJ_2P9pw
Requested by: Host: 4ff8e811445a9b61eb0bed126f8b9447.safeframe.googlesyndication.com
URL: https://4ff8e811445a9b61eb0bed126f8b9447.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:801::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://4ff8e811445a9b61eb0bed126f8b9447.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H3 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-38/js/ Frame 116C 22 KB
7 KB 40ms
39ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-38/js/ext.js

Requested by

Host: 4ff8e811445a9b61eb0bed126f8b9447.safeframe.googlesyndication.com
URL: https://4ff8e811445a9b61eb0bed126f8b9447.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://4ff8e811445a9b61eb0bed126f8b9447.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 21 Mar 2022 11:46:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 10778
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7022
x-xss-protection: 0
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Tue, 21 Mar 2023 11:46:15 GMT

GET
H2 200 notify
tlx.3lift.com/s2s/ Frame 116C 37 B
183 B 13ms
11ms Image
image/gif 18.197.113.18
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tlx.3lift.com/s2s/notify?px=1&pr=YjiPoAAPIXEKd4mYAAqHaoUT4Bqf-x6El4UOCg&ts=1647873953&aid=32529271507391734961120&ec=2460_15241_67379644&n=GvQEaHR0cDovL2IxLWV1ZGMxLnplbWFudGEuY29tL2JpZGRlci93aW4vdHJpcGxlbGlmdF9kaXNwbGF5LzliOTM1YTE0LWE5MjUtMTFlYy1hNWNmLTBkYjBiZWU1NTY4ZC8wLjAxNC9ISE9ST0JGUkJIMlgyNzVDTVlYVzVJRVpTSTI2R09LMkxZRUc2QjY1Q0JUUUc2QkNCRlpTWEtOU0NVV0lYUEpYWkVMVk1LNkZTVzNRRVNURTRPQk1aRU5YU0RFU0NEWUdBQ1g1VjdNUkhWQ01HWklCMlZJSU5WTFZJR0UzTEpRU05KVEkyQjJMWkNOQ0Q2NFBTQlZES0tBT0lYSUdMU0hBVkE2MlBOTUpEVDU2VUpCVk42TVpPRlUyRzVGRVlPRFA0RVZEWlNCNzQ3WUZWTkVOWUVINTdJQkJGWFFGWlJGTE0zWEVFUElWNU1QUkhDVlozWVRRR1ZJNTRUS0Y3SE9YVUE3UlFaQUpOSldRVU9RN0FFUlZXWDJKMlk0N1ROU05HUkhDSVI1TUpaVDRFSUo1UzZNSjVNVkZaV1hUSldHU1E3Q1pHV1RUTUJUMlhOUk5IQ1pXWFhRUVQ0VFdWTVBCMlQ3VVRHRlhONldMTFFMRjNOWDZaVkFDVjNSNkdMR0pDV1NVRUdSRVRYNDRSUlNKRUlLSzVYWURYS05WS0NaRkE2RjY3R0ZQWk9QWDZWQlVIM1I1MzdWRDRIM09FSEpQSkRWV1o2WFRQUjNDSE5VSFBaNjdFRFlUVTdOVTNER1pGUEdXRDJFV0pWVVNTNE0yWVdNVUFZM0FOU0tKWU9RS0hKUkNSNzNURDJMMjIvP%2FICzwEIABIXMzI1MjkyNzE1MDczOTE3MzQ5NjExMjAYACABKJwTMIl3QAFIAFAAYApoAHCd4iKQAQCYAQCoAQCwAQ64AQnAAQzIAQ7gAQzwAQD4AQ6AAgyIAgyRAgAAAAAAAPA%2FmQIK16NwPQrHP6ECAAAAAAAA8D%2BoAgCwAgDIAgTYAgDxAmZmZmZmZuY%2F%2BAK%2FMYADrAKIA%2FoBkAMCmAMAoAMAuAO05A%2FAAwDIAwDSAwg2NzM3OTY0NOAD%2F%2F%2F%2F%2F%2F%2F%2F%2F%2F%2F%2FAekDAAAAAAAAAADwAw74AgWIAwCSAwRkYmE4mAMA
Requested by: Host: 4ff8e811445a9b61eb0bed126f8b9447.safeframe.googlesyndication.com
URL: https://4ff8e811445a9b61eb0bed126f8b9447.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.197.113.18 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-197-113-18.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://4ff8e811445a9b61eb0bed126f8b9447.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 21 Mar 2022 14:45:53 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-length: 37
expires: Thu, 15 Oct 1992 20:10:00 GMT

GET
H2 200 pe
eb2.3lift.com/ Frame 116C 37 B
139 B 14ms
13ms Image
image/gif 13.248.245.213
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/pe?fid=10&peid=0&aid=32529271507391734961120
Requested by: Host: 4ff8e811445a9b61eb0bed126f8b9447.safeframe.googlesyndication.com
URL: https://4ff8e811445a9b61eb0bed126f8b9447.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://4ff8e811445a9b61eb0bed126f8b9447.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 21 Mar 2022 14:45:53 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 37
content-type: image/gif

GET
H2 200 r
eb2.3lift.com/ Frame 7398 37 B
139 B 9ms
9ms Image
image/gif 13.248.245.213
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/r?inv_code=adasia_allpublishers_display&aid=16084651616535906996650&rev=b5dbcaa&pr=can%27t%2520access%2520top%2520document&bc=0.014&bmid=2460&biid=6335&sid=15241&brid=569629&adid=67379644&crid=-1&ts=1647873952&bcud=14&ss=5&caid=0&unid=0&domain=4ff8e811445a9b61eb0bed126f8b9447.safeframe.googlesyndication.com&ref=https%253A%252F%252Fportalsemakan.com%252F&rr=creative&fid=10&rb=0&g=0&cb=93554
Requested by: Host: 4ff8e811445a9b61eb0bed126f8b9447.safeframe.googlesyndication.com
URL: https://4ff8e811445a9b61eb0bed126f8b9447.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://4ff8e811445a9b61eb0bed126f8b9447.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 21 Mar 2022 14:45:53 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 37
content-type: image/gif

GET
H2 200 OBA_TRANS.png
ib.3lift.com/static/buttons/edaa/ Frame 7398 3 KB
3 KB 8ms
7ms Image
image/png 18.66.112.66
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ib.3lift.com/static/buttons/edaa/OBA_TRANS.png
Requested by: Host: ib.3lift.com
URL: https://ib.3lift.com/rev/b5dbcaaad667d54756cc1e78e73a1e2616cc2b6d/dist/bundle.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.66 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-66.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 2fd4c3ae6afc2b4026d9f0b64b8ff1110ecfcf47b90bc988c06e844b3921cbf6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://4ff8e811445a9b61eb0bed126f8b9447.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 15 Mar 2022 12:57:19 GMT
via: 1.1 fd080e20137c93d47ed43a67821248f0.cloudfront.net (CloudFront)
last-modified: Thu, 05 Aug 2021 17:23:36 GMT
server: AmazonS3
age: 524915
etag: "ddf020e069f1706b72b7698b28fede09"
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=604800,s-maxage=604800,public
x-amz-cf-pop: FRA56-P5
accept-ranges: bytes
content-length: 3125
x-amz-cf-id: N_zctYJh0kZ2TYV-J1_ybDjsz7ndZu0_u6Qf5dE6e2izilT6AWEqWA==

GET
H2 200 OBA_UK.png
ib.3lift.com/static/buttons/edaa/ Frame 7398 3 KB
4 KB 9ms
8ms Image
image/png 18.66.112.66
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ib.3lift.com/static/buttons/edaa/OBA_UK.png
Requested by: Host: ib.3lift.com
URL: https://ib.3lift.com/rev/b5dbcaaad667d54756cc1e78e73a1e2616cc2b6d/dist/bundle.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.66 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-66.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 08285afd2f0c11a2a9d89f00dce769479e4d164e62caa39eceea9f1eb551afa9

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://4ff8e811445a9b61eb0bed126f8b9447.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 14 Mar 2022 19:36:19 GMT
via: 1.1 fd080e20137c93d47ed43a67821248f0.cloudfront.net (CloudFront)
last-modified: Thu, 05 Aug 2021 17:23:31 GMT
server: AmazonS3
age: 587375
etag: "7ceab27af00fa466072a3c3360041755"
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=604800,s-maxage=604800,public
x-amz-cf-pop: FRA56-P5
accept-ranges: bytes
content-length: 3518
x-amz-cf-id: 2PMe3AzokpNqOHJIpLUmHqwwUfM9IlBOWh92RXdErWaKMU18srlX1Q==

GET
DATA 200
OK truncated Show response
/ Frame 845F 26 B
0 Script
image/gif

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c00a759275b8628823a9809f24cbeca08cb48b52713adf221f70284e66d9c82f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/gif

GET
H2 200 ctar
eb2.3lift.com/ Frame 7398 37 B
139 B 12ms
8ms Image
image/gif 13.248.245.213
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/ctar?inv_code=adasia_allpublishers_display&aid=16084651616535906996650&rev=b5dbcaa&cta_render_method=1&cta_render_text=&cb=68300
Requested by: Host: 4ff8e811445a9b61eb0bed126f8b9447.safeframe.googlesyndication.com
URL: https://4ff8e811445a9b61eb0bed126f8b9447.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://4ff8e811445a9b61eb0bed126f8b9447.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 21 Mar 2022 14:45:53 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 37
content-type: image/gif

GET
H2 200 widget-728x90.js Show response
widgets.zemanta.com/1646288090/ Frame A2D7 6 KB
2 KB 12ms
6ms Script
application/javascript 151.101.194.132
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://widgets.zemanta.com/1646288090/widget-728x90.js
Requested by: Host: ib.3lift.com
URL: https://ib.3lift.com/rev/b5dbcaaad667d54756cc1e78e73a1e2616cc2b6d/dist/bundle.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.194.132 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 5f15f4fd8772df9f8469e085c9dcec9ac2b070009ca290d447898bf5400c4021

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://4ff8e811445a9b61eb0bed126f8b9447.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-version-id: 6gjTgAWv8q0YdgBr3LK0Sms13tYGH2W1
content-encoding: gzip
etag: "9d9eccc5fd836c7aede279135dfdc306"
age: 1297
x-cache: HIT
content-length: 2400
x-amz-id-2: semRpHwIPX4tofG/KEd8kpJkqlwemQkYt1WjoLW9HaV+jRlX/0muoVvYiQKs0Qrg8C/Ph537ti0=
x-served-by: cache-hhn4047-HHN
last-modified: Thu, 03 Mar 2022 08:30:50 GMT
server: AmazonS3
x-timer: S1647873953.472204,VS0,VE0
date: Mon, 21 Mar 2022 14:45:53 GMT
vary: Accept-Encoding
x-amz-request-id: TZ8NQ3NCHHMWGG3T
via: 1.1 varnish
accept-ranges: bytes
content-type: application/javascript
x-cache-hits: 271

GET
H2 200 aop
eb2.3lift.com/ Frame 7398 37 B
139 B 13ms
8ms Image
image/gif 13.248.245.213
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/aop?inv_code=adasia_allpublishers_display&aid=16084651616535906996650&rev=b5dbcaa&pr=can%27t%2520access%2520top%2520document&bc=0.014&bmid=2460&biid=6335&sid=15241&brid=569629&adid=67379644&crid=-1&ts=1647873952&bcud=14&ss=5&caid=0&unid=0&domain=4ff8e811445a9b61eb0bed126f8b9447.safeframe.googlesyndication.com&ref=https%253A%252F%252Fportalsemakan.com%252F&rr=creative&fid=10&rb=0&g=0&cb=81525
Requested by: Host: 4ff8e811445a9b61eb0bed126f8b9447.safeframe.googlesyndication.com
URL: https://4ff8e811445a9b61eb0bed126f8b9447.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://4ff8e811445a9b61eb0bed126f8b9447.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 21 Mar 2022 14:45:53 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 37
content-type: image/gif

GET
H3 204 1233564 Show response
servicer.mgid.com/vpaid/ 0
764 B 58ms
38ms XHR
text/html 104.19.132.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://servicer.mgid.com/vpaid/1233564
Requested by: Host: cdn.mgid.com
URL: https://cdn.mgid.com/js/wglibs/mgWidget_1.11.86.es6.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.19.132.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://portalsemakan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 21 Mar 2022 14:45:53 GMT
x-mg-204-reason: no bids
cf-cache-status: DYNAMIC
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: https://portalsemakan.com
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cf-ray: 6ef779514dbc9134-FRA
content-type: text/html

GET
H2 200 bundle.js Show response
ib.3lift.com/rev/b5dbcaaad667d54756cc1e78e73a1e2616cc2b6d/dist/ Frame 116C 254 KB
81 KB 8ms
7ms Script
application/javascript 18.66.112.66
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ib.3lift.com/rev/b5dbcaaad667d54756cc1e78e73a1e2616cc2b6d/dist/bundle.js
Requested by: Host: ib.3lift.com
URL: https://ib.3lift.com/ttj?inv_code=adasia_allpublishers_display
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.66 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-66.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 325e6a7b68748a169ffb84eef16a6aa2042e2fd8ee1819a61c7a5fb399ba5e54

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://4ff8e811445a9b61eb0bed126f8b9447.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 10 Mar 2022 15:56:45 GMT
content-encoding: gzip
last-modified: Thu, 10 Mar 2022 15:56:23 GMT
server: AmazonS3
age: 946149
etag: "72ce81d7d81987b2256ad6fa329008bc"
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 fd080e20137c93d47ed43a67821248f0.cloudfront.net (CloudFront)
cache-control: max-age=31536000, immutable
x-amz-cf-pop: FRA56-P5
accept-ranges: bytes
content-length: 82367
x-amz-cf-id: -fItb-Dat1qLVdRMvo7CgGvRKW7eDRToNNIZ8BEZKW0IMb1R-6ti6A==

GET
H3 200 /
c.mgid.com/vs/ 43 B
361 B 118ms
117ms Image
image/gif 104.19.135.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.mgid.com/vs/?tid=0&iid=1233564&e=error&o=%7B%22timeOffset%22%3A0%2C%22adPlayer%22%3Anull%2C%22uuid%22%3A%229b2cee56-a925-11ec-915f-e43d1a2a53a0%22%2C%22subId%22%3A0%2C%22sticky%22%3A0%2C%22viewable%22%3A0%2C%22tt%22%3A%22Direct%22%2C%22errorMessage%22%3A%22null%22%7D&t=0&c=11759
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.19.135.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://portalsemakan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 21 Mar 2022 14:45:53 GMT
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray: 6ef77951ae229158-FRA
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: image/gif
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H/1.1 200
OK writeStatistics
stas.outbrain.com/Stas/api/ Frame A2D7 43 B
274 B 356ms
89ms Image
image/gif 70.42.32.255
INTERNAP-BLK3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://stas.outbrain.com/Stas/api/writeStatistics?p=6wBqnCPsEPBFEiz5W576_i2OqBt9HBFlSi1K-eJYVvxqQmXzbG3o7gbz39msnPIEHvt9DEyxvGglc38wl1u0TDliRtlZcKsNlnnGjjrbhsgrBIIx1qlJog7ANyEFSy8Cg4rKDKoF0iT3zOQt0Xl5S8fZ_NnOjOhN2L-bNuW67f9WTORbCpQEjGhJZfQEHMMWOTrhWsmLJGWwzMdcKSP9BsD5My5x_i59qZBDbvSzhiS2JfaqURwnPiid78UVzhp_DiPYGAi_ZboMuGw3lwLvTBsJUYofneT0FXU5yhuEk55zY9O0QJuB7P2LXKDlX_27zpbbYZ-jST4dA8kvKQmiLheMcENlMUb3pW0oZuxEYdw52B1onfoQGpygKMiAmgwVrjwavUQIKXcsl1-wzmvGuXO5MxInq45hJFlcy_eI2UZ39oSEh_tvXzmcVFxHbFOe-VJS7Uy1naTzz8QO_BSwi2xXnoBX9gJh0VUvIRGhkfs_v6cxkHKwC2dFywv210pbFIWvPR2sSDNETOsB7qr3iEat88dFD98mU7fMfC-yBs_nvvhQe3bQrupWHzNPlL1j2huiIKXTkzt2Aqlk3z_P_FH3lmNv4XXdUVQmYnpLhjwDy9PI5sn3HZQ4uDPwvTv6x0Xw23kGHoUb899ZUERmmUIBwZiAPrRgtyh2-IgUx-zdDtc4cBbo-cfBIVVWPJkJnU54ENqw8iDY-PA1Dty_vJKxcxRD5fyiY2P3BeGkfZ2zXoU2a1KlVXwVN8tCooyE&c=db62dba4&v=3
Requested by: Host: 4ff8e811445a9b61eb0bed126f8b9447.safeframe.googlesyndication.com
URL: https://4ff8e811445a9b61eb0bed126f8b9447.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 70.42.32.255 , United States, ASN13789 (INTERNAP-BLK3, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: 33ca751ed175a163bef530ebdcdbd0a2d15997ccbcbf8d50a6f504e8ffac5a5c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://4ff8e811445a9b61eb0bed126f8b9447.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Mon, 21 Mar 2022 14:45:53 GMT
Cache-Control: no-cache
Connection: close
X-TraceId: 220e40d835a2676bad9ee95161d96a2b
content-encoding: gzip
Content-Length: 60
Content-Type: image/gif

GET
H/1.1 200
OK /
b1t-eudc1.zemanta.com/t/imp/impression/FPGHAAMTLPW5HIF4CVN2DMS5BOECQALMTTXIGVBPDUT5JFTQFS5WAWCIZ53V5FF6KTLAOWRFPPMVFSVB3U2R2XM4Q77XTOKHF46PH6KVEHM3UX2WXYJWGREGOGUFQF2GT6HVAZTBTN7TZNARBAD65NEL44PRJG... Frame A2D7 26 B
151 B 37ms
36ms Image
image/gif 213.227.153.223
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://b1t-eudc1.zemanta.com/t/imp/impression/FPGHAAMTLPW5HIF4CVN2DMS5BOECQALMTTXIGVBPDUT5JFTQFS5WAWCIZ53V5FF6KTLAOWRFPPMVFSVB3U2R2XM4Q77XTOKHF46PH6KVEHM3UX2WXYJWGREGOGUFQF2GT6HVAZTBTN7TZNARBAD65NEL44PRJGEVPBEBIZNZTEZLQMR3JTF5L6SAZHSHOQ4UMWWI7IGQO6FAKG5X7L7RAHWXLTRKAKUL3V5LILKTB24UZXQBKFWLND2BNF3E4ADYNLG7X26OIWYMZJTD6MHMC2DTTLCCZFPA4WFK5ZJ36GDUN3AAIDPKTEYJACP2MU2NCLNDK6SNC46ZFNYDAEKNNFJJTIXDNZ66Y2IWBVHFKNJTRU7Z74FXMFDYZC4IJQKKZJ34R6Q7CAPOW/?
Requested by: Host: 4ff8e811445a9b61eb0bed126f8b9447.safeframe.googlesyndication.com
URL: https://4ff8e811445a9b61eb0bed126f8b9447.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 213.227.153.223 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software: /
Resource Hash: 3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://4ff8e811445a9b61eb0bed126f8b9447.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Mon, 21 Mar 2022 14:45:53 GMT
Connection: keep-alive
Content-Length: 26
Content-Type: image/gif

GET
H2 200 925708f40833ce56df2b64b5f42b2fae72.jpg
zem.outbrainimg.com/p/srv/sha/2d/0a/7b/ Frame A2D7 6 KB
6 KB 35ms
33ms Image
image/jpeg 151.101.114.132
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://zem.outbrainimg.com/p/srv/sha/2d/0a/7b/925708f40833ce56df2b64b5f42b2fae72.jpg?w=159&h=88&fit=crop&crop=center&fm=jpg

Requested by

Host: widgets.zemanta.com
URL: https://widgets.zemanta.com/1646288090/widget-728x90.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.114.132 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

imgix /

Resource Hash

0f4c134a1329fa98bc979f0e1e9d2b1ffdbcbbff36feafb1112e61d7d5896245

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://4ff8e811445a9b61eb0bed126f8b9447.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 21 Mar 2022 14:45:53 GMT
via: 1.1 varnish
x-content-type-options: nosniff
age: 548880
x-cache: HIT, MISS, HIT
x-imgix-id: 2db87e6b839cbf407721461bd5ad6e8b06443fd2
content-length: 6581
x-served-by: cache-sjc10044-SJC, cache-hhn4041-HHN, cache-hhn4025-HHN
last-modified: Tue, 15 Mar 2022 06:17:53 GMT
server: imgix
x-timer: S1647873954.565012,VS0,VE0
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
cross-origin-resource-policy: cross-origin
x-cache-hits: 651

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 105B 1 KB
749 B 41ms
41ms Document
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: 4ff8e811445a9b61eb0bed126f8b9447.safeframe.googlesyndication.com
URL: https://4ff8e811445a9b61eb0bed126f8b9447.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://4ff8e811445a9b61eb0bed126f8b9447.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 724
x-xss-protection: 0
date: Mon, 21 Mar 2022 13:26:12 GMT
expires: Tue, 22 Mar 2022 13:26:12 GMT
cache-control: public, max-age=86400
age: 4781
etag: 48472445140208031
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 204 AdxPixel
tr.blismedia.com/v1/api/sync/ Frame 41F8 0
173 B 80ms
19ms Image
text/plain 34.96.105.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tr.blismedia.com/v1/api/sync/AdxPixel?google_gid=CAESEJO9-H5_kcnfPxr3a1uoqjE&google_cver=1&google_push=AYg5qPJNPWhJ0Nm2uGK2Cuyxc573OY8hUFwPRShlxu2Jf-nS9xXRRz2djY2n3-01CGVqNfXf7sfEv2KKCJLY6pMRDuVWDxdMiDNb
Requested by: Host: 4ff8e811445a9b61eb0bed126f8b9447.safeframe.googlesyndication.com
URL: https://4ff8e811445a9b61eb0bed126f8b9447.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.96.105.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.105.96.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 21 Mar 2022 14:45:53 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 41F8
Redirect Chain

https://ads.travelaudience.com/google_pixel?google_gid=CAESEBaENlKOyBSV8L_KFg47lXI&google_cver=1&google_push=AYg5qPJRY9QZpJFYyaJ5sh1R5yLwC2LVD34CKo2HMvsBnZgMhbm5Pm14nnFOd4BvUPybaDmngESCxkmWfhK1bsO5...
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=xzBxhOVOTHOYIImDkljO-Q2&google_push=AYg5qPJRY9QZpJFYyaJ5sh1R5yLwC2LVD34CKo2HMvsBnZgMhbm5Pm14nnFOd4BvUPybaDmngESCxkmWfhK1bsO5WKrR6220iMYm

170 B
188 B

51ms
51ms

Image
image/png

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=xzBxhOVOTHOYIImDkljO-Q2&google_push=AYg5qPJRY9QZpJFYyaJ5sh1R5yLwC2LVD34CKo2HMvsBnZgMhbm5Pm14nnFOd4BvUPybaDmngESCxkmWfhK1bsO5WKrR6220iMYm

Requested by

Host: 4ff8e811445a9b61eb0bed126f8b9447.safeframe.googlesyndication.com
URL: https://4ff8e811445a9b61eb0bed126f8b9447.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 21 Mar 2022 14:45:53 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Mon, 21 Mar 2022 14:45:53 GMT
via: 1.1 google
x-engine-version: 0.0.0
server: nginx/1.15.12
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR LAW CUR DEV PSA PSD IVA OUR BUS UNI COM NAV INT CNT LOC"
location: https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=xzBxhOVOTHOYIImDkljO-Q2&google_push=AYg5qPJRY9QZpJFYyaJ5sh1R5yLwC2LVD34CKo2HMvsBnZgMhbm5Pm14nnFOd4BvUPybaDmngESCxkmWfhK1bsO5WKrR6220iMYm
x-host: tde-deliveryengine-production-6fbb5b866d-4sz2t
alt-svc: clear
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 41F8
Redirect Chain

https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEC9tjCMDg2axAmBMyOhYyZU&google_cver=1&google_push=AYg5qPKKLnPBIlEhCakw72UnOXFvrUnkhlA8BldHuW_H5G1oJAxDGVxkianmRct9v113bKFH0q_6jknDUWhtSXXo9Fp4...
https://a.sportradarserving.com/sync?ssp=bidswitch&bidswitch_ssp_id=google
https://a.sportradarserving.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=google
https://x.bidswitch.net/sync?dsp_id=409&expires=14&user_group=1&user_id=d02d3ff2-4f08-4f31-92c9-bd402199c4c3&ssp=google
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AYg5qPKKLnPBIlEhCakw72UnOXFvrUnkhlA8BldHuW_H5G1oJAxDGVxkianmRct9v113bKFH0q_6jknDUWhtSXXo9Fp4EFKqxP5b&google_hm=12dUSOtZSf2Ca0K7EIf-Ww==

170 B
188 B

51ms
50ms

Image
image/png

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AYg5qPKKLnPBIlEhCakw72UnOXFvrUnkhlA8BldHuW_H5G1oJAxDGVxkianmRct9v113bKFH0q_6jknDUWhtSXXo9Fp4EFKqxP5b&google_hm=12dUSOtZSf2Ca0K7EIf-Ww==

