www.orientaldaily.com.my Open in urlscan Pro
124.217.235.40 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://www.orientaldaily.com.my/
Effective URL:
https://www.orientaldaily.com.my/
Submission Tags: falconsandbox
Submission: On March 09 via api (March 9th 2023, 3:34:44 am UTC) from US — Scanned from DE

Summary HTTP 501 Redirects Links 9 Behaviour Indicators

Summary

This website contacted 113 IPs in 17 countries across 79 domains to perform 501 HTTP transactions. The main IP is 124.217.235.40, located in Johor Bahru, Malaysia and belongs to SHINJIRU-MY-AS-AP Shinjiru Technology Sdn Bhd, MY. The main domain is www.orientaldaily.com.my. The Cisco Umbrella rank of the primary domain is 111658.
TLS certificate: Issued by R3 on February 23rd 2023. Valid for: 3 months.

This is the only time www.orientaldaily.com.my was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
49 53	124.217.235.40 124.217.235.40	45839 (SHINJIRU-...) (SHINJIRU-MY-AS-AP Shinjiru Technology Sdn Bhd)
50	138.199.36.10 138.199.36.10	60068 (CDN77 ^_^) (CDN77 ^_^)
2	151.101.129.55 151.101.129.55	54113 (FASTLY) (FASTLY)
10	2a00:1450:400... 2a00:1450:400d:80d::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:400d:80e::200a	15169 (GOOGLE) (GOOGLE)
1	2001:4860:480... 2001:4860:4802:32::15	15169 (GOOGLE) (GOOGLE)
3	2.18.36.193 2.18.36.193	16625 (AKAMAI-AS) (AKAMAI-AS)
4	2a00:1450:400... 2a00:1450:4001:82f::2008	15169 (GOOGLE) (GOOGLE)
2	13.32.99.105 13.32.99.105	16509 (AMAZON-02) (AMAZON-02)
7	2a03:2880:f11... 2a03:2880:f11c:8183:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
14	2a00:1450:400... 2a00:1450:4001:810::2002	15169 (GOOGLE) (GOOGLE)
58	2a03:2880:f01... 2a03:2880:f01c:8012:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
2	2a03:2880:f05... 2a03:2880:f058:f:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
4	2001:4288:301... 2001:4288:301:1:face:b00c:0:a7	6713 (IAM-AS) (IAM-AS)
1	2a04:4e42:200... 2a04:4e42:200::485	54113 (FASTLY) (FASTLY)
1	2602:803:c004... 2602:803:c004:200::140	26667 (RUBICONPR...) (RUBICONPROJECT)
1	104.18.24.185 104.18.24.185	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	92.123.36.4 92.123.36.4	16625 (AKAMAI-AS) (AKAMAI-AS)
3	35.244.159.8 35.244.159.8	15169 (GOOGLE) (GOOGLE)
6	185.86.139.59 185.86.139.59	201081 (SMARTADSE...) (SMARTADSERVER)
1	52.29.147.93 52.29.147.93	16509 (AMAZON-02) (AMAZON-02)
1	185.64.189.112 185.64.189.112	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1	34.107.148.139 34.107.148.139	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2	2a00:1450:400... 2a00:1450:400d:80a::200e	15169 (GOOGLE) (GOOGLE)
1	23.9.6.40 23.9.6.40	16625 (AKAMAI-AS) (AKAMAI-AS)
5	2606:4700::68... 2606:4700::6812:d841	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	18.65.39.48 18.65.39.48	16509 (AMAZON-02) (AMAZON-02)
14	2a03:2880:f05... 2a03:2880:f058:113:face:b00c:0:1823	32934 (FACEBOOK) (FACEBOOK)
19	2a03:2880:f05... 2a03:2880:f058:9:face:b00c:0:1823	32934 (FACEBOOK) (FACEBOOK)
2	2a00:1450:400... 2a00:1450:400d:805::2002	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:400d:806::2002	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:400d:80c::2001	15169 (GOOGLE) (GOOGLE)
1	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
1	2600:9000:223... 2600:9000:223c:3c00:c:abe:f440:93a1	16509 (AMAZON-02) (AMAZON-02)
1	52.29.239.121 52.29.239.121	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:400c:c00::9b	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6812:cdb	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a00:1450:400... 2a00:1450:400d:80d::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:827::2003	15169 (GOOGLE) (GOOGLE)
1	2a02:2638:3::9 2a02:2638:3::9	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	2a02:2638:3::12 2a02:2638:3::12	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
22	2a00:1450:400... 2a00:1450:400d:807::2001	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:806::2002	15169 (GOOGLE) (GOOGLE)
39	2a00:1450:400... 2a00:1450:400d:808::2002	15169 (GOOGLE) (GOOGLE)
3 19	2606:4700::68... 2606:4700::6812:19ad	13335 (CLOUDFLAR...) (CLOUDFLARENET)
16 22	142.250.186.162 142.250.186.162	15169 (GOOGLE) (GOOGLE)
7 18	185.80.39.216 185.80.39.216	27381 (CASALE-MEDIA) (CASALE-MEDIA)
7 10	37.252.171.84 37.252.171.84	29990 (ASN-APPNEX) (ASN-APPNEX)
9	2a02:2638:3::3 2a02:2638:3::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	178.250.1.6 178.250.1.6	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	3.37.19.165 3.37.19.165	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700::68... 2606:4700::6811:190e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
21	2a02:2638::c 2a02:2638::c	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	2a02:2638::21 2a02:2638::21	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	2a00:1450:400... 2a00:1450:4001:827::200a	15169 (GOOGLE) (GOOGLE)
12	2a00:1450:400... 2a00:1450:400d:803::2006	15169 (GOOGLE) (GOOGLE)
8	78.46.23.46 78.46.23.46	24940 (HETZNER-AS) (HETZNER-AS)
1 4	78.46.111.106 78.46.111.106	24940 (HETZNER-AS) (HETZNER-AS)
1 4	159.69.70.9 159.69.70.9	24940 (HETZNER-AS) (HETZNER-AS)
1	3.38.85.21 3.38.85.21	16509 (AMAZON-02) (AMAZON-02)
1 2	121.53.104.194 121.53.104.194	38099 (KAKAO-AS-...) (KAKAO-AS-KR Kakao Corp)
1	103.243.202.190 103.243.202.190	45974 (NHN-AS-KR...) (NHN-AS-KR NHN)
1	222.230.178.130 222.230.178.130	2519 (VECTANT A...) (VECTANT ARTERIA Networks Corporation)
4	142.251.208.162 142.251.208.162	15169 (GOOGLE) (GOOGLE)
1	108.138.7.127 108.138.7.127	16509 (AMAZON-02) (AMAZON-02)
1	142.250.184.198 142.250.184.198	15169 (GOOGLE) (GOOGLE)
5 8	69.173.144.138 69.173.144.138	26667 (RUBICONPR...) (RUBICONPROJECT)
3 3	3.75.62.37 3.75.62.37	16509 (AMAZON-02) (AMAZON-02)
1	188.65.124.66 188.65.124.66	41690 (DAILYMOTI...) (DAILYMOTION For peering related business)
3 4	198.47.127.19 198.47.127.19	3257 (GTT-BACKB...) (GTT-BACKBONE GTT)
1 6	185.64.189.110 185.64.189.110	62713 (AS-PUBMATIC) (AS-PUBMATIC)
2 2	52.17.243.237 52.17.243.237	16509 (AMAZON-02) (AMAZON-02)
3	18.66.23.213 18.66.23.213	16509 (AMAZON-02) (AMAZON-02)
1	52.208.205.244 52.208.205.244	16509 (AMAZON-02) (AMAZON-02)
4 4	145.239.193.130 145.239.193.130	16276 (OVH) (OVH)
2	88.198.250.30 88.198.250.30	24940 (HETZNER-AS) (HETZNER-AS)
2	2a0b:4d07:401::1 2a0b:4d07:401::1	44239 (PROINITY ...) (PROINITY PROINITY)
2	18.130.199.108 18.130.199.108	16509 (AMAZON-02) (AMAZON-02)
2 4	142.250.201.198 142.250.201.198	15169 (GOOGLE) (GOOGLE)
2 2	94.23.99.218 94.23.99.218	16276 (OVH) (OVH)
2	54.76.176.197 54.76.176.197	16509 (AMAZON-02) (AMAZON-02)
2 2	107.178.248.10 107.178.248.10	15169 (GOOGLE) (GOOGLE)
2	13.32.110.54 13.32.110.54	16509 (AMAZON-02) (AMAZON-02)
2	52.222.139.62 52.222.139.62	16509 (AMAZON-02) (AMAZON-02)
2	13.35.166.41 13.35.166.41	16509 (AMAZON-02) (AMAZON-02)
1	2a02:26f0:11a... 2a02:26f0:11a::6867:4830	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
4	2a00:1450:400... 2a00:1450:400d:80c::2003	15169 (GOOGLE) (GOOGLE)
1	2606:4700:10:... 2606:4700:10::6816:3556	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	44.197.91.112 44.197.91.112	14618 (AMAZON-AES) (AMAZON-AES)
1	52.31.80.193 52.31.80.193	16509 (AMAZON-02) (AMAZON-02)
1	162.19.138.82 162.19.138.82	16276 (OVH) (OVH)
1	141.95.33.111 141.95.33.111	16276 (OVH) (OVH)
1	34.107.231.31 34.107.231.31	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	69.16.175.42 69.16.175.42	20446 (STACKPATH...) (STACKPATH-CDN)
1	2606:4700::68... 2606:4700::6811:3663	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2600:9000:220... 2600:9000:2204:fe00:2:d490:4d80:93a1	16509 (AMAZON-02) (AMAZON-02)
4	13.40.90.84 13.40.90.84	16509 (AMAZON-02) (AMAZON-02)
1 2	2a02:2638::1c 2a02:2638::1c	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	178.250.0.157 178.250.0.157	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	23.64.52.128 23.64.52.128	16625 (AKAMAI-AS) (AKAMAI-AS)
1	76.223.111.18 76.223.111.18	16509 (AMAZON-02) (AMAZON-02)
1	92.123.38.97 92.123.38.97	16625 (AKAMAI-AS) (AKAMAI-AS)
2	104.18.11.47 104.18.11.47	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	185.29.132.241 185.29.132.241	30419 (MEDIAMATH...) (MEDIAMATH-INC)
2 2	213.155.156.166 213.155.156.166	1299 (TWELVE99 ...) (TWELVE99 Arelion)
4	185.64.190.80 185.64.190.80	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1	178.250.0.163 178.250.0.163	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1 1	2620:116:800d... 2620:116:800d:21:93ca:31d8:d86e:38f6	16509 (AMAZON-02) (AMAZON-02)
2 4	67.220.226.238 67.220.226.238	16509 (AMAZON-02) (AMAZON-02)
1 1	85.114.159.93 85.114.159.93	24961 (MYLOC-AS ...) (MYLOC-AS IP Backbone of myLoc managed IT AG)
1	54.171.214.88 54.171.214.88	16509 (AMAZON-02) (AMAZON-02)
2 2	34.111.129.221 34.111.129.221	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	34.111.131.239 34.111.131.239	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
3 4	52.0.191.77 52.0.191.77	14618 (AMAZON-AES) (AMAZON-AES)
4 4	37.157.4.24 37.157.4.24	198622 (ADFORM) (ADFORM)
1	35.204.158.49 35.204.158.49	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
3	3.33.220.150 3.33.220.150	16509 (AMAZON-02) (AMAZON-02)
1 3	2a05:d018:d29... 2a05:d018:d29:3602:c4cb:4322:c3f3:dc8d	16509 (AMAZON-02) (AMAZON-02)
1	185.64.190.81 185.64.190.81	62713 (AS-PUBMATIC) (AS-PUBMATIC)
3 3	18.156.40.75 18.156.40.75	16509 (AMAZON-02) (AMAZON-02)
2 2	52.214.158.183 52.214.158.183	16509 (AMAZON-02) (AMAZON-02)
1	2620:1ec:21::14 2620:1ec:21::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	52.46.143.56 52.46.143.56	16509 (AMAZON-02) (AMAZON-02)
1	2.18.79.139 2.18.79.139	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2 2	135.125.160.160 135.125.160.160	16276 (OVH) (OVH)
2 2	54.194.106.129 54.194.106.129	16509 (AMAZON-02) (AMAZON-02)
1	198.47.127.20 198.47.127.20	3257 (GTT-BACKB...) (GTT-BACKBONE GTT)
501	113

53 124.217.235.40 (Johor Bahru, Malaysia) 49 redirects

ASN45839 (SHINJIRU-MY-AS-AP Shinjiru Technology Sdn Bhd, MY)
PTR: server1.kamon.la

www.orientaldaily.com.my	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

50 138.199.36.10 (Frankfurt am Main, Germany)

ASN60068 (CDN77 ^_^, GB)
PTR: 138-199-36-10.bunnyinfra.net

media5.orientaldaily.com.my	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.129.55 (United States)

ASN54113 (FASTLY, US)

anymind360.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:400d:80d::2002 (Ireland)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:400d:80e::200a (Ireland)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:32::15 (United States)

ASN15169 (GOOGLE, US)

ssfpc.orientaldaily.com.my	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2.18.36.193 (Vienna, Austria)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-36-193.deploy.static.akamaitechnologies.com

ads.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:82f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.32.99.105 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-99-105.fra60.r.cloudfront.net

sb.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a03:2880:f11c:8183:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

58 2a03:2880:f01c:8012:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

static.xx.fbcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f058:f:face:b00c:0:3 (London, United Kingdom)

ASN32934 (FACEBOOK, US)

scontent-lhr8-1.xx.fbcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2001:4288:301:1:face:b00c:0:a7 (Morocco)

ASN6713 (IAM-AS, MA)

scontent.frba2-1.fna.fbcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:200::485 (United States)

ASN54113 (FASTLY, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2602:803:c004:200::140 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

fastlane.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.18.24.185 (None, )

ASN13335 (CLOUDFLARENET, US)

htlb.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 92.123.36.4 (Vienna, Austria)

ASN16625 (AKAMAI-AS, US)
PTR: a92-123-36-4.deploy.static.akamaitechnologies.com

a.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.244.159.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com

adasia-d.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 185.86.139.59 (France)

ASN201081 (SMARTADSERVER, FR)

prg.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.29.147.93 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-29-147-93.eu-central-1.compute.amazonaws.com

tlx.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.189.112 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

hbopenbid.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.107.148.139 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 139.148.107.34.bc.googleusercontent.com

prebid.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400d:80a::200e (Ireland)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.9.6.40 (Vienna, Austria)

ASN16625 (AKAMAI-AS, US)
PTR: a23-9-6-40.deploy.static.akamaitechnologies.com

static.dable.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2606:4700::6812:d841 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.izooto.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
nhwimp.izooto.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.65.39.48 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-65-39-48.ams1.r.cloudfront.net

platform-api.sharethis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2a03:2880:f058:113:face:b00c:0:1823 (London, United Kingdom)

ASN32934 (FACEBOOK, US)

video-lhr8-2.xx.fbcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 2a03:2880:f058:9:face:b00c:0:1823 (London, United Kingdom)

ASN32934 (FACEBOOK, US)

video-lhr8-1.xx.fbcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400d:805::2002 (Ireland)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:400d:806::2002 (Ireland)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:400d:80c::2001 (Ireland)

ASN15169 (GOOGLE, US)

25f0b6c781c28f0ec66a58e178665f44.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
47ad345191e702c3a5b895d83c644918.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:223c:3c00:c:abe:f440:93a1 (United States)

ASN16509 (AMAZON-02, US)

buttons-config.sharethis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.29.239.121 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-29-239-121.eu-central-1.compute.amazonaws.com

l.sharethis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c00::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:cdb (United States)

ASN13335 (CLOUDFLARENET, US)

tags.expo9.exponential.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:400d:80d::2004 (Ireland)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:3::9 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

rtb.nl3.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:3::12 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

ads.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

22 2a00:1450:400d:807::2001 (Ireland)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:806::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

39 2a00:1450:400d:808::2002 (Ireland)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 2606:4700::6812:19ad (United States) 3 redirects

ASN13335 (CLOUDFLARENET, US)

s.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
a.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

22 142.250.186.162 (United States) 16 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 185.80.39.216 (Canada) 7 redirects

ASN27381 (CASALE-MEDIA, CA)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ssum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 37.252.171.84 (Frankfurt am Main, Germany) 7 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 1002.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a02:2638:3::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.1.6 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

cat.nl3.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.37.19.165 (Incheon, Korea, Republic Of)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-37-19-165.ap-northeast-2.compute.amazonaws.com

api.dable.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:190e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

21 2a02:2638::c (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

pix.eu.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638::21 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

csm.eu.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2a00:1450:400d:803::2006 (Ireland)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 78.46.23.46 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.46.23.46.78.clients.your-server.de

hal9000.redintelligence.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 78.46.111.106 (Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.106.111.46.78.clients.your-server.de

hal900027.redintelligence.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 159.69.70.9 (Nuremberg, Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.9.70.69.159.clients.your-server.de

hal900017.redintelligence.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.38.85.21 (Incheon, Korea, Republic Of)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-38-85-21.ap-northeast-2.compute.amazonaws.com

r-log.dable.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 121.53.104.194 (Korea, Republic Of) 1 redirects

ASN38099 (KAKAO-AS-KR Kakao Corp, KR)

analytics.ad.daum.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
act.ds.kakao.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 103.243.202.190 (Korea, Republic Of)

ASN45974 (NHN-AS-KR NHN, KR)

cm-exchange.toast.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 222.230.178.130 (Bannaguro, Japan)

ASN2519 (VECTANT ARTERIA Networks Corporation, JP)

cs.gssprt.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.251.208.162 (United States)

ASN15169 (GOOGLE, US)
PTR: bud02s43-in-f2.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.138.7.127 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-7-127.fra56.r.cloudfront.net

visitanalytics.userreport.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.184.198 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 69.173.144.138 (Frankfurt am Main, Germany) 5 redirects

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
token.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 3.75.62.37 (Frankfurt am Main, Germany) 3 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-75-62-37.eu-central-1.compute.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 188.65.124.66 (Paris, France)

ASN41690 (DAILYMOTION For peering related business, please mail peering@dailymotion.com, FR)
PTR: ingress-03-pub-prod-ix7.vip.dailymotion.com

public-prod-dspcookiematching.dmxleo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 198.47.127.19 (United States) 3 redirects

ASN3257 (GTT-BACKBONE GTT, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 185.64.189.110 (United Kingdom) 1 redirects

ASN62713 (AS-PUBMATIC, US)

simage2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.17.243.237 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-17-243-237.eu-west-1.compute.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 18.66.23.213 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-23-213.vie50.r.cloudfront.net

c.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.208.205.244 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-208-205-244.eu-west-1.compute.amazonaws.com

beacon.krxd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 145.239.193.130 (France) 4 redirects

ASN16276 (OVH, FR)

pv.medialead.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 88.198.250.30 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.88-198-250-30.clients.your-server.de

pb.media01.eu	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a0b:4d07:401::1 (Switzerland)

ASN44239 (PROINITY PROINITY, CH)

adv.office-partner.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.130.199.108 (London, United Kingdom)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-130-199-108.eu-west-2.compute.amazonaws.com

track.webgains.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.201.198 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: bud02s35-in-f6.1e100.net

5994599.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 94.23.99.218 (France) 2 redirects

ASN16276 (OVH, FR)
PTR: ip218.ip-94-23-99.eu

medialead.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.76.176.197 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-76-176-197.eu-west-1.compute.amazonaws.com

ad-server.eu	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 107.178.248.10 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 10.248.178.107.bc.googleusercontent.com

impfr.tradedoubler.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.32.110.54 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-110-54.vie50.r.cloudfront.net

img.tradedoubler.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.222.139.62 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-139-62.ams50.r.cloudfront.net

analytics.webgains.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.35.166.41 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-35-166-41.tpe50.r.cloudfront.net

cdn.track.production.webgains.team	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:11a::6867:4830 (Vienna, Austria)

ASN20940 (AKAMAI-ASN1, NL)

code.createjs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:400d:80c::2003 (Ireland)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::6816:3556 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 44.197.91.112 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-197-91-112.compute-1.amazonaws.com

prod.us-east-1.cxm-bcn.publisher-services.amazon.dev	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.31.80.193 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-31-80-193.eu-west-1.compute.amazonaws.com

global.cloud.netacuity.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.19.138.82 (France)

ASN16276 (OVH, FR)
PTR: ns31532337.ip-162-19-138.eu

lb.eu-1-id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 141.95.33.111 (Germany)

ASN16276 (OVH, FR)
PTR: ns3203177.ip-141-95-33.eu

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.107.231.31 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 31.231.107.34.bc.googleusercontent.com

p.adlooxtracking.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.16.175.42 (United States)

ASN20446 (STACKPATH-CDN, US)
PTR: tlb.hwcdn.net

rtbpass-us.andbeyond.media	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:3663 (United States)

ASN13335 (CLOUDFLARENET, US)

nh.iz.do	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2204:fe00:2:d490:4d80:93a1 (United States)

ASN16509 (AMAZON-02, US)

wrappers.geoedge.be	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 13.40.90.84 (London, United Kingdom)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-40-90-84.eu-west-2.compute.amazonaws.com

api.webgains.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638::1c (France) 1 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 178.250.0.157 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

mug.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.64.52.128 (Vienna, Austria)

ASN16625 (AKAMAI-AS, US)
PTR: a23-64-52-128.deploy.static.akamaitechnologies.com

eus.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 76.223.111.18 (United States)

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com

eb2.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 92.123.38.97 (Vienna, Austria)

ASN16625 (AKAMAI-AS, US)
PTR: a92-123-38-97.deploy.static.akamaitechnologies.com

contextual.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.18.11.47 (None, )

ASN13335 (CLOUDFLARENET, US)

js-sec.indexww.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.indexww.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.29.132.241 (United Kingdom) 1 redirects

ASN30419 (MEDIAMATH-INC, US)

sync.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 213.155.156.166 (Sweden) 2 redirects

ASN1299 (TWELVE99 Arelion, fka Telia Carrier, SE)
PTR: 213-155-156-166.teliacarrier-cust.com

d5p.de17a.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 185.64.190.80 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

image2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.0.163 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

dis.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:116:800d:21:93ca:31d8:d86e:38f6 (United States) 1 redirects

ASN16509 (AMAZON-02, US)

cms.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 67.220.226.238 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)

aax-eu.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 85.114.159.93 (Bad Durrheim, Germany) 1 redirects

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: dsp.adfarm1.adition.com

dsp.adfarm1.adition.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.171.214.88 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-171-214-88.eu-west-1.compute.amazonaws.com

sync.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.111.129.221 (Kansas City, United States) 2 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 221.129.111.34.bc.googleusercontent.com

cr.frontend.weborama.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.111.131.239 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 239.131.111.34.bc.googleusercontent.com

idsync.frontend.weborama.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 52.0.191.77 (Ashburn, United States) 3 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-0-191-77.compute-1.amazonaws.com

a.audrte.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 37.157.4.24 (Denmark) 4 redirects

ASN198622 (ADFORM, DK)

dmp.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.204.158.49 (Groningen, Netherlands)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 49.158.204.35.bc.googleusercontent.com

um.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 3.33.220.150 (United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a05:d018:d29:3602:c4cb:4322:c3f3:dc8d (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.190.81 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

image4.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 18.156.40.75 (Frankfurt am Main, Germany) 3 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-156-40-75.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.214.158.183 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-214-158-183.eu-west-1.compute.amazonaws.com

r.scoota.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:21::14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.46.143.56 (Ashburn, United States)

ASN16509 (AMAZON-02, US)

s.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.18.79.139 (Vienna, Austria)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-18-79-139.deploy.static.akamaitechnologies.com

ads.stickyadstv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 135.125.160.160 (France) 2 redirects

ASN16276 (OVH, FR)
PTR: ns3198892.ip-135-125-160.eu

gu.dyntrk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.194.106.129 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-194-106-129.eu-west-1.compute.amazonaws.com

match.prod.bidr.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 198.47.127.20 (United States)

ASN3257 (GTT-BACKBONE GTT, US)

simage4.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
104	orientaldaily.com.my 49 redirects www.orientaldaily.com.my — Cisco Umbrella Rank: 111658 media5.orientaldaily.com.my — Cisco Umbrella Rank: 130881 ssfpc.orientaldaily.com.my	1 MB
94	fbcdn.net static.xx.fbcdn.net — Cisco Umbrella Rank: 802 scontent-lhr8-1.xx.fbcdn.net — Cisco Umbrella Rank: 8190 scontent.frba2-1.fna.fbcdn.net — Cisco Umbrella Rank: 364866 video-lhr8-2.xx.fbcdn.net — Cisco Umbrella Rank: 87762 video-lhr8-1.xx.fbcdn.net — Cisco Umbrella Rank: 77337	7 MB
67	googlesyndication.com 25f0b6c781c28f0ec66a58e178665f44.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 136 pagead2.googlesyndication.com — Cisco Umbrella Rank: 101 47ad345191e702c3a5b895d83c644918.safeframe.googlesyndication.com	369 KB
52	doubleclick.net 18 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 189 stats.g.doubleclick.net — Cisco Umbrella Rank: 73 googleads.g.doubleclick.net — Cisco Umbrella Rank: 28 cm.g.doubleclick.net — Cisco Umbrella Rank: 210 googleads4.g.doubleclick.net — Cisco Umbrella Rank: 321 ad.doubleclick.net — Cisco Umbrella Rank: 170 5994599.fls.doubleclick.net — Cisco Umbrella Rank: 137377	471 KB
32	criteo.net static.criteo.net — Cisco Umbrella Rank: 626 pix.eu.criteo.net — Cisco Umbrella Rank: 7684 csm.eu.criteo.net — Cisco Umbrella Rank: 8046	834 KB
20	pubmatic.com 4 redirects ads.pubmatic.com — Cisco Umbrella Rank: 460 hbopenbid.pubmatic.com — Cisco Umbrella Rank: 450 image6.pubmatic.com — Cisco Umbrella Rank: 717 simage2.pubmatic.com — Cisco Umbrella Rank: 659 image2.pubmatic.com — Cisco Umbrella Rank: 856 image4.pubmatic.com — Cisco Umbrella Rank: 921 simage4.pubmatic.com — Cisco Umbrella Rank: 1163	33 KB
19	tribalfusion.com 3 redirects s.tribalfusion.com — Cisco Umbrella Rank: 1808 a.tribalfusion.com — Cisco Umbrella Rank: 734	13 KB
19	casalemedia.com 7 redirects htlb.casalemedia.com — Cisco Umbrella Rank: 469 dsum-sec.casalemedia.com — Cisco Umbrella Rank: 519 ssum-sec.casalemedia.com — Cisco Umbrella Rank: 423	14 KB
16	redintelligence.net 2 redirects hal9000.redintelligence.net — Cisco Umbrella Rank: 32554 hal900027.redintelligence.net — Cisco Umbrella Rank: 266298 hal900017.redintelligence.net — Cisco Umbrella Rank: 224545	120 KB
12	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 277	326 KB
11	rubiconproject.com 5 redirects fastlane.rubiconproject.com — Cisco Umbrella Rank: 442 pixel.rubiconproject.com — Cisco Umbrella Rank: 316 eus.rubiconproject.com — Cisco Umbrella Rank: 523 token.rubiconproject.com — Cisco Umbrella Rank: 529	15 KB
10	adnxs.com 7 redirects ib.adnxs.com — Cisco Umbrella Rank: 208	11 KB
10	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 186	397 KB
9	amazon-adsystem.com 2 redirects c.amazon-adsystem.com — Cisco Umbrella Rank: 285 aax-eu.amazon-adsystem.com — Cisco Umbrella Rank: 940 s.amazon-adsystem.com — Cisco Umbrella Rank: 270	63 KB
8	criteo.com 1 redirects rtb.nl3.eu.criteo.com — Cisco Umbrella Rank: 12725 ads.eu.criteo.com — Cisco Umbrella Rank: 8007 cat.nl3.eu.criteo.com — Cisco Umbrella Rank: 9454 gum.criteo.com — Cisco Umbrella Rank: 387 mug.criteo.com — Cisco Umbrella Rank: 2724 dis.criteo.com — Cisco Umbrella Rank: 666	61 KB
7	google.com adservice.google.com — Cisco Umbrella Rank: 65 www.google.com — Cisco Umbrella Rank: 2	3 KB
7	facebook.com www.facebook.com — Cisco Umbrella Rank: 108	118 KB
6	webgains.io analytics.webgains.io — Cisco Umbrella Rank: 18377 api.webgains.io — Cisco Umbrella Rank: 46446	62 KB
6	medialead.de 6 redirects pv.medialead.de — Cisco Umbrella Rank: 44493 medialead.de — Cisco Umbrella Rank: 44071	2 KB
6	yahoo.com 4 redirects ups.analytics.yahoo.com — Cisco Umbrella Rank: 271 pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 421	3 KB
6	smartadserver.com prg.smartadserver.com — Cisco Umbrella Rank: 1621	2 KB
5	izooto.com cdn.izooto.com — Cisco Umbrella Rank: 18507 nhwimp.izooto.com	88 KB
4	adform.net 4 redirects dmp.adform.net — Cisco Umbrella Rank: 3607 c1.adform.net — Cisco Umbrella Rank: 578	3 KB
4	audrte.com 3 redirects a.audrte.com — Cisco Umbrella Rank: 2499	3 KB
4	gstatic.com fonts.gstatic.com	52 KB
4	tradedoubler.com 2 redirects impfr.tradedoubler.com — Cisco Umbrella Rank: 81447 img.tradedoubler.com — Cisco Umbrella Rank: 80891	2 KB
4	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 41	211 KB
4	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 29 ajax.googleapis.com — Cisco Umbrella Rank: 299	88 KB
3	bidswitch.net 3 redirects x.bidswitch.net — Cisco Umbrella Rank: 284	1 KB
3	adsrvr.org match.adsrvr.org — Cisco Umbrella Rank: 296	796 B
3	weborama.fr 2 redirects cr.frontend.weborama.fr — Cisco Umbrella Rank: 22290 idsync.frontend.weborama.fr — Cisco Umbrella Rank: 26845	904 B
3	google.de adservice.google.de — Cisco Umbrella Rank: 8682 www.google.de — Cisco Umbrella Rank: 6027	1 KB
3	sharethis.com platform-api.sharethis.com — Cisco Umbrella Rank: 4611 buttons-config.sharethis.com — Cisco Umbrella Rank: 6016 l.sharethis.com — Cisco Umbrella Rank: 4817	46 KB
3	facebook.net connect.facebook.net — Cisco Umbrella Rank: 145	244 KB
3	dable.io static.dable.io — Cisco Umbrella Rank: 25669 api.dable.io — Cisco Umbrella Rank: 25524 r-log.dable.io — Cisco Umbrella Rank: 27405	38 KB
3	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 24 region1.google-analytics.com — Cisco Umbrella Rank: 2361	20 KB
3	openx.net adasia-d.openx.net — Cisco Umbrella Rank: 38343 us-u.openx.net — Cisco Umbrella Rank: 415 u.openx.net — Cisco Umbrella Rank: 608	609 B
2	bidr.io 2 redirects match.prod.bidr.io — Cisco Umbrella Rank: 501	1 KB
2	dyntrk.com 2 redirects gu.dyntrk.com — Cisco Umbrella Rank: 1649	843 B
2	scoota.co 2 redirects r.scoota.co — Cisco Umbrella Rank: 31582	1 KB
2	de17a.com 2 redirects d5p.de17a.com — Cisco Umbrella Rank: 4243	562 B
2	indexww.com js-sec.indexww.com — Cisco Umbrella Rank: 599 cdn.indexww.com — Cisco Umbrella Rank: 1412	2 KB
2	amazon.dev prod.us-east-1.cxm-bcn.publisher-services.amazon.dev — Cisco Umbrella Rank: 664	453 B
2	id5-sync.com cdn.id5-sync.com — Cisco Umbrella Rank: 901 id5-sync.com — Cisco Umbrella Rank: 401	18 KB
2	webgains.team cdn.track.production.webgains.team — Cisco Umbrella Rank: 43325	6 KB
2	ad-server.eu ad-server.eu — Cisco Umbrella Rank: 92567	624 B
2	webgains.com track.webgains.com — Cisco Umbrella Rank: 36504	4 KB
2	office-partner.de adv.office-partner.de — Cisco Umbrella Rank: 111395	2 KB
2	media01.eu pb.media01.eu — Cisco Umbrella Rank: 44068	833 B
2	demdex.net 2 redirects dpm.demdex.net — Cisco Umbrella Rank: 200	2 KB
2	media.net prebid.media.net — Cisco Umbrella Rank: 1222 contextual.media.net — Cisco Umbrella Rank: 587	9 KB
2	3lift.com tlx.3lift.com — Cisco Umbrella Rank: 486 eb2.3lift.com — Cisco Umbrella Rank: 341	5 KB
2	scorecardresearch.com sb.scorecardresearch.com — Cisco Umbrella Rank: 152	2 KB
2	anymind360.com anymind360.com — Cisco Umbrella Rank: 24777	137 KB
1	stickyadstv.com ads.stickyadstv.com — Cisco Umbrella Rank: 620	694 B
1	linkedin.com px.ads.linkedin.com — Cisco Umbrella Rank: 317	648 B
1	simpli.fi um.simpli.fi — Cisco Umbrella Rank: 708	613 B
1	crwdcntrl.net sync.crwdcntrl.net — Cisco Umbrella Rank: 754	266 B
1	adition.com 1 redirects dsp.adfarm1.adition.com — Cisco Umbrella Rank: 1392	524 B
1	quantserve.com 1 redirects cms.quantserve.com — Cisco Umbrella Rank: 640	590 B
1	mathtag.com 1 redirects sync.mathtag.com — Cisco Umbrella Rank: 453	725 B
1	geoedge.be wrappers.geoedge.be — Cisco Umbrella Rank: 26552	3 KB
1	iz.do nh.iz.do — Cisco Umbrella Rank: 116834	1 KB
1	andbeyond.media rtbpass-us.andbeyond.media — Cisco Umbrella Rank: 33898	176 KB
1	adlooxtracking.com p.adlooxtracking.com — Cisco Umbrella Rank: 22998	8 KB
1	eu-1-id5-sync.com lb.eu-1-id5-sync.com — Cisco Umbrella Rank: 985	411 B
1	netacuity.com global.cloud.netacuity.com — Cisco Umbrella Rank: 23623	721 B
1	createjs.com code.createjs.com — Cisco Umbrella Rank: 1233	63 KB
1	krxd.net beacon.krxd.net — Cisco Umbrella Rank: 570	339 B
1	dmxleo.com public-prod-dspcookiematching.dmxleo.com — Cisco Umbrella Rank: 2202	123 B
1	userreport.com visitanalytics.userreport.com — Cisco Umbrella Rank: 15193	516 B
1	gssprt.jp cs.gssprt.jp — Cisco Umbrella Rank: 28159	82 B
1	toast.com cm-exchange.toast.com — Cisco Umbrella Rank: 8036	607 B
1	kakao.com act.ds.kakao.com — Cisco Umbrella Rank: 23880	493 B
1	daum.net 1 redirects analytics.ad.daum.net — Cisco Umbrella Rank: 22502	569 B
1	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 196	5 KB
1	exponential.com tags.expo9.exponential.com — Cisco Umbrella Rank: 12701	14 KB
1	teads.tv a.teads.tv — Cisco Umbrella Rank: 1328	399 B
1	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 337	1 KB
501	79