Requested by

Host: 4ff8e811445a9b61eb0bed126f8b9447.safeframe.googlesyndication.com
URL: https://4ff8e811445a9b61eb0bed126f8b9447.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 21 Mar 2022 14:45:53 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: //cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AYg5qPKKLnPBIlEhCakw72UnOXFvrUnkhlA8BldHuW_H5G1oJAxDGVxkianmRct9v113bKFH0q_6jknDUWhtSXXo9Fp4EFKqxP5b&google_hm=12dUSOtZSf2Ca0K7EIf-Ww==
Date: Mon, 21 Mar 2022 14:45:53 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 41F8
Redirect Chain

https://d5p.de17a.com/cookies/google?google_gid=CAESEHevAlT4IwM0rSKFPIQROFo&google_cver=1&google_push=AYg5qPJDPdXCkXgjJBrP7P8vRtyemPEI0aoNHaGweZ5zZZE3jFcdZjh7LuNpYLEXeDULZxPbzOPi9jhCl3ehywyO7xgH7J2...
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AYg5qPJDPdXCkXgjJBrP7P8vRtyemPEI0aoNHaGweZ5zZZE3jFcdZjh7LuNpYLEXeDULZxPbzOPi9jhCl3ehywyO7xgH7J21ZH97

170 B
188 B

52ms
51ms

Image
image/png

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AYg5qPJDPdXCkXgjJBrP7P8vRtyemPEI0aoNHaGweZ5zZZE3jFcdZjh7LuNpYLEXeDULZxPbzOPi9jhCl3ehywyO7xgH7J21ZH97

Requested by

Host: 4ff8e811445a9b61eb0bed126f8b9447.safeframe.googlesyndication.com
URL: https://4ff8e811445a9b61eb0bed126f8b9447.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 21 Mar 2022 14:45:53 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AYg5qPJDPdXCkXgjJBrP7P8vRtyemPEI0aoNHaGweZ5zZZE3jFcdZjh7LuNpYLEXeDULZxPbzOPi9jhCl3ehywyO7xgH7J21ZH97
content-length: 0
p3p: CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV

GET

pixel
cm.g.doubleclick.net/ Frame 41F8
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEDNk9oWafI2wi_-0iAaXeBk&google_cver=1&googl...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YjiPoC_TpvJkZfw8O1wkKgAABGYAAAIB&google_gid=CAESEDNk9oWafI2wi_-0iAaXeBk&google_cver=1&google_push=AYg5qPIIHqDqXfQ-ZCxovg8ZCWiHasuFq9Cg8...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YjiPoC_TpvJkZfw8O1wkKgAABGYAAAIB&google_gid=CAESEDNk9oWafI2wi_-0iAaXeBk&google_cver=1&google_push=AYg5qPIIHqDqXfQ-ZCxovg8ZCWiHasuFq9Cg8...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YjiPoC_TpvJkZfw8O1wkKgAABGYAAAIB&google_gid=CAESEDNk9oWafI2wi_-0iAaXeBk&google_cver=1&google_push=AYg5qPIIHqDqXfQ-ZCxovg8ZCWiHasuFq9Cg8...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YjiPoC_TpvJkZfw8O1wkKgAABGYAAAIB&google_gid=CAESEDNk9oWafI2wi_-0iAaXeBk&google_cver=1&google_push=AYg5qPIIHqDqXfQ-ZCxovg8ZCWiHasuFq9Cg8...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YjiPoC_TpvJkZfw8O1wkKgAABGYAAAIB&google_gid=CAESEDNk9oWafI2wi_-0iAaXeBk&google_cver=1&google_push=AYg5qPIIHqDqXfQ-ZCxovg8ZCWiHasuFq9Cg8...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YjiPoC_TpvJkZfw8O1wkKgAABGYAAAIB&google_gid=CAESEDNk9oWafI2wi_-0iAaXeBk&google_cver=1&google_push=AYg5qPIIHqDqXfQ-ZCxovg8ZCWiHasuFq9Cg8...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YjiPoC_TpvJkZfw8O1wkKgAABGYAAAIB&google_gid=CAESEDNk9oWafI2wi_-0iAaXeBk&google_cver=1&google_push=AYg5qPIIHqDqXfQ-ZCxovg8ZCWiHasuFq9Cg8...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YjiPoC_TpvJkZfw8O1wkKgAABGYAAAIB&google_gid=CAESEDNk9oWafI2wi_-0iAaXeBk&google_cver=1&google_push=AYg5qPIIHqDqXfQ-ZCxovg8ZCWiHasuFq9Cg8...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YjiPoC_TpvJkZfw8O1wkKgAABGYAAAIB&google_gid=CAESEDNk9oWafI2wi_-0iAaXeBk&google_cver=1&google_push=AYg5qPIIHqDqXfQ-ZCxovg8ZCWiHasuFq9Cg8...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YjiPoC_TpvJkZfw8O1wkKgAABGYAAAIB&google_gid=CAESEDNk9oWafI2wi_-0iAaXeBk&google_cver=1&google_push=AYg5qPIIHqDqXfQ-ZCxovg8ZCWiHasuFq9Cg8...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YjiPoC_TpvJkZfw8O1wkKgAABGYAAAIB&google_gid=CAESEDNk9oWafI2wi_-0iAaXeBk&google_cver=1&google_push=AYg5qPIIHqDqXfQ-ZCxovg8ZCWiHasuFq9Cg8...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YjiPoC_TpvJkZfw8O1wkKgAABGYAAAIB&google_gid=CAESEDNk9oWafI2wi_-0iAaXeBk&google_cver=1&google_push=AYg5qPIIHqDqXfQ-ZCxovg8ZCWiHasuFq9Cg8...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YjiPoC_TpvJkZfw8O1wkKgAABGYAAAIB&google_gid=CAESEDNk9oWafI2wi_-0iAaXeBk&google_cver=1&google_push=AYg5qPIIHqDqXfQ-ZCxovg8ZCWiHasuFq9Cg8...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YjiPoC_TpvJkZfw8O1wkKgAABGYAAAIB&google_gid=CAESEDNk9oWafI2wi_-0iAaXeBk&google_cver=1&google_push=AYg5qPIIHqDqXfQ-ZCxovg8ZCWiHasuFq9Cg8...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YjiPoC_TpvJkZfw8O1wkKgAABGYAAAIB&google_gid=CAESEDNk9oWafI2wi_-0iAaXeBk&google_cver=1&google_push=AYg5qPIIHqDqXfQ-ZCxovg8ZCWiHasuFq9Cg8...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YjiPoC_TpvJkZfw8O1wkKgAABGYAAAIB&google_gid=CAESEDNk9oWafI2wi_-0iAaXeBk&google_cver=1&google_push=AYg5qPIIHqDqXfQ-ZCxovg8ZCWiHasuFq9Cg8...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YjiPoC_TpvJkZfw8O1wkKgAABGYAAAIB&google_gid=CAESEDNk9oWafI2wi_-0iAaXeBk&google_cver=1&google_push=AYg5qPIIHqDqXfQ-ZCxovg8ZCWiHasuFq9Cg8...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YjiPoC_TpvJkZfw8O1wkKgAABGYAAAIB&google_gid=CAESEDNk9oWafI2wi_-0iAaXeBk&google_cver=1&google_push=AYg5qPIIHqDqXfQ-ZCxovg8ZCWiHasuFq9Cg8...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YjiPoC_TpvJkZfw8O1wkKgAABGYAAAIB&google_gid=CAESEDNk9oWafI2wi_-0iAaXeBk&google_cver=1&google_push=AYg5qPIIHqDqXfQ-ZCxovg8ZCWiHasuFq9Cg8...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YjiPoC_TpvJkZfw8O1wkKgAABGYAAAIB&google_gid=CAESEDNk9oWafI2wi_-0iAaXeBk&google_cver=1&google_push=AYg5qPIIHqDqXfQ-ZCxovg8ZCWiHasuFq9Cg8...

0
0

GET

pixel
cm.g.doubleclick.net/ Frame 41F8
Redirect Chain

https://match.360yield.com/match/ebda?google_gid=CAESECQbbiCX9EuXCWz0lnnLTGs&google_cver=1&google_push=AYg5qPL8PpPWhPWxw-MHJoludsY4ISoHOKH1326UvkUUiWZGtBfCh43CtpCfsxMw-kNygH9v4ULJsBtS4D0RzCwI7Pqxrw...
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=mdd2sQhGS6yxiv-ZHlUtGQ&google_push=AYg5qPL8PpPWhPWxw-MHJoludsY4ISoHOKH1326UvkUUiWZGtBfCh43CtpCfsxMw-kNygH9v4ULJsBtS4D0RzCw...
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=mdd2sQhGS6yxiv-ZHlUtGQ&google_push=AYg5qPL8PpPWhPWxw-MHJoludsY4ISoHOKH1326UvkUUiWZGtBfCh43CtpCfsxMw-kNygH9v4ULJsBtS4D0RzCw...
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=mdd2sQhGS6yxiv-ZHlUtGQ&google_push=AYg5qPL8PpPWhPWxw-MHJoludsY4ISoHOKH1326UvkUUiWZGtBfCh43CtpCfsxMw-kNygH9v4ULJsBtS4D0RzCw...
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=mdd2sQhGS6yxiv-ZHlUtGQ&google_push=AYg5qPL8PpPWhPWxw-MHJoludsY4ISoHOKH1326UvkUUiWZGtBfCh43CtpCfsxMw-kNygH9v4ULJsBtS4D0RzCw...
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=mdd2sQhGS6yxiv-ZHlUtGQ&google_push=AYg5qPL8PpPWhPWxw-MHJoludsY4ISoHOKH1326UvkUUiWZGtBfCh43CtpCfsxMw-kNygH9v4ULJsBtS4D0RzCw...
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=mdd2sQhGS6yxiv-ZHlUtGQ&google_push=AYg5qPL8PpPWhPWxw-MHJoludsY4ISoHOKH1326UvkUUiWZGtBfCh43CtpCfsxMw-kNygH9v4ULJsBtS4D0RzCw...
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=mdd2sQhGS6yxiv-ZHlUtGQ&google_push=AYg5qPL8PpPWhPWxw-MHJoludsY4ISoHOKH1326UvkUUiWZGtBfCh43CtpCfsxMw-kNygH9v4ULJsBtS4D0RzCw...
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=mdd2sQhGS6yxiv-ZHlUtGQ&google_push=AYg5qPL8PpPWhPWxw-MHJoludsY4ISoHOKH1326UvkUUiWZGtBfCh43CtpCfsxMw-kNygH9v4ULJsBtS4D0RzCw...
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=mdd2sQhGS6yxiv-ZHlUtGQ&google_push=AYg5qPL8PpPWhPWxw-MHJoludsY4ISoHOKH1326UvkUUiWZGtBfCh43CtpCfsxMw-kNygH9v4ULJsBtS4D0RzCw...
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=mdd2sQhGS6yxiv-ZHlUtGQ&google_push=AYg5qPL8PpPWhPWxw-MHJoludsY4ISoHOKH1326UvkUUiWZGtBfCh43CtpCfsxMw-kNygH9v4ULJsBtS4D0RzCw...
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=mdd2sQhGS6yxiv-ZHlUtGQ&google_push=AYg5qPL8PpPWhPWxw-MHJoludsY4ISoHOKH1326UvkUUiWZGtBfCh43CtpCfsxMw-kNygH9v4ULJsBtS4D0RzCw...
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=mdd2sQhGS6yxiv-ZHlUtGQ&google_push=AYg5qPL8PpPWhPWxw-MHJoludsY4ISoHOKH1326UvkUUiWZGtBfCh43CtpCfsxMw-kNygH9v4ULJsBtS4D0RzCw...
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=mdd2sQhGS6yxiv-ZHlUtGQ&google_push=AYg5qPL8PpPWhPWxw-MHJoludsY4ISoHOKH1326UvkUUiWZGtBfCh43CtpCfsxMw-kNygH9v4ULJsBtS4D0RzCw...
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=mdd2sQhGS6yxiv-ZHlUtGQ&google_push=AYg5qPL8PpPWhPWxw-MHJoludsY4ISoHOKH1326UvkUUiWZGtBfCh43CtpCfsxMw-kNygH9v4ULJsBtS4D0RzCw...
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=mdd2sQhGS6yxiv-ZHlUtGQ&google_push=AYg5qPL8PpPWhPWxw-MHJoludsY4ISoHOKH1326UvkUUiWZGtBfCh43CtpCfsxMw-kNygH9v4ULJsBtS4D0RzCw...
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=mdd2sQhGS6yxiv-ZHlUtGQ&google_push=AYg5qPL8PpPWhPWxw-MHJoludsY4ISoHOKH1326UvkUUiWZGtBfCh43CtpCfsxMw-kNygH9v4ULJsBtS4D0RzCw...
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=mdd2sQhGS6yxiv-ZHlUtGQ&google_push=AYg5qPL8PpPWhPWxw-MHJoludsY4ISoHOKH1326UvkUUiWZGtBfCh43CtpCfsxMw-kNygH9v4ULJsBtS4D0RzCw...
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=mdd2sQhGS6yxiv-ZHlUtGQ&google_push=AYg5qPL8PpPWhPWxw-MHJoludsY4ISoHOKH1326UvkUUiWZGtBfCh43CtpCfsxMw-kNygH9v4ULJsBtS4D0RzCw...
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=mdd2sQhGS6yxiv-ZHlUtGQ&google_push=AYg5qPL8PpPWhPWxw-MHJoludsY4ISoHOKH1326UvkUUiWZGtBfCh43CtpCfsxMw-kNygH9v4ULJsBtS4D0RzCw...
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=mdd2sQhGS6yxiv-ZHlUtGQ&google_push=AYg5qPL8PpPWhPWxw-MHJoludsY4ISoHOKH1326UvkUUiWZGtBfCh43CtpCfsxMw-kNygH9v4ULJsBtS4D0RzCw...

0
0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 41F8
Redirect Chain

https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESELMEnerFxYrSqieu0GI4bHg&google_cver=1&google_push=AYg5qPJeigA587Ut8i0RD5Wl15Vvqc6DvAAicmCilYVgL8Q4b58vumIRCBoKQwaHGQi7gApy27...
https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1TMVo0cjhwRTJ1RjhjQnlMUjFGVTlRWjFxSDhYc0xlMX5B&google_push=AYg5qPJeigA587Ut8i0RD5Wl15Vvqc6DvAAicmCilYVgL8Q4b58vumIRC...

170 B
188 B

50ms
50ms

Image
image/png

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1TMVo0cjhwRTJ1RjhjQnlMUjFGVTlRWjFxSDhYc0xlMX5B&google_push=AYg5qPJeigA587Ut8i0RD5Wl15Vvqc6DvAAicmCilYVgL8Q4b58vumIRCBoKQwaHGQi7gApy27P3XkT0ZjJ4OerxF-CpS5ELunwSzA

Requested by

Host: 4ff8e811445a9b61eb0bed126f8b9447.safeframe.googlesyndication.com
URL: https://4ff8e811445a9b61eb0bed126f8b9447.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 21 Mar 2022 14:45:53 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1TMVo0cjhwRTJ1RjhjQnlMUjFGVTlRWjFxSDhYc0xlMX5B&google_push=AYg5qPJeigA587Ut8i0RD5Wl15Vvqc6DvAAicmCilYVgL8Q4b58vumIRCBoKQwaHGQi7gApy27P3XkT0ZjJ4OerxF-CpS5ELunwSzA
date: Mon, 21 Mar 2022 14:45:53 GMT
server: ATS/9.1.0.33
age: 0
content-length: 0
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 41F8 0
12 B 48ms
48ms Image
text/html 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KqKCWU31U3q_OJMliMnOcQWb3skrv4TPS-p15KnEbOv0aE4iN4E8aPCKT6dsQPb70-41wutQ

Requested by

Host: 4ff8e811445a9b61eb0bed126f8b9447.safeframe.googlesyndication.com
URL: https://4ff8e811445a9b61eb0bed126f8b9447.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 21 Mar 2022 14:45:53 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2 200 r
eb2.3lift.com/ Frame 116C 37 B
139 B 9ms
8ms Image
image/gif 13.248.245.213
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/r?inv_code=adasia_allpublishers_display&aid=32529271507391734961120&rev=b5dbcaa&pr=can%27t%2520access%2520top%2520document&bc=0.014&bmid=2460&biid=6335&sid=15241&brid=569629&adid=67379644&crid=-1&ts=1647873953&bcud=14&ss=5&caid=0&unid=0&domain=4ff8e811445a9b61eb0bed126f8b9447.safeframe.googlesyndication.com&ref=https%253A%252F%252Fportalsemakan.com%252F&rr=creative&fid=10&rb=0&g=0&cb=87999
Requested by: Host: 4ff8e811445a9b61eb0bed126f8b9447.safeframe.googlesyndication.com
URL: https://4ff8e811445a9b61eb0bed126f8b9447.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://4ff8e811445a9b61eb0bed126f8b9447.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 21 Mar 2022 14:45:53 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 37
content-type: image/gif

GET
H2 200 OBA_TRANS.png
ib.3lift.com/static/buttons/edaa/ Frame 116C 3 KB
3 KB 8ms
7ms Image
image/png 18.66.112.66
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ib.3lift.com/static/buttons/edaa/OBA_TRANS.png
Requested by: Host: ib.3lift.com
URL: https://ib.3lift.com/rev/b5dbcaaad667d54756cc1e78e73a1e2616cc2b6d/dist/bundle.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.66 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-66.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 2fd4c3ae6afc2b4026d9f0b64b8ff1110ecfcf47b90bc988c06e844b3921cbf6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://4ff8e811445a9b61eb0bed126f8b9447.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 15 Mar 2022 12:57:19 GMT
via: 1.1 fd080e20137c93d47ed43a67821248f0.cloudfront.net (CloudFront)
last-modified: Thu, 05 Aug 2021 17:23:36 GMT
server: AmazonS3
age: 524915
etag: "ddf020e069f1706b72b7698b28fede09"
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=604800,s-maxage=604800,public
x-amz-cf-pop: FRA56-P5
accept-ranges: bytes
content-length: 3125
x-amz-cf-id: 45hF2_D9tUijxiB2vhHLVkYGr-dvrS32bAxlMlCSUAUHnAZr1EMcgg==

GET
H2 200 OBA_UK.png
ib.3lift.com/static/buttons/edaa/ Frame 116C 3 KB
4 KB 8ms
7ms Image
image/png 18.66.112.66
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ib.3lift.com/static/buttons/edaa/OBA_UK.png
Requested by: Host: ib.3lift.com
URL: https://ib.3lift.com/rev/b5dbcaaad667d54756cc1e78e73a1e2616cc2b6d/dist/bundle.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.66 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-66.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 08285afd2f0c11a2a9d89f00dce769479e4d164e62caa39eceea9f1eb551afa9

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://4ff8e811445a9b61eb0bed126f8b9447.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 14 Mar 2022 19:36:19 GMT
via: 1.1 fd080e20137c93d47ed43a67821248f0.cloudfront.net (CloudFront)
last-modified: Thu, 05 Aug 2021 17:23:31 GMT
server: AmazonS3
age: 587375
etag: "7ceab27af00fa466072a3c3360041755"
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=604800,s-maxage=604800,public
x-amz-cf-pop: FRA56-P5
accept-ranges: bytes
content-length: 3518
x-amz-cf-id: zWiHccpngyAIWIgEwFadXq0fWprge3MPAyqY4cpqyt3LI3iB3plYVw==

GET
DATA 200
OK truncated Show response
/ Frame CB5A 26 B
0 Script
image/gif

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c00a759275b8628823a9809f24cbeca08cb48b52713adf221f70284e66d9c82f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/gif

GET
H2 200 ctar
eb2.3lift.com/ Frame 116C 37 B
139 B 8ms
8ms Image
image/gif 13.248.245.213
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/ctar?inv_code=adasia_allpublishers_display&aid=32529271507391734961120&rev=b5dbcaa&cta_render_method=1&cta_render_text=&cb=68330
Requested by: Host: 4ff8e811445a9b61eb0bed126f8b9447.safeframe.googlesyndication.com
URL: https://4ff8e811445a9b61eb0bed126f8b9447.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://4ff8e811445a9b61eb0bed126f8b9447.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 21 Mar 2022 14:45:53 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 37
content-type: image/gif

GET
H2 200 widget-300x250.js Show response
widgets.zemanta.com/1646288090/ Frame 1D3F 7 KB
3 KB 7ms
7ms Script
application/javascript 151.101.194.132
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://widgets.zemanta.com/1646288090/widget-300x250.js
Requested by: Host: ib.3lift.com
URL: https://ib.3lift.com/rev/b5dbcaaad667d54756cc1e78e73a1e2616cc2b6d/dist/bundle.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.194.132 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: b5c315ac0e20cd6fa803c642d705216f1db2b775a01d39659ad94357777b64c5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://4ff8e811445a9b61eb0bed126f8b9447.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-version-id: BIaxKvgQWMMbKJ64EUDQ8_r1TOYpzMdO
content-encoding: gzip
etag: "219d6ce77c230f015c317b2847a1286b"
age: 1081
x-cache: HIT
content-length: 2583
x-amz-id-2: 1Wq/Ibkvtxya6FkGrOdgiHTu7O0zvHkXxFZnHT70ots+DcCdiLzt5ripeHkQjxnsgD3exBf+05s=
x-served-by: cache-hhn4047-HHN
last-modified: Thu, 03 Mar 2022 08:30:46 GMT
server: AmazonS3
x-timer: S1647873954.644622,VS0,VE0
date: Mon, 21 Mar 2022 14:45:53 GMT
vary: Accept-Encoding
x-amz-request-id: FPAGTQ93H0P69QX9
via: 1.1 varnish
accept-ranges: bytes
content-type: application/javascript
x-cache-hits: 321

GET
H2 200 aop
eb2.3lift.com/ Frame 116C 37 B
139 B 8ms
8ms Image
image/gif 13.248.245.213
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/aop?inv_code=adasia_allpublishers_display&aid=32529271507391734961120&rev=b5dbcaa&pr=can%27t%2520access%2520top%2520document&bc=0.014&bmid=2460&biid=6335&sid=15241&brid=569629&adid=67379644&crid=-1&ts=1647873953&bcud=14&ss=5&caid=0&unid=0&domain=4ff8e811445a9b61eb0bed126f8b9447.safeframe.googlesyndication.com&ref=https%253A%252F%252Fportalsemakan.com%252F&rr=creative&fid=10&rb=0&g=0&cb=40052
Requested by: Host: 4ff8e811445a9b61eb0bed126f8b9447.safeframe.googlesyndication.com
URL: https://4ff8e811445a9b61eb0bed126f8b9447.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://4ff8e811445a9b61eb0bed126f8b9447.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 21 Mar 2022 14:45:53 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 37
content-type: image/gif

GET
H2 200 publishertag.prebid.js Show response
static.criteo.net/js/ld/ 97 KB
31 KB 74ms
25ms Script
text/javascript 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.prebid.js

Requested by

Host: anymind360.com
URL: https://anymind360.com/js/4961/prebid_2022_3_14_9_13_53.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

ff6956c6d9b77bdecabeef7eafb5625c810cf5694db1204d0a48e102ecd73c89

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://portalsemakan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 21 Mar 2022 14:45:53 GMT
content-encoding: gzip
last-modified: Tue, 08 Mar 2022 02:42:25 GMT
server: nginx
etag: W/"6226c291-1834f"
strict-transport-security: max-age=31536000; preload;
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Tue, 22 Mar 2022 14:45:53 GMT

GET
H/1.1 200
OK writeStatistics
stas.outbrain.com/Stas/api/ Frame 1D3F 43 B
274 B 323ms
82ms Image
image/gif 70.42.32.255
INTERNAP-BLK3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://stas.outbrain.com/Stas/api/writeStatistics?p=ST7ORLOPQ133o2fjOiSasDm_ibdfDLKUX1atZp6ehesjvpMrMsSWipa9ww4CUtdM1RUU0SKPNH5fjeSNOpnxTC748MRJncyks3ePUPQltxzOaZzjl1U4zFyuCoLPZ2nveMo4YSRg3oRhWGyLXUWfIkXasLM0ifsn7FvpQ2wkb98qV3HODZ1Ic-xIT-w8Clak42f6pb6emGY__-vKSQCIKE6eoFHrj3ju8W3hPuUK9lI75mf0ZSioff6uiqn8wLl2g5t5s0VCUuuNWpzTGoUV_59xUC0M8FlC5w_1WgZ4MjSljIjdObalqeo88k7n-6rdGGUZzHsTsM2Rtf25PNYP-E2jGUJ_DFo3vusWIUCCJ3i_60KQ-s5_5eLQl9KsGxL7tKdGktJ24t83JovqUSZ4R7mvxBm9Q13SWUpt_Ozfk8sG1doZpa-a6oMwr6OWp9smA6bh_-ZYQMtkuTm8QDZu_0QITFq8Cg3gQJzJkbGhpkLrQ3U1N02L2tzn-gWdbGU9H_WIhh6HunmtXAXIuBqu4h1E-6cuYTJjwxYm567Z6mjYgefJMf0UARVpZaytdwv46idNeqw0KNyOrewx1d0SUTxezJeC0qCdMvYTSDLYlIIAdC3Af90qa6rMc4MrA43RKXnpNoGYod2ebwXwpXU2jh670rcD5RDLFRIN1ESy8n6lO7QHUUH8RHumZEnSYtrlmpw-fj012JkyRmYmOogTBtUHBqzKmRPJAn15VJW9Q8yxLZUWjlw60pF6Xq3M80Zd&c=84e10511&v=3
Requested by: Host: 4ff8e811445a9b61eb0bed126f8b9447.safeframe.googlesyndication.com
URL: https://4ff8e811445a9b61eb0bed126f8b9447.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 70.42.32.255 , United States, ASN13789 (INTERNAP-BLK3, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: 33ca751ed175a163bef530ebdcdbd0a2d15997ccbcbf8d50a6f504e8ffac5a5c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://4ff8e811445a9b61eb0bed126f8b9447.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Mon, 21 Mar 2022 14:45:53 GMT
Cache-Control: no-cache
Connection: close
X-TraceId: 45a7652b2629adc129bce832fc6528dc
content-encoding: gzip
Content-Length: 60
Content-Type: image/gif

GET
H/1.1 200
OK /
b1t-eudc1.zemanta.com/t/imp/impression/FPGHAAMTLPW5H4IS2DKSHXDQFGECQALMTTXIGVCZIBSVPVUUQFIVULX7BHPP7LKCBJ2YXYTIPCHVLFFOXZI2Z7DTSJ6WUZTOVSR45MURWXIDHRWHPKAX3CTATVTGVW4C3ECKUU5ILTJ6VNARBAD65NEL44PRJG... Frame 1D3F 26 B
151 B 14ms
14ms Image
image/gif 213.227.153.223
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://b1t-eudc1.zemanta.com/t/imp/impression/FPGHAAMTLPW5H4IS2DKSHXDQFGECQALMTTXIGVCZIBSVPVUUQFIVULX7BHPP7LKCBJ2YXYTIPCHVLFFOXZI2Z7DTSJ6WUZTOVSR45MURWXIDHRWHPKAX3CTATVTGVW4C3ECKUU5ILTJ6VNARBAD65NEL44PRJGEVPBEBIZNZTEZLQMR3JTF5L6SAZHSHOQ4UMWWI7IGQO6FAKG5X7L7RAHWXLTRKAKUL3V5LILKTB24UZXQBKFWLND2BNF3E4ADYNLG7X26OIWYMZJTD6MHMC2DTTLCCZFPA4WFK5ZJ36GDUN3AAIDPKTEYJACP2MU2NCLNDK6SNC46ZFNYDAEKNNFJJTIXDNZ66Y2IWBVHFKNJTRU7Z74FXMFDYZC4IJQKKZJ34R6Q7CAPOW/?
Requested by: Host: 4ff8e811445a9b61eb0bed126f8b9447.safeframe.googlesyndication.com
URL: https://4ff8e811445a9b61eb0bed126f8b9447.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 213.227.153.223 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software: /
Resource Hash: 3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://4ff8e811445a9b61eb0bed126f8b9447.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Mon, 21 Mar 2022 14:45:53 GMT
Connection: keep-alive
Content-Length: 26
Content-Type: image/gif

GET
H2 200 925708f40833ce56df2b64b5f42b2fae72.jpg
zem.outbrainimg.com/p/srv/sha/2d/0a/7b/ Frame 1D3F 13 KB
13 KB 9ms
7ms Image
image/jpeg 151.101.114.132
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://zem.outbrainimg.com/p/srv/sha/2d/0a/7b/925708f40833ce56df2b64b5f42b2fae72.jpg?w=298&h=126&fit=crop&crop=center&fm=jpg

Requested by

Host: 4ff8e811445a9b61eb0bed126f8b9447.safeframe.googlesyndication.com
URL: https://4ff8e811445a9b61eb0bed126f8b9447.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.114.132 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

imgix /

Resource Hash

7a7e573b4b1ad8c2fc18f46c291254e25a058ab9aa6cffdac1b479e1b3f054b6

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://4ff8e811445a9b61eb0bed126f8b9447.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 21 Mar 2022 14:45:53 GMT
via: 1.1 varnish
x-content-type-options: nosniff
age: 548096
x-cache: MISS, HIT, HIT
x-imgix-id: f6ae754f9fbfbadb2784359f79491197189bc480
content-length: 13050
x-served-by: cache-sjc10029-SJC, cache-hhn4032-HHN, cache-hhn4025-HHN
last-modified: Tue, 15 Mar 2022 06:30:56 GMT
server: imgix
x-timer: S1647873954.691134,VS0,VE1
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
cross-origin-resource-policy: cross-origin
x-cache-hits: 1

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 105B
Redirect Chain

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEIIem0X9lqeCoHSX0r_K5L0&google_cver=1&google_push=AYg5qPJIX0DW9h8sdjmPtheqATgJbj38KVXmVtR6ksl4xpeE-o8QrDI27E...
https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=AYg5qPJIX0DW9h8sdjmPtheqATgJbj38KVXmVtR6ksl4xpeE-o8QrDI27Efsu1M3vdLFzH_Y79AIaf-qOV3coA7RZ44tqeDmCQ&google_hm=q2q6-uTuLyamfL...

170 B
188 B

53ms
50ms

Image
image/png

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=AYg5qPJIX0DW9h8sdjmPtheqATgJbj38KVXmVtR6ksl4xpeE-o8QrDI27Efsu1M3vdLFzH_Y79AIaf-qOV3coA7RZ44tqeDmCQ&google_hm=q2q6-uTuLyamfLSAMMbcgg

Requested by

Host: 4ff8e811445a9b61eb0bed126f8b9447.safeframe.googlesyndication.com
URL: https://4ff8e811445a9b61eb0bed126f8b9447.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 21 Mar 2022 14:45:53 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=AYg5qPJIX0DW9h8sdjmPtheqATgJbj38KVXmVtR6ksl4xpeE-o8QrDI27Efsu1M3vdLFzH_Y79AIaf-qOV3coA7RZ44tqeDmCQ&google_hm=q2q6-uTuLyamfLSAMMbcgg
pragma: no-cache
date: Mon, 21 Mar 2022 14:45:53 GMT
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 0
strict-transport-security: max-age=86400
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 105B
Redirect Chain

https://um.simpli.fi/gp_match?google_gid=CAESEFH7NiqxwZ5t2mXWvikH3VE&google_cver=1&google_push=AYg5qPIaTORmXJZsPRVdoxYsW35R_sCD6T_3Uj4gNeDLpPshp4OlLBVWyYbp3HBXTjhj9DH5XYfY-er0ZMDoJtFwDjxROzIo8ic
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=F8BF38D9B45B484595C8337844ED8500&google_push=AYg5qPIaTORmXJZsPRVdoxYsW35R_sCD6T_3Uj4gNeDLpPshp4OlLBVWyYbp3HBXTjhj9DH5XYfY-er0ZMDoJtF...

170 B
188 B

52ms
52ms

Image
image/png

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=F8BF38D9B45B484595C8337844ED8500&google_push=AYg5qPIaTORmXJZsPRVdoxYsW35R_sCD6T_3Uj4gNeDLpPshp4OlLBVWyYbp3HBXTjhj9DH5XYfY-er0ZMDoJtFwDjxROzIo8ic

Requested by

Host: 4ff8e811445a9b61eb0bed126f8b9447.safeframe.googlesyndication.com
URL: https://4ff8e811445a9b61eb0bed126f8b9447.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 21 Mar 2022 14:45:53 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Mon, 21 Mar 2022 14:45:53 GMT
x-content-type-options: nosniff
server: nginx
location: https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=F8BF38D9B45B484595C8337844ED8500&google_push=AYg5qPIaTORmXJZsPRVdoxYsW35R_sCD6T_3Uj4gNeDLpPshp4OlLBVWyYbp3HBXTjhj9DH5XYfY-er0ZMDoJtFwDjxROzIo8ic
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 138
expires: Sun, 20 Mar 2022 14:45:53 GMT

GET
H2 200 google
match.adsrvr.org/track/cmf/ Frame 105B 70 B
264 B 34ms
32ms Image
image/gif 35.71.131.137
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/google?google_gid=CAESEG8LRervH7yYHIL3eM9NBzo&google_cver=1&google_push=AYg5qPJ9gNp_xxCov2Ynx5F4517eN689qr0PHDuWx2167AnKJRYvh5pMg4rv9q8AArIw_m6hVhzIM9xA9uLHGsUHepp2pC3Hkec
Requested by: Host: 4ff8e811445a9b61eb0bed126f8b9447.safeframe.googlesyndication.com
URL: https://4ff8e811445a9b61eb0bed126f8b9447.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 21 Mar 2022 14:45:53 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 105B
Redirect Chain

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEIJcZ6-rD_f8pG3StuaRkxQ&google_cver=1&google_push=AYg5qPI5_uqVdBQaQKY74VxxEheuDZN5WiFO349N_8IMxa6q6HuKS15-TIGwaVuCVcknwb3Gle-pIhKyRpDpv40CvbF5_XR...
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AYg5qPI5_uqVdBQaQKY74VxxEheuDZN5WiFO349N_8IMxa6q6HuKS15-TIGwaVuCVcknwb3Gle-pIhKyRpDpv40CvbF5_XR4NvE&google_hm=NTUwMjcxMDcxNDM1ODg3OTc...

170 B
188 B

54ms
53ms

Image
image/png

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AYg5qPI5_uqVdBQaQKY74VxxEheuDZN5WiFO349N_8IMxa6q6HuKS15-TIGwaVuCVcknwb3Gle-pIhKyRpDpv40CvbF5_XR4NvE&google_hm=NTUwMjcxMDcxNDM1ODg3OTc3Nw%3D%3D

Requested by

Host: 4ff8e811445a9b61eb0bed126f8b9447.safeframe.googlesyndication.com
URL: https://4ff8e811445a9b61eb0bed126f8b9447.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 21 Mar 2022 14:45:53 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Mon, 21 Mar 2022 14:45:53 GMT
referrer-policy: strict-origin-when-cross-origin
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=31536000
location: https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AYg5qPI5_uqVdBQaQKY74VxxEheuDZN5WiFO349N_8IMxa6q6HuKS15-TIGwaVuCVcknwb3Gle-pIhKyRpDpv40CvbF5_XR4NvE&google_hm=NTUwMjcxMDcxNDM1ODg3OTc3Nw%3D%3D
x-xss-protection: 1; mode=block
content-length: 0
x-content-type-options: nosniff

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 105B
Redirect Chain

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEKCD34BoeSKHnfEbOLHPZCg&google_cver=1&google_push=AYg5qPJ37osjJ6vjuA3SzJlBzsy6a71OkqCqgL6-wFs4N0qexfkgFWJ4jFsT69lPC7GrXFiekwS73jLy...
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEKCD34BoeSKHnfEbOLHPZCg&google_cver=1&google_push=AYg5qPJ37osjJ6vjuA3SzJlBzsy6a71OkqCqgL6-wFs4N0qexfkgFWJ4jFsT69lPC7GrXFiekwS...
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NTc2OTIxMjU3MzY1NjQ1NjQzMg&google_push=AYg5qPJ37osjJ6vjuA3SzJlBzsy6a71OkqCqgL6-wFs4N0qexfkgFWJ4jFsT69lPC7GrXFiekwS73j...

170 B
188 B

50ms
50ms

Image
image/png

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NTc2OTIxMjU3MzY1NjQ1NjQzMg&google_push=AYg5qPJ37osjJ6vjuA3SzJlBzsy6a71OkqCqgL6-wFs4N0qexfkgFWJ4jFsT69lPC7GrXFiekwS73jLy4f8roCxZhGUiMA9B0CY

Requested by

Host: 4ff8e811445a9b61eb0bed126f8b9447.safeframe.googlesyndication.com
URL: https://4ff8e811445a9b61eb0bed126f8b9447.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 21 Mar 2022 14:45:53 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 21 Mar 2022 14:45:53 GMT
server: nginx
location: https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NTc2OTIxMjU3MzY1NjQ1NjQzMg&google_push=AYg5qPJ37osjJ6vjuA3SzJlBzsy6a71OkqCqgL6-wFs4N0qexfkgFWJ4jFsT69lPC7GrXFiekwS73jLy4f8roCxZhGUiMA9B0CY
access-control-max-age: 86400
access-control-allow-methods: GET
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET

pixel
cm.g.doubleclick.net/ Frame 105B
Redirect Chain

https://match.360yield.com/match/ebda?google_gid=CAESECQbbiCX9EuXCWz0lnnLTGs&google_cver=1&google_push=AYg5qPIxTu2LD5GeWwK5scsQL04LK3o5j9RkSQXtbJWlue_SXPp5k9dZIJyR5IjKnoSCKEmY0cY1bMAWtTUZjpVpPBYINj...
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=mdd2sQhGS6yxiv-ZHlUtGQ&google_push=AYg5qPIxTu2LD5GeWwK5scsQL04LK3o5j9RkSQXtbJWlue_SXPp5k9dZIJyR5IjKnoSCKEmY0cY1bMAWtTUZjpV...
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=mdd2sQhGS6yxiv-ZHlUtGQ&google_push=AYg5qPIxTu2LD5GeWwK5scsQL04LK3o5j9RkSQXtbJWlue_SXPp5k9dZIJyR5IjKnoSCKEmY0cY1bMAWtTUZjpV...
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=mdd2sQhGS6yxiv-ZHlUtGQ&google_push=AYg5qPIxTu2LD5GeWwK5scsQL04LK3o5j9RkSQXtbJWlue_SXPp5k9dZIJyR5IjKnoSCKEmY0cY1bMAWtTUZjpV...
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=mdd2sQhGS6yxiv-ZHlUtGQ&google_push=AYg5qPIxTu2LD5GeWwK5scsQL04LK3o5j9RkSQXtbJWlue_SXPp5k9dZIJyR5IjKnoSCKEmY0cY1bMAWtTUZjpV...
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=mdd2sQhGS6yxiv-ZHlUtGQ&google_push=AYg5qPIxTu2LD5GeWwK5scsQL04LK3o5j9RkSQXtbJWlue_SXPp5k9dZIJyR5IjKnoSCKEmY0cY1bMAWtTUZjpV...
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=mdd2sQhGS6yxiv-ZHlUtGQ&google_push=AYg5qPIxTu2LD5GeWwK5scsQL04LK3o5j9RkSQXtbJWlue_SXPp5k9dZIJyR5IjKnoSCKEmY0cY1bMAWtTUZjpV...
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=mdd2sQhGS6yxiv-ZHlUtGQ&google_push=AYg5qPIxTu2LD5GeWwK5scsQL04LK3o5j9RkSQXtbJWlue_SXPp5k9dZIJyR5IjKnoSCKEmY0cY1bMAWtTUZjpV...
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=mdd2sQhGS6yxiv-ZHlUtGQ&google_push=AYg5qPIxTu2LD5GeWwK5scsQL04LK3o5j9RkSQXtbJWlue_SXPp5k9dZIJyR5IjKnoSCKEmY0cY1bMAWtTUZjpV...
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=mdd2sQhGS6yxiv-ZHlUtGQ&google_push=AYg5qPIxTu2LD5GeWwK5scsQL04LK3o5j9RkSQXtbJWlue_SXPp5k9dZIJyR5IjKnoSCKEmY0cY1bMAWtTUZjpV...
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=mdd2sQhGS6yxiv-ZHlUtGQ&google_push=AYg5qPIxTu2LD5GeWwK5scsQL04LK3o5j9RkSQXtbJWlue_SXPp5k9dZIJyR5IjKnoSCKEmY0cY1bMAWtTUZjpV...
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=mdd2sQhGS6yxiv-ZHlUtGQ&google_push=AYg5qPIxTu2LD5GeWwK5scsQL04LK3o5j9RkSQXtbJWlue_SXPp5k9dZIJyR5IjKnoSCKEmY0cY1bMAWtTUZjpV...
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=mdd2sQhGS6yxiv-ZHlUtGQ&google_push=AYg5qPIxTu2LD5GeWwK5scsQL04LK3o5j9RkSQXtbJWlue_SXPp5k9dZIJyR5IjKnoSCKEmY0cY1bMAWtTUZjpV...
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=mdd2sQhGS6yxiv-ZHlUtGQ&google_push=AYg5qPIxTu2LD5GeWwK5scsQL04LK3o5j9RkSQXtbJWlue_SXPp5k9dZIJyR5IjKnoSCKEmY0cY1bMAWtTUZjpV...
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=mdd2sQhGS6yxiv-ZHlUtGQ&google_push=AYg5qPIxTu2LD5GeWwK5scsQL04LK3o5j9RkSQXtbJWlue_SXPp5k9dZIJyR5IjKnoSCKEmY0cY1bMAWtTUZjpV...
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=mdd2sQhGS6yxiv-ZHlUtGQ&google_push=AYg5qPIxTu2LD5GeWwK5scsQL04LK3o5j9RkSQXtbJWlue_SXPp5k9dZIJyR5IjKnoSCKEmY0cY1bMAWtTUZjpV...
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=mdd2sQhGS6yxiv-ZHlUtGQ&google_push=AYg5qPIxTu2LD5GeWwK5scsQL04LK3o5j9RkSQXtbJWlue_SXPp5k9dZIJyR5IjKnoSCKEmY0cY1bMAWtTUZjpV...
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=mdd2sQhGS6yxiv-ZHlUtGQ&google_push=AYg5qPIxTu2LD5GeWwK5scsQL04LK3o5j9RkSQXtbJWlue_SXPp5k9dZIJyR5IjKnoSCKEmY0cY1bMAWtTUZjpV...
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=mdd2sQhGS6yxiv-ZHlUtGQ&google_push=AYg5qPIxTu2LD5GeWwK5scsQL04LK3o5j9RkSQXtbJWlue_SXPp5k9dZIJyR5IjKnoSCKEmY0cY1bMAWtTUZjpV...
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=mdd2sQhGS6yxiv-ZHlUtGQ&google_push=AYg5qPIxTu2LD5GeWwK5scsQL04LK3o5j9RkSQXtbJWlue_SXPp5k9dZIJyR5IjKnoSCKEmY0cY1bMAWtTUZjpV...
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=mdd2sQhGS6yxiv-ZHlUtGQ&google_push=AYg5qPIxTu2LD5GeWwK5scsQL04LK3o5j9RkSQXtbJWlue_SXPp5k9dZIJyR5IjKnoSCKEmY0cY1bMAWtTUZjpV...

0
0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 105B
Redirect Chain

https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEO4RuqIC-T7KmCcOeEbGO5M&google_cver=1&google_push=AYg5qPIIFtE2J9HtfGMJCzL6R7fthJ9YrsPMs7XNIi0_mul1zuTCmfcnwSOloicoXsiabVO_R0xTdJYG4E_JafgGdVsUIcPrZtM
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MjQ1NjQ4MTY2MzczMjI0MDI1MzY5Nw%3D%3D&google_push=AYg5qPIIFtE2J9HtfGMJCzL6R7fthJ9YrsPMs7XNIi0_mul1zuTCmfcn...

170 B
188 B

56ms
49ms

Image
image/png

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MjQ1NjQ4MTY2MzczMjI0MDI1MzY5Nw%3D%3D&google_push=AYg5qPIIFtE2J9HtfGMJCzL6R7fthJ9YrsPMs7XNIi0_mul1zuTCmfcnwSOloicoXsiabVO_R0xTdJYG4E_JafgGdVsUIcPrZtM

Requested by

Host: 4ff8e811445a9b61eb0bed126f8b9447.safeframe.googlesyndication.com
URL: https://4ff8e811445a9b61eb0bed126f8b9447.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 21 Mar 2022 14:45:53 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MjQ1NjQ4MTY2MzczMjI0MDI1MzY5Nw%3D%3D&google_push=AYg5qPIIFtE2J9HtfGMJCzL6R7fthJ9YrsPMs7XNIi0_mul1zuTCmfcnwSOloicoXsiabVO_R0xTdJYG4E_JafgGdVsUIcPrZtM
date: Mon, 21 Mar 2022 14:45:53 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 105B 0
12 B 51ms
50ms Image
text/html 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13I9qHEjnBhJasp1kJMC8_j6aIimnI8ObTN-fl5Z93ZizIC5TBDiixchxrotRbk_wHVlxz3K

Requested by

Host: 4ff8e811445a9b61eb0bed126f8b9447.safeframe.googlesyndication.com
URL: https://4ff8e811445a9b61eb0bed126f8b9447.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 21 Mar 2022 14:45:53 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame EAC6 0
20 B 72ms
72ms Image
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=34&t=2&li=v_h.0.0.0&bgai=BG9ypoI84Yp34JNHibbO5qxAAAAAAOAHgBAI&bg=!GRqlGl7NAAba2mK92to7ACkAdvg8WrLyHtETek3KgypBjWDEgZw_8gXRviu-xb-TE-kbH1Sp_0tfggIAAAI5UgAAAANoAQeZAwaTB1hrbCRPlFGd5sXchN9Rcmi8xL55BDIvyzAdHALi-CZD1zTRuuXr9fC7vSXbeniBzWtMPsxQzOWyQyLTwuzdZSawy-909IJAsfipX1J3aygR3CgJfOb3tVd8-PHDBDxaSMztk944eEhwbtu2Fh1dHfpLfJOuyqEyWKFUqLSqNyhR__smZqo5H5WkKDNwDuUQVgBrbqUwRc-vmTgwt7Ji_SaaJPNXlqPkGtzvzrhvzetowh1geqXZkJE6I2Q5EMhpA0fv4q0MUZxvnuJlVi8FNeo8H1HS1nMEv1XQVty_DgbL2cgVI8i-0QP5q_MT9W0LB0n8sh66T2tiAwQ0OK80fMQM3VCgTMRm-OOq1d06xqB5ZNJgSNo_Weuu8j-4UzwQB5TrTi8IxK2XUtKLcvXW1N_8xZ2yAMxjykn_qyV8MKEpYinnXuJfjGKYGA7gamWUE-wxo0VUBlbXWYAb-e5QjN5Np_A3rqi0aSfeQIZWq8zim_sRLmjJWdLLnUi1PBZEFlxfv6jOFWC69dpg0GB2Y6AGsQ3WvfUI4oHY7ZPBgNF3nb7u9GVkKG6vA93hnWQNlMPkbdUPwUjtsThVTeIVI7gJtEqDvOK31KBQKy5YzBjWCecF-V7Fte-pWEEZj39rG_DeblKVXZqKo_PQARAEQcHEv5ErudWUmhVB7pdeKv9qwss7qG3xrPWxZlMpdpvmtROgMFZ2QjsWuQRn7d4w2aXPzfDW08C7pXzV73x-80reUW5JFn1traEQI0BzrHqRJ9hslAO7SI6qsEXXeqPLDWh1BwfM7_2bDaiOCwiZjQEm0QznCPJbo-fJxC4mPsrVw4yVWoAwnJ2VjV8FEWeS1gLnsvYbjYzc9TI-Ccy6TRmHM7Ie2L5nVVYpwZmkV8uWv1B6DqJfRuU32Sh28YunKdpuVYEWzQ0CuxpEHHvVN5RRdWXtsbo58gT_Rnxe8DahxDnIdqiA5JnHoNuOgi25NQmmsxPFdRstKsDgy-M6gr4oD4nVAkSRZ2arTIEeviUOaCTHklo

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 21 Mar 2022 14:45:53 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 csi
csi.gstatic.com/ Frame 78B5 0
17 B 253ms
130ms Ping
image/gif 2607:f8b0:4003:c05::78
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=2~l10tlqvy&c=227494504798&slotId=113747252399&qqid=CLCvkuy41_YCFU4ZewodzaMCAg&fb=outstream-lima&gpm_i=12&gpm_c=12&gpm_a=12&smb=1000&br=999&mt=video%2Fmp4&vs=640x360&ulv=1&cll=0&vmfc=16&vhc=0&msm=1&aits=0%2C17%2C36%2C18%2C22%2C43%2C44%2C45%2C692%2C59%2C342%2C343%2C344%2C345%2C346%2C347&webm=3&vp9=0&vamt=video%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fwebm%2Cvideo%2Fwebm%2Cvideo%2Fwebm%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4&hvmf=false&vms=1&bit=343&vsrc=web_video_ads&ape=1&ple=0&umsem=0
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20211103_RC00/outstream.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4003:c05::78 Tulsa, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 21 Mar 2022 14:45:53 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame 3083 13 KB
5 KB 19ms
17ms Document
text/html 2a02:2638::1c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertag&topUrl=portalsemakan.com

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

ea26c78f630f8d3924b66a3966e9d96b6ce9217ee085f6db77fa191e13a59848

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://portalsemakan.com/

Response headers

cache-control: private, max-age=3600
content-type: text/html; charset=utf-8
content-encoding: gzip
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
server-processing-duration-in-ticks: 1946
date: Mon, 21 Mar 2022 14:45:53 GMT
content-length: 5147
strict-transport-security: max-age=31536000; preload;

GET
H2 200 publishertag.prebid.js Show response
static.criteo.net/js/ld/ 97 KB
31 KB 56ms
17ms XHR
text/javascript 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.prebid.js

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

ff6956c6d9b77bdecabeef7eafb5625c810cf5694db1204d0a48e102ecd73c89

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://portalsemakan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 21 Mar 2022 14:45:53 GMT
content-encoding: gzip
last-modified: Tue, 08 Mar 2022 02:42:25 GMT
server: nginx
etag: W/"6226c291-1834f"
strict-transport-security: max-age=31536000; preload;
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Tue, 22 Mar 2022 14:45:53 GMT

GET
H2

200

sid Show response
mug.criteo.com/ Frame 3083
Redirect Chain

https://gum.criteo.com/sid/json?origin=publishertag&domain=portalsemakan.com&sn=ChromeSyncframe&so=3&topUrl=portalsemakan.com&bundle=_XVV5V9CWklnV0YzckU5SUQyS0dUS2F0NzJWa2ZxRnBmd1Q4SHRMREJtSVR0ME9P...
https://mug.criteo.com/sid?cpp=kCavqXw5aTh3cW0vWFFZUGg5VFEwZVlsVjN2TTFtVU4vd25OVlZVZkp6UFdERFk1clplbW1WRHM2N1VHSzRLei9FN0JXZUE2WHllNkR4RnlhZDUxVFZUWGRWNE5RYmZMT2N0VWd6Z3YvcFZXNEI1bGlGRG5YQThUamoyV1...