	Domain	Requested by
55	static.xx.fbcdn.net	www.facebook.com static.xx.fbcdn.net
53	www.orientaldaily.com.my	49 redirects www.orientaldaily.com.my
50	media5.orientaldaily.com.my	www.orientaldaily.com.my media5.orientaldaily.com.my
39	pagead2.googlesyndication.com	25f0b6c781c28f0ec66a58e178665f44.safeframe.googlesyndication.com pagead2.googlesyndication.com securepubads.g.doubleclick.net googleads.g.doubleclick.net www.orientaldaily.com.my www.googletagservices.com tpc.googlesyndication.com ad.doubleclick.net
22	cm.g.doubleclick.net	16 redirects googleads.g.doubleclick.net www.orientaldaily.com.my
22	tpc.googlesyndication.com	25f0b6c781c28f0ec66a58e178665f44.safeframe.googlesyndication.com securepubads.g.doubleclick.net googleads.g.doubleclick.net tpc.googlesyndication.com ad.doubleclick.net
21	pix.eu.criteo.net	ads.eu.criteo.com
19	video-lhr8-1.xx.fbcdn.net	static.xx.fbcdn.net
16	dsum-sec.casalemedia.com	7 redirects googleads.g.doubleclick.net ssum-sec.casalemedia.com
14	video-lhr8-2.xx.fbcdn.net	static.xx.fbcdn.net
14	securepubads.g.doubleclick.net	anymind360.com securepubads.g.doubleclick.net www.orientaldaily.com.my www.googletagservices.com
12	s0.2mdn.net	www.orientaldaily.com.my s0.2mdn.net ad.doubleclick.net 25f0b6c781c28f0ec66a58e178665f44.safeframe.googlesyndication.com
11	s.tribalfusion.com	tags.expo9.exponential.com www.orientaldaily.com.my
10	ib.adnxs.com	7 redirects googleads.g.doubleclick.net
10	www.googletagservices.com	www.orientaldaily.com.my securepubads.g.doubleclick.net 25f0b6c781c28f0ec66a58e178665f44.safeframe.googlesyndication.com s.tribalfusion.com www.googletagservices.com s0.2mdn.net
9	static.criteo.net	ads.eu.criteo.com
8	a.tribalfusion.com	3 redirects s.tribalfusion.com
8	hal9000.redintelligence.net	25f0b6c781c28f0ec66a58e178665f44.safeframe.googlesyndication.com hal900017.redintelligence.net hal900027.redintelligence.net
7	www.facebook.com	www.orientaldaily.com.my static.xx.fbcdn.net
6	simage2.pubmatic.com	1 redirects ads.pubmatic.com
6	googleads.g.doubleclick.net	25f0b6c781c28f0ec66a58e178665f44.safeframe.googlesyndication.com pagead2.googlesyndication.com
6	prg.smartadserver.com	anymind360.com
5	25f0b6c781c28f0ec66a58e178665f44.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
4	token.rubiconproject.com	4 redirects
4	a.audrte.com	3 redirects ads.pubmatic.com
4	aax-eu.amazon-adsystem.com	2 redirects ads.pubmatic.com
4	image2.pubmatic.com	ads.pubmatic.com
4	api.webgains.io	analytics.webgains.io
4	fonts.gstatic.com	fonts.googleapis.com
4	5994599.fls.doubleclick.net	2 redirects www.orientaldaily.com.my
4	pv.medialead.de	4 redirects
4	image6.pubmatic.com	3 redirects ads.pubmatic.com
4	pixel.rubiconproject.com	1 redirects s.tribalfusion.com
4	googleads4.g.doubleclick.net	www.orientaldaily.com.my ad.doubleclick.net
4	hal900017.redintelligence.net	1 redirects 25f0b6c781c28f0ec66a58e178665f44.safeframe.googlesyndication.com hal900017.redintelligence.net
4	hal900027.redintelligence.net	1 redirects 25f0b6c781c28f0ec66a58e178665f44.safeframe.googlesyndication.com hal900027.redintelligence.net
4	adservice.google.com	securepubads.g.doubleclick.net 5994599.fls.doubleclick.net
4	cdn.izooto.com	www.googletagmanager.com cdn.izooto.com
4	scontent.frba2-1.fna.fbcdn.net	www.facebook.com static.xx.fbcdn.net
4	www.googletagmanager.com	www.orientaldaily.com.my www.googletagmanager.com adv.office-partner.de
3	x.bidswitch.net	3 redirects
3	pr-bh.ybp.yahoo.com	1 redirects ads.pubmatic.com ssum-sec.casalemedia.com
3	match.adsrvr.org	ads.pubmatic.com ssum-sec.casalemedia.com
3	c1.adform.net	3 redirects
3	c.amazon-adsystem.com	www.orientaldaily.com.my c.amazon-adsystem.com
3	ups.analytics.yahoo.com	3 redirects
3	www.google.com	www.orientaldaily.com.my tpc.googlesyndication.com
3	connect.facebook.net	www.orientaldaily.com.my connect.facebook.net
3	ads.pubmatic.com	anymind360.com ads.pubmatic.com
3	fonts.googleapis.com	media5.orientaldaily.com.my hal900017.redintelligence.net hal900027.redintelligence.net
2	match.prod.bidr.io	2 redirects
2	gu.dyntrk.com	2 redirects
2	s.amazon-adsystem.com	ssum-sec.casalemedia.com
2	ssum-sec.casalemedia.com	js-sec.indexww.com ssum-sec.casalemedia.com
2	r.scoota.co	2 redirects
2	cr.frontend.weborama.fr	2 redirects
2	d5p.de17a.com	2 redirects
2	eus.rubiconproject.com	anymind360.com eus.rubiconproject.com
2	mug.criteo.com
2	gum.criteo.com	1 redirects
2	prod.us-east-1.cxm-bcn.publisher-services.amazon.dev	c.amazon-adsystem.com
2	cdn.track.production.webgains.team	25f0b6c781c28f0ec66a58e178665f44.safeframe.googlesyndication.com track.webgains.com
2	analytics.webgains.io	track.webgains.com
2	img.tradedoubler.com	25f0b6c781c28f0ec66a58e178665f44.safeframe.googlesyndication.com
2	impfr.tradedoubler.com	2 redirects
2	ad-server.eu	25f0b6c781c28f0ec66a58e178665f44.safeframe.googlesyndication.com
2	medialead.de	2 redirects
2	track.webgains.com	www.orientaldaily.com.my
2	adv.office-partner.de	hal900017.redintelligence.net hal900027.redintelligence.net
2	pb.media01.eu	hal900017.redintelligence.net hal900027.redintelligence.net
2	dpm.demdex.net	2 redirects
2	csm.eu.criteo.net	ads.eu.criteo.com
2	adservice.google.de	securepubads.g.doubleclick.net
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	scontent-lhr8-1.xx.fbcdn.net	www.facebook.com
2	sb.scorecardresearch.com	www.orientaldaily.com.my
2	anymind360.com	www.orientaldaily.com.my anymind360.com
1	nhwimp.izooto.com	cdn.izooto.com
1	simage4.pubmatic.com	ads.pubmatic.com
1	cdn.indexww.com	ssum-sec.casalemedia.com
1	ads.stickyadstv.com	ssum-sec.casalemedia.com
1	px.ads.linkedin.com
1	image4.pubmatic.com	ads.pubmatic.com
1	um.simpli.fi	ads.pubmatic.com
1	dmp.adform.net	1 redirects
1	idsync.frontend.weborama.fr	ads.pubmatic.com
1	sync.crwdcntrl.net	ads.pubmatic.com
1	dsp.adfarm1.adition.com	1 redirects
1	cms.quantserve.com	1 redirects
1	dis.criteo.com	ads.pubmatic.com
1	sync.mathtag.com	1 redirects
1	js-sec.indexww.com	anymind360.com
1	contextual.media.net	anymind360.com
1	u.openx.net	anymind360.com
1	eb2.3lift.com	anymind360.com
1	wrappers.geoedge.be	rtbpass-us.andbeyond.media
1	nh.iz.do	cdn.izooto.com
1	rtbpass-us.andbeyond.media	www.orientaldaily.com.my
1	p.adlooxtracking.com	www.orientaldaily.com.my
1	id5-sync.com	cdn.id5-sync.com
1	lb.eu-1-id5-sync.com	cdn.id5-sync.com
1	global.cloud.netacuity.com	www.orientaldaily.com.my
1	cdn.id5-sync.com	www.orientaldaily.com.my
1	code.createjs.com	s0.2mdn.net
1	beacon.krxd.net	s.tribalfusion.com
1	us-u.openx.net	s.tribalfusion.com
1	public-prod-dspcookiematching.dmxleo.com	s.tribalfusion.com
1	ad.doubleclick.net	www.googletagservices.com
1	visitanalytics.userreport.com	25f0b6c781c28f0ec66a58e178665f44.safeframe.googlesyndication.com
1	cs.gssprt.jp	www.orientaldaily.com.my
1	cm-exchange.toast.com	www.orientaldaily.com.my
1	act.ds.kakao.com	www.orientaldaily.com.my
1	analytics.ad.daum.net	1 redirects
1	r-log.dable.io	static.dable.io
1	ajax.googleapis.com	securepubads.g.doubleclick.net
1	47ad345191e702c3a5b895d83c644918.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	cdnjs.cloudflare.com	ads.eu.criteo.com
1	api.dable.io	static.dable.io
1	cat.nl3.eu.criteo.com	ads.eu.criteo.com
1	ads.eu.criteo.com	25f0b6c781c28f0ec66a58e178665f44.safeframe.googlesyndication.com
1	rtb.nl3.eu.criteo.com	www.orientaldaily.com.my
1	www.google.de	www.orientaldaily.com.my
1	tags.expo9.exponential.com	securepubads.g.doubleclick.net
1	stats.g.doubleclick.net	www.google-analytics.com
1	l.sharethis.com	platform-api.sharethis.com
1	buttons-config.sharethis.com	platform-api.sharethis.com
1	region1.google-analytics.com	www.googletagmanager.com
1	platform-api.sharethis.com	www.googletagmanager.com
1	static.dable.io	www.orientaldaily.com.my
1	prebid.media.net	anymind360.com
1	hbopenbid.pubmatic.com	anymind360.com
1	tlx.3lift.com	anymind360.com
1	adasia-d.openx.net	anymind360.com
1	a.teads.tv	anymind360.com
1	htlb.casalemedia.com	anymind360.com
1	fastlane.rubiconproject.com	anymind360.com
1	cdn.jsdelivr.net	anymind360.com
1	ssfpc.orientaldaily.com.my	anymind360.com
501	138

This site contains links to these domains. Also see Links.

Domain
ufood.orientaldaily.com.my
play.google.com
apps.apple.com
appgallery.huawei.com
www.facebook.com
twitter.com
www.instagram.com
t.me
www.izooto.com

Subject Issuer	Validity	Valid
www.orientaldaily.com.my R3	`2023-02-23` - `2023-05-24`	3 months	crt.sh
anymind360.com R3	`2023-02-27` - `2023-05-28`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-02-08` - `2023-05-03`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-02-08` - `2023-05-03`	3 months	crt.sh
ssfpc.orientaldaily.com.my GTS CA 1D4	`2023-01-25` - `2023-04-25`	3 months	crt.sh
*.pubmatic.com DigiCert TLS RSA SHA256 2020 CA1	`2023-01-25` - `2024-01-24`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-02-20` - `2023-05-15`	3 months	crt.sh
*.scorecardresearch.com Amazon RSA 2048 M02	`2023-03-01` - `2024-01-28`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-01-10` - `2023-03-16`	2 months	crt.sh
media5.orientaldaily.com.my R3	`2023-01-24` - `2023-04-24`	3 months	crt.sh
*.frba2-1.fna.fbcdn.net DigiCert SHA2 High Assurance Server CA	`2023-02-23` - `2023-05-24`	3 months	crt.sh
jsdelivr.net GlobalSign Atlas R3 DV TLS CA 2022 Q4	`2022-12-23` - `2024-01-24`	a year	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2022-03-08` - `2023-04-04`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-06-22` - `2023-06-21`	a year	crt.sh
teads.tv R3	`2023-02-21` - `2023-05-22`	3 months	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2022-07-21` - `2023-08-21`	a year	crt.sh
*.smartadserver.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-01-21` - `2024-01-23`	a year	crt.sh
*.3lift.com Amazon RSA 2048 M01	`2023-02-10` - `2023-06-11`	4 months	crt.sh
*.media.net Sectigo RSA Domain Validation Secure Server CA	`2022-04-06` - `2023-05-04`	a year	crt.sh
static.dable.io R3	`2023-02-21` - `2023-05-22`	3 months	crt.sh
sharethis.com Amazon RSA 2048 M01	`2023-02-28` - `2023-07-18`	5 months	crt.sh
*.google.de GTS CA 1C3	`2023-02-08` - `2023-05-03`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-02-08` - `2023-05-03`	3 months	crt.sh
exponential.com Cloudflare Inc ECC CA-3	`2023-02-19` - `2024-02-19`	a year	crt.sh
www.google.com GTS CA 1C3	`2023-02-08` - `2023-05-03`	3 months	crt.sh
www.google.de GTS CA 1C3	`2023-02-20` - `2023-05-15`	3 months	crt.sh
*.nl3.eu.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-01-04` - `2023-04-05`	3 months	crt.sh
*.eu.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-03-04` - `2023-06-04`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-02-08` - `2023-05-03`	3 months	crt.sh
*.criteo.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-01-13` - `2023-04-15`	3 months	crt.sh
*.dable.io Sectigo ECC Domain Validation Secure Server CA	`2022-11-17` - `2023-11-17`	a year	crt.sh
*.eu.criteo.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-01-13` - `2023-04-17`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-02-08` - `2023-05-03`	3 months	crt.sh
redintelligence.net R3	`2023-02-08` - `2023-05-09`	3 months	crt.sh
*.toast.com Sectigo RSA Organization Validation Secure Server CA	`2022-06-30` - `2023-07-31`	a year	crt.sh
cs.gssprt.jp GeoTrust RSA CA 2018	`2023-01-06` - `2024-02-06`	a year	crt.sh
*.userreport.com Amazon RSA 2048 M02	`2023-02-22` - `2024-01-18`	a year	crt.sh
c.amazon-adsystem.com Amazon	`2022-05-09` - `2023-04-18`	a year	crt.sh
*.media01.eu RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1	`2022-05-20` - `2023-05-21`	a year	crt.sh
adv.office-partner.de R3	`2023-03-02` - `2023-05-31`	3 months	crt.sh
*.webgains.com Amazon RSA 2048 M01	`2023-02-22` - `2023-07-13`	5 months	crt.sh
*.webgains.io Amazon RSA 2048 M02	`2023-03-02` - `2023-09-21`	7 months	crt.sh
cdn.track.production.webgains.team Amazon RSA 2048 M01	`2023-02-28` - `2023-10-28`	8 months	crt.sh
tls.adobe.com DigiCert TLS RSA SHA256 2020 CA1	`2022-04-29` - `2023-05-30`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2023-02-08` - `2023-05-03`	3 months	crt.sh
prod.us-east-1.cxm-bcn.publisher-services.amazon.dev Amazon RSA 2048 M02	`2022-12-27` - `2024-01-25`	a year	crt.sh
*.cloud.netacuity.com Amazon RSA 2048 M01	`2023-02-10` - `2023-04-25`	2 months	crt.sh
*.eu-1-id5-sync.com R3	`2023-01-25` - `2023-04-25`	3 months	crt.sh
*.id5-sync.com R3	`2023-01-25` - `2023-04-25`	3 months	crt.sh
p.adlooxtracking.com GTS CA 1D4	`2023-01-25` - `2023-04-25`	3 months	crt.sh
*.andbeyond.media Starfield Secure Certificate Authority - G2	`2023-02-14` - `2024-03-17`	a year	crt.sh
gw.geoedge.be Amazon RSA 2048 M01	`2023-02-21` - `2023-10-10`	8 months	crt.sh
*.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-03-09` - `2023-06-03`	3 months	crt.sh
aax-eu.amazon-adsystem.com Amazon RSA 2048 M01	`2023-01-27` - `2024-01-27`	a year	crt.sh
*.crwdcntrl.net Go Daddy Secure Certificate Authority - G2	`2022-05-01` - `2023-06-02`	a year	crt.sh
*.simpli.fi DigiCert TLS RSA SHA256 2020 CA1	`2022-11-07` - `2023-12-08`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2022-03-31` - `2023-05-02`	a year	crt.sh
*.ybp.yahoo.com DigiCert SHA2 High Assurance Server CA	`2022-11-08` - `2023-05-03`	6 months	crt.sh
casalemedia.com Go Daddy Secure Certificate Authority - G2	`2022-12-13` - `2024-01-13`	a year	crt.sh
s.amazon-adsystem.com Amazon RSA 2048 M01	`2023-03-03` - `2024-02-19`	a year	crt.sh
*.ads.stickyadstv.com DigiCert TLS RSA SHA256 2020 CA1	`2022-06-14` - `2023-06-16`	a year	crt.sh

This page contains 61 frames:

Primary Page: https://www.orientaldaily.com.my/
Frame ID: 30804229D62AAF61B0E93FEA939890DF
Requests: 125 HTTP requests in this frame

Frame: https://www.facebook.com/plugins/video.php?height=314&href=https%3A%2F%2Fwww.facebook.com%2FOrientalDailyNewsMalaysia%2Fvideos%2F1247106492876856%2F&show_text=false&width=560&t=0
Frame ID: C84212A0058080C4AA1C64392B245A5E
Requests: 54 HTTP requests in this frame

Frame: https://www.facebook.com/plugins/video.php?height=314&href=https%3A%2F%2Fwww.facebook.com%2FOrientalDailyNewsMalaysia%2Fvideos%2F1247106492876856%2F&show_text=false&width=560&t=0
Frame ID: A5C69E7DAE7C2E741A4AB13A7E0807EE
Requests: 43 HTTP requests in this frame

Frame: https://25f0b6c781c28f0ec66a58e178665f44.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 185C4F889EB475F0E8F98098E42A83C6
Requests: 1 HTTP requests in this frame

Frame: https://25f0b6c781c28f0ec66a58e178665f44.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: B135B91B3BF3A67CCA97CADE13F358FA
Requests: 9 HTTP requests in this frame

Frame: https://25f0b6c781c28f0ec66a58e178665f44.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 8C5A696CDC90F1A63B866DC6B706DE75
Requests: 19 HTTP requests in this frame

Frame: https://25f0b6c781c28f0ec66a58e178665f44.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 0E74E8733CD93782673319DB31BEF1D5
Requests: 21 HTTP requests in this frame

Frame: https://25f0b6c781c28f0ec66a58e178665f44.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 7B352E75B9DD604A7508E77FE244C2A6
Requests: 21 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Frame ID: 7A12465FB72FCD75C23737177922CDE3
Requests: 10 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssM9OK3hpufibbhXUukH-eZcMOShAsgE-u3ACK3bZ3GVcNxziBZZLKZAM3QIGHhKg1FMi4Bhxr8943E-p56VAC1LGE-W_WxAbdCUNLG8zOswOpecN7GhcjkIu8Rn_SProMPaXN_5uck8CO1pAjIu9DP5um6IRfqxJH2OwyNPFSxeb21-we3jt1mZ__1qbGrEae05wSFWyFp4tCLJLu2l96fMIlw6yPChb7PnPeqaSdkhdnlF6NjMk-QzFE9AqVabaQ_Ss7H9dT3WTOdQzVKiiSIr88RYxo04-ThsOghlU4K54aN93Msi2oetEUBAkfVFqoY45wS7xG9LFHdTMd-&sai=AMfl-YQ8SqjT5mX62509_JQaYze8ggDbduEX5Zzl8ueOYoD-qr31kVa3VA1OeL5BQrHCbhcwMkKxfbjF_z1G0Jsdj6scApw-0q0B_Z4TMsfEaUT80NXUJixfGZq8owjl6rKotMjOD16a4B4X8GhOaNo&sig=Cg0ArKJSzMHXI_UjwJLCEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: C5151421762C4DDE3C481DD3031ED7AA
Requests: 10 HTTP requests in this frame

Frame: https://cdn.izooto.com/scripts/sak/iz_setcid.html?v=1
Frame ID: F9FCA2D753070BE5EB3AB032BFA7E677
Requests: 1 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZAlTyQAH7uoHg4lkAAcCHwY9rB0B_Dtr97kcrw&u=%7CAsVilzsezzsOTEai18J74VJ%2FuS3Q7CKTWFVUxdNglwk%3D%7C&c1=VEd5MTeK-DVtvwpxQwkatQ5fNcsqqVzrn0bJRZSWEljoMqTy8nHmy-ZCx2l8r38z-Y5KeOqAmeGKc9dh3PNWVW8NiZSZp2iaXZw_LLndzIJkV4PHUDLGexVC6DFm_RxZyajzipHIo5EMUQQ9nMJy0B1iE5Un-16Sq2bsQ49gJZ9YTAWCmMkr9jUiC4KmQtU_bdEGpPf7gccvzeUOyrhX6qwxgI7ZFd47-Sw4XedVZDUBql05Q7ll7qRgO68h9x3I2gILquGEmaV6dRHdP8XsMmAPi3XfONBZOt8aBKIV-jIPhedJT9cDDRTviwYZS5BDHEPtQIDavVa9Y8e5Hm1FHRVK06FWnl863N80e8UK1eDQy0vVpz6bDi3tWx2oKngpVMwIBMfWz9-KmhqB0lDeW9K8NFvbatUUyg2U_ohRgr2b-4FpZ3W-icsYi2VPpeS56wlIrCUlPlGzXNzQoV88BTp5UyyqkVOfdAMXTFnjk1PIyJxry_DrNa-w-AD7Gfd64TYKpSMNjyH8bYHSKelvEMLpJZwJuAX-QI9stShuNpIruk8p0YOlBdwdhIYz925AQAShJuOiJ1dawS3DriVZYyRtEyrbcL5c6E9FI1dFSd-kVBGOgem0HSOOvY3oOs4cWoEs-4I1FPs&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCujTTyVMJZOrdH-SSjuwPn4ScgAjJntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTM0MzA1NjExOTY5Mjg1ODnIAQmpAtM_RZHLsrE-4AIAqAMBqgSeAk_QC3983TOuZ_6cUZC_jLGOjjsIB1vUUs0YDIayT-PvEW8z5S2NzwH1rkp07Y4w-sc3L8j6p9jeJNoAvT5wZMsucFyh1vPYx63lDZ7QKH647oZMggJHpC7cQ5f3-YSUgGs2OTvz6uCcD-d8S8wKdJoAbfNNH7cxXt_K7uan_SvE8D3QEsv-dfYoSwGvCnPEE-H84PSjIgfmGmrtj75XVffD-MMfqSoNgpuPQ5t1BZsCWnSNXwyDqk1h-E16oSdAgSUGPZnBbb4XtuCLEjxX5bQhbKa6CnIS7ygIZPwiEi668wTMj0Liezs8PqLt4bkvuuaD1UJwIN5D6igcl9NXP44-N1EHaOWf8cVNyo6zIymhMJXl9P8b-OZXuC7qX2HgBAGABomI8PONoIr5e6AGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2_bwgh13-dieKy3m2hl3OSjTZ9lQ%26client%3Dca-pub-3430561196928589%26adurl%3D
Frame ID: D2213F05188587FD778EFA39A1B5D742
Requests: 35 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=COed9gIQ_eHmjwIYzNWa4QEwAQ&v=APEucNXpAHoSNHV40EMmny5gCQTGHk8NEfazwv3nNl2xonGLcschS761yPlSooYJP5e0EXr4PqLvDIiguQqJKC1nC60x7yg-UyE6CzwMcj3YSOIYx_ROdEuYFnWkjNKssywt5ldggsjpW1ZwSzz-fjw9A9HY7-1pW7qP7wWt8Zj3AbUQl6gnYws
Frame ID: 8E8D2870517A6A64850614BB7EA3C275
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxjgyrvGATAB&v=APEucNVK2Ld0jWAzynESV-gEQEIoSEsu_j_vkhF_wtM14fThoecBbyKAUuWWtpd4qN-UDb5_tNpsD-A_pRE3oTY2quGkIZKvNwSIdibtkNvYeIfbH_LpZqYnKabS1BudyXLwOX2_IYXQL3OIe_EgqU8Va2dEI6EcO55A8iMBLkv5ZzxqXg1_sG0
Frame ID: 1714E50EDBDB15E76221663496C8B8F4
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxjgyrvGATAB&v=APEucNXx3xyrZC6lgHz5gaPVCKytCQMZUwAw0e4rBM5-7QCYqPWOteg3WNv4oOjO2biyxm68UN0KaqcHN_ypvadd_oTXPIuVCKAdP7yDaRItRDbzT_doguk87pFMFqOtW7HhILga_-kEXrTk6N74PkHJ9HyCVtH3NlXRbk2VouGEd6Tp7FbJvTg
Frame ID: 3990A8443EE359D8A909C3E9FBB677D6
Requests: 5 HTTP requests in this frame

Frame: https://47ad345191e702c3a5b895d83c644918.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Frame ID: 1C0DBA3373ED3DA55A800BCB7B370046
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: 6B1C945A323FD556F5A530BC9D3A7850
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstQyt1IBvyYxWf1vSBmmUHsPA2x1vKvCTE6PH26TRXS9cyE_yl3Rf3dMwq6mkmnA-XX31n3aTw_OuXlG8nQHdgiNTkjbPPgYHw0IhZBeQfnxddunLjlUblaFPHciU-vALWmmMxquR8LQmJ_aq8i5D5FZtTkgsGcGuCpSgM0xoVZVndgwQV3ZkkSfWgBO1SrNEqScEBqXAA2APufYuL94DeeweuChXcV_EG7w84cst-HDuJgVJkzrl4uim6yKkoY3cbOvfPPyDYhpetPP7TB2HJbKcB1NolxG9vLR5wFbFJD6bQFVs8B9fmCWweNz10KAdf6V9Crs5Eevn__IrhLR2vvhMyS8NFz71YDhmtB_ybZ6Tg&sai=AMfl-YR-R-VxcZmhze7cNt2OOfcUGmCuDnFrbL8-DvdmVz2cRPDt1z-UORIHukgvR-NNe83f5FNnzmuYm5muq297ASTA9Qu_ivwf44cta9gBwkQ0cTmZjoZYunUpMhz6nw&sig=Cg0ArKJSzJgwMdO5YOvPEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: 58429916859714E70C973D7B1D17AA7C
Requests: 5 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: 63D3B616B9672CCD9229E8713E1DD7FC
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 664D4EAC0DB66AD6542833D6F677CA45
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 1F70742AF4BA5C8B01D638A646A6ED3A
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: C20794A307D274B5272602774F211013
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: E521CDC21D5366CFCACD04172281FDE7
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/2556680232103163365/index.html
Frame ID: BA5877B7D33D3B1D324B27430BB5426C
Requests: 8 HTTP requests in this frame

Frame: https://ad.doubleclick.net/ddm/adi/N1820114.1141592EXPONENTIAL.COM/B28402876.344985312;dc_ver=95.280;dc_eid=40004000;sz=728x90;u_sd=1;dc_adk=1094543181;ord=gm0i7l;click=https%3A%2F%2Fs.tribalfusion.com%2Fh.click%2Fa7mYLO0GnS1c3Y1cbynE7W5U3VVUjBWAY0REM3SsnnQHUO0HfwVAnv4sQ5YFMLTP6o2PB9PP7A2WZby0d3LntZao5mQW5Gn8UVY9UVM6S6FMWd3VUFM05b6rVabqWqrlQTYZcRc7ZaRFurPt3cWGU54UqumtqsXaXy3HbESGJD4PYLoHXrUd760r361bB91a6NPbBGWUYSVHJ3mUQnPFfoYqUs4qUk4T72nabHYbj7UtjPn6YBpG7wmHfBM7mwv9bnMQ2v39m10crOYVFVM9ANPQXWxUFdsSFwZdQ%2F;uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd;dc_rfl=1,https%3A%2F%2Fwww.orientaldaily.com.my%2F$0;xdt=0;crlt=X1PfKiz4jp;stc=1;chaa=1;sttr=147;prcl=s
Frame ID: 8E645F49D298160D1B8CF1C02C2B6B68
Requests: 8 HTTP requests in this frame

Frame: https://s.tribalfusion.com/p.media?clickID=a8mUCk0bnd1UBe1EysRb3EWUr2Tdn5nFfxPFFyXqrt3TZbh4af1mqbIXrfdTd7Pm6fIpVfmoWvJ3aF93des3A7ZcmbvZdXGURXsZbVXVFnmavS2FFVTF7ZaVAr0PaYQQVZbsStZbyYH7uVAMO3GrUXbZbZaUAuo5PYePABG2dFo1HZbKpdEo5mBS3sngUGJ6WcBkRAUOWd3VWrF53r6oVaMoVTY8PTBFQVQCRra2Rt7imp2POABoVdqEYF1lkZd&mediaDataID=6347136&mediaName=frame.html
Frame ID: 6DE90448754D494AC84FA8710785ACF5
Requests: 2 HTTP requests in this frame