433 B
634 B

18ms
17ms

Fetch
application/json

178.250.2.146
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=kCavqXw5aTh3cW0vWFFZUGg5VFEwZVlsVjN2TTFtVU4vd25OVlZVZkp6UFdERFk1clplbW1WRHM2N1VHSzRLei9FN0JXZUE2WHllNkR4RnlhZDUxVFZUWGRWNE5RYmZMT2N0VWd6Z3YvcFZXNEI1bGlGRG5YQThUamoyV1QrWjlLWG1UUHliMzJoQWZVUHhFVjlSeFg5S3NESytDanpCZUcvM1BiUHoySzlyQkRPWEtMQ0pLZ2YzaDk4eEZyOUlJbXRPY1ZiVjl4ZDBqb3h3VWxvcWJENW5jK3hhWVhmaEVzTUVtUldJWUR3d3dxN2FoUVFJQkROVlExbUJjU041TzEwNTdiaGNOQlIvemk4aWkwQk4rVDdJcy9WL1YvS003RUZrVC9yeEtrSjVIZjExQT18&cppv=2

Protocol

Server

178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

74f78f2ed0ece5388596fe7c18a9cce5e47e3f156dc34de6572714e48d47742d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 21 Mar 2022 14:45:53 GMT
content-encoding: gzip
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 4299
strict-transport-security: max-age=31536000; preload;
expires: 0

Redirect headers

pragma: no-cache
date: Mon, 21 Mar 2022 14:45:53 GMT
strict-transport-security: max-age=31536000; preload;
content-type: text/html; charset=utf-8
location: https://mug.criteo.com/sid?cpp=kCavqXw5aTh3cW0vWFFZUGg5VFEwZVlsVjN2TTFtVU4vd25OVlZVZkp6UFdERFk1clplbW1WRHM2N1VHSzRLei9FN0JXZUE2WHllNkR4RnlhZDUxVFZUWGRWNE5RYmZMT2N0VWd6Z3YvcFZXNEI1bGlGRG5YQThUamoyV1QrWjlLWG1UUHliMzJoQWZVUHhFVjlSeFg5S3NESytDanpCZUcvM1BiUHoySzlyQkRPWEtMQ0pLZ2YzaDk4eEZyOUlJbXRPY1ZiVjl4ZDBqb3h3VWxvcWJENW5jK3hhWVhmaEVzTUVtUldJWUR3d3dxN2FoUVFJQkROVlExbUJjU041TzEwNTdiaGNOQlIvemk4aWkwQk4rVDdJcy9WL1YvS003RUZrVC9yeEtrSjVIZjExQT18&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 2696
content-length: 567
expires: 0

GET
H2 200 pixel.gif
px.moatads.com/ Frame 0478 43 B
260 B 10ms
8ms Image
image/gif 184.30.25.161
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=37&q=1&hp=1&ra=1&pxm=8&sgs=3&vb=-1&kq=1&lo=0&uk=null&pk=0&wk=0&rk=0&tk=0&ak=-&i=TRIPLELIFT1&ol=4130158442&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2FG)lKr%23l9jmUdTfN%5Bqir1fcSC%3AU%3FWOvTh%7CzFK%3F%5B%22l!j%3F%5DV%22%3BU!%2FBwj%5DUG0U20!9%3Am%5EG..%2C*%5D%407%25rxaxcpaO%2BZ%5EhG%22%3ExZq%224%7CQjw%60.%7Bi%3F%5DQZ%2CA2%2BNhloI%40s1%7CZ5*%3FVl%3Fe3%7CqL5%40J%3D%5B%2BxkrG%3DGfv)C%24%7CQJ%3BatASYUby%3D(tN%23V.x%3Bm_Qrw5.W%2F84VKp%40i6AKx!f%3EUYoo813_xB%2CN22Ib%40aFB&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=2%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-MyicW%2BgiY9PHPf0uHVjPGlx1P1tMeAYh8VIp1Vf7AbESGfrl5%2FmliBNlAlwWxmRnpyWz&rs=1-dbBp6wlWe0wLgg%3D%3D&sc=1&os=1-hg%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=728&qe=90&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&vf=1&vg=100&bq=0&g=2&h=90&w=728&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&zGSRC=1&gu=https%3A%2F%2Fportalsemakan.com%2F&id=0&ii=3&f=1&j=https%3A%2F%2Fportalsemakan.com&lp=https%3A%2F%2Fportalsemakan.com&t=1647873952277&de=892955060384&cu=1647873952277&m=1318&ar=359f21c1e97-clean&iw=06f1dbb&cb=0&ym=0&ll=2&lm=1&ln=1&r=0&dl=0&nh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=94&le=1&lf=231&lg=1&lh=41&gm=1&io=1&ch=1&vv=3&vw=0%3A3%3A0&vp=100&vx=-%3A100%3A-&pe=0%3A384%3A384%3A791%3A373&aa=1&ad=1161&cn=79&gn=1&gk=1161&gl=79&ik=1161&ic=1161&ez=1&co=1161&cp=1103&cq=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=1103&cd=63&ah=1103&am=63&xd=00&rf=0&re=1&wb=1&cl=0&at=0&d=7207%3A39761%3Aundefined%3A10&bo=2460&bd=portalsemakan.com&gw=triplelift879988051105&zMoatOrigSlicer1=2460&zMoatOrigSlicer2=569629&zMoatTactic=undefined&zMoatPixelParams=aid%3A25795656294880711728720%3Bsr%3A10%3Buid%3A0%3B&zMoatJS=3%3A-&hv=Triplelift%20Override%201&ab=2&ac=1&fd=1&kt=sframe&it=500&fz=1&oq=1&ot=ff&ti=0&ih=1&jm=1&tc=0&fs=197273&na=590211649&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.30.25.161 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-25-161.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://4ff8e811445a9b61eb0bed126f8b9447.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 21 Mar 2022 14:45:54 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Mon, 21 Mar 2022 14:45:54 GMT

GET
H2 200 ev3
eb2.3lift.com/ Frame 0478 37 B
139 B 12ms
10ms Image
image/gif 13.248.245.213
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/ev3?vid=1&aid=25795656294880711728720&sr=10&uid=0&type=grpm&ord=1647873952277
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://4ff8e811445a9b61eb0bed126f8b9447.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 21 Mar 2022 14:45:54 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 37
content-type: image/gif

GET
H2 200 ev3
eb2.3lift.com/ Frame 0478 37 B
139 B 10ms
9ms Image
image/gif 13.248.245.213
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/ev3?vid=1&aid=25795656294880711728720&sr=10&uid=0&type=mrc&ord=1647873952277
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://4ff8e811445a9b61eb0bed126f8b9447.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 21 Mar 2022 14:45:54 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 37
content-type: image/gif

GET
H2 200 pixel.gif
px.moatads.com/ Frame 0478 43 B
260 B 8ms
7ms Image
image/gif 184.30.25.161
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=5&q=0&hp=1&ra=1&pxm=8&sgs=3&vb=-1&kq=1&lo=0&uk=null&pk=0&wk=0&rk=0&tk=0&ak=-&i=TRIPLELIFT1&ol=4130158442&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2FG)lKr%23l9jmUdTfN%5Bqir1fcSC%3AU%3FWOvTh%7CzFK%3F%5B%22l!j%3F%5DV%22%3BU!%2FBwj%5DUG0U20!9%3Am%5EG..%2C*%5D%407%25rxaxcpaO%2BZ%5EhG%22%3ExZq%224%7CQjw%60.%7Bi%3F%5DQZ%2CA2%2BNhloI%40s1%7CZ5*%3FVl%3Fe3%7CqL5%40J%3D%5B%2BxkrG%3DGfv)C%24%7CQJ%3BatASYUby%3D(tN%23V.x%3Bm_Qrw5.W%2F84VKp%40i6AKx!f%3EUYoo813_xB%2CN22Ib%40aFB&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=2%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-MyicW%2BgiY9PHPf0uHVjPGlx1P1tMeAYh8VIp1Vf7AbESGfrl5%2FmliBNlAlwWxmRnpyWz&rs=1-dbBp6wlWe0wLgg%3D%3D&sc=1&os=1-hg%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=728&qe=90&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&vf=1&vg=100&bq=0&g=3&h=90&w=728&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&zGSRC=1&gu=https%3A%2F%2Fportalsemakan.com%2F&id=0&ii=3&f=1&j=https%3A%2F%2Fportalsemakan.com&lp=https%3A%2F%2Fportalsemakan.com&t=1647873952277&de=892955060384&cu=1647873952277&m=1320&ar=359f21c1e97-clean&iw=06f1dbb&cb=0&ym=0&ll=2&lm=1&ln=1&r=0&dl=0&nh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=94&le=1&lf=231&lg=1&lh=41&gm=1&io=1&ch=1&vv=3&vw=0%3A3%3A0&vp=100&vx=-%3A100%3A-&pe=0%3A384%3A384%3A791%3A373&aa=1&ad=1161&cn=1161&gn=1&gk=1161&gl=1161&ik=1161&ic=1161&ez=1&co=1161&cp=1103&cq=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=1103&cd=1103&ah=1103&am=1103&xd=00&rf=0&re=1&wb=1&cl=0&at=0&d=7207%3A39761%3Aundefined%3A10&bo=2460&bd=portalsemakan.com&gw=triplelift879988051105&zMoatOrigSlicer1=2460&zMoatOrigSlicer2=569629&zMoatTactic=undefined&zMoatPixelParams=aid%3A25795656294880711728720%3Bsr%3A10%3Buid%3A0%3B&zMoatJS=3%3A-&hv=Triplelift%20Override%201&ab=2&ac=1&fd=1&kt=sframe&it=500&fz=1&oq=1&ot=ff&ti=0&ih=1&jm=1&tc=0&fs=197273&na=392853993&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.30.25.161 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-25-161.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://4ff8e811445a9b61eb0bed126f8b9447.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 21 Mar 2022 14:45:54 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Mon, 21 Mar 2022 14:45:54 GMT

GET
H2 200 pixel.gif
px.moatads.com/ Frame 0478 43 B
260 B 8ms
7ms Image
image/gif 184.30.25.161
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=37&q=2&hp=1&ra=1&pxm=8&sgs=3&vb=-1&kq=1&lo=0&uk=null&pk=0&wk=0&rk=0&tk=0&ak=-&i=TRIPLELIFT1&ol=4130158442&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2FG)lKr%23l9jmUdTfN%5Bqir1fcSC%3AU%3FWOvTh%7CzFK%3F%5B%22l!j%3F%5DV%22%3BU!%2FBwj%5DUG0U20!9%3Am%5EG..%2C*%5D%407%25rxaxcpaO%2BZ%5EhG%22%3ExZq%224%7CQjw%60.%7Bi%3F%5DQZ%2CA2%2BNhloI%40s1%7CZ5*%3FVl%3Fe3%7CqL5%40J%3D%5B%2BxkrG%3DGfv)C%24%7CQJ%3BatASYUby%3D(tN%23V.x%3Bm_Qrw5.W%2F84VKp%40i6AKx!f%3EUYoo813_xB%2CN22Ib%40aFB&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=2%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-MyicW%2BgiY9PHPf0uHVjPGlx1P1tMeAYh8VIp1Vf7AbESGfrl5%2FmliBNlAlwWxmRnpyWz&rs=1-dbBp6wlWe0wLgg%3D%3D&sc=1&os=1-hg%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=728&qe=90&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&vf=1&vg=100&bq=0&g=4&h=90&w=728&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&zGSRC=1&gu=https%3A%2F%2Fportalsemakan.com%2F&id=0&ii=3&f=1&j=https%3A%2F%2Fportalsemakan.com&lp=https%3A%2F%2Fportalsemakan.com&t=1647873952277&de=892955060384&cu=1647873952277&m=1321&ar=359f21c1e97-clean&iw=06f1dbb&cb=0&ym=0&ll=2&lm=1&ln=1&r=0&dl=0&nh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=94&le=1&lf=231&lg=1&lh=41&gm=1&io=1&ch=1&vv=3&vw=0%3A3%3A0&vp=100&vx=-%3A100%3A-&pe=0%3A384%3A384%3A791%3A373&aa=1&ad=1161&cn=1161&gn=1&gk=1161&gl=1161&ik=1161&ic=1161&ez=1&co=1161&cp=1103&cq=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=1103&cd=1103&ah=1103&am=1103&xd=00&rf=0&re=1&wb=1&cl=0&at=0&d=7207%3A39761%3Aundefined%3A10&bo=2460&bd=portalsemakan.com&gw=triplelift879988051105&zMoatOrigSlicer1=2460&zMoatOrigSlicer2=569629&zMoatTactic=undefined&zMoatPixelParams=aid%3A25795656294880711728720%3Bsr%3A10%3Buid%3A0%3B&zMoatJS=3%3A-&hv=Triplelift%20Override%201&ab=2&ac=1&fd=1&kt=sframe&it=500&fz=1&oq=1&ot=ff&ti=0&ih=1&jm=1&tc=0&fs=197273&na=848841832&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.30.25.161 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-25-161.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://4ff8e811445a9b61eb0bed126f8b9447.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 21 Mar 2022 14:45:54 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Mon, 21 Mar 2022 14:45:54 GMT

GET
DATA 200
OK truncated
/ Frame 1925 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1b02ea72ff6207ab32775b0c7cf6532c0fb886de285e03e9674878d3bbc981fc

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 1925 0
0 77ms
77ms Fetch
image/gif 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsv487jeoy63f_RIxB4BrNQ2q0i8uaSzlfqaScA0gN6TWaSiPHfeoY6TuyptR_aaue8187hZpRaw5fJdFQJikZhvgekYb1hv99wrEYKAFtBYFlRavJN0jDdw0fNh1NS1Kp0R5dL_6mpLUeTlgLD7jZ42jI6BE3gOmKoswpQ2fcWr-xwp9kQgZJ8e-J7Snj5NQS-XqkIeoOftKwixfbU2QgBrNG5f_SeDc5sfWJ4fKD4CKrIW0phrvqz-KGk3N85hRzSa0k4kNsIdtr7p-1djqk49fKN3U1l7znZSFXFFquNi87Z_SX8oWTI2Zeq_w0BzYW3svbudUY6VZOKmJOroxdXE9qc_cEZh7A6PHQ&sig=Cg0ArKJSzJ9IT1Wr7YOPEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://portalsemakan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 21 Mar 2022 14:45:54 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Mon, 21 Mar 2022 14:45:54 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 0478 42 B
64 B 71ms
71ms Fetch
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvjHAmTXtkGx7ybfO5zb2UJtPwdJ0kvUzxHP242B4sa_K885YoHbgA0SRZYP8fs-di1QR8gi8SsSPEeISvz-ISLAQ&sig=Cg0ArKJSzCV6s4w7_vtAEAE&cid=CAASF-RoSa1mMYTkXtnVwWI4_8EsfRWA1bKW&id=lidar2&mcvt=1103&p=1110,436,1200,1164&mtos=1103,1103,1103,1103,1103&tos=1103,0,0,0,0&v=20220316&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=2963130588&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0%3D&vs=4&r=v&rst=1647873951878&rpt=784&isd=0&lsd=0&met=ie&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://4ff8e811445a9b61eb0bed126f8b9447.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 21 Mar 2022 14:45:54 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
DATA 200
OK truncated
/ Frame 2E26 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 67e8df0bfbd50d0ea3434a68b0bdb09caeaa63ab05d13c4705f7baa7fc8a906c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 sync Show response
eb2.3lift.com/ Frame 2AA7 1 KB
1 KB 8ms
8ms Document
text/html 13.248.245.213
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://eb2.3lift.com/sync?max=10&cb=56001
Requested by: Host: ib.3lift.com
URL: https://ib.3lift.com/rev/b5dbcaaad667d54756cc1e78e73a1e2616cc2b6d/dist/bundle.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: 9a474fe9eb1f02e2952a532e5c9d2b95119f85c676a13baf7d9d365ec0d3cf46

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://4ff8e811445a9b61eb0bed126f8b9447.safeframe.googlesyndication.com/

Response headers

date: Mon, 21 Mar 2022 14:45:54 GMT
content-type: text/html; charset=utf-8
content-length: 521
content-encoding: gzip
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
cache-control: no-cache, no-store, must-revalidate

GET
DATA 200
OK truncated
/ Frame 7398 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: df468bf7eda53c619bedcf99d482ea66619ba2d3212c05f1170ab90535d08d3e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 116C 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1a47db309f617260890adfb5406191b1e34f5da5228e1aa7740a62ae41cdd2cc

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 sync Show response
eb2.3lift.com/ Frame CE72 1 KB
1 KB 8ms
8ms Document
text/html 13.248.245.213
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://eb2.3lift.com/sync?max=10&cb=98802
Requested by: Host: ib.3lift.com
URL: https://ib.3lift.com/rev/b5dbcaaad667d54756cc1e78e73a1e2616cc2b6d/dist/bundle.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: ef23e4cbcc36d074584ed7211fc1961bdf739c59eb183da4c6c16e5329e8cdb1

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://4ff8e811445a9b61eb0bed126f8b9447.safeframe.googlesyndication.com/

Response headers

date: Mon, 21 Mar 2022 14:45:54 GMT
content-type: text/html; charset=utf-8
content-length: 597
content-encoding: gzip
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
cache-control: no-cache, no-store, must-revalidate

GET
H2 200 sync Show response
eb2.3lift.com/ Frame 3178 1 KB
1 KB 9ms
8ms Document
text/html 13.248.245.213
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://eb2.3lift.com/sync?max=10&cb=77033
Requested by: Host: ib.3lift.com
URL: https://ib.3lift.com/rev/b5dbcaaad667d54756cc1e78e73a1e2616cc2b6d/dist/bundle.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: ef23e4cbcc36d074584ed7211fc1961bdf739c59eb183da4c6c16e5329e8cdb1

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://4ff8e811445a9b61eb0bed126f8b9447.safeframe.googlesyndication.com/

Response headers

date: Mon, 21 Mar 2022 14:45:54 GMT
content-type: text/html; charset=utf-8
content-length: 597
content-encoding: gzip
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
cache-control: no-cache, no-store, must-revalidate

GET
H2

200

xuid
eb2.3lift.com/ Frame 2AA7
Redirect Chain

https://ad.turn.com/r/cs?pid=49&gdpr=1&gdpr_consent=
https://eb2.3lift.com/xuid?mid=4771&xuid=9000801265669109281&dongle=d407

37 B
355 B

10ms
9ms

Image
image/gif

13.248.245.213
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?mid=4771&xuid=9000801265669109281&dongle=d407
Requested by: Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?max=10&cb=56001
Protocol: H2
Server: 13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 21 Mar 2022 14:45:54 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-length: 37
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location: https://eb2.3lift.com/xuid?mid=4771&xuid=9000801265669109281&dongle=d407
pragma: no-cache
date: Mon, 21 Mar 2022 14:45:54 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 0
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

GET
H/1.1 400
Request failed due to privacy signals setuid
ib.adnxs.com/prebid/ Frame 2AA7 0
0 63ms
63ms Image
text/html 37.252.172.38
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ib.adnxs.com/prebid/setuid?bidder=triplelift_native&gdpr=1&gdpr_consent=&uid=2456481663732240253697
Requested by: Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?max=10&cb=56001
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 37.252.172.38 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS: 690.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H/1.1 400
Request failed due to privacy signals setuid
ib.adnxs.com/prebid/ Frame 2AA7 0
0 67ms
54ms Image
text/html 37.252.172.38
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ib.adnxs.com/prebid/setuid?bidder=triplelift&gdpr=1&gdpr_consent=&uid=2456481663732240253697
Requested by: Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?max=10&cb=56001
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 37.252.172.38 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS: 690.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H2

200

xuid
eb2.3lift.com/ Frame 2AA7
Redirect Chain

https://match.prod.bidr.io/cookie-sync/trl
https://match.prod.bidr.io/cookie-sync/trl?_bee_ppp=1
https://eb2.3lift.com/xuid?mid=7255&xuid=AAFkMU7EcR8AADD5lg4-2A&dongle=bzwx

37 B
355 B

14ms
11ms

Image
image/gif

13.248.245.213
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?mid=7255&xuid=AAFkMU7EcR8AADD5lg4-2A&dongle=bzwx
Requested by: Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?max=10&cb=56001
Protocol: H2
Server: 13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 21 Mar 2022 14:45:54 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-length: 37
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location: https://eb2.3lift.com/xuid?mid=7255&xuid=AAFkMU7EcR8AADD5lg4-2A&dongle=bzwx
Date: Mon, 21 Mar 2022 14:45:54 GMT
Server: nginx
Connection: keep-alive
Content-Length: 0
strict-transport-security: max-age=2592000; includeSubDomains

GET
H2

200

xuid
eb2.3lift.com/ Frame 2AA7
Redirect Chain

https://sync.ipredictive.com/d/sync/cookie/generic?https://eb2.3lift.com/xuid?mid=3702&xuid=${ADELPHIC_CUID}&dongle=d54f&gdpr=1&gdpr_consent=
https://eb2.3lift.com/xuid?mid=3702&xuid=9cade9e8-a925-11ec-acef-2731f15be632&dongle=d54f&gdpr=1&gdpr_consent=

37 B
355 B

9ms
9ms

Image
image/gif

13.248.245.213
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?mid=3702&xuid=9cade9e8-a925-11ec-acef-2731f15be632&dongle=d54f&gdpr=1&gdpr_consent=
Requested by: Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?max=10&cb=56001
Protocol: H2
Server: 13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 21 Mar 2022 14:45:55 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-length: 37
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

Location: https://eb2.3lift.com/xuid?mid=3702&xuid=9cade9e8-a925-11ec-acef-2731f15be632&dongle=d54f&gdpr=1&gdpr_consent=
Date: Mon, 21 Mar 2022 14:45:54 GMT
Server: Apache-Coyote/1.1
Connection: keep-alive
Content-Length: 0
X-CI-RTID: 9cade9e9-a925-11ec-acef-2731f15be632

GET
H2

200

xuid
eb2.3lift.com/ Frame 2AA7
Redirect Chain

https://rtb.mfadsrvr.com/sync?ssp=triplelift&gdpr=1&gdpr_consent=
https://rtb.mfadsrvr.com/ul_cb/sync?ssp=triplelift&gdpr=1&gdpr_consent=
https://eb2.3lift.com/xuid?mid=4945&xuid=fc0601c6-8167-4604-b087-665fa668a7ed&dongle=31ac

37 B
355 B

10ms
9ms

Image
image/gif

13.248.245.213
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?mid=4945&xuid=fc0601c6-8167-4604-b087-665fa668a7ed&dongle=31ac
Requested by: Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?max=10&cb=56001
Protocol: H2
Server: 13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 21 Mar 2022 14:45:54 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-length: 37
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

Location: //eb2.3lift.com/xuid?mid=4945&xuid=fc0601c6-8167-4604-b087-665fa668a7ed&dongle=31ac
Date: Mon, 21 Mar 2022 14:45:54 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 0

GET RVF22VSl
sync-tm.everesttech.net/upi/pid/ Frame 2AA7 0
0

GET
H2

200

xuid
eb2.3lift.com/ Frame 2AA7
Redirect Chain

https://ib.adnxs.com/getuid?https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D3335%26xuid%3D%24UID%26dongle%3D4d58%26gdpr=1%26gdpr_consent=
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Feb2.3lift.com%252Fxuid%253Fmid%253D3335%2526xuid%253D%2524UID%2526dongle%253D4d58%2526gdpr%3D1%2526gdpr_consent%3D
https://eb2.3lift.com/xuid?mid=3335&xuid=2164802784335980141&dongle=4d58&gdpr=1&gdpr_consent=

37 B
355 B

11ms
11ms

Image
image/gif

13.248.245.213
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?mid=3335&xuid=2164802784335980141&dongle=4d58&gdpr=1&gdpr_consent=
Requested by: Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?max=10&cb=56001
Protocol: H2
Server: 13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 21 Mar 2022 14:45:54 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-length: 37
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

Pragma: no-cache
Date: Mon, 21 Mar 2022 14:45:54 GMT
X-Proxy-Origin: 185.213.155.166; 185.213.155.166; 690.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid: 780c4663-223b-4a6f-afe0-0be0d90c55c5
Server: nginx/1.21.3
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://eb2.3lift.com/xuid?mid=3335&xuid=2164802784335980141&dongle=4d58&gdpr=1&gdpr_consent=
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

xuid
eb2.3lift.com/ Frame 2AA7
Redirect Chain

https://sync.srv.stackadapt.com/sync?nid=13&gdpr=1&gdpr_consent=
https://eb2.3lift.com/xuid?mid=2319&xuid=0-e37a6537-d40f-4e98-47c2-3f4b11d0d740$ip$185.213.155.166&dongle=4430

37 B
355 B

9ms
8ms

Image
image/gif

13.248.245.213
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?mid=2319&xuid=0-e37a6537-d40f-4e98-47c2-3f4b11d0d740$ip$185.213.155.166&dongle=4430
Requested by: Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?max=10&cb=56001
Protocol: H2
Server: 13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 21 Mar 2022 14:45:54 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-length: 37
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

Location: https://eb2.3lift.com/xuid?mid=2319&xuid=0-e37a6537-d40f-4e98-47c2-3f4b11d0d740$ip$185.213.155.166&dongle=4430
Date: Mon, 21 Mar 2022 14:45:54 GMT
Connection: keep-alive
Content-Length: 141
Content-Type: text/html; charset=utf-8

GET
H2

200

xuid
eb2.3lift.com/ Frame 2AA7
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=62&redir=%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D3690%26xuid%3D%5BMM_UUID%5D%26dongle%3D3995%26gdpr=1%26gdpr_consent=
https://eb2.3lift.com/xuid?mid=3690&xuid=2e1b6238-8fa2-4f00-8b78-f55dd9c91e8e&dongle=3995&gdpr=1&gdpr_consent=