Frame: https://s.tribalfusion.com/p.media?clickID=aamUCk1c35XG7xnEZbW2rvUTFFZbV6r1Qq3QQsMOPHbNYt7tV6jw2VYUYUnZbUPmo4PZb7RmrA2H3O0tJCntEw36YQ4cn7TcrbVG78PAvoTWFPTbM05b6pVaUtVqrlQaBZcQVJLRF6vRdv6VcQ54r6qnW6tYqyp2HYDQsMB56FZbmdAyTHQ70brkXrYk1aiOSbrAWUYXTtnXmbjnQFbrYEUn4TUa2a7RoT7jYFUfo8EWQFIIWG7BXhlJIU&mediaDataID=6719746&mediaName=frame.html
Frame ID: 056BE4732DCCE8AB3BCDC303CB2E73C6
Requests: 2 HTTP requests in this frame

Frame: https://s.tribalfusion.com/p.media?clickID=abmUCk1UBgXairRbnATFZb0Ttn0mbBoQFZbNYTrN4abl2av3mTrBYUZbfTHBVn6rJnc7pmW7D3T373Wuy5P7ZcprMZaYVrQYcv41c7npEF42bFQWUnEUAnXPaQ1QsnMQHUNYt7nTPMp2VYYYbvDTAir56Y6Q6fK2tnp0dJZbmtPu36YY5cj6VcUjVGMiS6UOTWQPWrb15batWaQpWEYaQTQIRVQCRruvPHMJWcb5v6YqQ8UsNqeI18I3oU&mediaDataID=5436426&mediaName=frame.html
Frame ID: 417B54DFE0EDFA7E64DCE191522001C1
Requests: 2 HTTP requests in this frame

Frame: https://s.tribalfusion.com/p.media?clickID=acmUCkUcbhPP3xWtUQUbJY5bPoVTQpWanlQEnHRc7JRr6sRHfbWsM55F2rnHetXqew4tjFQVbZa4PBFotAqVWJ9YrrbYUbh1E6MPrrZbTbB4WdJ3orjpPbJnYavy5aUl2av1oabIYUZbbTtJXmmfZcmsropHMJ3anj3Hup4PrZaprMEXVfP1cYV1cvonaf22FnQTFfFUAY1PTY1Ps3sQtFu0tvuT6bp4s3mXbZbDpUUrOUi7s6MnXcZdkYR&mediaDataID=8039566&mediaName=frame.html
Frame ID: 4BDA08DC0BD48247E289C891C590CCED
Requests: 2 HTTP requests in this frame

Frame: https://s.tribalfusion.com/p.media?clickID=admWwJXG7upT7Q3bJWWUBHUAYXQqf0PsrMQdbt0HJpT6My2sJ2XrUDUmPq5mQ6PAMD4HFr0HQAnHTm5mYQ3sr8UsUcWcBgSmUoWtv3TFM32r2oUqMrWTrcQTMFSs3ZcRFIxPt76WVrQ5FPxmt6yXaew2tUAPcrH2mrIoHImTtQ8YUYb1FjjXTiMRrJHWUYSVHJ0orfrQUvsXqny5EJa5q3XnabGYrJ7UHJToAfBpG7wosZbC5EZaEu9ZbouEicpsvOGZdkCnW&mediaDataID=5578346&mediaName=frame.html
Frame ID: 6C68B74B9CC0880D76BD8FD39226769B
Requests: 2 HTTP requests in this frame

Frame: https://s.tribalfusion.com/p.media?clickID=aemUCkXaiqPbQGWFY0VtY4orbsQUBqXEMy5Ebc5TQYoTbHYr36UdbXnAUZdmcMooHfA5TFh3d6N56nEnbMZa0GnRXsY30GFvmqF45Fv2WrnDVP74REY0QsYoPtfr1HvpT6Mw4GYUXrUZdUAXw46ZbdQPfC3WYO0tMZanWTO4mZbS3srgTsJdUc78SmFOTtUVWbj35bEpUqUsVErbPEQZcSVBZdQruvPH7iUVvw4r6xWCZbmvnJwwdbqYDlKr5&mediaDataID=6530936&mediaName=frame.html
Frame ID: 46DA73284C77B01E11BF9ADC09EAAF3B
Requests: 2 HTTP requests in this frame

Frame: https://s.tribalfusion.com/p.media?clickID=afmUCkPP3xWd3VWbf25rPnUqYqTEQ8PTvFSG7AQFIoPHv9WVjV4buxndInYTqx2dbGSVMG46YHoHPNTHJ90bncXFFe0aIrSFnZbWFMSWHJ0nbQnRUJrYTMn3Efa4T7YoTbB1FZbfUdbTnm3Bns7rptMB2EY73WZao5mnLmbfZc0Gn0YsF2XGbnmqvS2FvQWUvDUAv5RE34QsntPdFN1tfrW6bp4sBU0UQcTAiwvrqdnb2DwWZbE0pDEuo&mediaDataID=6546596&mediaName=frame.html
Frame ID: 9E39BCAD1A1FBC648BDDF6809FDC9A77
Requests: 2 HTTP requests in this frame

Frame: https://s.tribalfusion.com/p.media?clickID=agmUCkpT7W5U3VVbFFVAY3REQSPVFsQdjr1dJwWPUu4sY0XUFKTPqw5PncQA7C2tZbsXHJKntZao5AJ15cr8VcQbVs7fRPvwTHn3WbBP2U2rVajpTTraPTQIRcjCPFuoPHvbUcM54butnWAOXEey3WnHPG7Za4PrLoWPnUH370bnkYFYfXaeMSFJAWb35WHM0orJmRUZbnYTvs4EFl4an5nTMI1rUfWH7MmmfBV9XrSCIAxEZb0XZafCqf&mediaDataID=6807466&mediaName=frame.html
Frame ID: 3CB74BE76FE12A6189AB3698F0D09B0A
Requests: 2 HTTP requests in this frame

Frame: https://s.tribalfusion.com/p.media?clickID=ahmUCkPbQEWUYXVtQToFboRUJsYarN4Tja4qQPnaZbD1rZbcUHrQm6nBmG3qpdrB3aZbe5duq5PfGnUjGXVnR1c341VbwnTFV2rr2TUZbZcVm7YQTb1Sc3qPd3O0WFuVPbu4sY20bUDTPqs56vePPMF3dYt1WUAnH6N5PJT4c76VcQjWsMePPYoTHFRUFF33bTrUqroTTn6QEMZdRGBJPreqSH7iUVb52Fy4mWqOOQQyM8EGtGrtYTvJds&mediaDataID=4056396&mediaName=frame.html
Frame ID: 0E6F21D76A6BA7FFA323E276F4DD96C0
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: D9F40B9DCBD009D3B358BA7A9FEAAA2C
Requests: 3 HTTP requests in this frame

Frame: https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=99314000011033004444994012258017&actionid=981741&produktid=&dt_url=
Frame ID: DE4261CCF397CD846E183F7E55A22607
Requests: 1 HTTP requests in this frame

Frame: https://adv.office-partner.de/?utm_source=webgains&utm_campaign=webgains
Frame ID: 8284DAEDC1DD75EFE6CD3F4CC7824D69
Requests: 2 HTTP requests in this frame

Frame: https://5994599.fls.doubleclick.net/activityi;dc_pre=CM3BqJf1zf0CFVTE1QodOdMKDw;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=8093927841993.369
Frame ID: A3CEEAFA60D39584ACD0D87D341B8BF8
Requests: 2 HTTP requests in this frame

Frame: https://hal900017.redintelligence.net/request_content.php?s=99314000011033004444994012258017&a=1cff852c
Frame ID: 58049107BAED7ED8FF3F2A37EA38ECDB
Requests: 8 HTTP requests in this frame

Frame: https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=12257200011230704444994012258027&actionid=981741&produktid=&dt_url=
Frame ID: 5CE14F3508C06C3D7008B48E9FE4E08E
Requests: 1 HTTP requests in this frame

Frame: https://adv.office-partner.de/?utm_source=webgains&utm_campaign=webgains
Frame ID: 0EB75EEEFA42057AF9AED75484955AEB
Requests: 2 HTTP requests in this frame

Frame: https://5994599.fls.doubleclick.net/activityi;dc_pre=CIzLqJf1zf0CFVW51QodEJoJrg;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=4391494676798.8594
Frame ID: 7D17E1753EE6E522F998FEBF0C0F9B94
Requests: 2 HTTP requests in this frame

Frame: https://hal900027.redintelligence.net/request_content.php?s=12257200011230704444994012258027&a=185ef2ab
Frame ID: B8384AF77BEA81F188E80ED817AF7AEA
Requests: 8 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/15792676767965068564/index.html
Frame ID: 1051C84E11431782F930C1AA29465249
Requests: 6 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 2D8E90EB2C836700BC0B0D540F9D2457
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 49DEA087B307EF261BC71BEE2A8FBC2D
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 755385B02C3800254EBC965428D628A6
Requests: 2 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: F35A8C6D0DDAB1F0BFE4F600AC91152A
Requests: 10 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync
Frame ID: AC1A16E203A767B05C23E9C8F6B7A5A3
Requests: 1 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/pd
Frame ID: 37A38108EE2B9210A4E2EEE88F5184B5
Requests: 1 HTTP requests in this frame

Frame: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU3VM41V&prvid=2034%2C2033%2C2031%2C2030%2C233%2C2028%2C2027%2C159%2C236%2C2025%2C237%2C117%2C359%2C97%2C55%2C99%2C3012%2C3010%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C446%2C326%2C9%2C208%2C2055%2C3020%2C173%2C251%2C175%2C450%2C178%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C459%2C70%2C77%2C2022%2C182%2C141%2C262%2C461%2C222%2C345%2C10000%2C228%2C80%2C108%2C229%2C109%2C307&itype=PREBID&purpose1=1&gdprconsent=0&gdpr=1&coppa=0&usp_status=0&usp_consent=1
Frame ID: 1C423F2E9B2788A598374F5E1E1A508D
Requests: 1 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: 7050142A8DEFB2808F743D66C7150856
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158497
Frame ID: 77868BAD8283012823D50E430CCD7015
Requests: 15 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:9dde6409-53d0-4f00-bb19-51a018b3ce92&gdpr=0&gdpr_consent=
Frame ID: 98631C1F36C832939BCB4F6788940338
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=2582284890286784696
Frame ID: 6C99587A7284B1A92C0AF394BF256FBE
Requests: 1 HTTP requests in this frame

Frame: https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Frame ID: BFD5690D39FC3A5AB5A6BCDB12A17A61
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=ZT2gp2Y68_h-P6OnZW29qjJs86d-PfavNW3KjcOG
Frame ID: DA2A1BE0160C373C25AB029B02B6D532
Requests: 1 HTTP requests in this frame

Frame: https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=389B1C7D-66D3-46E8-82A6-7EF23C70ED44&redir=true&gdpr=0&gdpr_consent=&dcc=t
Frame ID: 221878612954A2BBBB1DEFF9DC2C17D5
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=7313373080911371245&gdpr=0&gdpr_consent=
Frame ID: D5DB4FB4969C08057A1C4892A380265D
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7208384827111962768&gdpr=0&gdpr_consent=
Frame ID: 5DCFE64E4E782EE18F97150141DEB820
Requests: 1 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.orientaldaily.com.my%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Frame ID: 67D177A9B7AD57948C5F1D4223A4DD93
Requests: 10 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

東方網馬來西亞東方日報

Page URL History Show full URLs

http://www.orientaldaily.com.my/ HTTP 301
https://www.orientaldaily.com.my/ Page URL

Detected technologies

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick Ad Exchange (AdX) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

tpc\.googlesyndication\.com/safeframe

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

DoubleClick for Publishers (DFP) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googletagservices\.com/tag/js/gpt(?:_mobile)?\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/ns\.html[^>]+></iframe>
googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Izooto (Marketing automation) Expand

Overall confidence: 100%
Detected patterns

cdn\.izooto\.\w+

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

Webgains (Affiliate programs) Expand

Overall confidence: 100%
Detected patterns

analytics\.webgains\.io

comScore (Analytics) Expand

Overall confidence: 100%
Detected patterns

<iframe[^>]* (?:id="comscore"|scr=[^>]+comscore)|\.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon
\.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

501
Requests

81 %
HTTPS

36 %
IPv6

79
Domains

138
Subdomains

113
IPs

17
Countries

12236 kB
Transfer

27171 kB
Size

88
Cookies

9 Outgoing links

These are links going to different origins than the main page.

URL: http://ufood.orientaldaily.com.my/
Title: U玩食

Search URL Search Domain Scan URL

URL: https://play.google.com/store/apps/details?id=com.my.orientaldailynews
Title: 安卓APP

Search URL Search Domain Scan URL

URL: https://apps.apple.com/us/app/oriental-daily-%E4%B8%9C%E6%96%B9%E6%97%A5%E6%8A%A5-%E9%A9%AC%E6%9D%A5%E8%A5%BF%E4%BA%9A%E7%83%AD%E7%82%B9%E6%96%B0%E9%97%BB/id1550134045
Title: 苹果APP

Search URL Search Domain Scan URL

URL: https://appgallery.huawei.com/#/app/C103900095
Title: 华为APP

Search URL Search Domain Scan URL

URL: https://www.facebook.com/OrientalDailyNewsMalaysia/
Title: Facebook

Search URL Search Domain Scan URL

URL: https://twitter.com/odnmalaysia
Title: Twitter

Search URL Search Domain Scan URL

URL: https://www.instagram.com/orientaldailynews/
Title: Instagram

Search URL Search Domain Scan URL

URL: https://t.me/orientaldailynewsmalaysia
Title: Telegram

Search URL Search Domain Scan URL

URL: https://www.izooto.com/campaign/getting-started-with-izooto?utm_source=referral&utm_medium=news_hub&utm_campaign=https://www.orientaldaily.com.my
Title: iZooto

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://www.orientaldaily.com.my/ HTTP 301
https://www.orientaldaily.com.my/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

https://www.orientaldaily.com.my/assets/css/app.css?id=172e03ec463b163fe1a0 HTTP 301
https://media5.orientaldaily.com.my/assets/css/app.css?id=172e03ec463b163fe1a0

Request Chain 3

https://www.orientaldaily.com.my/assets/static/logo-20-anniversary.png HTTP 301
https://media5.orientaldaily.com.my/assets/static/logo-20-anniversary.png

Request Chain 4

https://www.orientaldaily.com.my/storage/resize_cache/images/uploads/news-cover/2023/MAR_2023/20230309/zxklll.jpg/dd7d82b952fa973dbab3da419a39de6b.jpg HTTP 301
https://media5.orientaldaily.com.my/storage/resize_cache/images/uploads/news-cover/2023/MAR_2023/20230309/zxklll.jpg/dd7d82b952fa973dbab3da419a39de6b.jpg

Request Chain 5

https://www.orientaldaily.com.my/storage/resize_cache/images/uploads/news-cover/2023/MAR_2023/20230308/msz2.jpg/f5a8067bd65b42abcdb6cf32d444c5d6.jpg HTTP 301
https://media5.orientaldaily.com.my/storage/resize_cache/images/uploads/news-cover/2023/MAR_2023/20230308/msz2.jpg/f5a8067bd65b42abcdb6cf32d444c5d6.jpg

Request Chain 6

https://www.orientaldaily.com.my/storage/resize_cache/images/uploads/news-cover/2023/MAR_2023/20230308/msz1.jpg/7f0ee7c468dba2db54151f76f4ac94ff.jpg HTTP 301
https://media5.orientaldaily.com.my/storage/resize_cache/images/uploads/news-cover/2023/MAR_2023/20230308/msz1.jpg/7f0ee7c468dba2db54151f76f4ac94ff.jpg

Request Chain 7

https://www.orientaldaily.com.my/storage/resize_cache/images/uploads/news-cover/2023/MAR_2023/20230309/adfb54dfb54df58a8dbf4a.jpg/9bb51b464142f5db550e156fb1a3d61e.jpg HTTP 301
https://media5.orientaldaily.com.my/storage/resize_cache/images/uploads/news-cover/2023/MAR_2023/20230309/adfb54dfb54df58a8dbf4a.jpg/9bb51b464142f5db550e156fb1a3d61e.jpg

Request Chain 8

https://www.orientaldaily.com.my/storage/resize_cache/images/uploads/news-cover/2023/MAR_2023/20230309/WhatsApp_Image_2023-03-09_at_11.24.05_AM.jpeg/46211d35345b7d8cbd4e962b1402c040.jpeg HTTP 301
https://media5.orientaldaily.com.my/storage/resize_cache/images/uploads/news-cover/2023/MAR_2023/20230309/WhatsApp_Image_2023-03-09_at_11.24.05_AM.jpeg/46211d35345b7d8cbd4e962b1402c040.jpeg

Request Chain 9

https://www.orientaldaily.com.my/storage/resize_cache/images/uploads/news-cover/2023/MAR_2023/20230309/WhatsApp_Image_2023-03-09_at_11.19.43_AM.jpeg/685f851ce2c8741769dd0cf3c9a73a2c.jpeg HTTP 301
https://media5.orientaldaily.com.my/storage/resize_cache/images/uploads/news-cover/2023/MAR_2023/20230309/WhatsApp_Image_2023-03-09_at_11.19.43_AM.jpeg/685f851ce2c8741769dd0cf3c9a73a2c.jpeg

Request Chain 10

https://www.orientaldaily.com.my/storage/resize_cache/images/uploads/news-cover/2023/MAR_2023/20230309/vell1.jpeg/3f55181afac3b328a11f6b1ed87a548a.jpeg HTTP 301
https://media5.orientaldaily.com.my/storage/resize_cache/images/uploads/news-cover/2023/MAR_2023/20230309/vell1.jpeg/3f55181afac3b328a11f6b1ed87a548a.jpeg

Request Chain 11

https://www.orientaldaily.com.my/storage/resize_cache/images/uploads/news-cover/2023/MAR_2023/20230308/d6891622.jpg/707ae505648f17a4e983cf5ff929b427.jpg HTTP 301
https://media5.orientaldaily.com.my/storage/resize_cache/images/uploads/news-cover/2023/MAR_2023/20230308/d6891622.jpg/707ae505648f17a4e983cf5ff929b427.jpg

Request Chain 12

https://www.orientaldaily.com.my/storage/resize_cache/images/uploads/news-cover/2023/MAR_2023/20230308/parenttt.jpg/c96b6270314cfb22dfc05edb3175b4fa.jpg HTTP 301
https://media5.orientaldaily.com.my/storage/resize_cache/images/uploads/news-cover/2023/MAR_2023/20230308/parenttt.jpg/c96b6270314cfb22dfc05edb3175b4fa.jpg

Request Chain 13

https://www.orientaldaily.com.my/storage/resize_cache/images/uploads/news-cover/2023/MAR_2023/20230308/6890475.jpg/7979f6ef8b8a0181b20a678a7098cc1d.jpg HTTP 301
https://media5.orientaldaily.com.my/storage/resize_cache/images/uploads/news-cover/2023/MAR_2023/20230308/6890475.jpg/7979f6ef8b8a0181b20a678a7098cc1d.jpg

Request Chain 14

https://www.orientaldaily.com.my/storage/resize_cache/images/uploads/news-cover/2023/MAR_2023/20230308/240952502_205699551588302_5368894757947576719_n.png/7c58139650c3a06a5ffcaba847e456b4.png HTTP 301
https://media5.orientaldaily.com.my/storage/resize_cache/images/uploads/news-cover/2023/MAR_2023/20230308/240952502_205699551588302_5368894757947576719_n.png/7c58139650c3a06a5ffcaba847e456b4.png

Request Chain 15

https://www.orientaldaily.com.my/storage/resize_cache/images/uploads/news-cover/2023/MAR_2023/20230308/GUYC45.jpg/98646e8ef76b44db47760208aefbe0e5.jpg HTTP 301
https://media5.orientaldaily.com.my/storage/resize_cache/images/uploads/news-cover/2023/MAR_2023/20230308/GUYC45.jpg/98646e8ef76b44db47760208aefbe0e5.jpg

Request Chain 16

https://www.orientaldaily.com.my/storage/resize_cache/images/uploads/news-cover/2023/MAR_2023/20230308/WhatsApp_Image_2023-03-08_at_1.38.13_PM.jpeg/91425f9618dca13e54b23fd45baf516e.jpeg HTTP 301
https://media5.orientaldaily.com.my/storage/resize_cache/images/uploads/news-cover/2023/MAR_2023/20230308/WhatsApp_Image_2023-03-08_at_1.38.13_PM.jpeg/91425f9618dca13e54b23fd45baf516e.jpeg

Request Chain 17

https://www.orientaldaily.com.my/storage/resize_cache/images/uploads/news-cover/2023/MAR_2023/20230308/WhatsApp_Image_2023-03-08_at_13.08.25.jpeg/90401b544261acd4cb2039eea8bdca2f.jpeg HTTP 301
https://media5.orientaldaily.com.my/storage/resize_cache/images/uploads/news-cover/2023/MAR_2023/20230308/WhatsApp_Image_2023-03-08_at_13.08.25.jpeg/90401b544261acd4cb2039eea8bdca2f.jpeg

Request Chain 18

https://www.orientaldaily.com.my/storage/resize_cache/images/uploads/news-cover/2023/MAR_2023/20230308/WhatsApp_Image_2023-03-08_at_1.29.02_PM.jpeg/de0c7e940b0b659f923bf13852e9baca.jpeg HTTP 301
https://media5.orientaldaily.com.my/storage/resize_cache/images/uploads/news-cover/2023/MAR_2023/20230308/WhatsApp_Image_2023-03-08_at_1.29.02_PM.jpeg/de0c7e940b0b659f923bf13852e9baca.jpeg

Request Chain 19

https://www.orientaldaily.com.my/storage/resize_cache/images/uploads/news-cover/2023/MAR_2023/20230309/e0a80325d6b8c2e9919e0f080111d9a1.jpg/d9390a1440937ed408973a1171113a49.jpg HTTP 301
https://media5.orientaldaily.com.my/storage/resize_cache/images/uploads/news-cover/2023/MAR_2023/20230309/e0a80325d6b8c2e9919e0f080111d9a1.jpg/d9390a1440937ed408973a1171113a49.jpg

Request Chain 20

https://www.orientaldaily.com.my/storage/resize_cache/images/uploads/news-cover/2023/MAR_2023/20230309/b46ad328-4f5d-4f39-a300-a7ac4110479c.jpg/e11f4aa8d25454c8700daa6988461894.jpg HTTP 301
https://media5.orientaldaily.com.my/storage/resize_cache/images/uploads/news-cover/2023/MAR_2023/20230309/b46ad328-4f5d-4f39-a300-a7ac4110479c.jpg/e11f4aa8d25454c8700daa6988461894.jpg

Request Chain 21

https://www.orientaldaily.com.my/storage/resize_cache/images/uploads/news-cover/2023/MAR_2023/20230309/3e7900d0-daba-48f6-a27e-1d98eb885f39.jpg/f8f7f74bbf11fcc662963cbe5d98c8e5.jpg HTTP 301
https://media5.orientaldaily.com.my/storage/resize_cache/images/uploads/news-cover/2023/MAR_2023/20230309/3e7900d0-daba-48f6-a27e-1d98eb885f39.jpg/f8f7f74bbf11fcc662963cbe5d98c8e5.jpg

Request Chain 22

https://www.orientaldaily.com.my/storage/resize_cache/images/uploads/news-cover/2023/MAR_2023/20230309/WhatsApp_Image_2023-03-09_at_10.52.58_AM.jpeg/0fd7808a6930e51521314b9851d94f42.jpeg HTTP 301
https://media5.orientaldaily.com.my/storage/resize_cache/images/uploads/news-cover/2023/MAR_2023/20230309/WhatsApp_Image_2023-03-09_at_10.52.58_AM.jpeg/0fd7808a6930e51521314b9851d94f42.jpeg

Request Chain 23

https://www.orientaldaily.com.my/storage/resize_cache/images/uploads/news-cover/2023/MAR_2023/20230309/chicken.jpg/4be15d19234bf28ffd41501160a0030e.jpg HTTP 301
https://media5.orientaldaily.com.my/storage/resize_cache/images/uploads/news-cover/2023/MAR_2023/20230309/chicken.jpg/4be15d19234bf28ffd41501160a0030e.jpg

Request Chain 24

https://www.orientaldaily.com.my/storage/resize_cache/images/uploads/news-cover/2023/MAR_2023/20230309/76967967.jpg/b98b9b272ec7f2867c5dbe2a8a4d7aa9.jpg HTTP 301
https://media5.orientaldaily.com.my/storage/resize_cache/images/uploads/news-cover/2023/MAR_2023/20230309/76967967.jpg/b98b9b272ec7f2867c5dbe2a8a4d7aa9.jpg

Request Chain 25

https://www.orientaldaily.com.my/storage/resize_cache/images/uploads/news-cover/2023/MAR_2023/20230309/AZ3C2MC6TFISFPLH23LDWY2B74.jpg/18cabeaaf7bdf0c2bd4e4a356bd0bad1.jpg HTTP 301
https://media5.orientaldaily.com.my/storage/resize_cache/images/uploads/news-cover/2023/MAR_2023/20230309/AZ3C2MC6TFISFPLH23LDWY2B74.jpg/18cabeaaf7bdf0c2bd4e4a356bd0bad1.jpg

Request Chain 26

https://www.orientaldaily.com.my/storage/resize_cache/images/uploads/news-cover/2023/MAR_2023/20230309/54654654654645.jpg/5eb28e24632b9a5e805a4b22d2bb2632.jpg HTTP 301
https://media5.orientaldaily.com.my/storage/resize_cache/images/uploads/news-cover/2023/MAR_2023/20230309/54654654654645.jpg/5eb28e24632b9a5e805a4b22d2bb2632.jpg

Request Chain 27

https://www.orientaldaily.com.my/storage/resize_cache/images/uploads/news-cover/2023/MAR_2023/20230309/ac2871e9-b8e2-4315-af4d-f9238d139b8e.jpg/3a13a7104badb5d9196528f6b4644f76.jpg HTTP 301
https://media5.orientaldaily.com.my/storage/resize_cache/images/uploads/news-cover/2023/MAR_2023/20230309/ac2871e9-b8e2-4315-af4d-f9238d139b8e.jpg/3a13a7104badb5d9196528f6b4644f76.jpg

Request Chain 28

https://www.orientaldaily.com.my/storage/resize_cache/images/uploads/news-cover/2023/MAR_2023/20230309/6797697697696.jpg/eada9c294e4dab9bb67d2d1bc995374a.jpg HTTP 301
https://media5.orientaldaily.com.my/storage/resize_cache/images/uploads/news-cover/2023/MAR_2023/20230309/6797697697696.jpg/eada9c294e4dab9bb67d2d1bc995374a.jpg

Request Chain 29

https://www.orientaldaily.com.my/storage/resize_cache/images/uploads/news-cover/2023/MAR_2023/20230309/887ce7dd-995f-4c1a-b11d-fc64f2384da1.jpg/adaea6c26c4f1b1529e05be08287f405.jpg HTTP 301
https://media5.orientaldaily.com.my/storage/resize_cache/images/uploads/news-cover/2023/MAR_2023/20230309/887ce7dd-995f-4c1a-b11d-fc64f2384da1.jpg/adaea6c26c4f1b1529e05be08287f405.jpg

Request Chain 30

https://www.orientaldaily.com.my/storage/resize_cache/images/uploads/news-cover/2023/MAR_2023/20230309/2ddf3ff7-c9c7-4008-ba34-6e90e6f1d8a1.jpg/2a7a328960b9b88ee0aea32dffc5033a.jpg HTTP 301
https://media5.orientaldaily.com.my/storage/resize_cache/images/uploads/news-cover/2023/MAR_2023/20230309/2ddf3ff7-c9c7-4008-ba34-6e90e6f1d8a1.jpg/2a7a328960b9b88ee0aea32dffc5033a.jpg

Request Chain 31

https://www.orientaldaily.com.my/storage/resize_cache/images/uploads/news-cover/2023/MAR_2023/20230309/8987978978.jpg/78f572bb17ea89f7a079c4da9bbe9584.jpg HTTP 301
https://media5.orientaldaily.com.my/storage/resize_cache/images/uploads/news-cover/2023/MAR_2023/20230309/8987978978.jpg/78f572bb17ea89f7a079c4da9bbe9584.jpg

Request Chain 32

https://www.orientaldaily.com.my/storage/resize_cache/images/uploads/news-cover/2023/MAR_2023/20230308/5bc1924d-72c5-4132-b279-6ba902ff426f.jpg/676ec3458f054eca4ba159a10972c802.jpg HTTP 301
https://media5.orientaldaily.com.my/storage/resize_cache/images/uploads/news-cover/2023/MAR_2023/20230308/5bc1924d-72c5-4132-b279-6ba902ff426f.jpg/676ec3458f054eca4ba159a10972c802.jpg

Request Chain 33

https://www.orientaldaily.com.my/assets/static/association-event.png HTTP 301
https://media5.orientaldaily.com.my/assets/static/association-event.png

Request Chain 34

https://www.orientaldaily.com.my/storage/resize_cache/images/uploads/news-cover/2023/MAR_2023/20230308/1fe4e2f98a907735bd0f58a6483f80472.jpg/fb454e0d98ab95657052b14f6e7c3685.jpg HTTP 301
https://media5.orientaldaily.com.my/storage/resize_cache/images/uploads/news-cover/2023/MAR_2023/20230308/1fe4e2f98a907735bd0f58a6483f80472.jpg/fb454e0d98ab95657052b14f6e7c3685.jpg

Request Chain 35

https://www.orientaldaily.com.my/storage/resize_cache/images/uploads/news-cover/2023/MAR_2023/20230308/guanbi.jpg/18ddc098e32a86dcbf7cd9f082a5b8aa.jpg HTTP 301
https://media5.orientaldaily.com.my/storage/resize_cache/images/uploads/news-cover/2023/MAR_2023/20230308/guanbi.jpg/18ddc098e32a86dcbf7cd9f082a5b8aa.jpg

Request Chain 36

https://www.orientaldaily.com.my/storage/resize_cache/images/uploads/news-cover/2023/MAR_2023/20230308/hajiji.jpg/ec5ebb3e625512a6b802a2a90da68c08.jpg HTTP 301
https://media5.orientaldaily.com.my/storage/resize_cache/images/uploads/news-cover/2023/MAR_2023/20230308/hajiji.jpg/ec5ebb3e625512a6b802a2a90da68c08.jpg

Request Chain 37

https://www.orientaldaily.com.my/storage/resize_cache/images/uploads/news-cover/2023/MAR_2023/20230308/bomba.jpg/4e9c255435790c8aa456eb130531a4a5.jpg HTTP 301
https://media5.orientaldaily.com.my/storage/resize_cache/images/uploads/news-cover/2023/MAR_2023/20230308/bomba.jpg/4e9c255435790c8aa456eb130531a4a5.jpg

Request Chain 38

https://www.orientaldaily.com.my/storage/resize_cache/images/uploads/news-cover/2023/MAR_2023/20230308/rahmah.jpg/4c597e49ebb0551b7b03b100949fb5a1.jpg HTTP 301
https://media5.orientaldaily.com.my/storage/resize_cache/images/uploads/news-cover/2023/MAR_2023/20230308/rahmah.jpg/4c597e49ebb0551b7b03b100949fb5a1.jpg

Request Chain 39

https://www.orientaldaily.com.my/storage/resize_cache/images/uploads/news-cover/2023/MAR_2023/20230308/20230308bp01.jpg/24d3024181d02a197c59972e59db9ca3.jpg HTTP 301
https://media5.orientaldaily.com.my/storage/resize_cache/images/uploads/news-cover/2023/MAR_2023/20230308/20230308bp01.jpg/24d3024181d02a197c59972e59db9ca3.jpg

Request Chain 40

https://www.orientaldaily.com.my/storage/resize_cache/images/uploads/news-cover/2023/MAR_2023/20230308/20230308klg01.jpg/c67196ba55c8d7fbe0c87fcde0e86544.jpg HTTP 301
https://media5.orientaldaily.com.my/storage/resize_cache/images/uploads/news-cover/2023/MAR_2023/20230308/20230308klg01.jpg/c67196ba55c8d7fbe0c87fcde0e86544.jpg

Request Chain 41

https://www.orientaldaily.com.my/storage/resize_cache/images/uploads/news-cover/2023/MAR_2023/20230309/batch_WhatsApp_Image_2023-03-09_at_11.02.47_AM.jpeg/acd1d696986d00a1f02cd69d76330044.jpeg HTTP 301
https://media5.orientaldaily.com.my/storage/resize_cache/images/uploads/news-cover/2023/MAR_2023/20230309/batch_WhatsApp_Image_2023-03-09_at_11.02.47_AM.jpeg/acd1d696986d00a1f02cd69d76330044.jpeg

Request Chain 42

https://www.orientaldaily.com.my/storage/resize_cache/images/uploads/news-cover/2023/MAR_2023/20230309/WhatsApp_Image_2023-03-09_at_10.41.54_AM.jpeg/538341cd8add47c40f609564e0585a77.jpeg HTTP 301
https://media5.orientaldaily.com.my/storage/resize_cache/images/uploads/news-cover/2023/MAR_2023/20230309/WhatsApp_Image_2023-03-09_at_10.41.54_AM.jpeg/538341cd8add47c40f609564e0585a77.jpeg

Request Chain 43

https://www.orientaldaily.com.my/storage/resize_cache/images/uploads/news-cover/2023/MAR_2023/20230309/97696.jpg/a0f72d45a1d6a06443673db207e9b776.jpg HTTP 301
https://media5.orientaldaily.com.my/storage/resize_cache/images/uploads/news-cover/2023/MAR_2023/20230309/97696.jpg/a0f72d45a1d6a06443673db207e9b776.jpg

Request Chain 44

https://www.orientaldaily.com.my/storage/resize_cache/images/uploads/news-cover/2023/MAR_2023/20230308/she07.jpg/273d9e010d84ad6491123f2d02ac5ba8.jpg HTTP 301
https://media5.orientaldaily.com.my/storage/resize_cache/images/uploads/news-cover/2023/MAR_2023/20230308/she07.jpg/273d9e010d84ad6491123f2d02ac5ba8.jpg

Request Chain 45

https://www.orientaldaily.com.my/storage/resize_cache/images/uploads/news-cover/2023/MAR_2023/20230308/dong05.jpg/e71ce87393bb9894fb8519115e409874.jpg HTTP 301
https://media5.orientaldaily.com.my/storage/resize_cache/images/uploads/news-cover/2023/MAR_2023/20230308/dong05.jpg/e71ce87393bb9894fb8519115e409874.jpg

Request Chain 46

https://www.orientaldaily.com.my/storage/resize_cache/images/uploads/news-cover/2023/MAR_2023/20230308/yoon3.jpg/ad2ef6dce3d2254b7b3a960a7b4ec562.jpg HTTP 301
https://media5.orientaldaily.com.my/storage/resize_cache/images/uploads/news-cover/2023/MAR_2023/20230308/yoon3.jpg/ad2ef6dce3d2254b7b3a960a7b4ec562.jpg

Request Chain 47

https://www.orientaldaily.com.my/storage/resize_cache/images/uploads/news-cover/2023/MAR_2023/20230308/Mandy_c.jpg/7fb61144a32946254d5024db76a556dc.jpg HTTP 301
https://media5.orientaldaily.com.my/storage/resize_cache/images/uploads/news-cover/2023/MAR_2023/20230308/Mandy_c.jpg/7fb61144a32946254d5024db76a556dc.jpg

Request Chain 48

https://www.orientaldaily.com.my/storage/resize_cache/images/uploads/news-cover/2023/MAR_2023/20230309/WhatsApp_Image_2023-03-09_at_10.36.53_AM.jpeg/c7d613fdee265442f419bc50a4de70ef.jpeg HTTP 301
https://media5.orientaldaily.com.my/storage/resize_cache/images/uploads/news-cover/2023/MAR_2023/20230309/WhatsApp_Image_2023-03-09_at_10.36.53_AM.jpeg/c7d613fdee265442f419bc50a4de70ef.jpeg

Request Chain 49

https://www.orientaldaily.com.my/storage/resize_cache/images/uploads/news-cover/2023/MAR_2023/20230309/BNM.jpg/3677023ef8b3919d9e86c8a2b15a5a3f.jpg HTTP 301
https://media5.orientaldaily.com.my/storage/resize_cache/images/uploads/news-cover/2023/MAR_2023/20230309/BNM.jpg/3677023ef8b3919d9e86c8a2b15a5a3f.jpg

Request Chain 228

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPTq5uUb0-oMm2n08InGmmg&google_cver=1

Request Chain 229

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZAlTyvjUpeZJG3e3wedcfAAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPTq5uUb0-oMm2n08InGmmg&google_cver=1

Request Chain 230

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEKo1JMDhcjfaXKr33rWGjFA&google_cver=1

Request Chain 231

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzMxMzM3MzA4MDkxMTM3MTI0NQ%3D%3D

Request Chain 232

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPTq5uUb0-oMm2n08InGmmg&google_cver=1

Request Chain 233

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZAlTyvjUpeZJG3e3wedcfAAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPTq5uUb0-oMm2n08InGmmg&google_cver=1

Request Chain 234

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEKo1JMDhcjfaXKr33rWGjFA&google_cver=1

Request Chain 235

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzMxMzM3MzA4MDkxMTM3MTI0NQ%3D%3D

Request Chain 237

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPTq5uUb0-oMm2n08InGmmg&google_cver=1

Request Chain 238

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZAlTyvjUpeZJG3e3wedcfAAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPTq5uUb0-oMm2n08InGmmg&google_cver=1

Request Chain 239

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEKo1JMDhcjfaXKr33rWGjFA&google_cver=1

Request Chain 240

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzMxMzM3MzA4MDkxMTM3MTI0NQ%3D%3D

Request Chain 324

https://hal900027.redintelligence.net/request.php?zone=wmoiqux43uzw&nw=20&renderingType=javascript&namespace=c6fd1df368&subid=&uid=8ed510983c2fae01&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=336x280&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC-QkNyVMJZOzdH-SSjuwPn4ScgAim5b2gab2TnKfJD_AuEAEg3uW3Q2CV4pCCoAfIAQmpAtM_RZHLsrE-qAMBqgSkAk_QTqfG7BxtZeBFqtc-VCpu2mvR8Cu7cGXjQKrfBgTN4C6Mpjuyxr9AW6eOWOUejb5BunCTmgEMWbdemhK1y0BXTmhCunKRVZI07Si9Kcrr8b7OgUkPqNrFtlholesYLPscvWercvPnw19wfqcZFrCqVzNsC4diuEe055G-lge0xn10cRjLWKQW23q1sRB27O3LHEVE3R2loCTowbXON4bkOcTvro9QG_GKFiLASgSMZ2xeXyEhRSKoCEs-dGBl4OBlwIAr4yRJEzpnskwWCn9mK1y79SLePVxCoug7qXkxDZlEIJhDLwztB1RYk-4cNB3nYdyVvMRbyxhtgYWL2VDNk9J1Z7lMtBc2FaCtd1oTVf5Q1evct2PgxSdH9MCSh1M6GYPABOuP_I73A-AEA5AGAaAGTYAHrK31nwOoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggRCIDhgBAQARgdMgKqAjoCgECACgOYCwHICwGADAGwE4-10Q7QEwDYEwPYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSSwDUE5ymgSwBz0_VRlBANJjo9I2ImuFTowaE6h8LHWs4UXd6rs_uIlSB0JzxFKR-9FcHXwaNxJH-v28_eBwcL2pXCXll8s9bInYVSxgB%26sig%3DAOD64_3HkMtQGcLHRSonSRwCkIXBOf6Myw%26client%3Dca-pub-3430561196928589%26dbm_c%3DAKAmf-BbUdQI5pqadkF8e6pR2EhK2Mrm6hGGbi3nXvRd0idCYlXh_xxqcsJf0iUsN0EF1zkroCXvCJFwXy9k1WBxGO0bsMhsR46KHsfbH1qrIYCotE5RkGpiX1MhnRtOVNrT3b3WTO5Dy4ZoLvSJz76Jdjt_HJa0u2n1RJlvN9iZoKUwmwQrIrM%26cry%3D1%26dbm_d%3DAKAmf-BKXWDNlXAy86sb5txPU7ctfahMLQC_KthokAxheA3yMQoNHEeWkHj8Rbb0U_9rOXSbI8xsydS4q_10TJcqQloX0uizboZHxslq7JTix8VP2Dc4LqO_b1uYvaGErnHF4zviV-rT1fyaxpiEgDvs0HS4cG12Q8A4nUDemfNz8aMr3K4kVT69dnbNbU9GdZ9D6g5fht3nRjNVY21hCt1ujzIc5cWfGvJcLe4_WPHKOkPvxJgZx9ojUtX5bv9WhvjH3TcVBc2eUdaKDPK4MVA7g4VHVaeWFTiC9jbYgTGw36i0WRGzf4y0TxY5Xyg-NXfJfEmKg0lr-vDWJp_HTZkVkwbtFGGwvb6UmsCg-GQltRiNXEaV6qk7BdD1i75D9atFA37aQT-YDxG8olMGXmMmNDb1Q77UhQHrJiL9f23yl7ZL9doFkfc74CikeFNsTXtcXG9iR7SDXFKGHFjUeffzJRP7PFsWEZ-bujfwa6jHZRXNjHxFp6r25-NPQRJX5jMY03Dm75LuwdlHOnNxxmAyDMB4Fs7pud6Ttv54rlKVVbn8n_s7rF0%26adurl%3D&documentReferer=https%3A%2F%2Fwww.orientaldaily.com.my%2F&ancestorOrigins=https%3A%2F%2Fwww.orientaldaily.com.my&random=7949243606522&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0 HTTP 302
https://hal900027.redintelligence.net/request.php?zone=wmoiqux43uzw&nw=20&renderingType=javascript&namespace=c6fd1df368&subid=&uid=8ed510983c2fae01&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=336x280&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC-QkNyVMJZOzdH-SSjuwPn4ScgAim5b2gab2TnKfJD_AuEAEg3uW3Q2CV4pCCoAfIAQmpAtM_RZHLsrE-qAMBqgSkAk_QTqfG7BxtZeBFqtc-VCpu2mvR8Cu7cGXjQKrfBgTN4C6Mpjuyxr9AW6eOWOUejb5BunCTmgEMWbdemhK1y0BXTmhCunKRVZI07Si9Kcrr8b7OgUkPqNrFtlholesYLPscvWercvPnw19wfqcZFrCqVzNsC4diuEe055G-lge0xn10cRjLWKQW23q1sRB27O3LHEVE3R2loCTowbXON4bkOcTvro9QG_GKFiLASgSMZ2xeXyEhRSKoCEs-dGBl4OBlwIAr4yRJEzpnskwWCn9mK1y79SLePVxCoug7qXkxDZlEIJhDLwztB1RYk-4cNB3nYdyVvMRbyxhtgYWL2VDNk9J1Z7lMtBc2FaCtd1oTVf5Q1evct2PgxSdH9MCSh1M6GYPABOuP_I73A-AEA5AGAaAGTYAHrK31nwOoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggRCIDhgBAQARgdMgKqAjoCgECACgOYCwHICwGADAGwE4-10Q7QEwDYEwPYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSSwDUE5ymgSwBz0_VRlBANJjo9I2ImuFTowaE6h8LHWs4UXd6rs_uIlSB0JzxFKR-9FcHXwaNxJH-v28_eBwcL2pXCXll8s9bInYVSxgB%26sig%3DAOD64_3HkMtQGcLHRSonSRwCkIXBOf6Myw%26client%3Dca-pub-3430561196928589%26dbm_c%3DAKAmf-BbUdQI5pqadkF8e6pR2EhK2Mrm6hGGbi3nXvRd0idCYlXh_xxqcsJf0iUsN0EF1zkroCXvCJFwXy9k1WBxGO0bsMhsR46KHsfbH1qrIYCotE5RkGpiX1MhnRtOVNrT3b3WTO5Dy4ZoLvSJz76Jdjt_HJa0u2n1RJlvN9iZoKUwmwQrIrM%26cry%3D1%26dbm_d%3DAKAmf-BKXWDNlXAy86sb5txPU7ctfahMLQC_KthokAxheA3yMQoNHEeWkHj8Rbb0U_9rOXSbI8xsydS4q_10TJcqQloX0uizboZHxslq7JTix8VP2Dc4LqO_b1uYvaGErnHF4zviV-rT1fyaxpiEgDvs0HS4cG12Q8A4nUDemfNz8aMr3K4kVT69dnbNbU9GdZ9D6g5fht3nRjNVY21hCt1ujzIc5cWfGvJcLe4_WPHKOkPvxJgZx9ojUtX5bv9WhvjH3TcVBc2eUdaKDPK4MVA7g4VHVaeWFTiC9jbYgTGw36i0WRGzf4y0TxY5Xyg-NXfJfEmKg0lr-vDWJp_HTZkVkwbtFGGwvb6UmsCg-GQltRiNXEaV6qk7BdD1i75D9atFA37aQT-YDxG8olMGXmMmNDb1Q77UhQHrJiL9f23yl7ZL9doFkfc74CikeFNsTXtcXG9iR7SDXFKGHFjUeffzJRP7PFsWEZ-bujfwa6jHZRXNjHxFp6r25-NPQRJX5jMY03Dm75LuwdlHOnNxxmAyDMB4Fs7pud6Ttv54rlKVVbn8n_s7rF0%26adurl%3D&documentReferer=https%3A%2F%2Fwww.orientaldaily.com.my%2F&ancestorOrigins=https%3A%2F%2Fwww.orientaldaily.com.my&random=7949243606522&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1

Request Chain 325

https://hal900017.redintelligence.net/request.php?zone=wmoiqux43uzw&nw=20&renderingType=javascript&namespace=82dc8be063&subid=&uid=2f63b6c680c532a2&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=336x280&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCipNIyVMJZO3dH-SSjuwPn4ScgAim5b2gab2TnKfJD_AuEAEg3uW3Q2CV4pCCoAfIAQmpAtM_RZHLsrE-qAMBqgSkAk_QOVGOzf9Pfkj_uID8cKosHBdEG3y5XQfp3xxBEguTcn-e6xEazhohnVZmmU08hD9zi79u-hfJx7ChpsKqZoYJOGXUZc6V9KoyR7ranf5J9uvPV9eIG_WxfqWUtWclyj5kAI0HhzzBXE_vZoGaCoTLSa-toj12imYZsRwlRrOjcFGioBJAfj5m96bjfmCSqxt0NNx_rkszsiE6Nf6qGMhDto5guzkLXfWq4T9tsukm1pNQ8N4V6c0rLx-vH-IiISPJbclgZ-ax9j8IOHRUv5CUntE6aE40I-wGODsscEmUWzkjXne0Uqy1GB-TXJ4cE2ZGs08iEz5f5AexaM-hmNAEhlhlSKwz3B2O5Fs8W944OgoT2oXW3uHU_orFI4RIyK-7UGTABOuP_I73A-AEA5AGAaAGTYAHrK31nwOoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggRCIDhgBAQARgdMgKqAjoCgECACgOYCwHICwGADAGwE4-10Q7QEwDYEwPYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSSwDUE5ymgSwBz0_VRlBANJjo9I2ImuFTowaE6h8LHWs4UXd6rs_uIlSB0JzxFKR-9FcHXwaNxJH-v28_eBwcL2pXCXll8s9bInYVSxgB%26sig%3DAOD64_3yQDRW2_m-e_7R9wROQvLo1pKGPQ%26client%3Dca-pub-3430561196928589%26dbm_c%3DAKAmf-DPnXsOkO81u1c9tQV5kA8slnQZqUqwRBfBgoRH5zt6L1YoC5Uupt1_asqDxoqvS96bXCArHk3yMu17E4SfbQe9fPm2_4dnM5xat1dHKpInWrBueagePcEAXHWQazsXV2cyAtNiXSvykyxhp8HWXNVesJekhrgfI3ARA-sJA9KF4FgKyhc%26cry%3D1%26dbm_d%3DAKAmf-CsfhtM91hhsWj6S9xe9JUAwuWq_gN1H4RwQbVAInS-hv1kXHi1VSvF-3j8dYqJobarFmEzuqJ0ibcV4kLKJq7VgouuGbBSp-gWRFJauVgOb1RuOFNcF2Pbmzk_xZDo5tYUuXScsig_6i7HdPhaLpaqi9abAVRff36So6Man5rwoTqAjfft_n7K_SBGoFd71AKvDKKyge955Yjqwxkc1puoaLidAB-E96c_lX7ZJo6QHtv_LRR0DXjV4CeahbrtdTqbMrbVlpeZRudrkOcXUE7Zm6HyejkzQ4fOvC_uuitj4Wriz3kQMrsBMDNubanmap5NpMrSv8o3vPXObAnsU92Bj9LHT_MZzCEsc1Wg2iUk_qOwjuoDmBoo8M7ZipxCMpKSBK4wxAz0dBsjBNLsm4Hp6LzCjCx_ial3k07DuSSY2UA2-Or9pUPc6R1aIjENnlO86TE3CBivQUZPNxUREmlGto-dmHvuEtWWXws--3Dfr-lDUXSUGUDo5VPDQGo3SAqrYd3VUiINjEEGBUJgSF5NYoyMXTYqNeCqfTCA9uiP1BDb9yo%26adurl%3D&documentReferer=https%3A%2F%2Fwww.orientaldaily.com.my%2F&ancestorOrigins=https%3A%2F%2Fwww.orientaldaily.com.my&random=7503321541877&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0 HTTP 302
https://hal900017.redintelligence.net/request.php?zone=wmoiqux43uzw&nw=20&renderingType=javascript&namespace=82dc8be063&subid=&uid=2f63b6c680c532a2&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=336x280&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCipNIyVMJZO3dH-SSjuwPn4ScgAim5b2gab2TnKfJD_AuEAEg3uW3Q2CV4pCCoAfIAQmpAtM_RZHLsrE-qAMBqgSkAk_QOVGOzf9Pfkj_uID8cKosHBdEG3y5XQfp3xxBEguTcn-e6xEazhohnVZmmU08hD9zi79u-hfJx7ChpsKqZoYJOGXUZc6V9KoyR7ranf5J9uvPV9eIG_WxfqWUtWclyj5kAI0HhzzBXE_vZoGaCoTLSa-toj12imYZsRwlRrOjcFGioBJAfj5m96bjfmCSqxt0NNx_rkszsiE6Nf6qGMhDto5guzkLXfWq4T9tsukm1pNQ8N4V6c0rLx-vH-IiISPJbclgZ-ax9j8IOHRUv5CUntE6aE40I-wGODsscEmUWzkjXne0Uqy1GB-TXJ4cE2ZGs08iEz5f5AexaM-hmNAEhlhlSKwz3B2O5Fs8W944OgoT2oXW3uHU_orFI4RIyK-7UGTABOuP_I73A-AEA5AGAaAGTYAHrK31nwOoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggRCIDhgBAQARgdMgKqAjoCgECACgOYCwHICwGADAGwE4-10Q7QEwDYEwPYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSSwDUE5ymgSwBz0_VRlBANJjo9I2ImuFTowaE6h8LHWs4UXd6rs_uIlSB0JzxFKR-9FcHXwaNxJH-v28_eBwcL2pXCXll8s9bInYVSxgB%26sig%3DAOD64_3yQDRW2_m-e_7R9wROQvLo1pKGPQ%26client%3Dca-pub-3430561196928589%26dbm_c%3DAKAmf-DPnXsOkO81u1c9tQV5kA8slnQZqUqwRBfBgoRH5zt6L1YoC5Uupt1_asqDxoqvS96bXCArHk3yMu17E4SfbQe9fPm2_4dnM5xat1dHKpInWrBueagePcEAXHWQazsXV2cyAtNiXSvykyxhp8HWXNVesJekhrgfI3ARA-sJA9KF4FgKyhc%26cry%3D1%26dbm_d%3DAKAmf-CsfhtM91hhsWj6S9xe9JUAwuWq_gN1H4RwQbVAInS-hv1kXHi1VSvF-3j8dYqJobarFmEzuqJ0ibcV4kLKJq7VgouuGbBSp-gWRFJauVgOb1RuOFNcF2Pbmzk_xZDo5tYUuXScsig_6i7HdPhaLpaqi9abAVRff36So6Man5rwoTqAjfft_n7K_SBGoFd71AKvDKKyge955Yjqwxkc1puoaLidAB-E96c_lX7ZJo6QHtv_LRR0DXjV4CeahbrtdTqbMrbVlpeZRudrkOcXUE7Zm6HyejkzQ4fOvC_uuitj4Wriz3kQMrsBMDNubanmap5NpMrSv8o3vPXObAnsU92Bj9LHT_MZzCEsc1Wg2iUk_qOwjuoDmBoo8M7ZipxCMpKSBK4wxAz0dBsjBNLsm4Hp6LzCjCx_ial3k07DuSSY2UA2-Or9pUPc6R1aIjENnlO86TE3CBivQUZPNxUREmlGto-dmHvuEtWWXws--3Dfr-lDUXSUGUDo5VPDQGo3SAqrYd3VUiINjEEGBUJgSF5NYoyMXTYqNeCqfTCA9uiP1BDb9yo%26adurl%3D&documentReferer=https%3A%2F%2Fwww.orientaldaily.com.my%2F&ancestorOrigins=https%3A%2F%2Fwww.orientaldaily.com.my&random=7503321541877&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1

Request Chain 327

https://analytics.ad.daum.net/match?d=111&uid=00000000.0000000000000 HTTP 307
https://act.ds.kakao.com/match2?DSPR=%7B%22v%22:1,%22dr%22:%7B%22t%22:%2220230309%22,%22u%22:%2200000000.0000000000000%22%7D%7D

Request Chain 356

https://a.tribalfusion.com/i.match?p=b10&u=18072662266092918314&redirect=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D111756%26nid%3D3856%26put%3D%24TF_USER_ID_ENC%24%26expires%3D180 HTTP 302
https://pixel.rubiconproject.com/tap.php?v=111756&nid=3856&put=18072662266092918314&expires=180

Request Chain 357

https://ups.analytics.yahoo.com/ups/57628/sync?uid=18072662266092918314&_origin=1&redir=true HTTP 302
https://ups.analytics.yahoo.com/ups/57628/sync?uid=18072662266092918314&_origin=1&redir=true&verify=true HTTP 302
https://a.tribalfusion.com/i.match?p=b17&u=y-sxAjGhRE2ujCZn4_j8B1g6twkIXvBkM-~A

Request Chain 358

https://a.tribalfusion.com/i.match?p=b24&u=18072662266092918314&redirect=https%3A%2F%2Fpublic-prod-dspcookiematching.dmxleo.com%2Fdspreply%3FdspId%3D15%26dspUserId%3D%24TF_USER_ID_ENC%24 HTTP 302
https://public-prod-dspcookiematching.dmxleo.com/dspreply?dspId=15&dspUserId=18072662266092918314

Request Chain 360

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%253A//simage2.pubmatic.com/AdServer/Pug%253Fvcode%253Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%2526piggybackCookie%253D18072662266092918314%2526r%253Dhttps%25253A//a.tribalfusion.com/i.match%25253Fp%25253Db11%252526u%25253D%252524%25257BPUBMATIC_UID%25257D HTTP 302
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%253A//simage2.pubmatic.com/AdServer/Pug%253Fvcode%253Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%2526piggybackCookie%253D18072662266092918314%2526r%253Dhttps%25253A//a.tribalfusion.com/i.match%25253Fp%25253Db11%252526u%25253D%252524%25257BPUBMATIC_UID%25257D&rdf=1 HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw&piggybackCookie=18072662266092918314&r=https%3A//a.tribalfusion.com/i.match%3Fp%3Db11%26u%3D%24%7BPUBMATIC_UID%7D HTTP 302
https://a.tribalfusion.com/i.match?p=b11&u=389B1C7D-66D3-46E8-82A6-7EF23C70ED44

Request Chain 361

https://dpm.demdex.net/ibs:dpid=22054&dpuuid=18072662266092918314&redir=https%3A//a.tribalfusion.com/i.match%3Fp%3Db13%26u%3D%24%7BDD_UUID%7D HTTP 302
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=22054&dpuuid=18072662266092918314&redir=https%3A//a.tribalfusion.com/i.match%3Fp%3Db13%26u%3D%24%7BDD_UUID%7D HTTP 302
https://a.tribalfusion.com/i.match?p=b13&u=63587191003890494922291085960355266704

Request Chain 363

https://cm.g.doubleclick.net/pixel?google_nid=exp&google_cm&google_sc&google_ula=2786954&google_hm=18072662266092918314 HTTP 302
https://a.tribalfusion.com/i.match?p=b6&u=adx&google_gid=CAESEHa_9Gy4quwQIYn_uASwycM&google_cver=1&google_ula=2786954,0

Request Chain 366

https://a.tribalfusion.com/i.match?p=b22&u=18072662266092918314&redirect=https%3A%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner%3Dexponential%26partner_uid%3D%24TF_USER_ID_ENC%24 HTTP 302
https://beacon.krxd.net/usermatch.gif?partner=exponential&partner_uid=18072662266092918314

Request Chain 367

https://pv.medialead.de/trck/epv/e99aace94e6e5873881d3400993e1e7e?subid=99314000011033004444994012258017&t=htlp HTTP 302
https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=99314000011033004444994012258017&actionid=981741&produktid=&dt_url=

Request Chain 370

https://5994599.fls.doubleclick.net/activityi;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=8093927841993.369 HTTP 302
https://5994599.fls.doubleclick.net/activityi;dc_pre=CM3BqJf1zf0CFVTE1QodOdMKDw;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=8093927841993.369

Request Chain 372

https://medialead.de/trck/eview/e99aace94e6e5873881d3400993e1e7e?subid=99314000011033004444994012258017 HTTP 302
https://pv.medialead.de/trck/eview/e99aace94e6e5873881d3400993e1e7e?subid=99314000011033004444994012258017 HTTP 302
https://ad-server.eu/wm/pb/native.png

Request Chain 373

https://impfr.tradedoubler.com/imp?type(inv)g(24495172)a(1565155)epi(99314000011033004444994012258017)838425910 HTTP 302
https://img.tradedoubler.com/images/inv.gif

Request Chain 376

https://pv.medialead.de/trck/epv/e99aace94e6e5873881d3400993e1e7e?subid=12257200011230704444994012258027&t=htlp HTTP 302
https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=12257200011230704444994012258027&actionid=981741&produktid=&dt_url=

Request Chain 379

https://5994599.fls.doubleclick.net/activityi;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=4391494676798.8594 HTTP 302
https://5994599.fls.doubleclick.net/activityi;dc_pre=CIzLqJf1zf0CFVW51QodEJoJrg;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=4391494676798.8594

Request Chain 381

https://medialead.de/trck/eview/e99aace94e6e5873881d3400993e1e7e?subid=12257200011230704444994012258027 HTTP 302
https://pv.medialead.de/trck/eview/e99aace94e6e5873881d3400993e1e7e?subid=12257200011230704444994012258027 HTTP 302
https://ad-server.eu/wm/pb/native.png

Request Chain 382

https://impfr.tradedoubler.com/imp?type(inv)g(24495172)a(1565155)epi(12257200011230704444994012258027)948053646 HTTP 302
https://img.tradedoubler.com/images/inv.gif

Request Chain 383

https://dsum-sec.casalemedia.com/rrum?cm_dsp_id=131&external_user_id=18072662266092918314&cb=https%3A%2F%2Fa.tribalfusion.com%2Fi.match%3Fp%3Db20%26u%3D HTTP 302
https://a.tribalfusion.com/i.match?p=b20&u=ZAlTyvjUpeZJG3e3wedcfAAA

Request Chain 458

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.orientaldaily.com.my%2F&domain=www.orientaldaily.com.my&cw=1&lsw=1 HTTP 302
https://mug.criteo.com/sid?cpp=zIHhqXxMNXJmYjA2QklXVlhHaFB4dDVaSXdFK3pSNkNVSHJOMVdwRlVRdmJuTDBnc2RsbW1UdnZ2RVh2ZkJRaWVyL1JWMkZ0c3dWWUZFM3dpWWR5N3d3S3EwWlJ5N0t4czc1Tk9wUXFrYUdlRTRROUN2UmZmRC9NSkN1U2twTWhaalNoZmwrd3YxbHpYSWwyRGFZSndiNC9JY0p5cXFpVWo3NEJBbUZONjI0a0hnSGhjeGNmSTljMEhwcTVhNWNmWDVuWjZaTEFDZjlnOWxlRzNPcUdHYldpb0VaV0ZkVmdwL3laREFESFc2SUN5czQ1TFJZeHZlbkJvc29FRHZEZUpvM0JufA&cppv=2

Request Chain 468

https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%3Duid%3A%5BMM_UUID%5D HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:9dde6409-53d0-4f00-bb19-51a018b3ce92&gdpr=0&gdpr_consent=

Request Chain 469

https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=2582284890286784696

Request Chain 471

https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=ZT2gp2Y68_h-P6OnZW29qjJs86d-PfavNW3KjcOG

Request Chain 472

https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=389B1C7D-66D3-46E8-82A6-7EF23C70ED44&redir=true&gdpr=0&gdpr_consent= HTTP 302
https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=389B1C7D-66D3-46E8-82A6-7EF23C70ED44&redir=true&gdpr=0&gdpr_consent=&dcc=t

Request Chain 473

https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=7313373080911371245&gdpr=0&gdpr_consent=

Request Chain 474

https://dsp.adfarm1.adition.com/cookie/?ssp=9&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7208384827111962768&gdpr=0&gdpr_consent=

Request Chain 475

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=OJscfWbTRuiCpn7yPHDtRA%3D%3D&gdpr=0&gdpr_consent= HTTP 302
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=

Request Chain 477

https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent= HTTP 307
https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=&bounce=1&random=2777297529 HTTP 302
https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fidsync.frontend.weborama.fr%2Fids%3Fkey%3Dpubmatic%26value%3D%23PM_USER_ID&gdpr=0 HTTP 302
https://idsync.frontend.weborama.fr/ids?key=pubmatic&value=389B1C7D-66D3-46E8-82A6-7EF23C70ED44

Request Chain 478

https://a.audrte.com/match?gdpr=0&gdpr_consent=&p=M1717054901&uid=389B1C7D-66D3-46E8-82A6-7EF23C70ED44 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_hm=Mmw2VHp3bHktNU1RQmF5M0ItSURSQThoQQ==&google_redir=https%3A%2F%2Fa.audrte.com%2Fddp%3Fred%3DeyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbeyJuYW1lIjoiYWRmb3JtIn1dfQ%253D%253D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
https://a.audrte.com/ddp?red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbeyJuYW1lIjoiYWRmb3JtIn1dfQ%3D%3D&gdpr=0&gdpr_consent= HTTP 302
https://dmp.adform.net/serving/cookie/match/?party=1003&r=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&gdpr=0&gdpr_consent= HTTP 302
https://a.audrte.com/a?adform_uid=176919369591299655&r=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D HTTP 302
https://a.audrte.com/p

Request Chain 479

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=Mzg5QjFDN0QtNjZEMy00NkU4LTgyQTYtN0VGMjNDNzBFRDQ0&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=

Request Chain 480

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEC4be2Wkl2awLY_SvPYbEMU&google_cver=1

Request Chain 482

https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=176919369591299655

Request Chain 485

https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=389B1C7D-66D3-46E8-82A6-7EF23C70ED44&redir=true&gdpr=0&gdpr_consent= HTTP 302
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-2R7VCM5E2uUXg9ySHTdQzXwbbHbU_KY-~A&gdpr=0

Request Chain 486

https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
https://r.scoota.co/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic HTTP 302
https://r.scoota.co/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic HTTP 302
https://x.bidswitch.net/sync?dsp_id=29&expires=30&user_id=734537a3-8ca9-4b0b-a4a9-92da98b7fb75&ssp=pubmatic HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=002591d0-be1d-4fea-ac54-d8ebee6e0e4e&gdpr=&gdpr_consent=&gdpr_pd=

Request Chain 490

https://token.rubiconproject.com/token?pid=2974&pt=n&a=1 HTTP 302
https://pr-bh.ybp.yahoo.com/sync/rubicon/3zgesRSdC0ZqPShI6G8t0sn5EUdSAgOZEtemQ7w0kco?csrc= HTTP 302
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-ePawAX1E2oLmB3UV4B4heGfFSGj0w8vBRz9Ceg--~A

Request Chain 491

https://token.rubiconproject.com/token?pid=25470 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEYwSzI0UEMtMVgtNEo4Vw==

Request Chain 493

https://token.rubiconproject.com/token?pid=36584 HTTP 302
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LF0K24PC-1X-4J8W

Request Chain 494

https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id= HTTP 302
https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=WLG185t8Q8uva6Q2RSyukA&rk=usync-other HTTP 302
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=WLG185t8Q8uva6Q2RSyukA