37 B
355 B

9ms
9ms

Image
image/gif

13.248.245.213
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?mid=3690&xuid=2e1b6238-8fa2-4f00-8b78-f55dd9c91e8e&dongle=3995&gdpr=1&gdpr_consent=
Requested by: Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?max=10&cb=56001
Protocol: H2
Server: 13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 21 Mar 2022 14:45:54 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-length: 37
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

Date: Mon, 21 Mar 2022 14:45:54 GMT
Server: MT3 4256 109297d master zrh-pixel-x1 config:1.0.0
Access-Control-Allow-Origin: *
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://eb2.3lift.com/xuid?mid=3690&xuid=2e1b6238-8fa2-4f00-8b78-f55dd9c91e8e&dongle=3995&gdpr=1&gdpr_consent=
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=360
Content-Length: 0
Expires: Mon, 21 Mar 2022 14:45:53 GMT

GET
H2 204 current
triplelift-match.dotomi.com/match/bounce/ Frame CE72 0
103 B 139ms
68ms Image
text/plain 2a02:fa8:8806:13::1370
VCLK-EU-SE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://triplelift-match.dotomi.com/match/bounce/current?networkId=74572&version=1&gdpr=1&gdpr_consent=
Requested by: Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?max=10&cb=98802
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:fa8:8806:13::1370 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 21 Mar 2022 14:45:54 GMT
cache-control: no-cache, private, max-age=0, no-store
server: nginx
expires: 0

GET
H2

200

xuid
eb2.3lift.com/ Frame CE72
Redirect Chain

https://pixel-sync.sitescout.com/dmp/pixelSync?nid=83&gdpr=1&gdpr_consent=
https://eb2.3lift.com/xuid?mid=3646&xuid=no-consent&dongle=1fa5&gdpr=1&gdpr_consent=

37 B
355 B

9ms
9ms

Image
image/gif

13.248.245.213
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?mid=3646&xuid=no-consent&dongle=1fa5&gdpr=1&gdpr_consent=
Requested by: Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?max=10&cb=98802
Protocol: H2
Server: 13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 21 Mar 2022 14:45:54 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-length: 37
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

pragma: no-cache
date: Mon, 21 Mar 2022 14:45:54 GMT
server: AC1.1
p3p: CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location: https://eb2.3lift.com/xuid?mid=3646&xuid=no-consent&dongle=1fa5&gdpr=1&gdpr_consent=
cache-control: max-age=0,no-cache,no-store
content-length: 0
expires: Tue, 11 Oct 1977 12:34:56 GMT

GET
H2

200

xuid
eb2.3lift.com/ Frame CE72
Redirect Chain

https://sync.hgrtb.com/triplelift?redir=http%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D7666%26xuid%3Dmy_external_user_id%26dongle%3D8f7
https://eb2.3lift.com/xuid?mid=7666&xuid=37696f3e-9ead-4e3d-8f13-23df4311f85d&dongle=8f7

37 B
355 B

10ms
10ms

Image
image/gif

13.248.245.213
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?mid=7666&xuid=37696f3e-9ead-4e3d-8f13-23df4311f85d&dongle=8f7
Requested by: Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?max=10&cb=98802
Protocol: H2
Server: 13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 21 Mar 2022 14:45:54 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-length: 37
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location: http://eb2.3lift.com/xuid?mid=7666&xuid=37696f3e-9ead-4e3d-8f13-23df4311f85d&dongle=8f7
date: Mon, 21 Mar 2022 14:45:54 GMT
content-length: 118
strict-transport-security: max-age=15724800; includeSubDomains
content-type: text/html; charset=utf-8

GET
H/1.1 200
OK cookiesync
bttrack.com/pixel/ Frame CE72 35 B
380 B 398ms
95ms Image
image/gif 192.132.33.46
BIDTELLECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bttrack.com/pixel/cookiesync?source=3a66d299-1ebd-4293-884e-8e6f36dc1a6a&gdpr=1&gdpr_consent=
Requested by: Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?max=10&cb=98802
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 192.132.33.46 , United States, ASN18568 (BIDTELLECT, US),
Reverse DNS: 46.bidtellect.com
Software: Microsoft-IIS/8.5 /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

X-ServerName: Track004-iad
Pragma: no-cache
Date: Mon, 21 Mar 2022 14:45:51 GMT
X-AspNetMvc-Version: 5.2
Server: Microsoft-IIS/8.5
X-AspNet-Version: 4.0.30319
P3P: CP="CAO DSP COR ADMo DEVo PSAo PSDo HISo IVAo IVDo OUR IND OTC"
Cache-Control: private,no-cache
Content-Type: image/gif
Content-Length: 35
Expires: -1

GET
H2

200

xuid
eb2.3lift.com/ Frame CE72
Redirect Chain

https://cms.quantserve.com/pixel/p-VtN-a_yLd-GB-.gif?idmatch=0&gdpr=1&gdpr_consent=
https://eb2.3lift.com/xuid?&mid=5316&dongle=fa68&xuid=VgIjzlhWccZNCXHBUVQ9xFYEcsVNBSjAWABLM89M

37 B
355 B

11ms
10ms

Image
image/gif

13.248.245.213
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?&mid=5316&dongle=fa68&xuid=VgIjzlhWccZNCXHBUVQ9xFYEcsVNBSjAWABLM89M
Requested by: Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?max=10&cb=98802
Protocol: H2
Server: 13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 21 Mar 2022 14:45:54 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-length: 37
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

pragma: no-cache
date: Mon, 21 Mar 2022 14:45:54 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location: https://eb2.3lift.com/xuid?&mid=5316&dongle=fa68&xuid=VgIjzlhWccZNCXHBUVQ9xFYEcsVNBSjAWABLM89M
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 0
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2

200

xuid
eb2.3lift.com/ Frame CE72
Redirect Chain

https://sportradarserving.com/sync?ssp=triplelift
https://eb2.3lift.com/xuid?mid=7963&xuid=d02d3ff2-4f08-4f31-92c9-bd402199c4c3&dongle=3oy7

37 B
355 B

9ms
9ms

Image
image/gif

13.248.245.213
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?mid=7963&xuid=d02d3ff2-4f08-4f31-92c9-bd402199c4c3&dongle=3oy7
Requested by: Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?max=10&cb=98802
Protocol: H2
Server: 13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 21 Mar 2022 14:45:54 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-length: 37
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

Location: https://eb2.3lift.com/xuid?mid=7963&xuid=d02d3ff2-4f08-4f31-92c9-bd402199c4c3&dongle=3oy7
Date: Mon, 21 Mar 2022 14:45:54 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 0

GET
H2

200

xuid
eb2.3lift.com/ Frame CE72
Redirect Chain

https://pm.w55c.net/ping_match.gif?st=TRIPLELIFT&rurl=https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D6019%26xuid%3D_wfivefivec_%26dongle%3D465e%26gdpr=1%26gdpr_consent=
https://eb2.3lift.com/xuid?mid=6019&xuid=gVwIqCUY1Nwji85&dongle=465e&gdpr=1&gdpr_consent=

37 B
355 B

10ms
9ms

Image
image/gif

13.248.245.213
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?mid=6019&xuid=gVwIqCUY1Nwji85&dongle=465e&gdpr=1&gdpr_consent=
Requested by: Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?max=10&cb=98802
Protocol: H2
Server: 13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 21 Mar 2022 14:45:54 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-length: 37
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

Pragma: no-cache
Date: Mon, 21 Mar 2022 14:45:54 GMT
Server: PingMatch/v2.0.30-713-gdae83a2#rel-ec2-master i-022b0454a7aa0bd60@eu-central-1a@dxedge-app-eu-central-1-prod-asg
Strict-Transport-Security: max-age=2592000; includeSubDomains
Location: https://eb2.3lift.com/xuid?mid=6019&xuid=gVwIqCUY1Nwji85&dongle=465e&gdpr=1&gdpr_consent=
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

iu3
aax-eu.amazon-adsystem.com/s/ Frame CE72
Redirect Chain

https://aax-eu.amazon-adsystem.com/s/x/757c0557066e95cfd4c7?gdpr=1&gdpr_consent=&uid=2456481663732240253697
https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=1&gdpr_consent=&uid=2456481663732240253697&dcc=t

0
0

33ms
32ms

Image
text/html

52.94.223.167
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=1&gdpr_consent=&uid=2456481663732240253697&dcc=t
Requested by: Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?max=10&cb=98802
Protocol: HTTP/1.1
Server: 52.94.223.167 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Redirect headers

Pragma: no-cache
Date: Mon, 21 Mar 2022 14:45:54 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: FCJ66EZ7BYBZFVF9VAJ1
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location: https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=1&gdpr_consent=&uid=2456481663732240253697&dcc=t
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 CookieSyncTripleLift&gdpr=1&gdpr_consent=
rtb.adentifi.com/ Frame CE72 0
47 B 328ms
100ms Image
text/plain 34.199.124.234
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.adentifi.com/CookieSyncTripleLift&gdpr=1&gdpr_consent=
Requested by: Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?max=10&cb=98802
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.199.124.234 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-199-124-234.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 21 Mar 2022 14:45:54 GMT
content-length: 0
content-type: text/plain

GET
H2

200

value=2456481663732240253697
sasinator.realestate.com.au/rea/lserver/setid/external=TRIPLELIFT/ Frame CE72
Redirect Chain

https://sasinator.realestate.com.au/rea/setid/external=TRIPLELIFT/value=2456481663732240253697
https://sasinator.realestate.com.au/rea/lserver/setid/external=TRIPLELIFT/value=2456481663732240253697

43 B
524 B

267ms
266ms

Image
image/gif

54.79.65.128
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sasinator.realestate.com.au/rea/lserver/setid/external=TRIPLELIFT/value=2456481663732240253697
Requested by: Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?max=10&cb=98802
Protocol: H2
Server: 54.79.65.128 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-79-65-128.ap-southeast-2.compute.amazonaws.com
Software: Match/6806.253aefe9185e4df0dd66de648f6f364d7e5424fc (i-0b519114ef66a3834) /
Resource Hash: 82e400c090fb5260267fa339b115e8fe2cb3171303e252844d9756f252f39099

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 21 Mar 2022 14:45:55 GMT
server: Match/6806.253aefe9185e4df0dd66de648f6f364d7e5424fc (i-0b519114ef66a3834)
p3p: CP="NOI NID ADMa PSAa OUR BUS COM NAV"
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-type: image/gif
content-length: 43
expires: -1

Redirect headers

pragma: no-cache
date: Mon, 21 Mar 2022 14:45:55 GMT
server: Match/6806.253aefe9185e4df0dd66de648f6f364d7e5424fc (i-03d8431ae833c69f3)
p3p: CP="NOI NID ADMa PSAa OUR BUS COM NAV"
location: https://sasinator.realestate.com.au/rea/lserver/setid/external=TRIPLELIFT/value=2456481663732240253697
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 0
expires: -1

GET
H2 204 current
triplelift-match.dotomi.com/match/bounce/ Frame 3178 0
104 B 137ms
68ms Image
text/plain 2a02:fa8:8806:13::1370
VCLK-EU-SE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://triplelift-match.dotomi.com/match/bounce/current?networkId=74572&version=1&gdpr=1&gdpr_consent=
Requested by: Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?max=10&cb=77033
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:fa8:8806:13::1370 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 21 Mar 2022 14:45:54 GMT
cache-control: no-cache, private, max-age=0, no-store
server: nginx
expires: 0

GET
H2

200

xuid
eb2.3lift.com/ Frame 3178
Redirect Chain

https://pixel-sync.sitescout.com/dmp/pixelSync?nid=83&gdpr=1&gdpr_consent=
https://eb2.3lift.com/xuid?mid=3646&xuid=no-consent&dongle=1fa5&gdpr=1&gdpr_consent=

37 B
355 B

9ms
9ms

Image
image/gif

13.248.245.213
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?mid=3646&xuid=no-consent&dongle=1fa5&gdpr=1&gdpr_consent=
Requested by: Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?max=10&cb=77033
Protocol: H2
Server: 13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 21 Mar 2022 14:45:54 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-length: 37
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

pragma: no-cache
date: Mon, 21 Mar 2022 14:45:54 GMT
server: AC1.1
p3p: CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location: https://eb2.3lift.com/xuid?mid=3646&xuid=no-consent&dongle=1fa5&gdpr=1&gdpr_consent=
cache-control: max-age=0,no-cache,no-store
content-length: 0
expires: Tue, 11 Oct 1977 12:34:56 GMT

GET
H2

200

xuid
eb2.3lift.com/ Frame 3178
Redirect Chain

https://sync.hgrtb.com/triplelift?redir=http%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D7666%26xuid%3Dmy_external_user_id%26dongle%3D8f7
https://eb2.3lift.com/xuid?mid=7666&xuid=82a1d883-121a-4cdc-a924-d360cf032612&dongle=8f7

37 B
355 B

10ms
10ms

Image
image/gif

13.248.245.213
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?mid=7666&xuid=82a1d883-121a-4cdc-a924-d360cf032612&dongle=8f7
Requested by: Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?max=10&cb=77033
Protocol: H2
Server: 13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 21 Mar 2022 14:45:55 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-length: 37
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location: http://eb2.3lift.com/xuid?mid=7666&xuid=82a1d883-121a-4cdc-a924-d360cf032612&dongle=8f7
date: Mon, 21 Mar 2022 14:45:55 GMT
content-length: 118
strict-transport-security: max-age=15724800; includeSubDomains
content-type: text/html; charset=utf-8

GET
H/1.1 200
OK cookiesync
bttrack.com/pixel/ Frame 3178 35 B
380 B 400ms
97ms Image
image/gif 192.132.33.46
BIDTELLECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bttrack.com/pixel/cookiesync?source=3a66d299-1ebd-4293-884e-8e6f36dc1a6a&gdpr=1&gdpr_consent=
Requested by: Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?max=10&cb=77033
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 192.132.33.46 , United States, ASN18568 (BIDTELLECT, US),
Reverse DNS: 46.bidtellect.com
Software: Microsoft-IIS/8.5 /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

X-ServerName: Track003-iad
Pragma: no-cache
Date: Mon, 21 Mar 2022 14:45:53 GMT
X-AspNetMvc-Version: 5.2
Server: Microsoft-IIS/8.5
X-AspNet-Version: 4.0.30319
P3P: CP="CAO DSP COR ADMo DEVo PSAo PSDo HISo IVAo IVDo OUR IND OTC"
Cache-Control: private,no-cache
Content-Type: image/gif
Content-Length: 35
Expires: -1

GET
H2

200

xuid
eb2.3lift.com/ Frame 3178
Redirect Chain

https://cms.quantserve.com/pixel/p-VtN-a_yLd-GB-.gif?idmatch=0&gdpr=1&gdpr_consent=
https://eb2.3lift.com/xuid?&mid=5316&dongle=fa68&xuid=VgIjzlhWccZNCXHBUVQ9xFYEcsVNBSjAWABLM89M

37 B
355 B

10ms
9ms

Image
image/gif

13.248.245.213
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?&mid=5316&dongle=fa68&xuid=VgIjzlhWccZNCXHBUVQ9xFYEcsVNBSjAWABLM89M
Requested by: Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?max=10&cb=77033
Protocol: H2
Server: 13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 21 Mar 2022 14:45:54 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-length: 37
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

pragma: no-cache
date: Mon, 21 Mar 2022 14:45:54 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location: https://eb2.3lift.com/xuid?&mid=5316&dongle=fa68&xuid=VgIjzlhWccZNCXHBUVQ9xFYEcsVNBSjAWABLM89M
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 0
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2

200

xuid
eb2.3lift.com/ Frame 3178
Redirect Chain

https://sportradarserving.com/sync?ssp=triplelift
https://eb2.3lift.com/xuid?mid=7963&xuid=d02d3ff2-4f08-4f31-92c9-bd402199c4c3&dongle=3oy7

37 B
355 B

9ms
9ms

Image
image/gif

13.248.245.213
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?mid=7963&xuid=d02d3ff2-4f08-4f31-92c9-bd402199c4c3&dongle=3oy7
Requested by: Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?max=10&cb=77033
Protocol: H2
Server: 13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 21 Mar 2022 14:45:54 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-length: 37
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

Location: https://eb2.3lift.com/xuid?mid=7963&xuid=d02d3ff2-4f08-4f31-92c9-bd402199c4c3&dongle=3oy7
Date: Mon, 21 Mar 2022 14:45:54 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 0

GET
H2

200

xuid
eb2.3lift.com/ Frame 3178
Redirect Chain

https://pm.w55c.net/ping_match.gif?st=TRIPLELIFT&rurl=https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D6019%26xuid%3D_wfivefivec_%26dongle%3D465e%26gdpr=1%26gdpr_consent=
https://eb2.3lift.com/xuid?mid=6019&xuid=gVwIqCUY1Nwji85&dongle=465e&gdpr=1&gdpr_consent=

37 B
355 B

9ms
9ms

Image
image/gif

13.248.245.213
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?mid=6019&xuid=gVwIqCUY1Nwji85&dongle=465e&gdpr=1&gdpr_consent=
Requested by: Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?max=10&cb=77033
Protocol: H2
Server: 13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 21 Mar 2022 14:45:54 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-length: 37
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

Pragma: no-cache
Date: Mon, 21 Mar 2022 14:45:53 GMT
Server: PingMatch/v2.0.30-713-gdae83a2#rel-ec2-master i-0ae965e2f8a6b4310@eu-central-1a@dxedge-app-eu-central-1-prod-asg
Strict-Transport-Security: max-age=2592000; includeSubDomains
Location: https://eb2.3lift.com/xuid?mid=6019&xuid=gVwIqCUY1Nwji85&dongle=465e&gdpr=1&gdpr_consent=
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

iu3
aax-eu.amazon-adsystem.com/s/ Frame 3178
Redirect Chain

https://aax-eu.amazon-adsystem.com/s/x/757c0557066e95cfd4c7?gdpr=1&gdpr_consent=&uid=2456481663732240253697
https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=1&gdpr_consent=&uid=2456481663732240253697&dcc=t

0
0

36ms
34ms

Image
text/html

52.94.223.167
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=1&gdpr_consent=&uid=2456481663732240253697&dcc=t
Requested by: Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?max=10&cb=77033
Protocol: HTTP/1.1
Server: 52.94.223.167 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Redirect headers

Pragma: no-cache
Date: Mon, 21 Mar 2022 14:45:54 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: P3X9X8DHJRSZF71QEHF5
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location: https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=1&gdpr_consent=&uid=2456481663732240253697&dcc=t
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 CookieSyncTripleLift&gdpr=1&gdpr_consent=
rtb.adentifi.com/ Frame 3178 0
46 B 326ms
101ms Image
text/plain 34.199.124.234
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.adentifi.com/CookieSyncTripleLift&gdpr=1&gdpr_consent=
Requested by: Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?max=10&cb=77033
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.199.124.234 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-199-124-234.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 21 Mar 2022 14:45:54 GMT
content-length: 0
content-type: text/plain

GET
H2

200

value=2456481663732240253697
sasinator.realestate.com.au/rea/lserver/setid/external=TRIPLELIFT/ Frame 3178
Redirect Chain

https://sasinator.realestate.com.au/rea/setid/external=TRIPLELIFT/value=2456481663732240253697
https://sasinator.realestate.com.au/rea/lserver/setid/external=TRIPLELIFT/value=2456481663732240253697

43 B
523 B

266ms
266ms

Image
image/gif

54.79.65.128
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sasinator.realestate.com.au/rea/lserver/setid/external=TRIPLELIFT/value=2456481663732240253697
Requested by: Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?max=10&cb=77033
Protocol: H2
Server: 54.79.65.128 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-79-65-128.ap-southeast-2.compute.amazonaws.com
Software: Match/6806.253aefe9185e4df0dd66de648f6f364d7e5424fc (i-0dbd5030f3c271c1d) /
Resource Hash: 82e400c090fb5260267fa339b115e8fe2cb3171303e252844d9756f252f39099

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 21 Mar 2022 14:45:55 GMT
server: Match/6806.253aefe9185e4df0dd66de648f6f364d7e5424fc (i-0dbd5030f3c271c1d)
p3p: CP="NOI NID ADMa PSAa OUR BUS COM NAV"
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-type: image/gif
content-length: 43
expires: -1

Redirect headers

pragma: no-cache
date: Mon, 21 Mar 2022 14:45:55 GMT
server: Match/6806.253aefe9185e4df0dd66de648f6f364d7e5424fc (i-0dbd5030f3c271c1d)
p3p: CP="NOI NID ADMa PSAa OUR BUS COM NAV"
location: https://sasinator.realestate.com.au/rea/lserver/setid/external=TRIPLELIFT/value=2456481663732240253697
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 0
expires: -1

GET
H2 200 5998.js Show response
go.trvdp.com/init/ 23 KB
23 KB 53ms
8ms Script
binary/octet-stream 2600:9000:223f:b000:3:7e1c:5b40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://go.trvdp.com/init/5998.js
Requested by: Host: cnt.trvdp.com
URL: https://cnt.trvdp.com/js/1273/5998.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223f:b000:3:7e1c:5b40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f2071f7d1245831b348c4c552e7e61eee09e94d7f90ad2eeb54ef2c1b463783b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://portalsemakan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 14 Mar 2022 12:47:24 GMT
via: 1.1 0afa2d721972ae312ad1dd54e47c43ca.cloudfront.net (CloudFront)
last-modified: Wed, 02 Mar 2022 13:22:49 GMT
server: AmazonS3
age: 611911
etag: "f637d1251c4c2f346315a5b6e7470988"
x-cache: Hit from cloudfront
content-type: binary/octet-stream
x-amz-cf-pop: FRA56-P5
accept-ranges: bytes
content-length: 23348
x-amz-cf-id: gt8DPpLVAw6AaI6GrQ2IKrlMGnzVkQW8ko-VIPEAatPTO7SCSqomAg==

GET
H2 200 p.php Show response
stg.truvidplayer.com/ 3 KB
2 KB 165ms
105ms XHR
application/json 108.138.7.20
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://stg.truvidplayer.com/p.php?sid=1273&wid=5998&cb=4730.511029906505&pid=4168&url=https%3A%2F%2Fportalsemakan.com%2Fpermohonan-pelan-data-pelajar%2F&isab=0
Requested by: Host: go.trvdp.com
URL: https://go.trvdp.com/init/5998.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.7.20 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-7-20.fra56.r.cloudfront.net
Software: nginx /
Resource Hash: 1531278c4d067baca5faac5500b20b82f324038961bc606a48cabed47a1bc4e6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://portalsemakan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 21 Mar 2022 14:45:54 GMT
content-encoding: gzip
server: nginx
x-amz-cf-pop: FRA56-P6
x-cache: Miss from cloudfront
content-type: application/json
access-control-allow-origin: https://portalsemakan.com
access-control-allow-credentials: true
x-amz-cf-id: NA3a2aTncsux8jRhnAKlfUWAixpfvuOUfITmgMe_duW--zoGWR3p_Q==
via: 1.1 e016ea20838aeed1d878a5244c9e2552.cloudfront.net (CloudFront)

GET
H2 200 ins.js Show response
s.trvdp.com/scripts/v5.729/ 654 KB
180 KB 47ms
8ms Script
application/javascript 2600:9000:2251:8000:d:3c0f:bcc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.trvdp.com/scripts/v5.729/ins.js
Requested by: Host: go.trvdp.com
URL: https://go.trvdp.com/init/5998.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2251:8000:d:3c0f:bcc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 5168404c37cfa1f6fe21ca1d6a93b63705c5657adc834d572b34ac14763098fc

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://portalsemakan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 14 Mar 2022 13:22:43 GMT
content-encoding: br
last-modified: Mon, 14 Mar 2022 12:58:36 GMT
server: AmazonS3
age: 609792
etag: W/"0650780a0965d58abe823055281d157e"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 dc0aad619823d3400ef947433d0af8fa.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P3
x-amz-cf-id: 77YNVwj9de3RnWUD9RzwKnuY1WPxQW7zDdqo-vp6Js6cdEMBWqEc7w==

GET
H/1.1 200
OK cors Show response
data.ad-score.com/score/ 52 B
726 B 495ms
134ms XHR
text/plain 130.211.115.4
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://data.ad-score.com/score/cors?s=1&pid=1000032&tid=truvidTraffic&pub_domain=portalsemakan.com&l1=5998&l2=portalsemakan.com&l3=DE&l4=desktop&l5=5.729&cb=0.942213814508102
Requested by: Host: s.trvdp.com
URL: https://s.trvdp.com/scripts/v5.729/ins.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 130.211.115.4 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 4.115.211.130.bc.googleusercontent.com
Software: /
Resource Hash: a3fb12e0586cb7710bc4ff3f906aa390cd18576b4d2a086389454e72c7f0b8df

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://portalsemakan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 21 Mar 2022 14:45:55 GMT
Age: 0
Access-Control-Allow-Methods: GET,POST
P3p: CP="CURa ADMa DEVa TAIi PSAi PSDi IVAi IVDi CONi HISa TELi OUR IND DSP CAO COR"
Access-Control-Allow-Origin: https://portalsemakan.com
Cache-Control: post-check=0, pre-check=0, false, proxy-revalidate, no-cache, no-cache=Set-Cookie, no-store, must-revalidate, max-age=0, s-maxage=0
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/plain; charset=utf-8
Content-Length: 52