Request Chain 496

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc HTTP 302
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEIcASqJnCRaaGFSVkKTWz_U&google_cver=1

Request Chain 497

https://token.rubiconproject.com/token?pid=2249&pt=n HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=OTdiYzUzODJmYTY2NWVjNjA5NzIyMzhlMTdkNDg2ZTM2MDIxYzdhNQ

Request Chain 500

https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZAlTyvjUpeZJG3e3wedcfAAADJ4AAAAB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid= HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEB9ryqJqwEpEV7cSxFWl9uY&google_cver=1

Request Chain 503

https://gu.dyntrk.com/adx/ie/us.php?dynk=1nd3xx6ch1 HTTP 302
https://gu.dyntrk.com/adx/ie/us.php?dynk=1nd3xx6ch1&prevuid=&knw=0 HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=

Request Chain 504

https://match.prod.bidr.io/cookie-sync/ie HTTP 303
https://match.prod.bidr.io/cookie-sync/ie?_bee_ppp=1 HTTP 303
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AAFrcE7IEqgAAB-HxJVZfA&expiration=1679542479

Request Chain 505

https://c1.adform.net/serving/cookie/match?party=29 HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=111&external_user_id=176919369591299655&expiration=1679542479

501 HTTP transactions
9 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request / Show response
www.orientaldaily.com.my/
Redirect Chain

http://www.orientaldaily.com.my/
https://www.orientaldaily.com.my/

94 KB
19 KB

625ms
303ms

Document
text/html

124.217.235.40
SHINJIRU-MY-AS-AP...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.orientaldaily.com.my/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 124.217.235.40 Johor Bahru, Malaysia, ASN45839 (SHINJIRU-MY-AS-AP Shinjiru Technology Sdn Bhd, MY),
Reverse DNS: server1.kamon.la
Software: nginx/1.21.0 /
Resource Hash: 7073ea631cb49303e060807d387276a6b70eb95f67dcaf653978c106c1e25f18

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length,Content-Range
Age: 71
Cache-Control: public
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 19342
Content-Type: text/html; charset=UTF-8
Date: Thu, 09 Mar 2023 03:34:30 GMT
Server: nginx/1.21.0
Vary: Accept-Encoding
Via: 1.1 varnish (Varnish/6.5)
X-Cache: HIT
X-Cache-Hits: 68
X-Varnish: 669943753 817498539

Redirect headers

Connection: keep-alive
Content-Length: 169
Content-Type: text/html
Date: Thu, 09 Mar 2023 03:34:29 GMT
Location: https://www.orientaldaily.com.my/
Server: nginx/1.21.0

GET
H2

200

app.css
media5.orientaldaily.com.my/assets/css/
Redirect Chain

https://www.orientaldaily.com.my/assets/css/app.css?id=172e03ec463b163fe1a0
https://media5.orientaldaily.com.my/assets/css/app.css?id=172e03ec463b163fe1a0

166 KB
34 KB

548ms
7ms

Stylesheet
text/css

138.199.36.10
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://media5.orientaldaily.com.my/assets/css/app.css?id=172e03ec463b163fe1a0
Requested by: Host: www.orientaldaily.com.my
URL: https://www.orientaldaily.com.my/
Protocol: H2
Server: 138.199.36.10 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: 138-199-36-10.bunnyinfra.net
Software: BunnyCDN-DE1-1053 /
Resource Hash: df44ba749d14a3d21d8075563c14d9f78bda24b1f61007752ae7b5295f4f5bcf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.orientaldaily.com.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

sec-ch-ua: "Chromium";v="110", "Not A(Brand";v="24", "Google Chrome";v="110"
content-encoding: br
x-downloadsize: 170227
accept-language: it-IT, it; q=0.9, en-US; q=0.8, en; q=0.7
sec-fetch-dest: style
cdn-pullzone: 33990
sec-ch-ua-platform: "Android"
cdn-serverid: 755
cdn-requeststatecode: 21
cdn-proxyver: 1.03
vary: Accept-Encoding, Accept-Encoding
x-bo-origindownloadtime: 0
content-type: text/css
access-control-allow-origin: *
accept: text/css, */*; q=0.1
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=2592000
referer: https://www.orientaldaily.com.my/
x-bo-compressionratio: 0%
cdn-cache: HIT
cdn-host: media5.orientaldaily.com.my
cdn-requestcountrycode: DE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
link: <https://boron.orientaldaily.com.my/assets/css/app.css?id=172e03ec463b163fe1a0>; rel="canonical"
sec-fetch-mode: no-cors
date: Thu, 09 Mar 2023 03:34:31 GMT
via: BunnyCDN
cdn-edgestorageid: 755
x-forwarded-for: 2.35.204.100
x-bo-processingtime: 22
cdn-cachedat: 03/06/2023 04:18:34
cookie: am_FPID=e1cf76dc-65cc-4d3d-8636-dafae47ed000; _ga=GA1.3.824398319.1678076194; _gid=GA1.3.2035907398.1678076195; _fbp=fb.2.1678076195248.517436660; __gads=ID=5fa4eea58c965994:T=1678075904:S=ALNI_MbjjQcabzje4BTOic5rgr9hZmsX6Q; __gpi=UID=00000bc0f0526379:T=1678075904:RT=1678075904:S=ALNI_MYjVRDley0jIDmvNO0CLDuQbcRuUg; cto_bundle=8a6wAF9YWCUyRmJDVEczNlNsU2UlMkZlYlBlWGhmNXdtZTVRemg3UnJxOCUyRlpCb3d0YmRYbjMxaHczY1U4QVVaQVBLYnpsTEF0ZG0lMkJ3dVYxTGFkZGxwenNIdGI5bSUyRkhHRkZLJTJCSUVuYSUyRktMaFZMVW9xbG93QTlnU0M0Zkk3R0dKT1FTJTJCcTFaSUJ5OXgzYkZZUmJFMTlsaklRZEdhcFA0dWl3ZW8lMkJzbzlsQ3JYUTRBeUVsVE0lM0Q; cto_bidid=1M4JSV9wSTNGaWNrSzR3aSUyQkl5eCUyRiUyQnBqJTJGbFU3OSUyRlY4VDFadGczRXljSElSJTJCVW8yNW1neDh4JTJCdnBmWFlmbXVJbENPcXFhQVJKRE5VMFJtVU1MakppaG9rMTJnanVrU01IOFBzS04wYkFMODIwNmVLOHp5N3M5JTJGek0zeCUyQmR3dmxFSFZ6RA; _ga_9ZN17BGY3K=GS1.1.1678076194.1.1.1678076593.0.0.0
cdn-mobiledevice: true
x-forwarded-proto: https
cdn-serverzone: DE
x-bo-server: DE-225
last-modified: Mon, 06 Mar 2023 04:18:34 GMT
server: BunnyCDN-DE1-1053
cdn-requestpullcode: 200
sec-ch-ua-mobile: ?1
user-agent: Mozilla/5.0 (Linux; Android 12; 2201117TY) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.0.0 Mobile Safari/537.36
cdn-uid: 2c51b53b-2200-4208-b6d0-be336defacc5
cdn-requestid: 2dd94f69efd9245ef6d26bde56fbf200
sec-fetch-site: same-site
cdn-status: 200
cdn-requestpullsuccess: True

Redirect headers

Date: Thu, 09 Mar 2023 03:34:30 GMT
Server: nginx/1.21.0
Content-Type: text/html
Location: https://media5.orientaldaily.com.my/assets/css/app.css?id=172e03ec463b163fe1a0
Cache-Control: max-age=315360000
Connection: keep-alive
Content-Length: 169
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 ats.js Show response
anymind360.com/js/1972/ 140 KB
32 KB 706ms
8ms Script
application/javascript 151.101.129.55
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://anymind360.com/js/1972/ats.js

Requested by

Host: www.orientaldaily.com.my
URL: https://www.orientaldaily.com.my/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.129.55 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

2d8b65c457ce00e11298407d1960105b117d2d1fe214667da0d9147d7f6acdd8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.orientaldaily.com.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

expires: Wed, 08 Mar 2023 05:23:12 GMT
date: Thu, 09 Mar 2023 03:34:31 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=31557600
age: 79878
x-guploader-uploadid: ADPycdvCqAVCV5RwEFQ0fJ9j3k7wKq76jlHia5Gnj2mO_1jw9P7Z6cps5v3WKZGjg3d8bEfd3k8kF7Q9bSw5I9Wf-tbFBA72pUkw
x-cache: HIT, HIT
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 31932
x-served-by: cache-tyo11943-TYO, cache-hhn-etou8220020-HHN
last-modified: Fri, 24 Feb 2023 04:58:36 GMT
server: UploadServer
x-timer: S1678332871.377373,VS0,VE1
etag: "b2ad790e7fd5c8c381872e54ba04bcf5"
vary: Accept-Encoding
x-goog-generation: 1677214716533259
x-goog-hash: crc32c=cpI8hw==, md5=sq15Dn/VyMOBhy5UugS89Q==
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: max-age=1200
x-goog-stored-content-length: 31932
content-type: application/javascript; charset=UTF-8
accept-ranges: bytes
x-cache-hits: 687, 1

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ 80 KB
27 KB 1015ms
84ms Script
text/javascript 2a00:1450:400d:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: www.orientaldaily.com.my
URL: https://www.orientaldaily.com.my/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80d::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b546e406d9a9a151b2ee64fb3bc6310c827415e27b518f4ab55c388381b9de7d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.orientaldaily.com.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 03:34:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 27465
x-xss-protection: 0
server: sffe
etag: "1505 / 532 of 1000 / last-modified: 1678317114"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Thu, 09 Mar 2023 03:34:32 GMT

GET
H2

200

logo-20-anniversary.png
media5.orientaldaily.com.my/assets/static/
Redirect Chain

https://www.orientaldaily.com.my/assets/static/logo-20-anniversary.png
https://media5.orientaldaily.com.my/assets/static/logo-20-anniversary.png

83 KB
83 KB

10ms
10ms

Image
image/webp

138.199.36.10
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media5.orientaldaily.com.my/assets/static/logo-20-anniversary.png
Requested by: Host: www.orientaldaily.com.my
URL: https://www.orientaldaily.com.my/
Protocol: H2
Server: 138.199.36.10 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: 138-199-36-10.bunnyinfra.net
Software: BunnyCDN-DE1-1053 /
Resource Hash: 090fbcc60cc0dd8c05875f3c779a606afece246dfe0fdebba6cd8ad6638e6e99

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.orientaldaily.com.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 03:34:32 GMT
x-downloadsize: 993554
cdn-edgestorageid: 1049
x-bo-processingtime: 1105
cdn-cachedat: 02/10/2023 05:59:55
cdn-pullzone: 33990
content-length: 84510
x-bo-server: ASB-209
last-modified: Fri, 10 Feb 2023 05:59:52 GMT
server: BunnyCDN-DE1-1053
cdn-proxyver: 1.03
cdn-requestpullcode: 200
x-bo-origindownloadtime: 1503
content-type: image/webp
cdn-cache: HIT
cdn-uid: 2c51b53b-2200-4208-b6d0-be336defacc5
cache-control: public, max-age=2592000
x-bo-compressionratio: 91.49%
cdn-requestid: 02ce97599209cbe541d75a175221e7f8
cdn-requestcountrycode: DE
link: <https://boron.orientaldaily.com.my/assets/static/logo-20-anniversary.png>; rel="canonical"
cdn-status: 200
cdn-requestpullsuccess: True

Redirect headers

Date: Thu, 09 Mar 2023 03:34:32 GMT
Server: nginx/1.21.0
Content-Type: text/html
Location: https://media5.orientaldaily.com.my/assets/static/logo-20-anniversary.png
Cache-Control: max-age=315360000
Connection: keep-alive
Content-Length: 169
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2

200

dd7d82b952fa973dbab3da419a39de6b.jpg
media5.orientaldaily.com.my/storage/resize_cache/images/uploads/news-cover/2023/MAR_2023/20230309/zxklll.jpg/
Redirect Chain

https://www.orientaldaily.com.my/storage/resize_cache/images/uploads/news-cover/2023/MAR_2023/20230309/zxklll.jpg/dd7d82b952fa973dbab3da419a39de6b.jpg
https://media5.orientaldaily.com.my/storage/resize_cache/images/uploads/news-cover/2023/MAR_2023/20230309/zxklll.jpg/dd7d82b952fa973dbab3da419a39de6b.jpg

11 KB
12 KB

14ms
14ms

Image
image/webp

138.199.36.10
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media5.orientaldaily.com.my/storage/resize_cache/images/uploads/news-cover/2023/MAR_2023/20230309/zxklll.jpg/dd7d82b952fa973dbab3da419a39de6b.jpg
Requested by: Host: www.orientaldaily.com.my
URL: https://www.orientaldaily.com.my/
Protocol: H2
Server: 138.199.36.10 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: 138-199-36-10.bunnyinfra.net
Software: BunnyCDN-DE1-1053 /
Resource Hash: 659a31fc93ee1c457578c4243a8c059c071b2c6de710ba2a5841cfc4535298a2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.orientaldaily.com.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 03:34:32 GMT
x-downloadsize: 17700
cdn-edgestorageid: 752
x-bo-processingtime: 0
cdn-cachedat: 03/09/2023 02:03:21
cdn-pullzone: 33990
content-length: 11514
x-bo-server: LA-221
last-modified: Thu, 09 Mar 2023 02:03:20 GMT
server: BunnyCDN-DE1-1053
cdn-proxyver: 1.03
cdn-requestpullcode: 200
x-bo-origindownloadtime: 500
content-type: image/webp
cdn-cache: HIT
cdn-uid: 2c51b53b-2200-4208-b6d0-be336defacc5
cache-control: public, max-age=2592000
x-bo-compressionratio: 34.95%
cdn-requestid: 495a312c29f335d8ea0f13700cb089be
cdn-requestcountrycode: DE
link: <https://boron.orientaldaily.com.my/storage/resize_cache/images/uploads/news-cover/2023/MAR_2023/20230309/zxklll.jpg/dd7d82b952fa973dbab3da419a39de6b.jpg>; rel="canonical"
cdn-status: 200
cdn-requestpullsuccess: True

Redirect headers

Date: Thu, 09 Mar 2023 03:34:32 GMT
Server: nginx/1.21.0
Content-Type: text/html
Location: https://media5.orientaldaily.com.my/storage/resize_cache/images/uploads/news-cover/2023/MAR_2023/20230309/zxklll.jpg/dd7d82b952fa973dbab3da419a39de6b.jpg
Cache-Control: max-age=315360000
Connection: keep-alive
Content-Length: 169
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2

200

f5a8067bd65b42abcdb6cf32d444c5d6.jpg
media5.orientaldaily.com.my/storage/resize_cache/images/uploads/news-cover/2023/MAR_2023/20230308/msz2.jpg/
Redirect Chain

https://www.orientaldaily.com.my/storage/resize_cache/images/uploads/news-cover/2023/MAR_2023/20230308/msz2.jpg/f5a8067bd65b42abcdb6cf32d444c5d6.jpg
https://media5.orientaldaily.com.my/storage/resize_cache/images/uploads/news-cover/2023/MAR_2023/20230308/msz2.jpg/f5a8067bd65b42abcdb6cf32d444c5d6.jpg

10 KB
11 KB

14ms
13ms

Image
image/webp

138.199.36.10
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media5.orientaldaily.com.my/storage/resize_cache/images/uploads/news-cover/2023/MAR_2023/20230308/msz2.jpg/f5a8067bd65b42abcdb6cf32d444c5d6.jpg
Requested by: Host: www.orientaldaily.com.my
URL: https://www.orientaldaily.com.my/
Protocol: H2
Server: 138.199.36.10 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: 138-199-36-10.bunnyinfra.net
Software: BunnyCDN-DE1-1053 /
Resource Hash: fdd338a8ba319752009571ab255226c731130038603b2e19c25e0df97c370930

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.orientaldaily.com.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 03:34:32 GMT
x-downloadsize: 16342
cdn-edgestorageid: 1078
x-bo-processingtime: 0
cdn-cachedat: 03/09/2023 00:42:07
cdn-pullzone: 33990
content-length: 10186
x-bo-server: LA-217
last-modified: Thu, 09 Mar 2023 00:42:07 GMT
server: BunnyCDN-DE1-1053
cdn-proxyver: 1.03
cdn-requestpullcode: 200
x-bo-origindownloadtime: 356
content-type: image/webp
cdn-cache: HIT
cdn-uid: 2c51b53b-2200-4208-b6d0-be336defacc5
cache-control: public, max-age=2592000
x-bo-compressionratio: 37.67%
cdn-requestid: c7b562006aa2b2d32e98850a2d22959e
cdn-requestcountrycode: DE
link: <https://boron.orientaldaily.com.my/storage/resize_cache/images/uploads/news-cover/2023/MAR_2023/20230308/msz2.jpg/f5a8067bd65b42abcdb6cf32d444c5d6.jpg>; rel="canonical"
cdn-status: 200
cdn-requestpullsuccess: True

Redirect headers

Date: Thu, 09 Mar 2023 03:34:32 GMT
Server: nginx/1.21.0
Content-Type: text/html
Location: https://media5.orientaldaily.com.my/storage/resize_cache/images/uploads/news-cover/2023/MAR_2023/20230308/msz2.jpg/f5a8067bd65b42abcdb6cf32d444c5d6.jpg
Cache-Control: max-age=315360000
Connection: keep-alive
Content-Length: 169
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2

200

7f0ee7c468dba2db54151f76f4ac94ff.jpg
media5.orientaldaily.com.my/storage/resize_cache/images/uploads/news-cover/2023/MAR_2023/20230308/msz1.jpg/
Redirect Chain

https://www.orientaldaily.com.my/storage/resize_cache/images/uploads/news-cover/2023/MAR_2023/20230308/msz1.jpg/7f0ee7c468dba2db54151f76f4ac94ff.jpg
https://media5.orientaldaily.com.my/storage/resize_cache/images/uploads/news-cover/2023/MAR_2023/20230308/msz1.jpg/7f0ee7c468dba2db54151f76f4ac94ff.jpg

19 KB
20 KB

14ms
14ms

Image
image/webp

138.199.36.10
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media5.orientaldaily.com.my/storage/resize_cache/images/uploads/news-cover/2023/MAR_2023/20230308/msz1.jpg/7f0ee7c468dba2db54151f76f4ac94ff.jpg
Requested by: Host: www.orientaldaily.com.my
URL: https://www.orientaldaily.com.my/
Protocol: H2
Server: 138.199.36.10 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: 138-199-36-10.bunnyinfra.net
Software: BunnyCDN-DE1-1053 /
Resource Hash: 50397c5aa79d6ebdad07c9a18f0a1a1024e3d2e98101566cef88d71b8879cfaa

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.orientaldaily.com.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 03:34:32 GMT
x-downloadsize: 26585
cdn-edgestorageid: 723
x-bo-processingtime: 1
cdn-cachedat: 03/09/2023 00:23:57
cdn-pullzone: 33990
content-length: 19844
x-bo-server: DE-136
last-modified: Thu, 09 Mar 2023 00:23:56 GMT
server: BunnyCDN-DE1-1053
cdn-proxyver: 1.03
cdn-requestpullcode: 200
x-bo-origindownloadtime: 332
content-type: image/webp
cdn-cache: HIT
cdn-uid: 2c51b53b-2200-4208-b6d0-be336defacc5
cache-control: public, max-age=2592000
x-bo-compressionratio: 25.36%
cdn-requestid: df781acb543efc6d33567317486a2c35
cdn-requestcountrycode: DE
link: <https://boron.orientaldaily.com.my/storage/resize_cache/images/uploads/news-cover/2023/MAR_2023/20230308/msz1.jpg/7f0ee7c468dba2db54151f76f4ac94ff.jpg>; rel="canonical"
cdn-status: 200
cdn-requestpullsuccess: True

Redirect headers

Date: Thu, 09 Mar 2023 03:34:32 GMT
Server: nginx/1.21.0
Content-Type: text/html
Location: https://media5.orientaldaily.com.my/storage/resize_cache/images/uploads/news-cover/2023/MAR_2023/20230308/msz1.jpg/7f0ee7c468dba2db54151f76f4ac94ff.jpg
Cache-Control: max-age=315360000
Connection: keep-alive
Content-Length: 169
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2

200

9bb51b464142f5db550e156fb1a3d61e.jpg
media5.orientaldaily.com.my/storage/resize_cache/images/uploads/news-cover/2023/MAR_2023/20230309/adfb54dfb54df58a8dbf4a.jpg/
Redirect Chain

https://www.orientaldaily.com.my/storage/resize_cache/images/uploads/news-cover/2023/MAR_2023/20230309/adfb54dfb54df58a8dbf4a.jpg/9bb51b464142f5db550e156fb1a3d61e.jpg
https://media5.orientaldaily.com.my/storage/resize_cache/images/uploads/news-cover/2023/MAR_2023/20230309/adfb54dfb54df58a8dbf4a.jpg/9bb51b464142f5db550e156fb1a3d61e.jpg

10 KB
11 KB

7ms
7ms

Image
image/webp

138.199.36.10
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media5.orientaldaily.com.my/storage/resize_cache/images/uploads/news-cover/2023/MAR_2023/20230309/adfb54dfb54df58a8dbf4a.jpg/9bb51b464142f5db550e156fb1a3d61e.jpg
Requested by: Host: www.orientaldaily.com.my
URL: https://www.orientaldaily.com.my/
Protocol: H2
Server: 138.199.36.10 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: 138-199-36-10.bunnyinfra.net
Software: BunnyCDN-DE1-1053 /
Resource Hash: 3ab46407877a67e1b0dff8b28fb19957694d585dafd4018610cd0535710797d5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.orientaldaily.com.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 03:34:32 GMT
x-downloadsize: 16039
cdn-edgestorageid: 1053
x-bo-processingtime: 1
cdn-cachedat: 03/08/2023 23:58:52
cdn-pullzone: 33990
content-length: 10678
x-bo-server: ASB-208
last-modified: Wed, 08 Mar 2023 23:58:51 GMT
server: BunnyCDN-DE1-1053
cdn-proxyver: 1.03
cdn-requestpullcode: 200
x-bo-origindownloadtime: 447
content-type: image/webp
cdn-cache: HIT
cdn-uid: 2c51b53b-2200-4208-b6d0-be336defacc5
cache-control: public, max-age=2592000
x-bo-compressionratio: 33.42%
cdn-requestid: 95a30937ffc6812b1c314ec21b0005ca
cdn-requestcountrycode: DE
link: <https://boron.orientaldaily.com.my/storage/resize_cache/images/uploads/news-cover/2023/MAR_2023/20230309/adfb54dfb54df58a8dbf4a.jpg/9bb51b464142f5db550e156fb1a3d61e.jpg>; rel="canonical"
cdn-status: 200
cdn-requestpullsuccess: True

Redirect headers

Date: Thu, 09 Mar 2023 03:34:32 GMT
Server: nginx/1.21.0
Content-Type: text/html
Location: https://media5.orientaldaily.com.my/storage/resize_cache/images/uploads/news-cover/2023/MAR_2023/20230309/adfb54dfb54df58a8dbf4a.jpg/9bb51b464142f5db550e156fb1a3d61e.jpg
Cache-Control: max-age=315360000
Connection: keep-alive
Content-Length: 169
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2

200

46211d35345b7d8cbd4e962b1402c040.jpeg
media5.orientaldaily.com.my/storage/resize_cache/images/uploads/news-cover/2023/MAR_2023/20230309/WhatsApp_Image_2023-03-09_at_11.24.05_AM.jpeg/
Redirect Chain

https://www.orientaldaily.com.my/storage/resize_cache/images/uploads/news-cover/2023/MAR_2023/20230309/WhatsApp_Image_2023-03-09_at_11.24.05_AM.jpeg/46211d35345b7d8cbd4e962b1402c040.jpeg
https://media5.orientaldaily.com.my/storage/resize_cache/images/uploads/news-cover/2023/MAR_2023/20230309/WhatsApp_Image_2023-03-09_at_11.24.05_AM.jpeg/46211d35345b7d8cbd4e962b1402c040.jpeg

10 KB
11 KB

8ms
8ms

Image
image/webp

138.199.36.10
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media5.orientaldaily.com.my/storage/resize_cache/images/uploads/news-cover/2023/MAR_2023/20230309/WhatsApp_Image_2023-03-09_at_11.24.05_AM.jpeg/46211d35345b7d8cbd4e962b1402c040.jpeg
Requested by: Host: www.orientaldaily.com.my
URL: https://www.orientaldaily.com.my/
Protocol: H2
Server: 138.199.36.10 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: 138-199-36-10.bunnyinfra.net
Software: BunnyCDN-DE1-1053 /
Resource Hash: 56abd4fc8b4f206d6660fdb7a6e8c56081d111c4dac08c35295c6d48500ef6a2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.orientaldaily.com.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 03:34:32 GMT
x-downloadsize: 16853
cdn-edgestorageid: 860
x-bo-processingtime: 0
cdn-cachedat: 03/09/2023 03:28:37
cdn-pullzone: 33990
content-length: 10666
x-bo-server: LA-156
last-modified: Thu, 09 Mar 2023 03:28:37 GMT
server: BunnyCDN-DE1-1053
cdn-proxyver: 1.03
cdn-requestpullcode: 200
x-bo-origindownloadtime: 362
content-type: image/webp
cdn-cache: HIT
cdn-uid: 2c51b53b-2200-4208-b6d0-be336defacc5
cache-control: public, max-age=2592000
x-bo-compressionratio: 36.71%
cdn-requestid: 48c8ccf0f57feef9b65dc871140989e9
cdn-requestcountrycode: DE
link: <https://boron.orientaldaily.com.my/storage/resize_cache/images/uploads/news-cover/2023/MAR_2023/20230309/WhatsApp_Image_2023-03-09_at_11.24.05_AM.jpeg/46211d35345b7d8cbd4e962b1402c040.jpeg>; rel="canonical"
cdn-status: 200
cdn-requestpullsuccess: True

Redirect headers

Date: Thu, 09 Mar 2023 03:34:31 GMT
Server: nginx/1.21.0
Content-Type: text/html
Location: https://media5.orientaldaily.com.my/storage/resize_cache/images/uploads/news-cover/2023/MAR_2023/20230309/WhatsApp_Image_2023-03-09_at_11.24.05_AM.jpeg/46211d35345b7d8cbd4e962b1402c040.jpeg
Cache-Control: max-age=315360000
Connection: keep-alive
Content-Length: 169
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2

200

685f851ce2c8741769dd0cf3c9a73a2c.jpeg
media5.orientaldaily.com.my/storage/resize_cache/images/uploads/news-cover/2023/MAR_2023/20230309/WhatsApp_Image_2023-03-09_at_11.19.43_AM.jpeg/
Redirect Chain

https://www.orientaldaily.com.my/storage/resize_cache/images/uploads/news-cover/2023/MAR_2023/20230309/WhatsApp_Image_2023-03-09_at_11.19.43_AM.jpeg/685f851ce2c8741769dd0cf3c9a73a2c.jpeg
https://media5.orientaldaily.com.my/storage/resize_cache/images/uploads/news-cover/2023/MAR_2023/20230309/WhatsApp_Image_2023-03-09_at_11.19.43_AM.jpeg/685f851ce2c8741769dd0cf3c9a73a2c.jpeg

8 KB
8 KB

7ms
7ms

Image
image/webp

138.199.36.10
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media5.orientaldaily.com.my/storage/resize_cache/images/uploads/news-cover/2023/MAR_2023/20230309/WhatsApp_Image_2023-03-09_at_11.19.43_AM.jpeg/685f851ce2c8741769dd0cf3c9a73a2c.jpeg
Requested by: Host: www.orientaldaily.com.my
URL: https://www.orientaldaily.com.my/
Protocol: H2
Server: 138.199.36.10 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: 138-199-36-10.bunnyinfra.net
Software: BunnyCDN-DE1-1053 /
Resource Hash: 6a7f5c8b94aeabd36d687b1cf99c880a2a8eb481dab4d3ae98957f76567a6d42

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.orientaldaily.com.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 03:34:32 GMT
x-downloadsize: 13072
cdn-edgestorageid: 1053
x-bo-processingtime: 0
cdn-cachedat: 03/09/2023 03:29:43
cdn-pullzone: 33990
content-length: 7840
x-bo-server: LA-121
last-modified: Thu, 09 Mar 2023 03:29:43 GMT
server: BunnyCDN-DE1-1053
cdn-proxyver: 1.03
cdn-requestpullcode: 200
x-bo-origindownloadtime: 182
content-type: image/webp
cdn-cache: HIT
cdn-uid: 2c51b53b-2200-4208-b6d0-be336defacc5
cache-control: public, max-age=2592000
x-bo-compressionratio: 40.02%
cdn-requestid: c17e2cd88013b9f63912850041e4b282
cdn-requestcountrycode: DE
link: <https://boron.orientaldaily.com.my/storage/resize_cache/images/uploads/news-cover/2023/MAR_2023/20230309/WhatsApp_Image_2023-03-09_at_11.19.43_AM.jpeg/685f851ce2c8741769dd0cf3c9a73a2c.jpeg>; rel="canonical"
cdn-status: 200
cdn-requestpullsuccess: True

Redirect headers

Date: Thu, 09 Mar 2023 03:34:31 GMT
Server: nginx/1.21.0
Content-Type: text/html
Location: https://media5.orientaldaily.com.my/storage/resize_cache/images/uploads/news-cover/2023/MAR_2023/20230309/WhatsApp_Image_2023-03-09_at_11.19.43_AM.jpeg/685f851ce2c8741769dd0cf3c9a73a2c.jpeg
Cache-Control: max-age=315360000
Connection: keep-alive
Content-Length: 169
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2

200

3f55181afac3b328a11f6b1ed87a548a.jpeg
media5.orientaldaily.com.my/storage/resize_cache/images/uploads/news-cover/2023/MAR_2023/20230309/vell1.jpeg/
Redirect Chain

https://www.orientaldaily.com.my/storage/resize_cache/images/uploads/news-cover/2023/MAR_2023/20230309/vell1.jpeg/3f55181afac3b328a11f6b1ed87a548a.jpeg
https://media5.orientaldaily.com.my/storage/resize_cache/images/uploads/news-cover/2023/MAR_2023/20230309/vell1.jpeg/3f55181afac3b328a11f6b1ed87a548a.jpeg

22 KB
23 KB

7ms
7ms

Image
image/webp

138.199.36.10
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media5.orientaldaily.com.my/storage/resize_cache/images/uploads/news-cover/2023/MAR_2023/20230309/vell1.jpeg/3f55181afac3b328a11f6b1ed87a548a.jpeg
Requested by: Host: www.orientaldaily.com.my
URL: https://www.orientaldaily.com.my/
Protocol: H2
Server: 138.199.36.10 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: 138-199-36-10.bunnyinfra.net
Software: BunnyCDN-DE1-1053 /
Resource Hash: 3819fc227174541f1651b23e59b5901da751984105d624450ab31e99544146af

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.orientaldaily.com.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 03:34:32 GMT
x-downloadsize: 26362
cdn-edgestorageid: 1048
x-bo-processingtime: 0
cdn-cachedat: 03/09/2023 03:24:28
cdn-pullzone: 33990
content-length: 22434
x-bo-server: LA-156
last-modified: Thu, 09 Mar 2023 03:24:28 GMT
server: BunnyCDN-DE1-1053
cdn-proxyver: 1.03
cdn-requestpullcode: 200
x-bo-origindownloadtime: 732
content-type: image/webp
cdn-cache: HIT
cdn-uid: 2c51b53b-2200-4208-b6d0-be336defacc5
cache-control: public, max-age=2592000
x-bo-compressionratio: 14.9%
cdn-requestid: cc709be35eeffaf75b02a3c2fc40709c
cdn-requestcountrycode: DE
link: <https://boron.orientaldaily.com.my/storage/resize_cache/images/uploads/news-cover/2023/MAR_2023/20230309/vell1.jpeg/3f55181afac3b328a11f6b1ed87a548a.jpeg>; rel="canonical"
cdn-status: 200
cdn-requestpullsuccess: True

Redirect headers

Date: Thu, 09 Mar 2023 03:34:31 GMT
Server: nginx/1.21.0
Content-Type: text/html
Location: https://media5.orientaldaily.com.my/storage/resize_cache/images/uploads/news-cover/2023/MAR_2023/20230309/vell1.jpeg/3f55181afac3b328a11f6b1ed87a548a.jpeg
Cache-Control: max-age=315360000
Connection: keep-alive
Content-Length: 169
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2

200

707ae505648f17a4e983cf5ff929b427.jpg
media5.orientaldaily.com.my/storage/resize_cache/images/uploads/news-cover/2023/MAR_2023/20230308/d6891622.jpg/
Redirect Chain

https://www.orientaldaily.com.my/storage/resize_cache/images/uploads/news-cover/2023/MAR_2023/20230308/d6891622.jpg/707ae505648f17a4e983cf5ff929b427.jpg
https://media5.orientaldaily.com.my/storage/resize_cache/images/uploads/news-cover/2023/MAR_2023/20230308/d6891622.jpg/707ae505648f17a4e983cf5ff929b427.jpg

15 KB
15 KB

7ms
7ms

Image
image/webp

138.199.36.10
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media5.orientaldaily.com.my/storage/resize_cache/images/uploads/news-cover/2023/MAR_2023/20230308/d6891622.jpg/707ae505648f17a4e983cf5ff929b427.jpg
Requested by: Host: www.orientaldaily.com.my
URL: https://www.orientaldaily.com.my/
Protocol: H2
Server: 138.199.36.10 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: 138-199-36-10.bunnyinfra.net
Software: BunnyCDN-DE1-1053 /
Resource Hash: 6766428abb5a01aa54de2575563a81335e06e56cec167317e46def2c02bd4fbf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.orientaldaily.com.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 03:34:32 GMT
x-downloadsize: 21280
cdn-edgestorageid: 874
x-bo-processingtime: 0
cdn-cachedat: 03/08/2023 09:23:28
cdn-pullzone: 33990
content-length: 15192
x-bo-server: DE-95
last-modified: Wed, 08 Mar 2023 09:23:28 GMT
server: BunnyCDN-DE1-1053
cdn-proxyver: 1.03
cdn-requestpullcode: 200
x-bo-origindownloadtime: 334
content-type: image/webp
cdn-cache: HIT
cdn-uid: 2c51b53b-2200-4208-b6d0-be336defacc5
cache-control: public, max-age=2592000
x-bo-compressionratio: 28.61%
cdn-requestid: 0550af3b11b1f47527ff8fde7337f789
cdn-requestcountrycode: DE
link: <https://boron.orientaldaily.com.my/storage/resize_cache/images/uploads/news-cover/2023/MAR_2023/20230308/d6891622.jpg/707ae505648f17a4e983cf5ff929b427.jpg>; rel="canonical"
cdn-status: 200
cdn-requestpullsuccess: True

Redirect headers

Date: Thu, 09 Mar 2023 03:34:32 GMT
Server: nginx/1.21.0
Content-Type: text/html
Location: https://media5.orientaldaily.com.my/storage/resize_cache/images/uploads/news-cover/2023/MAR_2023/20230308/d6891622.jpg/707ae505648f17a4e983cf5ff929b427.jpg
Cache-Control: max-age=315360000
Connection: keep-alive
Content-Length: 169
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2

200

c96b6270314cfb22dfc05edb3175b4fa.jpg
media5.orientaldaily.com.my/storage/resize_cache/images/uploads/news-cover/2023/MAR_2023/20230308/parenttt.jpg/
Redirect Chain

https://www.orientaldaily.com.my/storage/resize_cache/images/uploads/news-cover/2023/MAR_2023/20230308/parenttt.jpg/c96b6270314cfb22dfc05edb3175b4fa.jpg
https://media5.orientaldaily.com.my/storage/resize_cache/images/uploads/news-cover/2023/MAR_2023/20230308/parenttt.jpg/c96b6270314cfb22dfc05edb3175b4fa.jpg

10 KB
11 KB

8ms
8ms

Image
image/webp

138.199.36.10
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media5.orientaldaily.com.my/storage/resize_cache/images/uploads/news-cover/2023/MAR_2023/20230308/parenttt.jpg/c96b6270314cfb22dfc05edb3175b4fa.jpg
Requested by: Host: www.orientaldaily.com.my
URL: https://www.orientaldaily.com.my/
Protocol: H2
Server: 138.199.36.10 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: 138-199-36-10.bunnyinfra.net
Software: BunnyCDN-DE1-1053 /
Resource Hash: 9b5bfeb9f8b0e508db9f50ac8ec09f2a53b5dad8d0e46ab662f5d6174d4d8856

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.orientaldaily.com.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 03:34:32 GMT
x-downloadsize: 16162
cdn-edgestorageid: 722
x-bo-processingtime: 1
cdn-cachedat: 03/08/2023 07:02:30
cdn-pullzone: 33990
content-length: 10482
x-bo-server: DE-225
last-modified: Wed, 08 Mar 2023 07:02:29 GMT
server: BunnyCDN-DE1-1053
cdn-proxyver: 1.03
cdn-requestpullcode: 200
x-bo-origindownloadtime: 666
content-type: image/webp
cdn-cache: HIT
cdn-uid: 2c51b53b-2200-4208-b6d0-be336defacc5
cache-control: public, max-age=2592000
x-bo-compressionratio: 35.14%
cdn-requestid: 44b88ef933847497817f63b62a6587fe
cdn-requestcountrycode: DE
link: <https://boron.orientaldaily.com.my/storage/resize_cache/images/uploads/news-cover/2023/MAR_2023/20230308/parenttt.jpg/c96b6270314cfb22dfc05edb3175b4fa.jpg>; rel="canonical"
cdn-status: 200
cdn-requestpullsuccess: True

Redirect headers

Date: Thu, 09 Mar 2023 03:34:31 GMT
Server: nginx/1.21.0
Content-Type: text/html
Location: https://media5.orientaldaily.com.my/storage/resize_cache/images/uploads/news-cover/2023/MAR_2023/20230308/parenttt.jpg/c96b6270314cfb22dfc05edb3175b4fa.jpg
Cache-Control: max-age=315360000
Connection: keep-alive
Content-Length: 169
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2

200

7979f6ef8b8a0181b20a678a7098cc1d.jpg
media5.orientaldaily.com.my/storage/resize_cache/images/uploads/news-cover/2023/MAR_2023/20230308/6890475.jpg/
Redirect Chain

https://www.orientaldaily.com.my/storage/resize_cache/images/uploads/news-cover/2023/MAR_2023/20230308/6890475.jpg/7979f6ef8b8a0181b20a678a7098cc1d.jpg
https://media5.orientaldaily.com.my/storage/resize_cache/images/uploads/news-cover/2023/MAR_2023/20230308/6890475.jpg/7979f6ef8b8a0181b20a678a7098cc1d.jpg

29 KB
30 KB

11ms
11ms

Image
image/webp

138.199.36.10
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media5.orientaldaily.com.my/storage/resize_cache/images/uploads/news-cover/2023/MAR_2023/20230308/6890475.jpg/7979f6ef8b8a0181b20a678a7098cc1d.jpg
Requested by: Host: www.orientaldaily.com.my
URL: https://www.orientaldaily.com.my/
Protocol: H2
Server: 138.199.36.10 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: 138-199-36-10.bunnyinfra.net
Software: BunnyCDN-DE1-1053 /
Resource Hash: febfef406d938a359871e3b98a681e0ef67cbaee5984f76a09bcecc738b6c411

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.orientaldaily.com.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 03:34:32 GMT
x-downloadsize: 33408
cdn-edgestorageid: 865
x-bo-processingtime: 1
cdn-cachedat: 03/08/2023 13:21:49
cdn-pullzone: 33990
content-length: 29930
x-bo-server: DE-228
last-modified: Wed, 08 Mar 2023 13:21:49 GMT
server: BunnyCDN-DE1-1053
cdn-proxyver: 1.03
cdn-requestpullcode: 200
x-bo-origindownloadtime: 167
content-type: image/webp
cdn-cache: HIT
cdn-uid: 2c51b53b-2200-4208-b6d0-be336defacc5
cache-control: public, max-age=2592000
x-bo-compressionratio: 10.41%
cdn-requestid: 7613b9289d09b7972571dadb8f0c3e75
cdn-requestcountrycode: DE
link: <https://boron.orientaldaily.com.my/storage/resize_cache/images/uploads/news-cover/2023/MAR_2023/20230308/6890475.jpg/7979f6ef8b8a0181b20a678a7098cc1d.jpg>; rel="canonical"
cdn-status: 200
cdn-requestpullsuccess: True

Redirect headers

Date: Thu, 09 Mar 2023 03:34:32 GMT
Server: nginx/1.21.0
Content-Type: text/html
Location: https://media5.orientaldaily.com.my/storage/resize_cache/images/uploads/news-cover/2023/MAR_2023/20230308/6890475.jpg/7979f6ef8b8a0181b20a678a7098cc1d.jpg
Cache-Control: max-age=315360000
Connection: keep-alive
Content-Length: 169
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2

200

7c58139650c3a06a5ffcaba847e456b4.png
media5.orientaldaily.com.my/storage/resize_cache/images/uploads/news-cover/2023/MAR_2023/20230308/240952502_205699551588302_5368894757947576719_n.png/
Redirect Chain

https://www.orientaldaily.com.my/storage/resize_cache/images/uploads/news-cover/2023/MAR_2023/20230308/240952502_205699551588302_5368894757947576719_n.png/7c58139650c3a06a5ffcaba847e456b4.png
https://media5.orientaldaily.com.my/storage/resize_cache/images/uploads/news-cover/2023/MAR_2023/20230308/240952502_205699551588302_5368894757947576719_n.png/7c58139650c3a06a5ffcaba847e456b4.png

13 KB
14 KB

7ms
7ms

Image
image/webp

138.199.36.10
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media5.orientaldaily.com.my/storage/resize_cache/images/uploads/news-cover/2023/MAR_2023/20230308/240952502_205699551588302_5368894757947576719_n.png/7c58139650c3a06a5ffcaba847e456b4.png
Requested by: Host: www.orientaldaily.com.my
URL: https://www.orientaldaily.com.my/
Protocol: H2
Server: 138.199.36.10 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: 138-199-36-10.bunnyinfra.net
Software: BunnyCDN-DE1-1053 /
Resource Hash: d19e7ba4decc50674c94af51a28b3dfded8a4228f5fec865b5a8063e45c06b72

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.orientaldaily.com.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 03:34:32 GMT
x-downloadsize: 47446
cdn-edgestorageid: 860
x-bo-processingtime: 1
cdn-cachedat: 03/08/2023 04:14:39
cdn-pullzone: 33990
content-length: 13548
x-bo-server: ASB-198
last-modified: Wed, 08 Mar 2023 04:14:37 GMT
server: BunnyCDN-DE1-1053
cdn-proxyver: 1.03
cdn-requestpullcode: 200
x-bo-origindownloadtime: 1486
content-type: image/webp
cdn-cache: HIT
cdn-uid: 2c51b53b-2200-4208-b6d0-be336defacc5
cache-control: public, max-age=2592000
x-bo-compressionratio: 71.45%
cdn-requestid: 456b93f456e7696b6c2fac4d28af1fbd
cdn-requestcountrycode: DE
link: <https://boron.orientaldaily.com.my/storage/resize_cache/images/uploads/news-cover/2023/MAR_2023/20230308/240952502_205699551588302_5368894757947576719_n.png/7c58139650c3a06a5ffcaba847e456b4.png>; rel="canonical"
cdn-status: 200
cdn-requestpullsuccess: True

Redirect headers

Date: Thu, 09 Mar 2023 03:34:32 GMT
Server: nginx/1.21.0
Content-Type: text/html
Location: https://media5.orientaldaily.com.my/storage/resize_cache/images/uploads/news-cover/2023/MAR_2023/20230308/240952502_205699551588302_5368894757947576719_n.png/7c58139650c3a06a5ffcaba847e456b4.png
Cache-Control: max-age=315360000
Connection: keep-alive
Content-Length: 169
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2

200

98646e8ef76b44db47760208aefbe0e5.jpg
media5.orientaldaily.com.my/storage/resize_cache/images/uploads/news-cover/2023/MAR_2023/20230308/GUYC45.jpg/
Redirect Chain

https://www.orientaldaily.com.my/storage/resize_cache/images/uploads/news-cover/2023/MAR_2023/20230308/GUYC45.jpg/98646e8ef76b44db47760208aefbe0e5.jpg
https://media5.orientaldaily.com.my/storage/resize_cache/images/uploads/news-cover/2023/MAR_2023/20230308/GUYC45.jpg/98646e8ef76b44db47760208aefbe0e5.jpg

9 KB
10 KB

8ms
8ms

Image
image/webp

138.199.36.10
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media5.orientaldaily.com.my/storage/resize_cache/images/uploads/news-cover/2023/MAR_2023/20230308/GUYC45.jpg/98646e8ef76b44db47760208aefbe0e5.jpg
Requested by: Host: www.orientaldaily.com.my
URL: https://www.orientaldaily.com.my/
Protocol: H2
Server: 138.199.36.10 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: 138-199-36-10.bunnyinfra.net
Software: BunnyCDN-DE1-1053 /
Resource Hash: 80388f28f817f808eede42049995e804230f2fd8823827c397cd2d8b0a5d55e9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.orientaldaily.com.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 03:34:32 GMT
x-downloadsize: 15298
cdn-edgestorageid: 860
x-bo-processingtime: 1
cdn-cachedat: 03/08/2023 14:05:22
cdn-pullzone: 33990
content-length: 9610
x-bo-server: ASB-198
last-modified: Wed, 08 Mar 2023 14:05:21 GMT
server: BunnyCDN-DE1-1053
cdn-proxyver: 1.03
cdn-requestpullcode: 200
x-bo-origindownloadtime: 451
content-type: image/webp
cdn-cache: HIT
cdn-uid: 2c51b53b-2200-4208-b6d0-be336defacc5
cache-control: public, max-age=2592000
x-bo-compressionratio: 37.18%
cdn-requestid: 76895f6124880cddb4b78fa2f44a3726
cdn-requestcountrycode: DE
link: <https://boron.orientaldaily.com.my/storage/resize_cache/images/uploads/news-cover/2023/MAR_2023/20230308/GUYC45.jpg/98646e8ef76b44db47760208aefbe0e5.jpg>; rel="canonical"
cdn-status: 200
cdn-requestpullsuccess: True

Redirect headers

Date: Thu, 09 Mar 2023 03:34:31 GMT
Server: nginx/1.21.0
Content-Type: text/html
Location: https://media5.orientaldaily.com.my/storage/resize_cache/images/uploads/news-cover/2023/MAR_2023/20230308/GUYC45.jpg/98646e8ef76b44db47760208aefbe0e5.jpg
Cache-Control: max-age=315360000
Connection: keep-alive
Content-Length: 169
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2

200

91425f9618dca13e54b23fd45baf516e.jpeg
media5.orientaldaily.com.my/storage/resize_cache/images/uploads/news-cover/2023/MAR_2023/20230308/WhatsApp_Image_2023-03-08_at_1.38.13_PM.jpeg/
Redirect Chain

https://www.orientaldaily.com.my/storage/resize_cache/images/uploads/news-cover/2023/MAR_2023/20230308/WhatsApp_Image_2023-03-08_at_1.38.13_PM.jpeg/91425f9618dca13e54b23fd45baf516e.jpeg
https://media5.orientaldaily.com.my/storage/resize_cache/images/uploads/news-cover/2023/MAR_2023/20230308/WhatsApp_Image_2023-03-08_at_1.38.13_PM.jpeg/91425f9618dca13e54b23fd45baf516e.jpeg

22 KB
23 KB

12ms
12ms

Image
image/webp

138.199.36.10
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media5.orientaldaily.com.my/storage/resize_cache/images/uploads/news-cover/2023/MAR_2023/20230308/WhatsApp_Image_2023-03-08_at_1.38.13_PM.jpeg/91425f9618dca13e54b23fd45baf516e.jpeg
Requested by: Host: www.orientaldaily.com.my
URL: https://www.orientaldaily.com.my/
Protocol: H2
Server: 138.199.36.10 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: 138-199-36-10.bunnyinfra.net
Software: BunnyCDN-DE1-1053 /
Resource Hash: ba32e8bb11de17d336f76372d7761a10939c1aa386b313c9c51c76aa213865db

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.orientaldaily.com.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 03:34:32 GMT
x-downloadsize: 28146
cdn-edgestorageid: 1076
x-bo-processingtime: 0
cdn-cachedat: 03/08/2023 06:07:12
cdn-pullzone: 33990
content-length: 22880
x-bo-server: DE-95
last-modified: Wed, 08 Mar 2023 06:07:08 GMT
server: BunnyCDN-DE1-1053
cdn-proxyver: 1.03
cdn-requestpullcode: 200
x-bo-origindownloadtime: 3783
content-type: image/webp
cdn-cache: HIT
cdn-uid: 2c51b53b-2200-4208-b6d0-be336defacc5
cache-control: public, max-age=2592000
x-bo-compressionratio: 18.71%
cdn-requestid: 638b42d78d0565529c54906d29461b43
cdn-requestcountrycode: DE
link: <https://boron.orientaldaily.com.my/storage/resize_cache/images/uploads/news-cover/2023/MAR_2023/20230308/WhatsApp_Image_2023-03-08_at_1.38.13_PM.jpeg/91425f9618dca13e54b23fd45baf516e.jpeg>; rel="canonical"
cdn-status: 200
cdn-requestpullsuccess: True

Redirect headers

Date: Thu, 09 Mar 2023 03:34:32 GMT
Server: nginx/1.21.0
Content-Type: text/html
Location: https://media5.orientaldaily.com.my/storage/resize_cache/images/uploads/news-cover/2023/MAR_2023/20230308/WhatsApp_Image_2023-03-08_at_1.38.13_PM.jpeg/91425f9618dca13e54b23fd45baf516e.jpeg
Cache-Control: max-age=315360000
Connection: keep-alive
Content-Length: 169
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2

200

90401b544261acd4cb2039eea8bdca2f.jpeg
media5.orientaldaily.com.my/storage/resize_cache/images/uploads/news-cover/2023/MAR_2023/20230308/WhatsApp_Image_2023-03-08_at_13.08.25.jpeg/
Redirect Chain

https://www.orientaldaily.com.my/storage/resize_cache/images/uploads/news-cover/2023/MAR_2023/20230308/WhatsApp_Image_2023-03-08_at_13.08.25.jpeg/90401b544261acd4cb2039eea8bdca2f.jpeg
https://media5.orientaldaily.com.my/storage/resize_cache/images/uploads/news-cover/2023/MAR_2023/20230308/WhatsApp_Image_2023-03-08_at_13.08.25.jpeg/90401b544261acd4cb2039eea8bdca2f.jpeg

18 KB
18 KB

7ms
7ms

Image
image/webp

138.199.36.10
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media5.orientaldaily.com.my/storage/resize_cache/images/uploads/news-cover/2023/MAR_2023/20230308/WhatsApp_Image_2023-03-08_at_13.08.25.jpeg/90401b544261acd4cb2039eea8bdca2f.jpeg
Requested by: Host: www.orientaldaily.com.my
URL: https://www.orientaldaily.com.my/
Protocol: H2
Server: 138.199.36.10 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: 138-199-36-10.bunnyinfra.net
Software: BunnyCDN-DE1-1053 /
Resource Hash: ca13ce8e0077d743e7633a3f6ea66487e2ca52c068861db8437a5da2de39e537

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.orientaldaily.com.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 03:34:32 GMT
x-downloadsize: 24574
cdn-edgestorageid: 1047
x-bo-processingtime: 1
cdn-cachedat: 03/08/2023 05:14:08
cdn-pullzone: 33990
content-length: 18242
x-bo-server: ASB-209
last-modified: Wed, 08 Mar 2023 05:14:07 GMT
server: BunnyCDN-DE1-1053
cdn-proxyver: 1.03
cdn-requestpullcode: 200
x-bo-origindownloadtime: 461
content-type: image/webp
cdn-cache: HIT
cdn-uid: 2c51b53b-2200-4208-b6d0-be336defacc5
cache-control: public, max-age=2592000
x-bo-compressionratio: 25.77%
cdn-requestid: a4e29d736ff2bee8374def5de473e5f5
cdn-requestcountrycode: DE
link: <https://boron.orientaldaily.com.my/storage/resize_cache/images/uploads/news-cover/2023/MAR_2023/20230308/WhatsApp_Image_2023-03-08_at_13.08.25.jpeg/90401b544261acd4cb2039eea8bdca2f.jpeg>; rel="canonical"
cdn-status: 200
cdn-requestpullsuccess: True

Redirect headers

Date: Thu, 09 Mar 2023 03:34:32 GMT
Server: nginx/1.21.0
Content-Type: text/html
Location: https://media5.orientaldaily.com.my/storage/resize_cache/images/uploads/news-cover/2023/MAR_2023/20230308/WhatsApp_Image_2023-03-08_at_13.08.25.jpeg/90401b544261acd4cb2039eea8bdca2f.jpeg
Cache-Control: max-age=315360000
Connection: keep-alive
Content-Length: 169
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2

200

de0c7e940b0b659f923bf13852e9baca.jpeg
media5.orientaldaily.com.my/storage/resize_cache/images/uploads/news-cover/2023/MAR_2023/20230308/WhatsApp_Image_2023-03-08_at_1.29.02_PM.jpeg/
Redirect Chain

https://www.orientaldaily.com.my/storage/resize_cache/images/uploads/news-cover/2023/MAR_2023/20230308/WhatsApp_Image_2023-03-08_at_1.29.02_PM.jpeg/de0c7e940b0b659f923bf13852e9baca.jpeg
https://media5.orientaldaily.com.my/storage/resize_cache/images/uploads/news-cover/2023/MAR_2023/20230308/WhatsApp_Image_2023-03-08_at_1.29.02_PM.jpeg/de0c7e940b0b659f923bf13852e9baca.jpeg

24 KB
25 KB

8ms
7ms

Image
image/webp

138.199.36.10
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media5.orientaldaily.com.my/storage/resize_cache/images/uploads/news-cover/2023/MAR_2023/20230308/WhatsApp_Image_2023-03-08_at_1.29.02_PM.jpeg/de0c7e940b0b659f923bf13852e9baca.jpeg
Requested by: Host: www.orientaldaily.com.my
URL: https://www.orientaldaily.com.my/
Protocol: H2
Server: 138.199.36.10 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: 138-199-36-10.bunnyinfra.net
Software: BunnyCDN-DE1-1053 /
Resource Hash: 056d911e5837fb8fbaec0b98bf4403cc13867e85844c1e130f8bf8bf78738f95

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.orientaldaily.com.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 03:34:32 GMT
x-downloadsize: 28805
cdn-edgestorageid: 722
x-bo-processingtime: 2
cdn-cachedat: 03/08/2023 05:41:37
cdn-pullzone: 33990
content-length: 24492
x-bo-server: ASB-194
last-modified: Wed, 08 Mar 2023 05:41:37 GMT
server: BunnyCDN-DE1-1053
cdn-proxyver: 1.03
cdn-requestpullcode: 200
x-bo-origindownloadtime: 474
content-type: image/webp
cdn-cache: HIT
cdn-uid: 2c51b53b-2200-4208-b6d0-be336defacc5
cache-control: public, max-age=2592000
x-bo-compressionratio: 14.97%
cdn-requestid: 53678226308f8ed5415b772116faa896
cdn-requestcountrycode: DE
link: <https://boron.orientaldaily.com.my/storage/resize_cache/images/uploads/news-cover/2023/MAR_2023/20230308/WhatsApp_Image_2023-03-08_at_1.29.02_PM.jpeg/de0c7e940b0b659f923bf13852e9baca.jpeg>; rel="canonical"
cdn-status: 200
cdn-requestpullsuccess: True

Redirect headers

Date: Thu, 09 Mar 2023 03:34:32 GMT
Server: nginx/1.21.0
Content-Type: text/html
Location: https://media5.orientaldaily.com.my/storage/resize_cache/images/uploads/news-cover/2023/MAR_2023/20230308/WhatsApp_Image_2023-03-08_at_1.29.02_PM.jpeg/de0c7e940b0b659f923bf13852e9baca.jpeg
Cache-Control: max-age=315360000
Connection: keep-alive
Content-Length: 169
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2

200

d9390a1440937ed408973a1171113a49.jpg
media5.orientaldaily.com.my/storage/resize_cache/images/uploads/news-cover/2023/MAR_2023/20230309/e0a80325d6b8c2e9919e0f080111d9a1.jpg/
Redirect Chain

https://www.orientaldaily.com.my/storage/resize_cache/images/uploads/news-cover/2023/MAR_2023/20230309/e0a80325d6b8c2e9919e0f080111d9a1.jpg/d9390a1440937ed408973a1171113a49.jpg
https://media5.orientaldaily.com.my/storage/resize_cache/images/uploads/news-cover/2023/MAR_2023/20230309/e0a80325d6b8c2e9919e0f080111d9a1.jpg/d9390a1440937ed408973a1171113a49.jpg

11 KB
11 KB

51ms
21ms

Image
image/webp

138.199.36.10
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media5.orientaldaily.com.my/storage/resize_cache/images/uploads/news-cover/2023/MAR_2023/20230309/e0a80325d6b8c2e9919e0f080111d9a1.jpg/d9390a1440937ed408973a1171113a49.jpg
Requested by: Host: www.orientaldaily.com.my
URL: https://www.orientaldaily.com.my/
Protocol: H2
Server: 138.199.36.10 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: 138-199-36-10.bunnyinfra.net
Software: BunnyCDN-DE1-1053 /
Resource Hash: 1e2a4e2988cae3e87879cb8e01908c4641a4ad2c33dabe1ff5e95a4aec69ea04

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.orientaldaily.com.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 03:34:32 GMT
x-downloadsize: 16886
cdn-edgestorageid: 1081
x-bo-processingtime: 1
cdn-cachedat: 03/09/2023 03:24:28
cdn-pullzone: 33990
content-length: 11042
x-bo-server: DE-95
last-modified: Thu, 09 Mar 2023 03:24:28 GMT
server: BunnyCDN-DE1-1053
cdn-proxyver: 1.03
cdn-requestpullcode: 200
x-bo-origindownloadtime: 334
content-type: image/webp
cdn-cache: HIT
cdn-uid: 2c51b53b-2200-4208-b6d0-be336defacc5
cache-control: public, max-age=2592000
x-bo-compressionratio: 34.61%
cdn-requestid: 7c3dc1307440745349aaa23034cae446
cdn-requestcountrycode: DE
link: <https://boron.orientaldaily.com.my/storage/resize_cache/images/uploads/news-cover/2023/MAR_2023/20230309/e0a80325d6b8c2e9919e0f080111d9a1.jpg/d9390a1440937ed408973a1171113a49.jpg>; rel="canonical"
cdn-status: 200
cdn-requestpullsuccess: True

Redirect headers

Date: Thu, 09 Mar 2023 03:34:32 GMT
Server: nginx/1.21.0
Content-Type: text/html
Location: https://media5.orientaldaily.com.my/storage/resize_cache/images/uploads/news-cover/2023/MAR_2023/20230309/e0a80325d6b8c2e9919e0f080111d9a1.jpg/d9390a1440937ed408973a1171113a49.jpg
Cache-Control: max-age=315360000
Connection: keep-alive
Content-Length: 169
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2

200

e11f4aa8d25454c8700daa6988461894.jpg
media5.orientaldaily.com.my/storage/resize_cache/images/uploads/news-cover/2023/MAR_2023/20230309/b46ad328-4f5d-4f39-a300-a7ac4110479c.jpg/
Redirect Chain

https://www.orientaldaily.com.my/storage/resize_cache/images/uploads/news-cover/2023/MAR_2023/20230309/b46ad328-4f5d-4f39-a300-a7ac4110479c.jpg/e11f4aa8d25454c8700daa6988461894.jpg
https://media5.orientaldaily.com.my/storage/resize_cache/images/uploads/news-cover/2023/MAR_2023/20230309/b46ad328-4f5d-4f39-a300-a7ac4110479c.jpg/e11f4aa8d25454c8700daa6988461894.jpg

16 KB
16 KB

32ms
10ms

Image
image/webp

138.199.36.10
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media5.orientaldaily.com.my/storage/resize_cache/images/uploads/news-cover/2023/MAR_2023/20230309/b46ad328-4f5d-4f39-a300-a7ac4110479c.jpg/e11f4aa8d25454c8700daa6988461894.jpg
Requested by: Host: www.orientaldaily.com.my
URL: https://www.orientaldaily.com.my/
Protocol: H2
Server: 138.199.36.10 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: 138-199-36-10.bunnyinfra.net
Software: BunnyCDN-DE1-1053 /
Resource Hash: ccb65b024184fd90f00c37cd3dd39e3c9cff2c36954f527de56cb61e6df5bcb1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.orientaldaily.com.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 03:34:32 GMT
x-downloadsize: 21361
cdn-edgestorageid: 1077
x-bo-processingtime: 1
cdn-cachedat: 03/09/2023 03:24:28
cdn-pullzone: 33990
content-length: 16144
x-bo-server: DE-228
last-modified: Thu, 09 Mar 2023 03:24:28 GMT
server: BunnyCDN-DE1-1053
cdn-proxyver: 1.03
cdn-requestpullcode: 200
x-bo-origindownloadtime: 334
content-type: image/webp
cdn-cache: HIT
cdn-uid: 2c51b53b-2200-4208-b6d0-be336defacc5
cache-control: public, max-age=2592000
x-bo-compressionratio: 24.42%
cdn-requestid: a992cba2b3e2711ef8f8a9da34319a08
cdn-requestcountrycode: DE
link: <https://boron.orientaldaily.com.my/storage/resize_cache/images/uploads/news-cover/2023/MAR_2023/20230309/b46ad328-4f5d-4f39-a300-a7ac4110479c.jpg/e11f4aa8d25454c8700daa6988461894.jpg>; rel="canonical"
cdn-status: 200
cdn-requestpullsuccess: True

Redirect headers

Date: Thu, 09 Mar 2023 03:34:32 GMT
Server: nginx/1.21.0
Content-Type: text/html
Location: https://media5.orientaldaily.com.my/storage/resize_cache/images/uploads/news-cover/2023/MAR_2023/20230309/b46ad328-4f5d-4f39-a300-a7ac4110479c.jpg/e11f4aa8d25454c8700daa6988461894.jpg
Cache-Control: max-age=315360000
Connection: keep-alive
Content-Length: 169
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2

200

f8f7f74bbf11fcc662963cbe5d98c8e5.jpg
media5.orientaldaily.com.my/storage/resize_cache/images/uploads/news-cover/2023/MAR_2023/20230309/3e7900d0-daba-48f6-a27e-1d98eb885f39.jpg/
Redirect Chain

https://www.orientaldaily.com.my/storage/resize_cache/images/uploads/news-cover/2023/MAR_2023/20230309/3e7900d0-daba-48f6-a27e-1d98eb885f39.jpg/f8f7f74bbf11fcc662963cbe5d98c8e5.jpg
https://media5.orientaldaily.com.my/storage/resize_cache/images/uploads/news-cover/2023/MAR_2023/20230309/3e7900d0-daba-48f6-a27e-1d98eb885f39.jpg/f8f7f74bbf11fcc662963cbe5d98c8e5.jpg

21 KB
21 KB

44ms
22ms

Image
image/webp

138.199.36.10
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media5.orientaldaily.com.my/storage/resize_cache/images/uploads/news-cover/2023/MAR_2023/20230309/3e7900d0-daba-48f6-a27e-1d98eb885f39.jpg/f8f7f74bbf11fcc662963cbe5d98c8e5.jpg
Requested by: Host: www.orientaldaily.com.my
URL: https://www.orientaldaily.com.my/
Protocol: H2
Server: 138.199.36.10 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: 138-199-36-10.bunnyinfra.net
Software: BunnyCDN-DE1-1053 /
Resource Hash: bc0a3b3b74323528292865d4604ff641535275ccc4f174903654277df4933794