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 2E26 42 B
64 B 71ms
71ms Fetch
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsu_6cIy1P2g1_9XocfSS7oO_OjEQbX6iPJq0Fn6uRLYkLfYqGwvZGZyqRg2NPkAb0lM4x5KdSsxjQo0BOY8ZoX3Fg&sig=Cg0ArKJSzNcJb16Qoj7cEAE&cid=CAASF-RoCcemninvfUN47BLpz6YcXxUkeZz5&id=lidar2&mcvt=1000&p=795,1020,1075,1356&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20220316&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1639631207&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0%3D&vs=4&r=v&rst=1647873952150&rpt=1558&isd=0&lsd=0&met=ie&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://4ff8e811445a9b61eb0bed126f8b9447.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 21 Mar 2022 14:45:55 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 116C 42 B
64 B 70ms
70ms Fetch
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstPpkkIzwol0fRraFOezgwzAlsafPdDeTtGwUmev0oV4IUtWTYrrUseAa6ffPNk622Tp8W2VF3fjb0Gat43EscDXQ&sig=Cg0ArKJSzNKSKi1rwftAEAE&cid=CAASF-RomRQQ-_aw9GKdeBJVEun1A2t3izPG&id=lidar2&mcvt=1000&p=848,475,1098,775&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20220316&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1412468635&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0%3D&vs=4&r=v&rst=1647873952616&rpt=1196&isd=0&lsd=0&met=ie&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://4ff8e811445a9b61eb0bed126f8b9447.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 21 Mar 2022 14:45:55 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 1925 42 B
64 B 70ms
70ms Fetch
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsu-YAV7t44tUX-DwVBLvif3qERhN_VSytemLbExe5SLt-WClkNoNtpdBzBy_kFXEThC3rRqT0u-QqiA7Xumg8mTxj6DlhhGCN3ImoQtyic0Hz3EcKaK&sig=Cg0ArKJSzIfW70LKzLbAEAE&id=lidar2&mcvt=1001&p=1166,1599,1167,1600&mtos=1001,1001,1001,1001,1001&tos=1001,0,0,0,0&v=20220316&bin=7&avms=nio&bs=1600,1200&mc=1.08&vu=1&app=0&itpl=19&adk=1383592160&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0%3D&vs=4&r=v&rst=1647873952702&rpt=1078&isd=0&lsd=0&met=ce&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://portalsemakan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 21 Mar 2022 14:45:55 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK usync.html Show response
eus.rubiconproject.com/ Frame 5BCF 281 B
554 B 38ms
7ms Document
text/html 23.79.143.124

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html
Requested by: Host: anymind360.com
URL: https://anymind360.com/js/4961/prebid_2022_3_14_9_13_53.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.79.143.124 -, , ASN (),
Reverse DNS
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://portalsemakan.com/

Response headers

Server: Apache/2.2.15 (CentOS)
Last-Modified: Tue, 14 Dec 2021 23:07:59 GMT
ETag: "402b2-119-5d32342a551c0"
Accept-Ranges: bytes
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Mon, 21 Mar 2022 14:45:57 GMT
Connection: keep-alive
Vary: Accept-Encoding

GET
H2 200 user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame 88C4 15 KB
6 KB 7ms
7ms Document
text/html 184.30.24.198
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158497
Requested by: Host: anymind360.com
URL: https://anymind360.com/js/4961/prebid_2022_3_14_9_13_53.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.30.24.198 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-24-198.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://portalsemakan.com/

Response headers

last-modified: Tue, 01 Feb 2022 06:38:00 GMT
etag: "1300708-3de4-5d6ef246ef4cf"
server: Apache/2.2.15 (CentOS)
accept-ranges: bytes
content-encoding: gzip
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 5549
content-type: text/html; charset=UTF-8
cache-control: max-age=44594
expires: Tue, 22 Mar 2022 03:09:11 GMT
date: Mon, 21 Mar 2022 14:45:57 GMT
vary: Accept-Encoding

GET
H2 200 pd Show response
u.openx.net/w/1.0/ Frame 685A 0
91 B 31ms
24ms Document
text/html 34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://u.openx.net/w/1.0/pd
Requested by: Host: anymind360.com
URL: https://anymind360.com/js/4961/prebid_2022_3_14_9_13_53.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/17.2.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://portalsemakan.com/

Response headers

vary: Accept, Accept-Encoding
server: OXGW/17.2.1
date: Mon, 21 Mar 2022 14:45:57 GMT
content-type: text/html
content-length: 20
content-encoding: gzip
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame 94AF 52 KB
17 KB 33ms
9ms Document
text/html 151.101.1.108

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html
Requested by: Host: anymind360.com
URL: https://anymind360.com/js/4961/prebid_2022_3_14_9_13_53.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.1.108 -, , ASN (),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://portalsemakan.com/

Response headers

Connection: keep-alive
Content-Length: 17053
Server: nginx/1.18.0 (Ubuntu)
Content-Type: text/html
Last-Modified: Wed, 02 Dec 2020 20:56:47 GMT
ETag: W/"5fc7ff8f-cf34"
Expires: Thu, 17 Mar 2022 06:19:05 GMT
Cache-Control: max-age=86402
Access-Control-Allow-Origin: *
Content-Encoding: gzip
Via: 1.1 varnish, 1.1 varnish
Accept-Ranges: bytes
Date: Mon, 21 Mar 2022 14:45:57 GMT
Age: 30404
X-Served-By: cache-lga21955-LGA, cache-hhn4059-HHN
X-Cache: HIT, HIT
X-Cache-Hits: 1, 602886
X-Timer: S1647873958.892590,VS0,VE0
Vary: Accept-Encoding

GET
H/1.1 200
OK ixmatch.html Show response
js-sec.indexww.com/um/ Frame 1D13 3 KB
2 KB 30ms
7ms Document
text/html 184.30.24.241
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://js-sec.indexww.com/um/ixmatch.html
Requested by: Host: anymind360.com
URL: https://anymind360.com/js/4961/prebid_2022_3_14_9_13_53.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.30.24.241 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-24-241.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 7c3b96f238042f73d0bedf5877fa02eb834e89649bbd122e2f10cc35238173cf

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://portalsemakan.com/

Response headers

Server: Apache
Last-Modified: Fri, 18 Feb 2022 16:05:37 GMT
ETag: "e20015-b6b-5d84d0db0c30a"
Accept-Ranges: bytes
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: text/html; charset=UTF-8
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 1388
Date: Mon, 21 Mar 2022 14:45:57 GMT
Connection: keep-alive

GET
H2 200 PugMaster Show response
image6.pubmatic.com/AdServer/ Frame 88C4 3 KB
4 KB 16ms
15ms Script
text/html 185.64.190.78
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=45544392&p=158497&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158497
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: d647ef39417f2c0a0fc6dde670e0d6e33d9e6c3f84591348c7b593771d6f6fea

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 21 Mar 2022 14:45:56 GMT
content-type: text/html; charset=UTF-8
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame 5BCF 32 KB
10 KB 7ms
7ms Script
text/html 23.79.143.124

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.79.143.124 -, , ASN (),
Reverse DNS
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: 6046941efa0656622a5f07faee34cc197eafa53b446e6114bdc7b3e9a1af7023

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/usync.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Mon, 21 Mar 2022 14:45:57 GMT
Content-Encoding: gzip
Last-Modified: Wed, 02 Mar 2022 16:28:01 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=45535
Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Content-Length: 9539
Expires: Tue, 22 Mar 2022 03:24:52 GMT

GET
H/1.1 200
OK usermatch Show response
ssum-sec.casalemedia.com/ Frame D69B 2 KB
3 KB 22ms
22ms Document
text/html 184.30.24.241
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fportalsemakan.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Requested by: Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.30.24.241 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-24-241.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b79d495b5ec4950b3413082b3ed7002cf52e95bedf39da11c32e81eda7fb2666

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://js-sec.indexww.com/

Response headers

Server: Apache
Content-Type: text/html
Dropped-Udsids: 241|230|45|39|46|111|191|41
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Vary: Is-Traffic-Usersync
Expires: Mon, 21 Mar 2022 14:45:57 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Mon, 21 Mar 2022 14:45:57 GMT
Content-Length: 1624
Connection: keep-alive

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame 94AF 0
747 B 26ms
26ms Script
text/html 37.252.172.38
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.38 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

690.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 21 Mar 2022 14:45:57 GMT
X-Proxy-Origin: 185.213.155.166; 185.213.155.166; 690.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid: 7f9fc4e0-69f5-4585-965c-cd01d959efb5
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 match Show response
c1.adform.net/serving/cookie/ Frame 21BE 35 B
468 B 28ms
28ms Document
image/gif 37.157.2.238
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://c1.adform.net/serving/cookie/match?party=14&cid=693F7F8C-3EA6-4C2C-9BEF-784CFC23A086

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158497

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.2.238 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/

Response headers

server: nginx
date: Mon, 21 Mar 2022 14:45:57 GMT
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate, no-transform
pragma: no-cache
expires: -1
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-max-age: 86400
strict-transport-security: max-age=31536000; includeSubDomains

GET
H2

200

Pug Show response
image2.pubmatic.com/AdServer/ Frame F455
Redirect Chain

https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=1038671538451992436

42 B
368 B

57ms
16ms

Document
image/gif

185.64.190.80

General

Check archive.org

Show headers Download Go to

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=1038671538451992436
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158497
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/

Response headers

server: nginx
date: Mon, 21 Mar 2022 14:45:58 GMT
content-type: image/gif; charset=utf-8
content-length: 42
x-lat: lhrpug025:0:355
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: no-store, no-cache, private

Redirect headers

location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=1038671538451992436
content-length: 0
p3p: CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV

GET
H2

200

Pug Show response
simage2.pubmatic.com/AdServer/ Frame 7CC1
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:2e1b6238-8fa2-4f00-8b78-f55dd9c91e8e&gdpr=0&gdpr_consent=

42 B
341 B

66ms
17ms

Document
image/gif

185.64.190.80

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:2e1b6238-8fa2-4f00-8b78-f55dd9c91e8e&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158497
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/

Response headers

server: nginx
date: Mon, 21 Mar 2022 14:45:58 GMT
content-type: image/gif; charset=utf-8
content-length: 42
x-lat: lhrpug003:0:380
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: no-store, no-cache, private

Redirect headers

Date: Mon, 21 Mar 2022 14:45:57 GMT
Content-Type: image/gif
Content-Length: 0
Connection: keep-alive
Keep-Alive: timeout=360
Access-Control-Allow-Origin: *
Server: MT3 4256 109297d master zrh-pixel-x30 config:1.0.0
Cache-Control: no-cache
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:2e1b6238-8fa2-4f00-8b78-f55dd9c91e8e&gdpr=0&gdpr_consent=
Expires: Mon, 21 Mar 2022 14:45:56 GMT

GET
H2

200

Pug Show response
simage2.pubmatic.com/AdServer/ Frame 15F1
Redirect Chain

https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCooki...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=

42 B
110 B

18ms
17ms

Document
image/gif

185.64.190.80

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158497
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/

Response headers

server: nginx
date: Mon, 21 Mar 2022 14:45:58 GMT
content-type: image/gif; charset=utf-8
content-length: 42
x-lat: lhrpug011:0:560
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: no-store, no-cache, private

Redirect headers

date: Mon, 21 Mar 2022 14:45:57 GMT
server: Kestrel
content-length: 0
cache-control: no-cache
pragma: no-cache
expires: Mon, 21 Mar 2022 00:00:00 GMT
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
x-errorlevel: 0
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 1754756
strict-transport-security: max-age=31536000; preload;

GET
H2

200

Pug Show response
simage2.pubmatic.com/AdServer/ Frame AAD4
Redirect Chain

https://dsp.adfarm1.adition.com/cookie/?ssp=9
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=7077564736077691022

42 B
212 B

16ms
15ms

Document
image/gif

185.64.190.80

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=7077564736077691022
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158497
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/

Response headers

server: nginx
date: Mon, 21 Mar 2022 14:45:58 GMT
content-type: image/gif; charset=utf-8
content-length: 42
x-lat: lhrpug030:0:355
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: no-store, no-cache, private

Redirect headers

Server: nginx
Date: Mon, 21 Mar 2022 14:45:58 GMT
Transfer-Encoding: chunked
Connection: keep-alive
p3p: policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
Location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=7077564736077691022

GET
H2

200

user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 88C4
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=aT9_jD6mTCyb73hM_COghg%3D%3D
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=

15 KB
15 KB

8ms
7ms

Image
text/html

184.30.24.198
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158497
Protocol: H2
Server: 184.30.24.198 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-24-198.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 21 Mar 2022 14:45:57 GMT
content-encoding: gzip
last-modified: Tue, 01 Feb 2022 06:38:00 GMT
server: Apache/2.2.15 (CentOS)
etag: "1300708-3de4-5d6ef246ef4cf"
vary: Accept-Encoding
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: max-age=44594
accept-ranges: bytes
content-type: text/html; charset=UTF-8
content-length: 5549
expires: Tue, 22 Mar 2022 03:09:11 GMT

Redirect headers

pragma: no-cache
date: Mon, 21 Mar 2022 14:45:57 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 272
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

SPug
image4.pubmatic.com/AdServer/ Frame 88C4
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=2e1b6238-8fa2-4f00-8b78-f55dd9c91e8e

0
260 B

67ms
15ms

Image
text/plain

198.47.127.20

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=2e1b6238-8fa2-4f00-8b78-f55dd9c91e8e
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158497
Protocol: H2
Server: 198.47.127.20 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 21 Mar 2022 14:45:57 GMT
cache-control: no-store, no-cache, private
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Date: Mon, 21 Mar 2022 14:45:57 GMT
Server: MT3 4256 109297d master zrh-pixel-x26 config:1.0.0
Access-Control-Allow-Origin: *
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=2e1b6238-8fa2-4f00-8b78-f55dd9c91e8e
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=360
Content-Length: 0
Expires: Mon, 21 Mar 2022 14:45:56 GMT

GET

/
pixel.onaudience.com/ Frame 88C4
Redirect Chain

https://pixel.onaudience.com/?partner=214&mapped=693F7F8C-3EA6-4C2C-9BEF-784CFC23A086
https://sync.crwdcntrl.net/map/c=8587/tp=CLOD/gdpr=1/gdpr_consent=?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3D%24%7Bgdpr%7D
https://sync.crwdcntrl.net/map/ct=y/c=8587/tp=CLOD/gdpr=1/gdpr_consent=?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3D%24%7Bgdpr%7D
https://pixel.onaudience.com/?partner=104&icm&cver&mapped=29b9fe51850f24148da6ad0178b902ee&gdpr=1

0
0

GET
H2

200

Pug
image2.pubmatic.com/AdServer/ Frame 88C4
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=NjkzRjdGOEMtM0VBNi00QzJDLTlCRUYtNzg0Q0ZDMjNBMDg2&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=

42 B
111 B

29ms
16ms

Image
image/gif

185.64.190.80

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158497
Protocol: H2
Server: 185.64.190.80 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 21 Mar 2022 14:45:57 GMT
cache-control: no-store, no-cache, private
x-lat: lhrpug017:0:386
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Mon, 21 Mar 2022 14:45:57 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

Pug
image2.pubmatic.com/AdServer/ Frame 88C4
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEI39IjqGyQzhtb7OvZsD7As&google_cver=1

42 B
284 B

30ms
17ms

Image
image/gif

185.64.190.80

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEI39IjqGyQzhtb7OvZsD7As&google_cver=1
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158497
Protocol: H2
Server: 185.64.190.80 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 21 Mar 2022 14:45:58 GMT
cache-control: no-store, no-cache, private
x-lat: lhrpug029:0:836
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Mon, 21 Mar 2022 14:45:57 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEI39IjqGyQzhtb7OvZsD7As&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 379
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pubmatic
um.simpli.fi/ Frame 88C4 43 B
409 B 20ms
17ms Image
image/gif 169.50.137.184
SOFTLAYER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158497

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

169.50.137.184 , United States, ASN36351 (SOFTLAYER, US),

Reverse DNS

b8.89.32a9.ip4.static.sl-reverse.com

Software

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 21 Mar 2022 14:45:57 GMT
x-content-type-options: nosniff
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 43
expires: Sun, 20 Mar 2022 14:45:57 GMT

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame 88C4
Redirect Chain

https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=5769212573656456432

42 B
234 B

41ms
18ms

Image
image/gif

185.64.190.80

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=5769212573656456432
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158497
Protocol: H2
Server: 185.64.190.80 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 21 Mar 2022 14:45:58 GMT
cache-control: no-store, no-cache, private
x-lat: lhrpug002:0:540
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Mon, 21 Mar 2022 14:45:57 GMT
server: nginx
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=5769212573656456432
access-control-max-age: 86400
access-control-allow-methods: GET
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame 88C4
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=4b0a2518-cedf-41c8-a309-0063fb5b5a2f

42 B
605 B

38ms
16ms

Image
image/gif

185.64.190.80

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=4b0a2518-cedf-41c8-a309-0063fb5b5a2f
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158497
Protocol: H2
Server: 185.64.190.80 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 21 Mar 2022 14:45:58 GMT
cache-control: no-store, no-cache, private
x-lat: lhrpug007:0:458
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Mon, 21 Mar 2022 14:45:57 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=4b0a2518-cedf-41c8-a309-0063fb5b5a2f
cache-control: private,no-cache, must-revalidate
content-type: text/html
content-length: 313

GET
H2

200

Pug
image2.pubmatic.com/AdServer/ Frame 88C4
Redirect Chain

https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=2164802784335980141&gdpr=0&gdpr_consent=

42 B
234 B

22ms
17ms

Image
image/gif

185.64.190.80

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=2164802784335980141&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158497
Protocol: H2
Server: 185.64.190.80 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 21 Mar 2022 14:45:57 GMT
cache-control: no-store, no-cache, private
x-lat: lhrpug013:0:445
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Pragma: no-cache
Date: Mon, 21 Mar 2022 14:45:58 GMT
X-Proxy-Origin: 185.213.155.166; 185.213.155.166; 690.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid: 954ecd26-fa73-4ccc-87fd-67b54d730594
Server: nginx/1.21.3
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=2164802784335980141&gdpr=0&gdpr_consent=
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

Pug
image2.pubmatic.com/AdServer/ Frame 88C4
Redirect Chain

https://pixel.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=ccghqn-cc6Jqw3Oldp4_oHHOcKFqzyqkf8pDSp-d

42 B
622 B

40ms
15ms

Image
image/gif

185.64.190.80

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=ccghqn-cc6Jqw3Oldp4_oHHOcKFqzyqkf8pDSp-d
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158497
Protocol: H2
Server: 185.64.190.80 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 21 Mar 2022 14:45:57 GMT
cache-control: no-store, no-cache, private
x-lat: lhrpug020:0:366
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Mon, 21 Mar 2022 14:45:57 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location: https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=ccghqn-cc6Jqw3Oldp4_oHHOcKFqzyqkf8pDSp-d
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 0
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2 200 693F7F8C-3EA6-4C2C-9BEF-784CFC23A086
pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame 88C4 43 B
988 B 34ms
32ms Image
image/gif 2a05:d018:d29:3605:2e02:fe1c:9c40:529
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pr-bh.ybp.yahoo.com/sync/pubmatic/693F7F8C-3EA6-4C2C-9BEF-784CFC23A086?gdpr=0&gdpr_consent=

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158497

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a05:d018:d29:3605:2e02:fe1c:9c40:529 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

ATS /

Resource Hash

48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 21 Mar 2022 14:45:57 GMT
referrer-policy: strict-origin-when-cross-origin
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=31536000
content-type: image/gif
x-xss-protection: 1; mode=block
content-length: 43
x-content-type-options: nosniff

GET
H2

200

SPug
image4.pubmatic.com/AdServer/ Frame 88C4
Redirect Chain

https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=693F7F8C-3EA6-4C2C-9BEF-784CFC23A086&redir=true&gdpr=0&gdpr_consent=
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-ZTWWliRE2uX6jVRN6FYYvXMveWZ.u_0-~A&gdpr=0&gdpr_consent=

0
48 B

53ms
15ms

Image
text/plain

198.47.127.20

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-ZTWWliRE2uX6jVRN6FYYvXMveWZ.u_0-~A&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158497
Protocol: H2
Server: 198.47.127.20 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 21 Mar 2022 14:45:57 GMT
cache-control: no-store, no-cache, private
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location: https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-ZTWWliRE2uX6jVRN6FYYvXMveWZ.u_0-~A&gdpr=0&gdpr_consent=
date: Mon, 21 Mar 2022 14:45:57 GMT
server: ATS/9.1.0.33
age: 0
content-length: 0
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame 88C4
Redirect Chain

https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
https://a.volvelle.tech/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic&bsw_uid=d7675448-eb59-49fd-826b-42bb1087fe5b
https://a.volvelle.tech/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic&bsw_uid=d7675448-eb59-49fd-826b-42bb1087fe5b
https://x.bidswitch.net/sync?dsp_id=190&expires=14&user_group=1&user_id=d1c76154-915e-47af-8287-98fd837c71b2&ssp=pubmatic
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=d7675448-eb59-49fd-826b-42bb1087fe5b&gdpr=&gdpr_consent=&gdpr_pd=

1 B
202 B

16ms
15ms

Image
text/html

185.64.190.80

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=d7675448-eb59-49fd-826b-42bb1087fe5b&gdpr=&gdpr_consent=&gdpr_pd=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158497
Protocol: H2
Server: 185.64.190.80 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 21 Mar 2022 14:45:58 GMT
cache-control: no-store, no-cache, private
x-lat: lhrpug015:0:493
server: nginx
content-type: text/html; charset=utf-8
content-length: 1
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Location: //simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=d7675448-eb59-49fd-826b-42bb1087fe5b&gdpr=&gdpr_consent=&gdpr_pd=
Date: Mon, 21 Mar 2022 14:45:58 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 0

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame 88C4
Redirect Chain

https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:c60d01bc-35d8-41e6-b012-ba2929b9a249&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw

42 B
110 B

19ms
17ms

Image
image/gif

185.64.190.80

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:c60d01bc-35d8-41e6-b012-ba2929b9a249&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158497
Protocol: H2
Server: 185.64.190.80 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 21 Mar 2022 14:45:58 GMT
cache-control: no-store, no-cache, private
x-lat: lhrpug026:0:409
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Location: https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:c60d01bc-35d8-41e6-b012-ba2929b9a249&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Date: Mon, 21 Mar 2022 14:45:57 GMT
Server: Apache
Connection: Keep-Alive
Keep-Alive: timeout=5, max=3000
Content-Length: 0
P3P: policyref="/w3c/p3p.xml", CP="DSP NON LAW OUR CUR DEVo PSAo PSDo IND STA NAV COM INT"

GET
H/1.1

200
OK

dcm
s.amazon-adsystem.com/ Frame D69B
Redirect Chain

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YjiPoC_TpvJkZfw8O1wkKgAABGYAAAIB
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YjiPoC_TpvJkZfw8O1wkKgAABGYAAAIB&dcc=t

43 B
645 B

104ms
104ms

Image
image/gif

209.54.177.54
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YjiPoC_TpvJkZfw8O1wkKgAABGYAAAIB&dcc=t

Requested by

Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fportalsemakan.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F

Protocol

HTTP/1.1

Server

209.54.177.54 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 21 Mar 2022 14:45:58 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: W7DXSV3KR81PYH15H3W0
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 21 Mar 2022 14:45:58 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: 547Y47DNDT518J1R2AWC
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location: https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YjiPoC_TpvJkZfw8O1wkKgAABGYAAAIB&dcc=t
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3 200 pixel
cm.g.doubleclick.net/ Frame D69B 170 B
188 B 54ms
54ms Image
image/png 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YjiPoC_TpvJkZfw8O1wkKgAABGYAAAIB&gdpr_consent=&us_privacy=&gdpr=1

Requested by

Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fportalsemakan.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 21 Mar 2022 14:45:57 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

crum
dsum-sec.casalemedia.com/ Frame D69B
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1
https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YjiPoC-TpvJkZfw8O1wkKgAA
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEKETw1MLDXikeD2kdvghvno&google_cver=1&gdpr=1

43 B
1 KB

14ms
13ms

Image
image/gif

184.30.24.241
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEKETw1MLDXikeD2kdvghvno&google_cver=1&gdpr=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fportalsemakan.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol: HTTP/1.1
Server: 184.30.24.241 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-24-241.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 21 Mar 2022 14:45:58 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Mon, 21 Mar 2022 14:45:58 GMT

Redirect headers

pragma: no-cache
date: Mon, 21 Mar 2022 14:45:58 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEKETw1MLDXikeD2kdvghvno&google_cver=1&gdpr=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 325
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 casale
match.adsrvr.org/track/cmf/ Frame D69B 70 B
264 B 37ms
34ms Image
image/gif 35.71.131.137
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/casale?gdpr=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fportalsemakan.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 21 Mar 2022 14:45:58 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H/1.1 400
Request failed due to privacy signals getuid
secure.adnxs.com/ Frame D69B 0
0 83ms
17ms Image
text/html 185.33.220.242

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID&gdpr=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fportalsemakan.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.33.220.242 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H2 403 match
c1.adform.net/serving/cookie/ Frame D69B 0
330 B 28ms
26ms Image
text/plain 37.157.2.238
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c1.adform.net/serving/cookie/match?party=29&gdpr=1

Requested by

Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fportalsemakan.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.2.238 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 21 Mar 2022 14:45:57 GMT
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H/1.1

200
OK

crum
dsum.casalemedia.com/ Frame D69B
Redirect Chain

https://dmp.brand-display.com/cm/api/index?cm_dsp_id=191&cm_user_id=%3CIndex_user_id%3E&gdpr=1
https://dsum.casalemedia.com/crum?cm_dsp_id=191&external_user_id=aa5caa1a-4c1e-627b-89d6fbc8

43 B
1 KB

42ms
14ms

Image
image/gif

184.30.24.241
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum.casalemedia.com/crum?cm_dsp_id=191&external_user_id=aa5caa1a-4c1e-627b-89d6fbc8
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fportalsemakan.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol: HTTP/1.1
Server: 184.30.24.241 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-24-241.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 21 Mar 2022 14:45:58 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Mon, 21 Mar 2022 14:45:58 GMT