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.orientaldaily.com.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 03:34:32 GMT
x-downloadsize: 26345
cdn-edgestorageid: 1075
x-bo-processingtime: 2
cdn-cachedat: 03/09/2023 03:19:43
cdn-pullzone: 33990
content-length: 21160
x-bo-server: ASB-198
last-modified: Thu, 09 Mar 2023 03:19:42 GMT
server: BunnyCDN-DE1-1053
cdn-proxyver: 1.03
cdn-requestpullcode: 200
x-bo-origindownloadtime: 440
content-type: image/webp
cdn-cache: HIT
cdn-uid: 2c51b53b-2200-4208-b6d0-be336defacc5
cache-control: public, max-age=2592000
x-bo-compressionratio: 19.68%
cdn-requestid: a7eec62178edee68b2c0e58ebd4ae506
cdn-requestcountrycode: DE
link: <https://boron.orientaldaily.com.my/storage/resize_cache/images/uploads/news-cover/2023/MAR_2023/20230309/3e7900d0-daba-48f6-a27e-1d98eb885f39.jpg/f8f7f74bbf11fcc662963cbe5d98c8e5.jpg>; rel="canonical"
cdn-status: 200
cdn-requestpullsuccess: True

Redirect headers

Date: Thu, 09 Mar 2023 03:34:32 GMT
Server: nginx/1.21.0
Content-Type: text/html
Location: https://media5.orientaldaily.com.my/storage/resize_cache/images/uploads/news-cover/2023/MAR_2023/20230309/3e7900d0-daba-48f6-a27e-1d98eb885f39.jpg/f8f7f74bbf11fcc662963cbe5d98c8e5.jpg
Cache-Control: max-age=315360000
Connection: keep-alive
Content-Length: 169
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2

200

0fd7808a6930e51521314b9851d94f42.jpeg
media5.orientaldaily.com.my/storage/resize_cache/images/uploads/news-cover/2023/MAR_2023/20230309/WhatsApp_Image_2023-03-09_at_10.52.58_AM.jpeg/
Redirect Chain

https://www.orientaldaily.com.my/storage/resize_cache/images/uploads/news-cover/2023/MAR_2023/20230309/WhatsApp_Image_2023-03-09_at_10.52.58_AM.jpeg/0fd7808a6930e51521314b9851d94f42.jpeg
https://media5.orientaldaily.com.my/storage/resize_cache/images/uploads/news-cover/2023/MAR_2023/20230309/WhatsApp_Image_2023-03-09_at_10.52.58_AM.jpeg/0fd7808a6930e51521314b9851d94f42.jpeg

16 KB
16 KB

27ms
11ms

Image
image/webp

138.199.36.10
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media5.orientaldaily.com.my/storage/resize_cache/images/uploads/news-cover/2023/MAR_2023/20230309/WhatsApp_Image_2023-03-09_at_10.52.58_AM.jpeg/0fd7808a6930e51521314b9851d94f42.jpeg
Requested by: Host: www.orientaldaily.com.my
URL: https://www.orientaldaily.com.my/
Protocol: H2
Server: 138.199.36.10 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: 138-199-36-10.bunnyinfra.net
Software: BunnyCDN-DE1-1053 /
Resource Hash: 872d646f1ce79e6125d7d80ab0a8c5ddf69f05967c3da5d07061c19b183ef362

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.orientaldaily.com.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 03:34:32 GMT
x-downloadsize: 22013
cdn-edgestorageid: 1075
x-bo-processingtime: 1
cdn-cachedat: 03/09/2023 03:19:43
cdn-pullzone: 33990
content-length: 15930
x-bo-server: ASB-209
last-modified: Thu, 09 Mar 2023 03:19:42 GMT
server: BunnyCDN-DE1-1053
cdn-proxyver: 1.03
cdn-requestpullcode: 200
x-bo-origindownloadtime: 936
content-type: image/webp
cdn-cache: HIT
cdn-uid: 2c51b53b-2200-4208-b6d0-be336defacc5
cache-control: public, max-age=2592000
x-bo-compressionratio: 27.63%
cdn-requestid: 13b56d25c76c3fde330aaa13b59c2bc9
cdn-requestcountrycode: DE
link: <https://boron.orientaldaily.com.my/storage/resize_cache/images/uploads/news-cover/2023/MAR_2023/20230309/WhatsApp_Image_2023-03-09_at_10.52.58_AM.jpeg/0fd7808a6930e51521314b9851d94f42.jpeg>; rel="canonical"
cdn-status: 200
cdn-requestpullsuccess: True

Redirect headers

Date: Thu, 09 Mar 2023 03:34:32 GMT
Server: nginx/1.21.0
Content-Type: text/html
Location: https://media5.orientaldaily.com.my/storage/resize_cache/images/uploads/news-cover/2023/MAR_2023/20230309/WhatsApp_Image_2023-03-09_at_10.52.58_AM.jpeg/0fd7808a6930e51521314b9851d94f42.jpeg
Cache-Control: max-age=315360000
Connection: keep-alive
Content-Length: 169
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2

200

4be15d19234bf28ffd41501160a0030e.jpg
media5.orientaldaily.com.my/storage/resize_cache/images/uploads/news-cover/2023/MAR_2023/20230309/chicken.jpg/
Redirect Chain

https://www.orientaldaily.com.my/storage/resize_cache/images/uploads/news-cover/2023/MAR_2023/20230309/chicken.jpg/4be15d19234bf28ffd41501160a0030e.jpg
https://media5.orientaldaily.com.my/storage/resize_cache/images/uploads/news-cover/2023/MAR_2023/20230309/chicken.jpg/4be15d19234bf28ffd41501160a0030e.jpg

11 KB
12 KB

28ms
12ms

Image
image/webp

138.199.36.10
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media5.orientaldaily.com.my/storage/resize_cache/images/uploads/news-cover/2023/MAR_2023/20230309/chicken.jpg/4be15d19234bf28ffd41501160a0030e.jpg
Requested by: Host: www.orientaldaily.com.my
URL: https://www.orientaldaily.com.my/
Protocol: H2
Server: 138.199.36.10 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: 138-199-36-10.bunnyinfra.net
Software: BunnyCDN-DE1-1053 /
Resource Hash: 4d352b80fd702f7736c4988e2c62b8c360275049fed7ee53ee14c87c2ddd9c4c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.orientaldaily.com.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 03:34:32 GMT
x-downloadsize: 16784
cdn-edgestorageid: 863
x-bo-processingtime: 1
cdn-cachedat: 03/09/2023 02:06:45
cdn-pullzone: 33990
content-length: 11688
x-bo-server: DE-137
last-modified: Thu, 09 Mar 2023 02:06:44 GMT
server: BunnyCDN-DE1-1053
cdn-proxyver: 1.03
cdn-requestpullcode: 200
x-bo-origindownloadtime: 666
content-type: image/webp
cdn-cache: HIT
cdn-uid: 2c51b53b-2200-4208-b6d0-be336defacc5
cache-control: public, max-age=2592000
x-bo-compressionratio: 30.36%
cdn-requestid: 9bc328d9b4b03ae0e380c48ecd0abe95
cdn-requestcountrycode: DE
link: <https://boron.orientaldaily.com.my/storage/resize_cache/images/uploads/news-cover/2023/MAR_2023/20230309/chicken.jpg/4be15d19234bf28ffd41501160a0030e.jpg>; rel="canonical"
cdn-status: 200
cdn-requestpullsuccess: True

Redirect headers

Date: Thu, 09 Mar 2023 03:34:32 GMT
Server: nginx/1.21.0
Content-Type: text/html
Location: https://media5.orientaldaily.com.my/storage/resize_cache/images/uploads/news-cover/2023/MAR_2023/20230309/chicken.jpg/4be15d19234bf28ffd41501160a0030e.jpg
Cache-Control: max-age=315360000
Connection: keep-alive
Content-Length: 169
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2

200

b98b9b272ec7f2867c5dbe2a8a4d7aa9.jpg
media5.orientaldaily.com.my/storage/resize_cache/images/uploads/news-cover/2023/MAR_2023/20230309/76967967.jpg/
Redirect Chain

https://www.orientaldaily.com.my/storage/resize_cache/images/uploads/news-cover/2023/MAR_2023/20230309/76967967.jpg/b98b9b272ec7f2867c5dbe2a8a4d7aa9.jpg
https://media5.orientaldaily.com.my/storage/resize_cache/images/uploads/news-cover/2023/MAR_2023/20230309/76967967.jpg/b98b9b272ec7f2867c5dbe2a8a4d7aa9.jpg

13 KB
13 KB

8ms
7ms

Image
image/webp

138.199.36.10
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media5.orientaldaily.com.my/storage/resize_cache/images/uploads/news-cover/2023/MAR_2023/20230309/76967967.jpg/b98b9b272ec7f2867c5dbe2a8a4d7aa9.jpg
Requested by: Host: www.orientaldaily.com.my
URL: https://www.orientaldaily.com.my/
Protocol: H2
Server: 138.199.36.10 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: 138-199-36-10.bunnyinfra.net
Software: BunnyCDN-DE1-1053 /
Resource Hash: 3486e63905bfa2e7c0751737e411431989625df054f018f6747cf24210413c05

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.orientaldaily.com.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 03:34:32 GMT
x-downloadsize: 18655
cdn-edgestorageid: 755
x-bo-processingtime: 1
cdn-cachedat: 03/09/2023 02:17:30
cdn-pullzone: 33990
content-length: 12846
x-bo-server: ASB-192
last-modified: Thu, 09 Mar 2023 02:17:29 GMT
server: BunnyCDN-DE1-1053
cdn-proxyver: 1.03
cdn-requestpullcode: 200
x-bo-origindownloadtime: 448
content-type: image/webp
cdn-cache: HIT
cdn-uid: 2c51b53b-2200-4208-b6d0-be336defacc5
cache-control: public, max-age=2592000
x-bo-compressionratio: 31.14%
cdn-requestid: 31d23e05fe8730d430fb094157c60478
cdn-requestcountrycode: DE
link: <https://boron.orientaldaily.com.my/storage/resize_cache/images/uploads/news-cover/2023/MAR_2023/20230309/76967967.jpg/b98b9b272ec7f2867c5dbe2a8a4d7aa9.jpg>; rel="canonical"
cdn-status: 200
cdn-requestpullsuccess: True

Redirect headers

Date: Thu, 09 Mar 2023 03:34:32 GMT
Server: nginx/1.21.0
Content-Type: text/html
Location: https://media5.orientaldaily.com.my/storage/resize_cache/images/uploads/news-cover/2023/MAR_2023/20230309/76967967.jpg/b98b9b272ec7f2867c5dbe2a8a4d7aa9.jpg
Cache-Control: max-age=315360000
Connection: keep-alive
Content-Length: 169
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2

200

18cabeaaf7bdf0c2bd4e4a356bd0bad1.jpg
media5.orientaldaily.com.my/storage/resize_cache/images/uploads/news-cover/2023/MAR_2023/20230309/AZ3C2MC6TFISFPLH23LDWY2B74.jpg/
Redirect Chain

https://www.orientaldaily.com.my/storage/resize_cache/images/uploads/news-cover/2023/MAR_2023/20230309/AZ3C2MC6TFISFPLH23LDWY2B74.jpg/18cabeaaf7bdf0c2bd4e4a356bd0bad1.jpg
https://media5.orientaldaily.com.my/storage/resize_cache/images/uploads/news-cover/2023/MAR_2023/20230309/AZ3C2MC6TFISFPLH23LDWY2B74.jpg/18cabeaaf7bdf0c2bd4e4a356bd0bad1.jpg

8 KB
8 KB

19ms
15ms

Image
image/webp

138.199.36.10
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media5.orientaldaily.com.my/storage/resize_cache/images/uploads/news-cover/2023/MAR_2023/20230309/AZ3C2MC6TFISFPLH23LDWY2B74.jpg/18cabeaaf7bdf0c2bd4e4a356bd0bad1.jpg
Requested by: Host: www.orientaldaily.com.my
URL: https://www.orientaldaily.com.my/
Protocol: H2
Server: 138.199.36.10 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: 138-199-36-10.bunnyinfra.net
Software: BunnyCDN-DE1-1053 /
Resource Hash: 3e35ad65c326e292bfed1eb0b66774a0930847f2b53f5235c61d70117bc50cbf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.orientaldaily.com.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 03:34:32 GMT
x-downloadsize: 13615
cdn-edgestorageid: 752
x-bo-processingtime: 2
cdn-cachedat: 03/09/2023 01:59:30
cdn-pullzone: 33990
content-length: 7684
x-bo-server: ASB-207
last-modified: Thu, 09 Mar 2023 01:59:30 GMT
server: BunnyCDN-DE1-1053
cdn-proxyver: 1.03
cdn-requestpullcode: 200
x-bo-origindownloadtime: 225
content-type: image/webp
cdn-cache: HIT
cdn-uid: 2c51b53b-2200-4208-b6d0-be336defacc5
cache-control: public, max-age=2592000
x-bo-compressionratio: 43.56%
cdn-requestid: c2d1fb8f8d18a6d7c273780869d54797
cdn-requestcountrycode: DE
link: <https://boron.orientaldaily.com.my/storage/resize_cache/images/uploads/news-cover/2023/MAR_2023/20230309/AZ3C2MC6TFISFPLH23LDWY2B74.jpg/18cabeaaf7bdf0c2bd4e4a356bd0bad1.jpg>; rel="canonical"
cdn-status: 200
cdn-requestpullsuccess: True

Redirect headers

Date: Thu, 09 Mar 2023 03:34:32 GMT
Server: nginx/1.21.0
Content-Type: text/html
Location: https://media5.orientaldaily.com.my/storage/resize_cache/images/uploads/news-cover/2023/MAR_2023/20230309/AZ3C2MC6TFISFPLH23LDWY2B74.jpg/18cabeaaf7bdf0c2bd4e4a356bd0bad1.jpg
Cache-Control: max-age=315360000
Connection: keep-alive
Content-Length: 169
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2

200

5eb28e24632b9a5e805a4b22d2bb2632.jpg
media5.orientaldaily.com.my/storage/resize_cache/images/uploads/news-cover/2023/MAR_2023/20230309/54654654654645.jpg/
Redirect Chain

https://www.orientaldaily.com.my/storage/resize_cache/images/uploads/news-cover/2023/MAR_2023/20230309/54654654654645.jpg/5eb28e24632b9a5e805a4b22d2bb2632.jpg
https://media5.orientaldaily.com.my/storage/resize_cache/images/uploads/news-cover/2023/MAR_2023/20230309/54654654654645.jpg/5eb28e24632b9a5e805a4b22d2bb2632.jpg

11 KB
11 KB

20ms
16ms

Image
image/webp

138.199.36.10
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media5.orientaldaily.com.my/storage/resize_cache/images/uploads/news-cover/2023/MAR_2023/20230309/54654654654645.jpg/5eb28e24632b9a5e805a4b22d2bb2632.jpg
Requested by: Host: www.orientaldaily.com.my
URL: https://www.orientaldaily.com.my/
Protocol: H2
Server: 138.199.36.10 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: 138-199-36-10.bunnyinfra.net
Software: BunnyCDN-DE1-1053 /
Resource Hash: 8234c00ee5d863fb4ca3def4b3a0d7dce5b968a43e3ea959ae412d6cb6fea5f6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.orientaldaily.com.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 03:34:32 GMT
x-downloadsize: 16234
cdn-edgestorageid: 863
x-bo-processingtime: 0
cdn-cachedat: 03/09/2023 01:59:30
cdn-pullzone: 33990
content-length: 10886
x-bo-server: DE-229
last-modified: Thu, 09 Mar 2023 01:59:30 GMT
server: BunnyCDN-DE1-1053
cdn-proxyver: 1.03
cdn-requestpullcode: 200
x-bo-origindownloadtime: 167
content-type: image/webp
cdn-cache: HIT
cdn-uid: 2c51b53b-2200-4208-b6d0-be336defacc5
cache-control: public, max-age=2592000
x-bo-compressionratio: 32.94%
cdn-requestid: b890b26210c7a3880f022f3433356632
cdn-requestcountrycode: DE
link: <https://boron.orientaldaily.com.my/storage/resize_cache/images/uploads/news-cover/2023/MAR_2023/20230309/54654654654645.jpg/5eb28e24632b9a5e805a4b22d2bb2632.jpg>; rel="canonical"
cdn-status: 200
cdn-requestpullsuccess: True

Redirect headers

Date: Thu, 09 Mar 2023 03:34:32 GMT
Server: nginx/1.21.0
Content-Type: text/html
Location: https://media5.orientaldaily.com.my/storage/resize_cache/images/uploads/news-cover/2023/MAR_2023/20230309/54654654654645.jpg/5eb28e24632b9a5e805a4b22d2bb2632.jpg
Cache-Control: max-age=315360000
Connection: keep-alive
Content-Length: 169
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2

200

3a13a7104badb5d9196528f6b4644f76.jpg
media5.orientaldaily.com.my/storage/resize_cache/images/uploads/news-cover/2023/MAR_2023/20230309/ac2871e9-b8e2-4315-af4d-f9238d139b8e.jpg/
Redirect Chain

https://www.orientaldaily.com.my/storage/resize_cache/images/uploads/news-cover/2023/MAR_2023/20230309/ac2871e9-b8e2-4315-af4d-f9238d139b8e.jpg/3a13a7104badb5d9196528f6b4644f76.jpg
https://media5.orientaldaily.com.my/storage/resize_cache/images/uploads/news-cover/2023/MAR_2023/20230309/ac2871e9-b8e2-4315-af4d-f9238d139b8e.jpg/3a13a7104badb5d9196528f6b4644f76.jpg

23 KB
23 KB

13ms
12ms

Image
image/webp

138.199.36.10
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media5.orientaldaily.com.my/storage/resize_cache/images/uploads/news-cover/2023/MAR_2023/20230309/ac2871e9-b8e2-4315-af4d-f9238d139b8e.jpg/3a13a7104badb5d9196528f6b4644f76.jpg
Requested by: Host: www.orientaldaily.com.my
URL: https://www.orientaldaily.com.my/
Protocol: H2
Server: 138.199.36.10 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: 138-199-36-10.bunnyinfra.net
Software: BunnyCDN-DE1-1053 /
Resource Hash: 577e1bf31bc8725166df6c42c6df94534ebb31d7b9d6e48109869d2ecce82287

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.orientaldaily.com.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 03:34:32 GMT
x-downloadsize: 26597
cdn-edgestorageid: 1081
x-bo-processingtime: 1
cdn-cachedat: 03/09/2023 01:07:43
cdn-pullzone: 33990
content-length: 23098
x-bo-server: DE-227
last-modified: Thu, 09 Mar 2023 01:07:42 GMT
server: BunnyCDN-DE1-1053
cdn-proxyver: 1.03
cdn-requestpullcode: 200
x-bo-origindownloadtime: 333
content-type: image/webp
cdn-cache: HIT
cdn-uid: 2c51b53b-2200-4208-b6d0-be336defacc5
cache-control: public, max-age=2592000
x-bo-compressionratio: 13.16%
cdn-requestid: 1b56199f311aa04179eab27c446cc4c6
cdn-requestcountrycode: DE
link: <https://boron.orientaldaily.com.my/storage/resize_cache/images/uploads/news-cover/2023/MAR_2023/20230309/ac2871e9-b8e2-4315-af4d-f9238d139b8e.jpg/3a13a7104badb5d9196528f6b4644f76.jpg>; rel="canonical"
cdn-status: 200
cdn-requestpullsuccess: True

Redirect headers

Date: Thu, 09 Mar 2023 03:34:32 GMT
Server: nginx/1.21.0
Content-Type: text/html
Location: https://media5.orientaldaily.com.my/storage/resize_cache/images/uploads/news-cover/2023/MAR_2023/20230309/ac2871e9-b8e2-4315-af4d-f9238d139b8e.jpg/3a13a7104badb5d9196528f6b4644f76.jpg
Cache-Control: max-age=315360000
Connection: keep-alive
Content-Length: 169
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2

200

eada9c294e4dab9bb67d2d1bc995374a.jpg
media5.orientaldaily.com.my/storage/resize_cache/images/uploads/news-cover/2023/MAR_2023/20230309/6797697697696.jpg/
Redirect Chain

https://www.orientaldaily.com.my/storage/resize_cache/images/uploads/news-cover/2023/MAR_2023/20230309/6797697697696.jpg/eada9c294e4dab9bb67d2d1bc995374a.jpg
https://media5.orientaldaily.com.my/storage/resize_cache/images/uploads/news-cover/2023/MAR_2023/20230309/6797697697696.jpg/eada9c294e4dab9bb67d2d1bc995374a.jpg

16 KB
16 KB

15ms
11ms

Image
image/webp

138.199.36.10
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media5.orientaldaily.com.my/storage/resize_cache/images/uploads/news-cover/2023/MAR_2023/20230309/6797697697696.jpg/eada9c294e4dab9bb67d2d1bc995374a.jpg
Requested by: Host: www.orientaldaily.com.my
URL: https://www.orientaldaily.com.my/
Protocol: H2
Server: 138.199.36.10 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: 138-199-36-10.bunnyinfra.net
Software: BunnyCDN-DE1-1053 /
Resource Hash: d6a2f16fdc571271258a7fd14319587c47071598f52b254fd50b4344bda08607

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.orientaldaily.com.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 03:34:32 GMT
x-downloadsize: 21016
cdn-edgestorageid: 860
x-bo-processingtime: 2
cdn-cachedat: 03/09/2023 01:26:40
cdn-pullzone: 33990
content-length: 16230
x-bo-server: ASB-210
last-modified: Thu, 09 Mar 2023 01:26:40 GMT
server: BunnyCDN-DE1-1053
cdn-proxyver: 1.03
cdn-requestpullcode: 200
x-bo-origindownloadtime: 462
content-type: image/webp
cdn-cache: HIT
cdn-uid: 2c51b53b-2200-4208-b6d0-be336defacc5
cache-control: public, max-age=2592000
x-bo-compressionratio: 22.77%
cdn-requestid: 2413dd4604adf5d61f3530970078fe2b
cdn-requestcountrycode: DE
link: <https://boron.orientaldaily.com.my/storage/resize_cache/images/uploads/news-cover/2023/MAR_2023/20230309/6797697697696.jpg/eada9c294e4dab9bb67d2d1bc995374a.jpg>; rel="canonical"
cdn-status: 200
cdn-requestpullsuccess: True

Redirect headers

Date: Thu, 09 Mar 2023 03:34:32 GMT
Server: nginx/1.21.0
Content-Type: text/html
Location: https://media5.orientaldaily.com.my/storage/resize_cache/images/uploads/news-cover/2023/MAR_2023/20230309/6797697697696.jpg/eada9c294e4dab9bb67d2d1bc995374a.jpg
Cache-Control: max-age=315360000
Connection: keep-alive
Content-Length: 169
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2

200

adaea6c26c4f1b1529e05be08287f405.jpg
media5.orientaldaily.com.my/storage/resize_cache/images/uploads/news-cover/2023/MAR_2023/20230309/887ce7dd-995f-4c1a-b11d-fc64f2384da1.jpg/
Redirect Chain

https://www.orientaldaily.com.my/storage/resize_cache/images/uploads/news-cover/2023/MAR_2023/20230309/887ce7dd-995f-4c1a-b11d-fc64f2384da1.jpg/adaea6c26c4f1b1529e05be08287f405.jpg
https://media5.orientaldaily.com.my/storage/resize_cache/images/uploads/news-cover/2023/MAR_2023/20230309/887ce7dd-995f-4c1a-b11d-fc64f2384da1.jpg/adaea6c26c4f1b1529e05be08287f405.jpg

18 KB
18 KB

16ms
12ms

Image
image/webp

138.199.36.10
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media5.orientaldaily.com.my/storage/resize_cache/images/uploads/news-cover/2023/MAR_2023/20230309/887ce7dd-995f-4c1a-b11d-fc64f2384da1.jpg/adaea6c26c4f1b1529e05be08287f405.jpg
Requested by: Host: www.orientaldaily.com.my
URL: https://www.orientaldaily.com.my/
Protocol: H2
Server: 138.199.36.10 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: 138-199-36-10.bunnyinfra.net
Software: BunnyCDN-DE1-1053 /
Resource Hash: 53e9c19809385bddb9907b35c08e3dd35307afbe708af36c2ae3b9e0d442d92e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.orientaldaily.com.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 03:34:32 GMT
x-downloadsize: 24121
cdn-edgestorageid: 863
x-bo-processingtime: 1
cdn-cachedat: 03/09/2023 00:42:07
cdn-pullzone: 33990
content-length: 18040
x-bo-server: ASB-206
last-modified: Thu, 09 Mar 2023 00:42:06 GMT
server: BunnyCDN-DE1-1053
cdn-proxyver: 1.03
cdn-requestpullcode: 200
x-bo-origindownloadtime: 463
content-type: image/webp
cdn-cache: HIT
cdn-uid: 2c51b53b-2200-4208-b6d0-be336defacc5
cache-control: public, max-age=2592000
x-bo-compressionratio: 25.21%
cdn-requestid: 446cea6f4c36e341b68b4eefacdf2d18
cdn-requestcountrycode: DE
link: <https://boron.orientaldaily.com.my/storage/resize_cache/images/uploads/news-cover/2023/MAR_2023/20230309/887ce7dd-995f-4c1a-b11d-fc64f2384da1.jpg/adaea6c26c4f1b1529e05be08287f405.jpg>; rel="canonical"
cdn-status: 200
cdn-requestpullsuccess: True

Redirect headers

Date: Thu, 09 Mar 2023 03:34:32 GMT
Server: nginx/1.21.0
Content-Type: text/html
Location: https://media5.orientaldaily.com.my/storage/resize_cache/images/uploads/news-cover/2023/MAR_2023/20230309/887ce7dd-995f-4c1a-b11d-fc64f2384da1.jpg/adaea6c26c4f1b1529e05be08287f405.jpg
Cache-Control: max-age=315360000
Connection: keep-alive
Content-Length: 169
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2

200

2a7a328960b9b88ee0aea32dffc5033a.jpg
media5.orientaldaily.com.my/storage/resize_cache/images/uploads/news-cover/2023/MAR_2023/20230309/2ddf3ff7-c9c7-4008-ba34-6e90e6f1d8a1.jpg/
Redirect Chain

https://www.orientaldaily.com.my/storage/resize_cache/images/uploads/news-cover/2023/MAR_2023/20230309/2ddf3ff7-c9c7-4008-ba34-6e90e6f1d8a1.jpg/2a7a328960b9b88ee0aea32dffc5033a.jpg
https://media5.orientaldaily.com.my/storage/resize_cache/images/uploads/news-cover/2023/MAR_2023/20230309/2ddf3ff7-c9c7-4008-ba34-6e90e6f1d8a1.jpg/2a7a328960b9b88ee0aea32dffc5033a.jpg

21 KB
21 KB

57ms
7ms

Image
image/webp

138.199.36.10
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media5.orientaldaily.com.my/storage/resize_cache/images/uploads/news-cover/2023/MAR_2023/20230309/2ddf3ff7-c9c7-4008-ba34-6e90e6f1d8a1.jpg/2a7a328960b9b88ee0aea32dffc5033a.jpg
Requested by: Host: www.orientaldaily.com.my
URL: https://www.orientaldaily.com.my/
Protocol: H2
Server: 138.199.36.10 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: 138-199-36-10.bunnyinfra.net
Software: BunnyCDN-DE1-1053 /
Resource Hash: 723d57b7855b528165a97a6d7b89fbcb61c249b754a31f76291d057db325c039

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.orientaldaily.com.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 03:34:33 GMT
x-downloadsize: 27375
cdn-edgestorageid: 1082
x-bo-processingtime: 1
cdn-cachedat: 03/09/2023 00:14:59
cdn-pullzone: 33990
content-length: 21358
x-bo-server: DE-228
last-modified: Thu, 09 Mar 2023 00:14:58 GMT
server: BunnyCDN-DE1-1053
cdn-proxyver: 1.03
cdn-requestpullcode: 200
x-bo-origindownloadtime: 334
content-type: image/webp
cdn-cache: HIT
cdn-uid: 2c51b53b-2200-4208-b6d0-be336defacc5
cache-control: public, max-age=2592000
x-bo-compressionratio: 21.98%
cdn-requestid: 25fcf2bbb55abeb7c62953cc2abb46f7
cdn-requestcountrycode: DE
link: <https://boron.orientaldaily.com.my/storage/resize_cache/images/uploads/news-cover/2023/MAR_2023/20230309/2ddf3ff7-c9c7-4008-ba34-6e90e6f1d8a1.jpg/2a7a328960b9b88ee0aea32dffc5033a.jpg>; rel="canonical"
cdn-status: 200
cdn-requestpullsuccess: True

Redirect headers

Date: Thu, 09 Mar 2023 03:34:32 GMT
Server: nginx/1.21.0
Content-Type: text/html
Location: https://media5.orientaldaily.com.my/storage/resize_cache/images/uploads/news-cover/2023/MAR_2023/20230309/2ddf3ff7-c9c7-4008-ba34-6e90e6f1d8a1.jpg/2a7a328960b9b88ee0aea32dffc5033a.jpg
Cache-Control: max-age=315360000
Connection: keep-alive
Content-Length: 169
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2

200

78f572bb17ea89f7a079c4da9bbe9584.jpg
media5.orientaldaily.com.my/storage/resize_cache/images/uploads/news-cover/2023/MAR_2023/20230309/8987978978.jpg/
Redirect Chain

https://www.orientaldaily.com.my/storage/resize_cache/images/uploads/news-cover/2023/MAR_2023/20230309/8987978978.jpg/78f572bb17ea89f7a079c4da9bbe9584.jpg
https://media5.orientaldaily.com.my/storage/resize_cache/images/uploads/news-cover/2023/MAR_2023/20230309/8987978978.jpg/78f572bb17ea89f7a079c4da9bbe9584.jpg

16 KB
16 KB

24ms
0ms

Image
image/webp

138.199.36.10
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media5.orientaldaily.com.my/storage/resize_cache/images/uploads/news-cover/2023/MAR_2023/20230309/8987978978.jpg/78f572bb17ea89f7a079c4da9bbe9584.jpg
Requested by: Host: www.orientaldaily.com.my
URL: https://www.orientaldaily.com.my/
Protocol: H2
Server: 138.199.36.10 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: 138-199-36-10.bunnyinfra.net
Software: BunnyCDN-DE1-1053 /
Resource Hash: 0edb88174723b3b2fd43295d4289c4af19afef358c107eff8f96786c203c1f99

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.orientaldaily.com.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 03:34:33 GMT
x-downloadsize: 22127
cdn-edgestorageid: 863
x-bo-processingtime: 1
cdn-cachedat: 03/09/2023 00:17:32
cdn-pullzone: 33990
content-length: 16148
x-bo-server: DE-229
last-modified: Thu, 09 Mar 2023 00:17:32 GMT
server: BunnyCDN-DE1-1053
cdn-proxyver: 1.03
cdn-requestpullcode: 200
x-bo-origindownloadtime: 332
content-type: image/webp
cdn-cache: HIT
cdn-uid: 2c51b53b-2200-4208-b6d0-be336defacc5
cache-control: public, max-age=2592000
x-bo-compressionratio: 27.02%
cdn-requestid: 414c5336f8ef220d1cb863bd25861ea6
cdn-requestcountrycode: DE
link: <https://boron.orientaldaily.com.my/storage/resize_cache/images/uploads/news-cover/2023/MAR_2023/20230309/8987978978.jpg/78f572bb17ea89f7a079c4da9bbe9584.jpg>; rel="canonical"
cdn-status: 200
cdn-requestpullsuccess: True

Redirect headers

Date: Thu, 09 Mar 2023 03:34:32 GMT
Server: nginx/1.21.0
Content-Type: text/html
Location: https://media5.orientaldaily.com.my/storage/resize_cache/images/uploads/news-cover/2023/MAR_2023/20230309/8987978978.jpg/78f572bb17ea89f7a079c4da9bbe9584.jpg
Cache-Control: max-age=315360000
Connection: keep-alive
Content-Length: 169
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2

200

676ec3458f054eca4ba159a10972c802.jpg
media5.orientaldaily.com.my/storage/resize_cache/images/uploads/news-cover/2023/MAR_2023/20230308/5bc1924d-72c5-4132-b279-6ba902ff426f.jpg/
Redirect Chain

https://www.orientaldaily.com.my/storage/resize_cache/images/uploads/news-cover/2023/MAR_2023/20230308/5bc1924d-72c5-4132-b279-6ba902ff426f.jpg/676ec3458f054eca4ba159a10972c802.jpg
https://media5.orientaldaily.com.my/storage/resize_cache/images/uploads/news-cover/2023/MAR_2023/20230308/5bc1924d-72c5-4132-b279-6ba902ff426f.jpg/676ec3458f054eca4ba159a10972c802.jpg