Redirect headers

date: Mon, 21 Mar 2022 14:45:58 GMT
via: 1.1 google
server: nginx/1.20.2
access-control-allow-origin: *
p3p: CP='This is not a P3P policy!'
location: https://dsum.casalemedia.com/crum?cm_dsp_id=191&external_user_id=aa5caa1a-4c1e-627b-89d6fbc8
cache-control: max-age=3600
content-type: text/html; charset=utf-8
alt-svc: clear
content-length: 119

GET
H/1.1 200
OK bridge
cm.adgrx.com/ Frame D69B 43 B
408 B 110ms
19ms Image
image/gif 72.251.241.206

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.adgrx.com/bridge?AG_PID=casale&AG_SETCOOKIE&gdpr=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fportalsemakan.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 72.251.241.206 -, , ASN (),
Reverse DNS
Software: Cowboy /
Resource Hash: 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 21 Mar 2022 14:45:58 GMT
server: Cowboy
P3P: CP="NOI OTC OTP OUR NOR"
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate, proxy-revalidate
Connection: keep-alive
Content-Type: image/gif
X-RealServer-NX: ams-delivery-4
Content-Length: 43
Expires: Thu, 23 Sep 2004 17:42:04 GMT

GET
H/1.1 200
OK htw-pixel.gif
js-sec.indexww.com/ht/ Frame D69B 43 B
425 B 8ms
7ms Image
image/gif 184.30.24.241
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://js-sec.indexww.com/ht/htw-pixel.gif?YjiPoC-TpvJkZfw8O1wkKgAA%261126
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fportalsemakan.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.30.24.241 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-24-241.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Mon, 21 Mar 2022 14:45:57 GMT
Last-Modified: Tue, 24 Jan 2017 19:36:04 GMT
Server: Apache
ETag: "da1f1d-2b-546dc3a097100"
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=1822
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: image/gif
Content-Length: 43
Expires: Mon, 21 Mar 2022 15:16:19 GMT

GET
H2

200

setuid
px.ads.linkedin.com/ Frame 5BCF
Redirect Chain

https://token.rubiconproject.com/token?pid=36584
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=L10TLQUI-V-JH40

0
141 B

182ms
182ms

Image
text/plain

2620:1ec:21::14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=L10TLQUI-V-JH40
Protocol: H2
Server: 2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 21 Mar 2022 14:45:57 GMT
x-li-pop: afd-prod-lor1-x
x-msedge-ref: Ref A: FCC66A8B757749A2B2AD1EE0D2272B4B Ref B: FRAEDGE1317 Ref C: 2022-03-21T14:45:58Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-lor1
x-li-proto: http/2
content-length: 0
x-li-uuid: AAXau43pVHWPSbhxjGueSQ==

Redirect headers

Location: https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=L10TLQUI-V-JH40
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: de8527bfa1ccfd6c1590da0d3b6cff52
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2 200 rubicon
match.adsrvr.org/track/cmf/ Frame 5BCF 70 B
264 B 33ms
31ms Image
image/gif 35.71.131.137
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/rubicon
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 21 Mar 2022 14:45:58 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H2

204

v1
ads.yahoo.com/cms/ Frame 5BCF
Redirect Chain

https://token.rubiconproject.com/token?pid=26594
https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=L10TLQUI-V-JH40&sigv=1&esig=2~4ed689c217fe8656eec1ec9620d42d320922d7d0

0
194 B

74ms
21ms

Image
text/plain

2a00:1288:80:807::1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=L10TLQUI-V-JH40&sigv=1&esig=2~4ed689c217fe8656eec1ec9620d42d320922d7d0

Protocol

Server

2a00:1288:80:807::1 -, , ASN (),

Reverse DNS

Software

ATS /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 21 Mar 2022 14:45:58 GMT
cache-control: no-store
x-content-type-options: nosniff
server: ATS
strict-transport-security: max-age=15552000
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-xss-protection: 1; mode=block

Redirect headers

Location: https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=L10TLQUI-V-JH40&sigv=1&esig=2~4ed689c217fe8656eec1ec9620d42d320922d7d0
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: de8527bfa1ccfd6c1590da0d3b6cff52
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 5BCF
Redirect Chain

https://token.rubiconproject.com/token?pid=2249&pt=n
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=OWU1NDZlYWQyMWY0YTkxYWE5M2RjNmJlOTJlY2EzNzAwNDM1YTcxNQ

170 B
189 B

51ms
51ms

Image
image/png

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=OWU1NDZlYWQyMWY0YTkxYWE5M2RjNmJlOTJlY2EzNzAwNDM1YTcxNQ

Protocol

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 21 Mar 2022 14:45:58 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=OWU1NDZlYWQyMWY0YTkxYWE5M2RjNmJlOTJlY2EzNzAwNDM1YTcxNQ
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: de8527bfa1ccfd6c1590da0d3b6cff52
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1

200
OK

ecm3
aax-eu.amazon-adsystem.com/s/ Frame 5BCF
Redirect Chain

https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=
https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&dcc=t
https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=Y2h-qFmqTPKyKMLFX5HBqA&rk=usync-other
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=Y2h-qFmqTPKyKMLFX5HBqA

43 B
556 B

34ms
34ms

Image
image/gif

52.94.223.167
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=Y2h-qFmqTPKyKMLFX5HBqA

Protocol

HTTP/1.1

Server

52.94.223.167 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 21 Mar 2022 14:45:58 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: W9TW3QWHA19TAJN8HJQP
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location: https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=Y2h-qFmqTPKyKMLFX5HBqA
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 37b22a0c36bd84993dd2cda4a5e04b1d
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1

204
No Content

tap.php
pixel.rubiconproject.com/ Frame 5BCF
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEHCLD5IBsBw5su0M30NatYg&google_cver=1

0
239 B

9ms
9ms

Image
image/gif

69.173.144.139
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEHCLD5IBsBw5su0M30NatYg&google_cver=1
Protocol: HTTP/1.1
Server: 69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost: 37b22a0c36bd84993dd2cda4a5e04b1d
Content-Type: image/gif

Redirect headers

pragma: no-cache
date: Mon, 21 Mar 2022 14:45:58 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEHCLD5IBsBw5su0M30NatYg&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 326
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 5BCF
Redirect Chain

https://token.rubiconproject.com/token?pid=25470
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDEwVExRVUktVi1KSDQw

170 B
189 B

50ms
50ms

Image
image/png

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDEwVExRVUktVi1KSDQw

Protocol

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 21 Mar 2022 14:45:58 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDEwVExRVUktVi1KSDQw
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: de8527bfa1ccfd6c1590da0d3b6cff52
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET

dcm
s.amazon-adsystem.com/ Frame 5BCF
Redirect Chain

https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=
https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&dcc=t

0
0

GET
H2 200 pixel.gif
px.moatads.com/ Frame 0478 43 B
260 B 10ms
10ms Image
image/gif 184.30.25.161
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=9&q=0&hp=1&ra=1&pxm=8&sgs=3&vb=-1&kq=1&lo=0&uk=null&pk=0&wk=0&rk=0&tk=0&ak=-&i=TRIPLELIFT1&ol=4130158442&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2FG)lKr%23l9jmUdTfN%5Bqir1fcSC%3AU%3FWOvTh%7CzFK%3F%5B%22l!j%3F%5DV%22%3BU!%2FBwj%5DUG0U20!9%3Am%5EG..%2C*%5D%407%25rxaxcpaO%2BZ%5EhG%22%3ExZq%224%7CQjw%60.%7Bi%3F%5DQZ%2CA2%2BNhloI%40s1%7CZ5*%3FVl%3Fe3%7CqL5%40J%3D%5B%2BxkrG%3DGfv)C%24%7CQJ%3BatASYUby%3D(tN%23V.x%3Bm_Qrw5.W%2F84VKp%40i6AKx!f%3EUYoo813_xB%2CN22Ib%40aFB&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=2%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-MyicW%2BgiY9PHPf0uHVjPGlx1P1tMeAYh8VIp1Vf7AbESGfrl5%2FmliBNlAlwWxmRnpyWz&rs=1-dbBp6wlWe0wLgg%3D%3D&sc=1&os=1-hg%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=728&qe=90&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&vf=1&vg=100&bq=0&g=5&h=90&w=728&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&zGSRC=1&gu=https%3A%2F%2Fportalsemakan.com%2F&id=0&ii=3&f=1&j=https%3A%2F%2Fportalsemakan.com&lp=https%3A%2F%2Fportalsemakan.com&t=1647873952277&de=892955060384&cu=1647873952277&m=5166&ar=359f21c1e97-clean&iw=06f1dbb&cb=0&ym=0&ll=2&lm=1&ln=1&r=0&dl=0&nh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=94&le=1&lf=231&lg=1&lh=41&gm=1&io=1&ch=1&vv=3&vw=0%3A3%3A0&vp=100&vx=-%3A100%3A-&pe=0%3A384%3A384%3A791%3A373&aa=1&ad=5011&cn=1161&gn=1&gk=5011&gl=1161&ik=5011&ic=5011&ez=1&co=1161&cp=1103&cq=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=4953&cd=1103&ah=4953&am=1103&xd=00&rf=0&re=1&wb=2&cl=0&at=0&d=7207%3A39761%3Aundefined%3A10&bo=2460&bd=portalsemakan.com&gw=triplelift879988051105&zMoatOrigSlicer1=2460&zMoatOrigSlicer2=569629&zMoatTactic=undefined&zMoatPixelParams=aid%3A25795656294880711728720%3Bsr%3A10%3Buid%3A0%3B&zMoatJS=3%3A-&hv=Triplelift%20Override%201&ab=2&ac=1&fd=1&kt=sframe&it=500&fz=1&oq=1&ot=ff&ti=0&ih=1&jm=3&tc=0&fs=197273&na=529605890&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.30.25.161 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-25-161.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://4ff8e811445a9b61eb0bed126f8b9447.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 21 Mar 2022 14:45:58 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Mon, 21 Mar 2022 14:45:58 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: cm.g.doubleclick.net
URL: https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YjiPoC_TpvJkZfw8O1wkKgAABGYAAAIB&google_push=AYg5qPJxyGBBbYNG-y9yZW834sPI6dM3xCR2PVDVi4e9gdyZHyFk2Ktw_p0MR5mURdt-NyWAuvXztpVZXUx2HPuaxuY7VlGJ8Lg&google_cver=1&google_gid=CAESEDNk9oWafI2wi_-0iAaXeBk

Domain: cm.g.doubleclick.net
URL: https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=mdd2sQhGS6yxiv-ZHlUtGQ&google_push=AYg5qPIL1RzQcjmsb-NXFWhV7CCxQVBNzDEgpEeraRld3wEV5gDFkPkRoGjI_IMW1jXLhBnJ7TuzVIlZDFAZM-XuGYSsAP8__Q

Domain: cm.g.doubleclick.net
URL: https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YjiPoC_TpvJkZfw8O1wkKgAABGYAAAIB&google_gid=CAESEDNk9oWafI2wi_-0iAaXeBk&google_cver=1&google_push=AYg5qPIIHqDqXfQ-ZCxovg8ZCWiHasuFq9Cg84C-17qEK0aY4ZM6BDaIBcg70parS8icdyET_Zq2k5_fjz3rWrqoOL0LmKV5DOE

Domain: cm.g.doubleclick.net
URL: https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=mdd2sQhGS6yxiv-ZHlUtGQ&google_push=AYg5qPL8PpPWhPWxw-MHJoludsY4ISoHOKH1326UvkUUiWZGtBfCh43CtpCfsxMw-kNygH9v4ULJsBtS4D0RzCwI7PqxrwO5bEY

Domain: cm.g.doubleclick.net
URL: https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=mdd2sQhGS6yxiv-ZHlUtGQ&google_push=AYg5qPIxTu2LD5GeWwK5scsQL04LK3o5j9RkSQXtbJWlue_SXPp5k9dZIJyR5IjKnoSCKEmY0cY1bMAWtTUZjpVpPBYINjLBHmI

Domain: sync-tm.everesttech.net
URL: https://sync-tm.everesttech.net/upi/pid/RVF22VSl?redir=https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D3657%26xuid%3D%24%7BTM_USER_ID%7D%26dongle%3D3c0a%26gdpr=1%26gdpr_consent=

Domain: pixel.onaudience.com
URL: https://pixel.onaudience.com/?partner=104&icm&cver&mapped=29b9fe51850f24148da6ad0178b902ee&gdpr=1

Domain: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&dcc=t

Verdicts & Comments Add Verdict or Comment

144 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

75 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
portalsemakan.com/permohonan-pelan-data-pelajar	1969-12-31 23:59:59	Name: quads_browser_width Value: 1600
.3lift.com/sync	1970-01-20 03:54:09	Name: sync Value: CgoIgAIQ3aXE5_ovCgoIgQIQyJzE5_ovCgoIggIQ3aXE5_ovCgoIhwIQyJzE5_ovCgkICRDInMTn-i8KCQhJEMmlxOf6LwoJCAsQyJzE5_ovCgoIiwIQ3aXE5_ovCgoIjAIQyJzE5_ovCgoIzgEQyaXE5_ovCgoIjgEQyaXE5_ovCgoIjwIQ3aXE5_ovCgoIkQIQyaXE5_ovCgoIkgIQyaXE5_ovCgoIlAIQyaXE5_ovCgoI1gEQyaXE5_ovCgoIlgIQ3aXE5_ovCgkIGxDJpcTn-i8KCgjeARDdpcTn-i8KCQhfEMicxOf6LwoJCB8QyaXE5_ovCgoIoQEQyJzE5_ovCgoIoQIQ3aXE5_ovCgoI4gEQyJzE5_ovCgoI4wEQ3aXE5_ovCgoI5gEQyJzE5_ovCgoI5wEQ3aXE5_ovCgkIcxDdpcTn-i8KCQg5EMmlxOf6LwoJCDoQyJzE5_ov
.portalsemakan.com/	1970-01-20 19:15:45	Name: _ga_9BPNW7KP57 Value: GS1.1.1647873950.1.0.1647873950.0
portalsemakan.com/	1970-01-20 02:27:45	Name: _pbjs_userid_consent_data Value: 3524755945110770
.portalsemakan.com/	1970-01-20 06:03:45	Name: _pubcid Value: 43956a24-03d0-40ff-96fa-0d369d41b54d
.mgid.com/	1970-01-20 01:44:35	Name: __cf_bm Value: z4QYS9tMJy495bvIsDmq2NeyutqRy7fqHy79NnkSh5U-1647873951-0-AXCuj6NpY2y/1ojVMELYpR4KOYVVNoasido7IF02zrrwqNYYLL97Tph9UCkFo07oHYCUY9W6zSktwFmVwLLX9N4=
.portalsemakan.com/	1970-01-20 19:15:45	Name: _ga Value: GA1.2.501444452.1647873950
.portalsemakan.com/	1970-01-20 01:46:00	Name: _gid Value: GA1.2.1833555791.1647873951
.portalsemakan.com/	1970-01-20 01:44:34	Name: _gat_gtag_UA_55620648_23 Value: 1
.rubiconproject.com/	1970-01-20 10:30:09	Name: khaos Value: L10TLQUI-V-JH40
.rubiconproject.com/	1970-01-20 10:30:09	Name: audit Value: 1\|naVuGyos1qp/EaIqIC0M6j5APvdogVCbaTd6KyMQnat7y9GyzaExIVDcBug1vyBDnJVObN2ouWjEs8cM58YHJ+CAnekPgJib+c7HegnpOM3QD5U7tEfUTQ==
.doubleclick.net/	1970-01-20 11:06:09	Name: IDE Value: AHWqTUnRYsFoqRGhAtb4xOJZN8H-P3v357gs2Fas9IHEKA9C7XrIy8Cb2UGdvCXWXr0
portalsemakan.com/	1970-01-20 11:06:09	Name: cto_bidid Value: B6yclF9GOG5xcXpFNEZZMSUyRlJ6cWMwJTJGWkhBUmNKR3FId2pHT0lydms2JTJGQVF1T2x6MXclMkZjNkhRR3dWTmFrUzB4QlE0ZGU0cjBZJTJCejk4ajFnJTJGMDFFcXlGWGpPdyUzRCUzRA
portalsemakan.com/	1970-01-20 11:06:09	Name: cto_bundle Value: _XVV5V9CWklnV0YzckU5SUQyS0dUS2F0NzJWa2ZxRnBmd1Q4SHRMREJtSVR0ME9Pa05yY0J3MWZCajIzMm5lREpvYU1CMXRQZ2hEdm5vcmpIYXhEWDQyY1FRN1Z0ZXhjSVNyRHVoUTl4ZTZUN0p3UVNDalNTMVZ4anVXMlRZdnAxdk1xaw
servicer.mgid.com/	1970-01-20 01:44:34	Name: __mglb Value: ed02bb11b748a9279413c1eb8e47c448
.mgid.com/	1970-01-25 20:31:23	Name: muidn Value: m2lQ3ZfoRJJ7
.portalsemakan.com/	1970-01-20 11:06:09	Name: __gads Value: ID=fcd06c51c05991a7:T=1647873951:S=ALNI_MZtnGnzx-HGbpKfezQREH3cQkCOqw
portalsemakan.com/	1969-12-31 23:59:59	Name: MarketGidStorage Value: %7B%220%22%3A%7B%22svspr%22%3A%22%22%2C%22svsds%22%3A1%2C%22TejndEEDj%22%3A%22SU57lyTbp%22%7D%2C%22C1233564%22%3A%7B%22page%22%3A1%2C%22time%22%3A1647873951773%7D%2C%22C1233814%22%3A%7B%22page%22%3A1%2C%22time%22%3A1647873951951%7D%7D
.quantserve.com/	1970-01-20 11:14:48	Name: mc Value: 62388fa0-9a71d-264b3-58680
.casalemedia.com/	1970-01-20 10:30:09	Name: CMID Value: YjiPoC-TpvJkZfw8O1wkKgAA
.casalemedia.com/	1970-01-20 03:54:09	Name: CMPS Value: 3271
.pubmatic.com/	1970-01-20 01:46:00	Name: KTPCACOOKIE Value: YES
.casalemedia.com/	1970-01-20 03:54:09	Name: CMPRO Value: 1126
.pubmatic.com/	1970-01-20 03:54:09	Name: KADUSERCOOKIE Value: 693F7F8C-3EA6-4C2C-9BEF-784CFC23A086
.3lift.com/	1970-01-20 03:54:09	Name: tluid Value: 2456481663732240253697
.yahoo.com/	1970-01-20 10:30:31	Name: A3 Value: d=AQABBKCPOGICEC1Z9BesMH75lM6TrdPFY0UFEgEBAQHhOWJCYgAAAAAA_eMAAA&S=AQAAAshRrlEkCabRs-Ux7cHrkao
.w55c.net/	1970-01-20 11:14:48	Name: wfivefivec Value: gVwIqCUY1Nwji85
.w55c.net/	1970-01-20 02:27:45	Name: matchgoogle Value: 5
.analytics.yahoo.com/	1970-01-20 10:30:09	Name: IDSYNC Value: 18yx~23vq
.bidswitch.net/	1970-01-20 10:30:09	Name: tuuid Value: d7675448-eb59-49fd-826b-42bb1087fe5b
.bidswitch.net/	1970-01-20 10:30:09	Name: c Value: 1647873953
.bidswitch.net/	1970-01-20 10:30:09	Name: tuuid_lu Value: 1647873953
.adfarm1.adition.com/	1970-01-20 03:54:09	Name: UserID1 Value: 7077564736077691022
.de17a.com/	1970-01-20 10:22:57	Name: guid2 Value: 1.1038671538451992436
.360yield.com/	1970-01-20 03:54:09	Name: tuuid Value: 99d776b1-0846-4bac-b18a-ff991e552d19
.360yield.com/	1970-01-20 03:54:09	Name: tuuid_lu Value: 1647873953
.adsrvr.org/	1970-01-20 10:30:09	Name: TDID Value: 4b0a2518-cedf-41c8-a309-0063fb5b5a2f
portalsemakan.com/	1970-01-20 03:10:57	Name: pubmatic-unifiedid Value: %7B%22TDID%22%3A%224b0a2518-cedf-41c8-a309-0063fb5b5a2f%22%2C%22TDID_LOOKUP%22%3A%22FALSE%22%2C%22TDID_CREATED_AT%22%3A%222022-03-21T14%3A45%3A53%22%7D
.bing.com/	1970-01-20 11:06:09	Name: MUID Value: 3A4ED39F3A456F1B38BAC2F13B976E57
.casalemedia.com/	1970-01-20 01:46:00	Name: CMST Value: YjiPoGI4j6EA
.ads.linkedin.com/	1969-12-31 23:59:59	Name: lang Value: v=2&lang=en-us
.linkedin.com/	1970-01-20 19:16:27	Name: bcookie Value: "v=2&8378d296-17ea-4b85-8e7c-73497944e219"
.linkedin.com/	1970-01-20 18:58:42	Name: li_gc Value: MTswOzE2NDc4NzM5NTM7MjswMjEUCjzMW8f4FcyFs42AI0ggaH+6xCCACDxEYPFkZWdg9Q==
.linkedin.com/	1970-01-20 01:46:00	Name: lidc Value: "b=OGST04:s=O:r=O:a=O:p=O:g=2579:u=1:x=1:i=1647873953:t=1647960353:v=2:sig=AQEk0w7DLST2wm4hVavUemKhBOh4JZ2u"
.travelaudience.com/	1970-01-20 11:14:48	Name: _tracker Value: %7B%22UUID%22%3A%22C7307184-E54E-4C73-9820-89839258CEF9%22%7D
.blismedia.com/	1970-01-20 10:30:13	Name: b Value: 62388FA12F81E52392D545B4BLIS
.sportradarserving.com/	1970-01-20 10:30:09	Name: zuuid Value: d02d3ff2-4f08-4f31-92c9-bd402199c4c3
.sportradarserving.com/	1970-01-20 10:30:09	Name: c Value: 1647873953
.sportradarserving.com/	1970-01-20 10:30:09	Name: zuuid_lu Value: 1647873953
.sportradarserving.com/	1970-01-20 10:30:09	Name: zuuid_k Value: 1
.sportradarserving.com/	1970-01-20 10:30:09	Name: zuuid_k_lu Value: 1647873953
.1rx.io/	1970-01-20 10:30:09	Name: _rxuuid Value: %7B%22rx_uuid%22%3A%22RX-0844808e-b714-4afc-86dd-865b883f2efc-003%22%7D
.simpli.fi/	1970-01-20 10:31:36	Name: suid Value: F8BF38D9B45B484595C8337844ED8500
.adform.net/	1970-01-20 02:29:12	Name: C Value: 1
.criteo.com/	1970-01-20 11:06:09	Name: uid Value: 6abe6e62-2b5b-4b7e-ac47-22d5f1092c46
.adform.net/	1970-01-20 03:10:57	Name: uid Value: 5769212573656456432
.portalsemakan.com/	1970-01-20 11:06:09	Name: cto_bundle Value: CYVpkF9CWklnV0YzckU5SUQyS0dUS2F0NzJTMGZrWEFwciUyRjJsQ1RFTXBSUXpqNU5hJTJGNzI5WkM0dmVQZXp1NGZHcHhXdmRpeFJHQWhlb08xVnBIYTZMdXd6dTglMkZVUW5CRWgwUlElMkJnRElETDA2NllidlR6a1ZobXVFQiUyRjN6ZDJHNmNpTFlIYzloM3ZVejlDQ25jUXBKaVdmM0l3JTNEJTNE
.targeting.unrulymedia.com/	1970-01-20 10:30:09	Name: _rxuuid Value: %7B%22rx_uuid%22%3A%22RX-0844808e-b714-4afc-86dd-865b883f2efc-003%22%7D
.w55c.net/	1970-01-20 02:27:45	Name: matchtriplelift Value: 5
.quantserve.com/	1970-01-20 03:54:09	Name: d Value: EFQBEAHbJYENv6kw
.adnxs.com/	1970-01-20 03:54:09	Name: uuid2 Value: 2164802784335980141
.mathtag.com/	1970-01-20 11:10:29	Name: uuid Value: 2e1b6238-8fa2-4f00-8b78-f55dd9c91e8e
.turn.com/	1970-01-20 06:03:45	Name: uid Value: 9000801265669109281
.bidr.io/	1970-01-20 11:13:07	Name: bito Value: AAFkMU7EcR8AADD5lg4-2A
.bidr.io/	1970-01-20 11:13:07	Name: bitoIsSecure Value: ok
.mfadsrvr.com/	1970-01-20 19:15:45	Name: tuuid Value: fc0601c6-8167-4604-b087-665fa668a7ed
.mfadsrvr.com/	1970-01-20 19:15:45	Name: c Value: 1647873954
.mfadsrvr.com/	1970-01-20 19:15:45	Name: tuuid_lu Value: 1647873954
.mfadsrvr.com/	1970-01-20 19:15:45	Name: ssh Value: !triplelift,1647873954
sync.srv.stackadapt.com/	1970-01-20 10:30:09	Name: sa-user-id Value: s%3A0-e37a6537-d40f-4e98-47c2-3f4b11d0d740.L2D9IM3hEcyssJ9vK86P2XKbTN38VrVJkIDT6%2BHLmXM
.srv.stackadapt.com/	1970-01-20 10:30:09	Name: sa-user-id-v2 Value: s%3A43plN9QPTphHwj9LEdDXQLnVm6Y.xEgY8DiiVQwQRjDKB3Uw1adLhXfvxI%2BSIUiYY%2BjSeSo
.ipredictive.com/	1970-01-20 10:30:09	Name: cu Value: 9cade9e8-a925-11ec-acef-2731f15be632\|1647873954917
.realestate.com.au/	1970-01-25 20:29:45	Name: mid Value: 11845544451054377856
data.ad-score.com/	1970-01-21 21:33:36	Name: token Value: MuPStxLrwupsh-0gcq-PEtahTDNDkHjn
.realestate.com.au/	1970-01-20 10:30:09	Name: External Value: %2FTRIPLELIFT%3D2456481663732240253697%2F_EXP%3D1679409955%2F_exp%3D1679409955

18 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://prebid.ad.smaato.net/oapi/prebid Message: Failed to load resource: the server responded with a status of 400 ()
network	error	URL: https://prebid.ad.smaato.net/oapi/prebid Message: Failed to load resource: the server responded with a status of 400 ()
network	error	URL: https://prebid.ad.smaato.net/oapi/prebid Message: Failed to load resource: the server responded with a status of 400 ()
network	error	URL: https://prebid.ad.smaato.net/oapi/prebid Message: Failed to load resource: the server responded with a status of 400 ()
network	error	URL: https://prebid.ad.smaato.net/oapi/prebid Message: Failed to load resource: the server responded with a status of 400 ()
network	error	URL: https://prebid.ad.smaato.net/oapi/prebid Message: Failed to load resource: the server responded with a status of 400 ()
other	warning	URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20211103_RC00/outstream.min.js(Line 346) Message: Unrecognized feature: 'attribution-reporting'.
other	warning	URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20211103_RC00/outstream.min.js(Line 346) Message: Unrecognized feature: 'attribution-reporting'.
javascript	warning	URL: https://z.moatads.com/triplelift879988051105/moatad.js(Line 132) Message: The deviceorientation events are blocked by permissions policy. See https://github.com/w3c/webappsec-permissions-policy/blob/master/features.md#sensor-features
network	error	URL: https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YjiPoC_TpvJkZfw8O1wkKgAABGYAAAIB&google_push=AYg5qPJxyGBBbYNG-y9yZW834sPI6dM3xCR2PVDVi4e9gdyZHyFk2Ktw_p0MR5mURdt-NyWAuvXztpVZXUx2HPuaxuY7VlGJ8Lg&google_cver=1&google_gid=CAESEDNk9oWafI2wi_-0iAaXeBk Message: Failed to load resource: net::ERR_TOO_MANY_REDIRECTS
network	error	URL: https://ib.adnxs.com/prebid/setuid?bidder=triplelift_native&gdpr=1&gdpr_consent=&uid=2456481663732240253697 Message: Failed to load resource: the server responded with a status of 400 (Request failed due to privacy signals)
network	error	URL: https://ib.adnxs.com/prebid/setuid?bidder=triplelift&gdpr=1&gdpr_consent=&uid=2456481663732240253697 Message: Failed to load resource: the server responded with a status of 400 (Request failed due to privacy signals)
network	error	URL: https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=mdd2sQhGS6yxiv-ZHlUtGQ&google_push=AYg5qPIL1RzQcjmsb-NXFWhV7CCxQVBNzDEgpEeraRld3wEV5gDFkPkRoGjI_IMW1jXLhBnJ7TuzVIlZDFAZM-XuGYSsAP8__Q Message: Failed to load resource: net::ERR_TOO_MANY_REDIRECTS
network	error	URL: https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=mdd2sQhGS6yxiv-ZHlUtGQ&google_push=AYg5qPL8PpPWhPWxw-MHJoludsY4ISoHOKH1326UvkUUiWZGtBfCh43CtpCfsxMw-kNygH9v4ULJsBtS4D0RzCwI7PqxrwO5bEY Message: Failed to load resource: net::ERR_TOO_MANY_REDIRECTS
network	error	URL: https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YjiPoC_TpvJkZfw8O1wkKgAABGYAAAIB&google_gid=CAESEDNk9oWafI2wi_-0iAaXeBk&google_cver=1&google_push=AYg5qPIIHqDqXfQ-ZCxovg8ZCWiHasuFq9Cg84C-17qEK0aY4ZM6BDaIBcg70parS8icdyET_Zq2k5_fjz3rWrqoOL0LmKV5DOE Message: Failed to load resource: net::ERR_TOO_MANY_REDIRECTS
network	error	URL: https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=mdd2sQhGS6yxiv-ZHlUtGQ&google_push=AYg5qPIxTu2LD5GeWwK5scsQL04LK3o5j9RkSQXtbJWlue_SXPp5k9dZIJyR5IjKnoSCKEmY0cY1bMAWtTUZjpVpPBYINjLBHmI Message: Failed to load resource: net::ERR_TOO_MANY_REDIRECTS
network	error	URL: https://c1.adform.net/serving/cookie/match?party=29&gdpr=1 Message: Failed to load resource: the server responded with a status of 403 ()
network	error	URL: https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID&gdpr=1 Message: Failed to load resource: the server responded with a status of 400 (Request failed due to privacy signals)

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

4ff8e811445a9b61eb0bed126f8b9447.safeframe.googlesyndication.com
a.sportradarserving.com
a.volvelle.tech
aax-eu.amazon-adsystem.com
acdn.adnxs.com
ad.turn.com
adasia-d.openx.net
ads.pubmatic.com
ads.travelaudience.com
ads.yahoo.com
adservice.google.com
adservice.google.de
anymind360.com
b1sync.zemanta.com
b1t-eudc1.zemanta.com
bid.g.doubleclick.net
bidder.criteo.com
bttrack.com
c.bing.com
c.mgid.com
c1.adform.net
cdn.jsdelivr.net
cdn.mgid.com
cm.adgrx.com
cm.g.doubleclick.net
cm.mgid.com
cms.quantserve.com
cnt.trvdp.com
csi.gstatic.com
d5p.de17a.com
data.ad-score.com
dis.criteo.com
dmp.brand-display.com
dsp.adfarm1.adition.com
dsum-sec.casalemedia.com
dsum.casalemedia.com
eb2.3lift.com
eus.rubiconproject.com
fastlane.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
gcdn.2mdn.net
geo.moatads.com
go.trvdp.com
googleads.g.doubleclick.net
gum.criteo.com
hbopenbid.pubmatic.com
htlb.casalemedia.com
ib.3lift.com
ib.adnxs.com
image2.pubmatic.com
image4.pubmatic.com
image6.pubmatic.com
imasdk.googleapis.com
js-sec.indexww.com
jsc.mgid.com
match.adsby.bidtheatre.com
match.adsrvr.org
match.prod.bidr.io
mug.criteo.com
odr.mookie1.com
pagead2.googlesyndication.com
partner.googleadservices.com
pixel-sync.sitescout.com
pixel.everesttech.net
pixel.onaudience.com
pixel.quantserve.com
pixel.rubiconproject.com
pixel.wp.com
pm.w55c.net
portalsemakan.com
pr-bh.ybp.yahoo.com
prebid.ad.smaato.net
prg.smartadserver.com
px.ads.linkedin.com
px.moatads.com
r2---sn-5hne6nzd.c.2mdn.net
rtb.adentifi.com
rtb.mfadsrvr.com
rtb.openx.net
s-img.mgid.com
s.ad.smaato.net
s.amazon-adsystem.com
s.trvdp.com
s0.2mdn.net
sasinator.realestate.com.au
secure.adnxs.com
securepubads.g.doubleclick.net
servicer.mgid.com
simage2.pubmatic.com
sportradarserving.com
ssbsync.smartadserver.com
ssum-sec.casalemedia.com
stas.outbrain.com
static.criteo.net
stats.wp.com
stg.truvidplayer.com
sync-tm.everesttech.net
sync.1rx.io
sync.hgrtb.com
sync.ipredictive.com
sync.mathtag.com
sync.srv.stackadapt.com
sync.targeting.unrulymedia.com
telekom.com.my
tlx.3lift.com
token.rubiconproject.com
tpc.googlesyndication.com
tr.blismedia.com
triplelift-match.dotomi.com
u.openx.net
um.simpli.fi
ups.analytics.yahoo.com
video-native.mgid.com
widgets.zemanta.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
x.bidswitch.net
z.moatads.com
zem.outbrainimg.com
cm.g.doubleclick.net
pixel.onaudience.com
s.amazon-adsystem.com
sync-tm.everesttech.net
104.19.132.78
104.19.135.78
108.128.215.255
108.138.7.20
13.248.245.213
130.211.115.4
142.250.186.162
151.101.1.108
151.101.114.132
151.101.194.132
159.65.196.12
169.50.137.184
178.250.0.163
178.250.2.131
178.250.2.146
18.156.0.31
18.156.61.45
18.168.215.250
18.184.10.104
18.184.64.118
18.197.113.18
18.66.112.66
184.30.24.198
184.30.24.241
184.30.25.161
184.31.84.150
185.29.132.245
185.33.220.242
185.64.189.112
185.64.190.78
185.64.190.80
185.86.138.16
185.86.139.104
192.0.76.3
192.132.33.46
198.47.127.20
2001:678:cb4:bbbb::11
209.54.177.54
213.155.156.180
213.19.147.45
213.227.153.223
220.158.200.104
23.79.143.124
2600:9000:223e:2e00:1e:6a6f:9700:93a1
2600:9000:223f:b000:3:7e1c:5b40:93a1
2600:9000:2251:8000:d:3c0f:bcc0:93a1
2600:9000:225e:2a00:1b:5138:8a40:93a1
2602:803:c003:200::31
2606:4700::6810:5914
2607:f8b0:4003:c05::78
2620:116:800d:21:3175:5196:e3fd:8c1d
2620:1ec:21::14
2620:1ec:c11::200
2a00:1288:80:807::1
2a00:1450:4001:801::2001
2a00:1450:4001:801::2002
2a00:1450:4001:801::2004
2a00:1450:4001:803::2006
2a00:1450:4001:809::200a
2a00:1450:4001:80f::2002
2a00:1450:4001:812::200a
2a00:1450:4001:812::200e
2a00:1450:4001:827::2002
2a00:1450:4001:828::2001
2a00:1450:4001:82a::2003
2a00:1450:4001:830::2008
2a00:1450:4001:830::200e
2a00:1450:4001:831::2002
2a00:1450:400e:13::7
2a02:2638::1c
2a02:2638::3
2a02:fa8:8806:13::1370
2a03:90c0:41:2801::254
2a04:4e42:400::645
2a05:d018:d29:3605:2e02:fe1c:9c40:529
2a06:98c1:3121::7
3.122.58.109
3.233.223.17
34.111.151.213
34.199.124.234
34.96.105.8
34.98.64.218
34.98.67.61
35.186.253.211
35.190.0.66
35.210.178.101
35.71.131.137
37.157.2.238
37.252.172.38
44.198.171.22
50.31.142.31
52.200.181.105
52.58.249.203
52.94.223.167
54.171.228.20
54.76.14.137
54.79.65.128
66.102.1.157
66.155.71.150
69.173.144.139
69.173.144.165
70.42.32.255
72.251.241.206
85.114.159.93
080d8bc28812d9e7aff55c468d183de77b357ee528a8794278268f9be0466b07
08285afd2f0c11a2a9d89f00dce769479e4d164e62caa39eceea9f1eb551afa9
08ca0c73f89f5bc5963159017015d8a2367b34a502c940b7052082c40c927939
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5
0ce5fc08d0f617e71e1d61bcd79fc7cc1855f4221945b0c09ac774685fe7f52c
0e891d90fd990f2642959e9f11eb7f5158bb0d1403a50e3dd2c0d2a13732e02c
0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9
0f4c134a1329fa98bc979f0e1e9d2b1ffdbcbbff36feafb1112e61d7d5896245
12b4b4e7e185dd82c01c946b699fec57ad102914547ad6d5bc01c33e6ae49d66
1531278c4d067baca5faac5500b20b82f324038961bc606a48cabed47a1bc4e6
16dd323fc179f4da7111503bdc1a8e2a8b034540ad3e1cf0a040d4d0ce7d04e3
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
19b9238deeb36d92542e553d53152af605571302660d7742debd1daf242a3095
1a47db309f617260890adfb5406191b1e34f5da5228e1aa7740a62ae41cdd2cc
1b02ea72ff6207ab32775b0c7cf6532c0fb886de285e03e9674878d3bbc981fc
1cc5fba1b17b26c8975d63d581f375152c583264b4ba58a2d2eacac2d11d90ee
1ddb3277324a871335ef0b7e680de58c9a79b3c1355b4082ca5425818c8a0306
1e811ad01cdb86c2e3371c21e43125f873f1e6668400fe6d40b5e34878f960b5
1f4644988cfb9648d5236c12056f9ca31317c75544ef8776f4fec148322bb954
1f8eec76f31b10119ae9981e97c2ce3cfc937114c4c60753e901b2e10ccde822
1fe9162057c0bb787bda01e2098226be4b37bd2da37b04cafe35867f46b6b8cc
202f0cba1f0b9349dcf368c51767ee39e9834fc529d9adb7b0bc1ee10be2ccf6
21736339df5742973ef0a07c9100f0b201934ce3b857bc6b6ffce5235e6a3d84
256e0e83dfacee11b77dd365ca6df28b68b53aba9f28fdfcc9bb2f2e7e700cd2
27fab14198ee501fee429ec1be7048d0af1ae5ee2b24a7478729118914c2c726
28e95c0c629214fd64fe7c628cc37357d903aa65fb950d35d2e43d9c07e10e3e
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2e10d353ff038c2cad3492fc17801af3e6ef2669c9e9713bdb78b1dcb104c4fe
2e858a3bf02390ad4f8a5db4f1b4b979d96db387f48f1c6069557bc369ee6662
2fb3bb7d1c60c2a620ee6e97071dd6bff7b2043dfbc68ac8048f2a84fb42008e
2fd4c3ae6afc2b4026d9f0b64b8ff1110ecfcf47b90bc988c06e844b3921cbf6
325e6a7b68748a169ffb84eef16a6aa2042e2fd8ee1819a61c7a5fb399ba5e54
32bc7c1c64fd1b755d48d6025b86b7e7a28ad35d1f420cf85cdc1123aa7dfcd7
33ca751ed175a163bef530ebdcdbd0a2d15997ccbcbf8d50a6f504e8ffac5a5c
3463aecfd16d3464c8fba9c16df693086482649d04cdfd461b5a71fb0bdeef2e
3711a93caeaa494d7ed37c044fb9121f596628f38c0bd77134d5a62a43873839
38dad5baf5936c66486d5bd9fdcad18bc12abe9e097beb43da851e5523f06c6c
398bff6f830c0175f8229d2eebea531a6ea9df1fcc674fbe08b2e54b8861d6bd
398e6060166aeeffc7d50d05767beebf0ed9e31a1d528f649c93898d6f526317
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3e388f4018a2601fe39782f58944811871994b2f37dd69a7445e329f8447e048
3e724d102e9bdc7dfaddd395c778e2e16c041aac0be0e5694811d0ad0e376c61
3ee2d4d49ebb277239f215da1bcbd8b744738c6f2b70d64e6d54ec6140e9428b
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
4066c90f570d82554427cb534ec0d886d569f53c9d5b06fae0ac41a10061c913
425d7478422a02b8592686dd947b18cae0ca66ab39dc437067219356fb7a0a61
46b8c54b65b5fd3bbe9242cee35773736c5997c027128c7b852df478c6398b4b
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
48ca4c570f2d58d8ff837e1c8f7d73e418a485ae23b2c9322f2f351d71d93aa7
4b6c2cabe35ab603f2cff6d7b73775bca1d81016b1f1e06fe4da4bbf3c5766eb
4c090138c104cc66f39ee1413bb6efb3c892ebc54fa6527e3be4566aac040aef
4c80c27456e44686b378b1024534b69cdff323748c808afb6ea4db2fe974890b
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4fadc70587c09a1b36d035bf43b2bc0a22f306c07fc8d18043389504de3d35a1
5052494ff09c4b59c4dfcd8b00ae07c79c26b63b99fb1a1369e908e8880e05a1
5168404c37cfa1f6fe21ca1d6a93b63705c5657adc834d572b34ac14763098fc
51b52c1cb093ce109440b8e3cce4d8b0a1214db41abbf327fdbab226e6a71a8c
51c86712e4508547b5a2f8771a44a83cbbde1b79b62248027c6a5c3a6ae72b99
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
586799c13e83606a88fdaf81995fc8b6b62afc99860c083d62fc6f9da40d67d7
5965008f49fc5dacad0690c57debaae8e02ab950d984453ea752de4369c07f2f
5f15f4fd8772df9f8469e085c9dcec9ac2b070009ca290d447898bf5400c4021
6046941efa0656622a5f07faee34cc197eafa53b446e6114bdc7b3e9a1af7023
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
67e8df0bfbd50d0ea3434a68b0bdb09caeaa63ab05d13c4705f7baa7fc8a906c
68026f99511fbc5c2275b7068b5fac19797d638977ffb9db12c5c1523614c18f
69c0a8d5284b247bd724d3c3742bdb8d61c5cd8cc5df7fe1144679ec3531d7dc
6aaaf19d843c5492519bd4c991e9d13375cf302b1c92b6284bf9cccd3ca0a048
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6e090d4a97f92f7c44e951a486d5b17f3577c6b3d630f0c33010c45d8f1a0eaa
70d5c4de881e718d0b7638959680ba86722d44eecbe4058d20dd77b8d0d97155
73c73a78933604fd0b0166bd30d9ddd5df2eb4ea29ad66b6fe959e6a2efd18c9
73d48e5b77e6f9c20e969dedbd1b226f3904b843b532a3324297d145596e0564
74f78f2ed0ece5388596fe7c18a9cce5e47e3f156dc34de6572714e48d47742d
75ccc20325c148c3816404b6fc879d73628d1933be3b4127c3ca71a82121abcd
7992a4430843ef8b4bbae534358be3193aa1ae9c78f273e8e8a70b6af1244ac5
7a1471ca7e22e8d7fbd213278b0ae7fb0aceb5315df9342f27b5c935f572a873
7a7e573b4b1ad8c2fc18f46c291254e25a058ab9aa6cffdac1b479e1b3f054b6
7b780ae8f2af1b1eb61f0dcf3cd268c3200592f8fdebb274611bd2a495f93d9d
7c3b96f238042f73d0bedf5877fa02eb834e89649bbd122e2f10cc35238173cf
7fee5488f247de155c84a033494401076018c81062f48180373e3cf05ae47c69
815564293529e8a1273e2d86754ea536392b6bfa1e9d98dadd708d3268e30c21
81c076add5829b12e14b8bdb25bf0acb14afa5c0e370c051ed51efcf2f5dbc3f
82a97b8af9b9acec415f756e9b7e5ffcc8570e956073863a2b44f3fafd02c271
82d0aae1e7b8cfc0574d6548d1f35096f5e4310321aa964ff3fdb46c4d12e302
82e400c090fb5260267fa339b115e8fe2cb3171303e252844d9756f252f39099
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
88915cdc03fc5b9a20aec966fe93ee38aa3fd76bfef296e41d305271b3541c96
8a249ef5d6ecd934e2b64f5883ee3eb3f07db0441011edaeeb01ee0048f84828
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8fbe33313bd0708170444d76e920e57146bfc95b2a3105cbedd920144bf0b01d
964f315ce94016a7bf010a92af0640dd11f1045b514fc4016880b6a9f2018501
966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068
98231b091bf8da0873d415bd50577540cfd620aecb6a978c3e29aa3e52173b2e
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9a474fe9eb1f02e2952a532e5c9d2b95119f85c676a13baf7d9d365ec0d3cf46
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9fa15142d4d1f8aba5ba7f10e72bacaba0ab9265f8ebfc853a7aa2f4230b13f2
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a12a37513b1a7e415907551deecc000268672bac723bfea99cd7af6c742f5b36
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a3fb12e0586cb7710bc4ff3f906aa390cd18576b4d2a086389454e72c7f0b8df
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5c874df6a77647778dadf697aa77de082fb37dfe6bd81fa305c7f4020b1d2ce
a68a70f7be9281f3f7148b38d7f5971f1dc946d3034a40e55021d0fb6fb78d73
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
ab6dd3ce1c2ddd590db04549b0472eef0774692c1189a83d7b9705e02e3c6f53
ac990171fc2a8993d659ce8f10bc0a7815c43835ba1dc00c2246f3556c6eeecd
ade428303f9c76d8491646313b7d889af35bcebb14cd3bec474150ea2cb523f9
ae67ac9818c817005f81e3dd18298662f9c525f3cd73ba216228a29cee460f52
ae72a2bc3c1ab0291872b9998f163bc790d07c316e8b629e38a3f2f761e49f6c
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b1c62ac4c4ead92ca6e5a6c9815052f448bc4d8a15de5c1cdd3095916859242c
b5c315ac0e20cd6fa803c642d705216f1db2b775a01d39659ad94357777b64c5
b702fb198f80286e149ccb83514c696eb89c6c5ca35a7f58257bc3a45d555afd
b79d495b5ec4950b3413082b3ed7002cf52e95bedf39da11c32e81eda7fb2666
b7bb77c311cf88e0d0dad0bec5d5bc03e41394f92724a91750d387ba558d9e19
bae37be456f6c4ce883098b5777f99d940beb781832c20fe1824b4ac6f6c854f
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bc68a3e6e6f0074ff46c18beea2033fc4e8c6ee513dc0617758f45e2bdd8b88a
bd11730f230b002a5e28a44535872d454f1b4d61cbbaf2b823b50ae87b39fe3f
bd3ac8e7dafda40a1392832cef2bdd23d2c437e0e0ccdaccfb0e02e8fa43eeb1
bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea
c00a759275b8628823a9809f24cbeca08cb48b52713adf221f70284e66d9c82f
c0e9e6bd77d4e918b61a958c0fafbc9fe9793f4a142f77fafb206835514db608
c13f3beffaddfe0d83d2cfea67f4e621693826f4245fc36ee4096ce31a9123fd
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c56c52a55f7816319d1c1d4eced53dd1ffcc336f902e68e2db71f07c56c55de2
c5b2b6e46cb835975b0b93ce77220260fe33be687bf4b0a591e9ea67075d396f
c6cf9a12bba6f42fa17faf4d1777121a1297a17c51f5a0af493724138f815295
c82a58123e9f042fb6f68695578cff668b16b22915e0a8cb8acca14741df2bac
caaff507d173d0ec1f1ebd383b702e37f4ce982c9ad743bf290e4c500fc62be6
cba54a89263ad75d7173f3c416543953bd10e04f6ace980243ce94474a3787be
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
ccaa51271b339a3d0f1c244e679e062d2664aa1db8b42ccec98f8fcfca18d16b
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
cdd20577cb6b04ea622d854cf43c6773bf15b43e6eedea07ecf641087e697c72
ce452421ffc53808c61795729eef02db9132d6d2cbc68198b158dce56b519272
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d2683f94ce8822ebc0d92d7c16c84ac4cddfb20b7c483cb4800e34fa16b47190
d647ef39417f2c0a0fc6dde670e0d6e33d9e6c3f84591348c7b593771d6f6fea
d74d25d117887582f90eb768c504c42e024a9bdb1b1dc469fbffb69acdb9cbb4
dad3f70d0cd67683406ae1321078f0e101a6c4718c5608e83d2e454ad2c7c29f
daef238eaa5fe22f8304c0c9cae17157ba58b44188f67eb11f17b59fb1d248be
def5de6254be138b8b35d680d1fdd8b07827d03b8626daebfeeb4157ec330ea7
df3d3b69af70099e96d03640dc42a6940e419d81a29a9ca545330163e0bf08e0
df468bf7eda53c619bedcf99d482ea66619ba2d3212c05f1170ab90535d08d3e
e1b25adac4aee63a1b3a4677caa83858e025df42fd9caf0163781d35585e5343
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e52e2ca4270e3f093313f9eb0b90af8a72ff61350c783dadb41eefd018402f01
e7001a855943aa3bc75c88cfa75ec8454c409aa330ad354689d9860ec5966945
ea26c78f630f8d3924b66a3966e9d96b6ce9217ee085f6db77fa191e13a59848
eb4d5ec3e93841ed121f7ba1daa2defc043d92ab79d0a4cfdbd910313c6423a2
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152
ec30306c113e15d84c044b4c4f6b751be424968f89ad404d99ce4528227f83f4
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef23e4cbcc36d074584ed7211fc1961bdf739c59eb183da4c6c16e5329e8cdb1
f2071f7d1245831b348c4c552e7e61eee09e94d7f90ad2eeb54ef2c1b463783b
f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1
f60d7bcc95b56519372589201bc6dbea3b108c1f20b474b8bcbc2a4fda5a7f1c
f85ba0ceffd219c9c856bc45824aef485152c3636f123a98bd42bfb7676f2177
f88c354e9a9e14b8642be19f6f016658c812ffd019462cdde7d953ef294f06f8
fe50466edcdac1192aa7a5bebb69e57134216d66dc920c3611ce267751d1643b
ff6956c6d9b77bdecabeef7eafb5625c810cf5694db1204d0a48e102ecd73c89

portalsemakan.com Open in urlscan Pro 2a06:98c1:3121::7 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

392 Requests

80 %HTTPS

33 %IPv6

71 Domains

122 Subdomains

80 IPs

12 Countries

3181 kBTransfer

8621 kBSize

75 Cookies

25 Outgoing links

Page URL History

Redirected requests

392 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 11 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

portalsemakan.com Open in urlscan Pro
2a06:98c1:3121::7 Public Scan

Screenshot
Live screenshot

Full Image

392
Requests

80 %
HTTPS

33 %
IPv6

71
Domains

122
Subdomains

80
IPs

12
Countries

3181 kB
Transfer

8621 kB
Size

75
Cookies

392 HTTP transactions
11 data transactions