11 KB
12 KB

22ms
0ms

Image
image/webp

138.199.36.10
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media5.orientaldaily.com.my/storage/resize_cache/images/uploads/news-cover/2023/MAR_2023/20230308/5bc1924d-72c5-4132-b279-6ba902ff426f.jpg/676ec3458f054eca4ba159a10972c802.jpg
Requested by: Host: www.orientaldaily.com.my
URL: https://www.orientaldaily.com.my/
Protocol: H2
Server: 138.199.36.10 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: 138-199-36-10.bunnyinfra.net
Software: BunnyCDN-DE1-1053 /
Resource Hash: 27f2b6d9ca8d879d52104c717eef24d3b698e9f51770ec6071de8eaa72e56d8e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.orientaldaily.com.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 03:34:33 GMT
x-downloadsize: 17397
cdn-edgestorageid: 723
x-bo-processingtime: 2
cdn-cachedat: 03/08/2023 22:11:59
cdn-pullzone: 33990
content-length: 11396
x-bo-server: ASB-195
last-modified: Wed, 08 Mar 2023 22:11:59 GMT
server: BunnyCDN-DE1-1053
cdn-proxyver: 1.03
cdn-requestpullcode: 200
x-bo-origindownloadtime: 453
content-type: image/webp
cdn-cache: HIT
cdn-uid: 2c51b53b-2200-4208-b6d0-be336defacc5
cache-control: public, max-age=2592000
x-bo-compressionratio: 34.49%
cdn-requestid: 45d3d02789560e811d27450defba08e2
cdn-requestcountrycode: DE
link: <https://boron.orientaldaily.com.my/storage/resize_cache/images/uploads/news-cover/2023/MAR_2023/20230308/5bc1924d-72c5-4132-b279-6ba902ff426f.jpg/676ec3458f054eca4ba159a10972c802.jpg>; rel="canonical"
cdn-status: 200
cdn-requestpullsuccess: True

Redirect headers

Date: Thu, 09 Mar 2023 03:34:32 GMT
Server: nginx/1.21.0
Content-Type: text/html
Location: https://media5.orientaldaily.com.my/storage/resize_cache/images/uploads/news-cover/2023/MAR_2023/20230308/5bc1924d-72c5-4132-b279-6ba902ff426f.jpg/676ec3458f054eca4ba159a10972c802.jpg
Cache-Control: max-age=315360000
Connection: keep-alive
Content-Length: 169
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2

200

association-event.png
media5.orientaldaily.com.my/assets/static/
Redirect Chain

https://www.orientaldaily.com.my/assets/static/association-event.png
https://media5.orientaldaily.com.my/assets/static/association-event.png

10 KB
11 KB

25ms
0ms

Image
image/webp

138.199.36.10
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media5.orientaldaily.com.my/assets/static/association-event.png
Requested by: Host: www.orientaldaily.com.my
URL: https://www.orientaldaily.com.my/
Protocol: H2
Server: 138.199.36.10 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: 138-199-36-10.bunnyinfra.net
Software: BunnyCDN-DE1-1053 /
Resource Hash: d5ccef77f81eb6ff99292e6e3de336ecdf717b28430f5fcd5759bd05c5a96a39

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.orientaldaily.com.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 03:34:33 GMT
x-downloadsize: 65263
cdn-edgestorageid: 864
x-bo-processingtime: 1
cdn-cachedat: 02/17/2023 12:48:57
cdn-pullzone: 33990
content-length: 10436
x-bo-server: LA-221
last-modified: Fri, 17 Feb 2023 12:48:56 GMT
server: BunnyCDN-DE1-1053
cdn-proxyver: 1.03
cdn-requestpullcode: 200
x-bo-origindownloadtime: 755
content-type: image/webp
cdn-cache: HIT
cdn-uid: 2c51b53b-2200-4208-b6d0-be336defacc5
cache-control: public, max-age=2592000
x-bo-compressionratio: 84.01%
cdn-requestid: 571e429a177b800c576a9ee1cc800e51
cdn-requestcountrycode: DE
link: <https://boron.orientaldaily.com.my/assets/static/association-event.png>; rel="canonical"
cdn-status: 200
cdn-requestpullsuccess: True

Redirect headers

Date: Thu, 09 Mar 2023 03:34:32 GMT
Server: nginx/1.21.0
Content-Type: text/html
Location: https://media5.orientaldaily.com.my/assets/static/association-event.png
Cache-Control: max-age=315360000
Connection: keep-alive
Content-Length: 169
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2

200

fb454e0d98ab95657052b14f6e7c3685.jpg
media5.orientaldaily.com.my/storage/resize_cache/images/uploads/news-cover/2023/MAR_2023/20230308/1fe4e2f98a907735bd0f58a6483f80472.jpg/
Redirect Chain

https://www.orientaldaily.com.my/storage/resize_cache/images/uploads/news-cover/2023/MAR_2023/20230308/1fe4e2f98a907735bd0f58a6483f80472.jpg/fb454e0d98ab95657052b14f6e7c3685.jpg
https://media5.orientaldaily.com.my/storage/resize_cache/images/uploads/news-cover/2023/MAR_2023/20230308/1fe4e2f98a907735bd0f58a6483f80472.jpg/fb454e0d98ab95657052b14f6e7c3685.jpg

18 KB
19 KB

33ms
8ms

Image
image/webp

138.199.36.10
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media5.orientaldaily.com.my/storage/resize_cache/images/uploads/news-cover/2023/MAR_2023/20230308/1fe4e2f98a907735bd0f58a6483f80472.jpg/fb454e0d98ab95657052b14f6e7c3685.jpg
Requested by: Host: www.orientaldaily.com.my
URL: https://www.orientaldaily.com.my/
Protocol: H2
Server: 138.199.36.10 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: 138-199-36-10.bunnyinfra.net
Software: BunnyCDN-DE1-1053 /
Resource Hash: 5b44060031c0ee30d5b452d94317aace7ba9d2db2b374e550a4fcf8cf167266d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.orientaldaily.com.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 03:34:33 GMT
x-downloadsize: 25022
cdn-edgestorageid: 1082
x-bo-processingtime: 1
cdn-cachedat: 03/08/2023 12:41:44
cdn-pullzone: 33990
content-length: 18698
x-bo-server: DE-227
last-modified: Wed, 08 Mar 2023 12:41:43 GMT
server: BunnyCDN-DE1-1053
cdn-proxyver: 1.03
cdn-requestpullcode: 200
x-bo-origindownloadtime: 334
content-type: image/webp
cdn-cache: HIT
cdn-uid: 2c51b53b-2200-4208-b6d0-be336defacc5
cache-control: public, max-age=2592000
x-bo-compressionratio: 25.27%
cdn-requestid: 3a863d638e9b1b62f886f55392e4ece4
cdn-requestcountrycode: DE
link: <https://boron.orientaldaily.com.my/storage/resize_cache/images/uploads/news-cover/2023/MAR_2023/20230308/1fe4e2f98a907735bd0f58a6483f80472.jpg/fb454e0d98ab95657052b14f6e7c3685.jpg>; rel="canonical"
cdn-status: 200
cdn-requestpullsuccess: True

Redirect headers

Date: Thu, 09 Mar 2023 03:34:32 GMT
Server: nginx/1.21.0
Content-Type: text/html
Location: https://media5.orientaldaily.com.my/storage/resize_cache/images/uploads/news-cover/2023/MAR_2023/20230308/1fe4e2f98a907735bd0f58a6483f80472.jpg/fb454e0d98ab95657052b14f6e7c3685.jpg
Cache-Control: max-age=315360000
Connection: keep-alive
Content-Length: 169
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2

200

18ddc098e32a86dcbf7cd9f082a5b8aa.jpg
media5.orientaldaily.com.my/storage/resize_cache/images/uploads/news-cover/2023/MAR_2023/20230308/guanbi.jpg/
Redirect Chain

https://www.orientaldaily.com.my/storage/resize_cache/images/uploads/news-cover/2023/MAR_2023/20230308/guanbi.jpg/18ddc098e32a86dcbf7cd9f082a5b8aa.jpg
https://media5.orientaldaily.com.my/storage/resize_cache/images/uploads/news-cover/2023/MAR_2023/20230308/guanbi.jpg/18ddc098e32a86dcbf7cd9f082a5b8aa.jpg

19 KB
20 KB

23ms
0ms

Image
image/webp

138.199.36.10
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media5.orientaldaily.com.my/storage/resize_cache/images/uploads/news-cover/2023/MAR_2023/20230308/guanbi.jpg/18ddc098e32a86dcbf7cd9f082a5b8aa.jpg
Requested by: Host: www.orientaldaily.com.my
URL: https://www.orientaldaily.com.my/
Protocol: H2
Server: 138.199.36.10 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: 138-199-36-10.bunnyinfra.net
Software: BunnyCDN-DE1-1053 /
Resource Hash: 9d56b13c3e0c91100b3277dad620c49d679fef63897d800fc31f23c3c56b5209

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.orientaldaily.com.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 03:34:33 GMT
x-downloadsize: 24280
cdn-edgestorageid: 864
x-bo-processingtime: 1
cdn-cachedat: 03/08/2023 11:43:44
cdn-pullzone: 33990
content-length: 19648
x-bo-server: DE-138
last-modified: Wed, 08 Mar 2023 11:43:44 GMT
server: BunnyCDN-DE1-1053
cdn-proxyver: 1.03
cdn-requestpullcode: 200
x-bo-origindownloadtime: 332
content-type: image/webp
cdn-cache: HIT
cdn-uid: 2c51b53b-2200-4208-b6d0-be336defacc5
cache-control: public, max-age=2592000
x-bo-compressionratio: 19.08%
cdn-requestid: 78dfa31acdd9543aacf012cddf63196c
cdn-requestcountrycode: DE
link: <https://boron.orientaldaily.com.my/storage/resize_cache/images/uploads/news-cover/2023/MAR_2023/20230308/guanbi.jpg/18ddc098e32a86dcbf7cd9f082a5b8aa.jpg>; rel="canonical"
cdn-status: 200
cdn-requestpullsuccess: True

Redirect headers

Date: Thu, 09 Mar 2023 03:34:32 GMT
Server: nginx/1.21.0
Content-Type: text/html
Location: https://media5.orientaldaily.com.my/storage/resize_cache/images/uploads/news-cover/2023/MAR_2023/20230308/guanbi.jpg/18ddc098e32a86dcbf7cd9f082a5b8aa.jpg
Cache-Control: max-age=315360000
Connection: keep-alive
Content-Length: 169
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2

200

ec5ebb3e625512a6b802a2a90da68c08.jpg
media5.orientaldaily.com.my/storage/resize_cache/images/uploads/news-cover/2023/MAR_2023/20230308/hajiji.jpg/
Redirect Chain

https://www.orientaldaily.com.my/storage/resize_cache/images/uploads/news-cover/2023/MAR_2023/20230308/hajiji.jpg/ec5ebb3e625512a6b802a2a90da68c08.jpg
https://media5.orientaldaily.com.my/storage/resize_cache/images/uploads/news-cover/2023/MAR_2023/20230308/hajiji.jpg/ec5ebb3e625512a6b802a2a90da68c08.jpg

24 KB
25 KB

8ms
7ms

Image
image/webp

138.199.36.10
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media5.orientaldaily.com.my/storage/resize_cache/images/uploads/news-cover/2023/MAR_2023/20230308/hajiji.jpg/ec5ebb3e625512a6b802a2a90da68c08.jpg
Requested by: Host: www.orientaldaily.com.my
URL: https://www.orientaldaily.com.my/
Protocol: H2
Server: 138.199.36.10 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: 138-199-36-10.bunnyinfra.net
Software: BunnyCDN-DE1-1053 /
Resource Hash: 23b277bc8c27d92af3a14a18a70a71e3001e710b9aa9e7c87861e83e2295a5ff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.orientaldaily.com.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 03:34:33 GMT
x-downloadsize: 29173
cdn-edgestorageid: 1081
x-bo-processingtime: 3
cdn-cachedat: 03/08/2023 10:55:42
cdn-pullzone: 33990
content-length: 24664
x-bo-server: ASB-205
last-modified: Wed, 08 Mar 2023 10:55:41 GMT
server: BunnyCDN-DE1-1053
cdn-proxyver: 1.03
cdn-requestpullcode: 200
x-bo-origindownloadtime: 456
content-type: image/webp
cdn-cache: HIT
cdn-uid: 2c51b53b-2200-4208-b6d0-be336defacc5
cache-control: public, max-age=2592000
x-bo-compressionratio: 15.46%
cdn-requestid: 1c073f47b69aa58401924159cbb93c33
cdn-requestcountrycode: DE
link: <https://boron.orientaldaily.com.my/storage/resize_cache/images/uploads/news-cover/2023/MAR_2023/20230308/hajiji.jpg/ec5ebb3e625512a6b802a2a90da68c08.jpg>; rel="canonical"
cdn-status: 200
cdn-requestpullsuccess: True

Redirect headers

Date: Thu, 09 Mar 2023 03:34:33 GMT
Server: nginx/1.21.0
Content-Type: text/html
Location: https://media5.orientaldaily.com.my/storage/resize_cache/images/uploads/news-cover/2023/MAR_2023/20230308/hajiji.jpg/ec5ebb3e625512a6b802a2a90da68c08.jpg
Cache-Control: max-age=315360000
Connection: keep-alive
Content-Length: 169
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2

200

4e9c255435790c8aa456eb130531a4a5.jpg
media5.orientaldaily.com.my/storage/resize_cache/images/uploads/news-cover/2023/MAR_2023/20230308/bomba.jpg/
Redirect Chain

https://www.orientaldaily.com.my/storage/resize_cache/images/uploads/news-cover/2023/MAR_2023/20230308/bomba.jpg/4e9c255435790c8aa456eb130531a4a5.jpg
https://media5.orientaldaily.com.my/storage/resize_cache/images/uploads/news-cover/2023/MAR_2023/20230308/bomba.jpg/4e9c255435790c8aa456eb130531a4a5.jpg

15 KB
16 KB

9ms
8ms

Image
image/webp

138.199.36.10
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media5.orientaldaily.com.my/storage/resize_cache/images/uploads/news-cover/2023/MAR_2023/20230308/bomba.jpg/4e9c255435790c8aa456eb130531a4a5.jpg
Requested by: Host: www.orientaldaily.com.my
URL: https://www.orientaldaily.com.my/
Protocol: H2
Server: 138.199.36.10 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: 138-199-36-10.bunnyinfra.net
Software: BunnyCDN-DE1-1053 /
Resource Hash: 577130d074247ee5fa90eb49b8bb0165e0d2c6404dadcfc1feba832abeb3007d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.orientaldaily.com.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 03:34:33 GMT
x-downloadsize: 21280
cdn-edgestorageid: 1047
x-bo-processingtime: 1
cdn-cachedat: 03/08/2023 10:42:09
cdn-pullzone: 33990
content-length: 15322
x-bo-server: DE-152
last-modified: Wed, 08 Mar 2023 10:42:09 GMT
server: BunnyCDN-DE1-1053
cdn-proxyver: 1.03
cdn-requestpullcode: 200
x-bo-origindownloadtime: 332
content-type: image/webp
cdn-cache: HIT
cdn-uid: 2c51b53b-2200-4208-b6d0-be336defacc5
cache-control: public, max-age=2592000
x-bo-compressionratio: 28%
cdn-requestid: e770e1f9efa6f6ee49b4a66825dea3f2
cdn-requestcountrycode: DE
link: <https://boron.orientaldaily.com.my/storage/resize_cache/images/uploads/news-cover/2023/MAR_2023/20230308/bomba.jpg/4e9c255435790c8aa456eb130531a4a5.jpg>; rel="canonical"
cdn-status: 200
cdn-requestpullsuccess: True

Redirect headers

Date: Thu, 09 Mar 2023 03:34:33 GMT
Server: nginx/1.21.0
Content-Type: text/html
Location: https://media5.orientaldaily.com.my/storage/resize_cache/images/uploads/news-cover/2023/MAR_2023/20230308/bomba.jpg/4e9c255435790c8aa456eb130531a4a5.jpg
Cache-Control: max-age=315360000
Connection: keep-alive
Content-Length: 169
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2

200

4c597e49ebb0551b7b03b100949fb5a1.jpg
media5.orientaldaily.com.my/storage/resize_cache/images/uploads/news-cover/2023/MAR_2023/20230308/rahmah.jpg/
Redirect Chain

https://www.orientaldaily.com.my/storage/resize_cache/images/uploads/news-cover/2023/MAR_2023/20230308/rahmah.jpg/4c597e49ebb0551b7b03b100949fb5a1.jpg
https://media5.orientaldaily.com.my/storage/resize_cache/images/uploads/news-cover/2023/MAR_2023/20230308/rahmah.jpg/4c597e49ebb0551b7b03b100949fb5a1.jpg

28 KB
29 KB

11ms
10ms

Image
image/webp

138.199.36.10
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media5.orientaldaily.com.my/storage/resize_cache/images/uploads/news-cover/2023/MAR_2023/20230308/rahmah.jpg/4c597e49ebb0551b7b03b100949fb5a1.jpg
Requested by: Host: www.orientaldaily.com.my
URL: https://www.orientaldaily.com.my/
Protocol: H2
Server: 138.199.36.10 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: 138-199-36-10.bunnyinfra.net
Software: BunnyCDN-DE1-1053 /
Resource Hash: 9bfdf999bad057a0d27798c1d00d6021403c420b6047e2e4808495642c354cab

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.orientaldaily.com.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 03:34:33 GMT
x-downloadsize: 34151
cdn-edgestorageid: 1049
x-bo-processingtime: 1
cdn-cachedat: 03/08/2023 10:42:09
cdn-pullzone: 33990
content-length: 28858
x-bo-server: DE-136
last-modified: Wed, 08 Mar 2023 10:42:09 GMT
server: BunnyCDN-DE1-1053
cdn-proxyver: 1.03
cdn-requestpullcode: 200
x-bo-origindownloadtime: 332
content-type: image/webp
cdn-cache: HIT
cdn-uid: 2c51b53b-2200-4208-b6d0-be336defacc5
cache-control: public, max-age=2592000
x-bo-compressionratio: 15.5%
cdn-requestid: b49b2ab7828bd7f04fdcbe7c21040cb1
cdn-requestcountrycode: DE
link: <https://boron.orientaldaily.com.my/storage/resize_cache/images/uploads/news-cover/2023/MAR_2023/20230308/rahmah.jpg/4c597e49ebb0551b7b03b100949fb5a1.jpg>; rel="canonical"
cdn-status: 200
cdn-requestpullsuccess: True

Redirect headers

Date: Thu, 09 Mar 2023 03:34:33 GMT
Server: nginx/1.21.0
Content-Type: text/html
Location: https://media5.orientaldaily.com.my/storage/resize_cache/images/uploads/news-cover/2023/MAR_2023/20230308/rahmah.jpg/4c597e49ebb0551b7b03b100949fb5a1.jpg
Cache-Control: max-age=315360000
Connection: keep-alive
Content-Length: 169
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2

200

24d3024181d02a197c59972e59db9ca3.jpg
media5.orientaldaily.com.my/storage/resize_cache/images/uploads/news-cover/2023/MAR_2023/20230308/20230308bp01.jpg/
Redirect Chain

https://www.orientaldaily.com.my/storage/resize_cache/images/uploads/news-cover/2023/MAR_2023/20230308/20230308bp01.jpg/24d3024181d02a197c59972e59db9ca3.jpg
https://media5.orientaldaily.com.my/storage/resize_cache/images/uploads/news-cover/2023/MAR_2023/20230308/20230308bp01.jpg/24d3024181d02a197c59972e59db9ca3.jpg

26 KB
27 KB

12ms
11ms

Image
image/webp

138.199.36.10
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media5.orientaldaily.com.my/storage/resize_cache/images/uploads/news-cover/2023/MAR_2023/20230308/20230308bp01.jpg/24d3024181d02a197c59972e59db9ca3.jpg
Requested by: Host: www.orientaldaily.com.my
URL: https://www.orientaldaily.com.my/
Protocol: H2
Server: 138.199.36.10 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: 138-199-36-10.bunnyinfra.net
Software: BunnyCDN-DE1-1053 /
Resource Hash: 410ba263ed64181ca505f0bad1ef0cd4c1ebdb33dd6e89a661b426ccbc622c24

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.orientaldaily.com.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 03:34:33 GMT
x-downloadsize: 30861
cdn-edgestorageid: 863
x-bo-processingtime: 2
cdn-cachedat: 03/08/2023 10:42:11
cdn-pullzone: 33990
content-length: 26566
x-bo-server: ASB-192
last-modified: Wed, 08 Mar 2023 10:42:10 GMT
server: BunnyCDN-DE1-1053
cdn-proxyver: 1.03
cdn-requestpullcode: 200
x-bo-origindownloadtime: 918
content-type: image/webp
cdn-cache: HIT
cdn-uid: 2c51b53b-2200-4208-b6d0-be336defacc5
cache-control: public, max-age=2592000
x-bo-compressionratio: 13.92%
cdn-requestid: 7c8ca7317c86692d3b6cc07a77a7b376
cdn-requestcountrycode: DE
link: <https://boron.orientaldaily.com.my/storage/resize_cache/images/uploads/news-cover/2023/MAR_2023/20230308/20230308bp01.jpg/24d3024181d02a197c59972e59db9ca3.jpg>; rel="canonical"
cdn-status: 200
cdn-requestpullsuccess: True

Redirect headers

Date: Thu, 09 Mar 2023 03:34:33 GMT
Server: nginx/1.21.0
Content-Type: text/html
Location: https://media5.orientaldaily.com.my/storage/resize_cache/images/uploads/news-cover/2023/MAR_2023/20230308/20230308bp01.jpg/24d3024181d02a197c59972e59db9ca3.jpg
Cache-Control: max-age=315360000
Connection: keep-alive
Content-Length: 169
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2

200

c67196ba55c8d7fbe0c87fcde0e86544.jpg
media5.orientaldaily.com.my/storage/resize_cache/images/uploads/news-cover/2023/MAR_2023/20230308/20230308klg01.jpg/
Redirect Chain

https://www.orientaldaily.com.my/storage/resize_cache/images/uploads/news-cover/2023/MAR_2023/20230308/20230308klg01.jpg/c67196ba55c8d7fbe0c87fcde0e86544.jpg
https://media5.orientaldaily.com.my/storage/resize_cache/images/uploads/news-cover/2023/MAR_2023/20230308/20230308klg01.jpg/c67196ba55c8d7fbe0c87fcde0e86544.jpg

25 KB
26 KB

13ms
12ms

Image
image/webp

138.199.36.10
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media5.orientaldaily.com.my/storage/resize_cache/images/uploads/news-cover/2023/MAR_2023/20230308/20230308klg01.jpg/c67196ba55c8d7fbe0c87fcde0e86544.jpg
Requested by: Host: www.orientaldaily.com.my
URL: https://www.orientaldaily.com.my/
Protocol: H2
Server: 138.199.36.10 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: 138-199-36-10.bunnyinfra.net
Software: BunnyCDN-DE1-1053 /
Resource Hash: 1faa10261a09b68a1f55ae0f8c1d77f5fcc540afa02590ea4e32f6de4f935801

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.orientaldaily.com.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 03:34:33 GMT
x-downloadsize: 30850
cdn-edgestorageid: 755
x-bo-processingtime: 2
cdn-cachedat: 03/08/2023 09:08:39
cdn-pullzone: 33990
content-length: 25746
x-bo-server: ASB-196
last-modified: Wed, 08 Mar 2023 09:08:38 GMT
server: BunnyCDN-DE1-1053
cdn-proxyver: 1.03
cdn-requestpullcode: 200
x-bo-origindownloadtime: 470
content-type: image/webp
cdn-cache: HIT
cdn-uid: 2c51b53b-2200-4208-b6d0-be336defacc5
cache-control: public, max-age=2592000
x-bo-compressionratio: 16.54%
cdn-requestid: 8d3605220d1abdaeca69ca8f8fcce8f8
cdn-requestcountrycode: DE
link: <https://boron.orientaldaily.com.my/storage/resize_cache/images/uploads/news-cover/2023/MAR_2023/20230308/20230308klg01.jpg/c67196ba55c8d7fbe0c87fcde0e86544.jpg>; rel="canonical"
cdn-status: 200
cdn-requestpullsuccess: True

Redirect headers

Date: Thu, 09 Mar 2023 03:34:33 GMT
Server: nginx/1.21.0
Content-Type: text/html
Location: https://media5.orientaldaily.com.my/storage/resize_cache/images/uploads/news-cover/2023/MAR_2023/20230308/20230308klg01.jpg/c67196ba55c8d7fbe0c87fcde0e86544.jpg
Cache-Control: max-age=315360000
Connection: keep-alive
Content-Length: 169
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2

200

acd1d696986d00a1f02cd69d76330044.jpeg
media5.orientaldaily.com.my/storage/resize_cache/images/uploads/news-cover/2023/MAR_2023/20230309/batch_WhatsApp_Image_2023-03-09_at_11.02.47_AM.jpeg/
Redirect Chain

https://www.orientaldaily.com.my/storage/resize_cache/images/uploads/news-cover/2023/MAR_2023/20230309/batch_WhatsApp_Image_2023-03-09_at_11.02.47_AM.jpeg/acd1d696986d00a1f02cd69d76330044.jpeg
https://media5.orientaldaily.com.my/storage/resize_cache/images/uploads/news-cover/2023/MAR_2023/20230309/batch_WhatsApp_Image_2023-03-09_at_11.02.47_AM.jpeg/acd1d696986d00a1f02cd69d76330044.jpeg

14 KB
15 KB

14ms
14ms

Image
image/webp

138.199.36.10
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media5.orientaldaily.com.my/storage/resize_cache/images/uploads/news-cover/2023/MAR_2023/20230309/batch_WhatsApp_Image_2023-03-09_at_11.02.47_AM.jpeg/acd1d696986d00a1f02cd69d76330044.jpeg
Requested by: Host: www.orientaldaily.com.my
URL: https://www.orientaldaily.com.my/
Protocol: H2
Server: 138.199.36.10 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: 138-199-36-10.bunnyinfra.net
Software: BunnyCDN-DE1-1053 /
Resource Hash: 695dd27eb1e48273adc484bd6097a2963531dc3b2f61980d03e4c1b3c40c7e4e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.orientaldaily.com.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 03:34:33 GMT
x-downloadsize: 20780
cdn-edgestorageid: 1054
x-bo-processingtime: 1
cdn-cachedat: 03/09/2023 03:14:36
cdn-pullzone: 33990
content-length: 14686
x-bo-server: DE-137
last-modified: Thu, 09 Mar 2023 03:14:35 GMT
server: BunnyCDN-DE1-1053
cdn-proxyver: 1.03
cdn-requestpullcode: 200
x-bo-origindownloadtime: 332
content-type: image/webp
cdn-cache: HIT
cdn-uid: 2c51b53b-2200-4208-b6d0-be336defacc5
cache-control: public, max-age=2592000
x-bo-compressionratio: 29.33%
cdn-requestid: a880db64ef48fd16c9e9ba0804b91691
cdn-requestcountrycode: DE
link: <https://boron.orientaldaily.com.my/storage/resize_cache/images/uploads/news-cover/2023/MAR_2023/20230309/batch_WhatsApp_Image_2023-03-09_at_11.02.47_AM.jpeg/acd1d696986d00a1f02cd69d76330044.jpeg>; rel="canonical"
cdn-status: 200
cdn-requestpullsuccess: True

Redirect headers

Date: Thu, 09 Mar 2023 03:34:33 GMT
Server: nginx/1.21.0
Content-Type: text/html
Location: https://media5.orientaldaily.com.my/storage/resize_cache/images/uploads/news-cover/2023/MAR_2023/20230309/batch_WhatsApp_Image_2023-03-09_at_11.02.47_AM.jpeg/acd1d696986d00a1f02cd69d76330044.jpeg
Cache-Control: max-age=315360000
Connection: keep-alive
Content-Length: 169
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2

200

538341cd8add47c40f609564e0585a77.jpeg
media5.orientaldaily.com.my/storage/resize_cache/images/uploads/news-cover/2023/MAR_2023/20230309/WhatsApp_Image_2023-03-09_at_10.41.54_AM.jpeg/
Redirect Chain

https://www.orientaldaily.com.my/storage/resize_cache/images/uploads/news-cover/2023/MAR_2023/20230309/WhatsApp_Image_2023-03-09_at_10.41.54_AM.jpeg/538341cd8add47c40f609564e0585a77.jpeg
https://media5.orientaldaily.com.my/storage/resize_cache/images/uploads/news-cover/2023/MAR_2023/20230309/WhatsApp_Image_2023-03-09_at_10.41.54_AM.jpeg/538341cd8add47c40f609564e0585a77.jpeg

24 KB
25 KB

8ms
7ms

Image
image/webp

138.199.36.10
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media5.orientaldaily.com.my/storage/resize_cache/images/uploads/news-cover/2023/MAR_2023/20230309/WhatsApp_Image_2023-03-09_at_10.41.54_AM.jpeg/538341cd8add47c40f609564e0585a77.jpeg
Requested by: Host: www.orientaldaily.com.my
URL: https://www.orientaldaily.com.my/
Protocol: H2
Server: 138.199.36.10 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: 138-199-36-10.bunnyinfra.net
Software: BunnyCDN-DE1-1053 /
Resource Hash: 18032b241f713e5267c39ed23b783497b52d9d50a8dc8fff0bfe2b2cd4af01b6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.orientaldaily.com.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 03:34:33 GMT
x-downloadsize: 30666
cdn-edgestorageid: 1081
x-bo-processingtime: 1
cdn-cachedat: 03/09/2023 03:14:36
cdn-pullzone: 33990
content-length: 24972
x-bo-server: DE-152
last-modified: Thu, 09 Mar 2023 03:14:35 GMT
server: BunnyCDN-DE1-1053
cdn-proxyver: 1.03
cdn-requestpullcode: 200
x-bo-origindownloadtime: 332
content-type: image/webp
cdn-cache: HIT
cdn-uid: 2c51b53b-2200-4208-b6d0-be336defacc5
cache-control: public, max-age=2592000
x-bo-compressionratio: 18.57%
cdn-requestid: d3874d9aa8e6bbce852fa1bf9e1101cb
cdn-requestcountrycode: DE
link: <https://boron.orientaldaily.com.my/storage/resize_cache/images/uploads/news-cover/2023/MAR_2023/20230309/WhatsApp_Image_2023-03-09_at_10.41.54_AM.jpeg/538341cd8add47c40f609564e0585a77.jpeg>; rel="canonical"
cdn-status: 200
cdn-requestpullsuccess: True

Redirect headers

Date: Thu, 09 Mar 2023 03:34:33 GMT
Server: nginx/1.21.0
Content-Type: text/html
Location: https://media5.orientaldaily.com.my/storage/resize_cache/images/uploads/news-cover/2023/MAR_2023/20230309/WhatsApp_Image_2023-03-09_at_10.41.54_AM.jpeg/538341cd8add47c40f609564e0585a77.jpeg
Cache-Control: max-age=315360000
Connection: keep-alive
Content-Length: 169
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2

200

a0f72d45a1d6a06443673db207e9b776.jpg
media5.orientaldaily.com.my/storage/resize_cache/images/uploads/news-cover/2023/MAR_2023/20230309/97696.jpg/
Redirect Chain

https://www.orientaldaily.com.my/storage/resize_cache/images/uploads/news-cover/2023/MAR_2023/20230309/97696.jpg/a0f72d45a1d6a06443673db207e9b776.jpg
https://media5.orientaldaily.com.my/storage/resize_cache/images/uploads/news-cover/2023/MAR_2023/20230309/97696.jpg/a0f72d45a1d6a06443673db207e9b776.jpg

19 KB
20 KB

11ms
10ms

Image
image/webp

138.199.36.10
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media5.orientaldaily.com.my/storage/resize_cache/images/uploads/news-cover/2023/MAR_2023/20230309/97696.jpg/a0f72d45a1d6a06443673db207e9b776.jpg
Requested by: Host: www.orientaldaily.com.my
URL: https://www.orientaldaily.com.my/
Protocol: H2
Server: 138.199.36.10 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: 138-199-36-10.bunnyinfra.net
Software: BunnyCDN-DE1-1053 /
Resource Hash: d347cc3647009cf73bc98d39539b9feb1bc49ab5b05f9c629d6e835f86add964

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.orientaldaily.com.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 03:34:33 GMT
x-downloadsize: 25513
cdn-edgestorageid: 864
x-bo-processingtime: 1
cdn-cachedat: 03/09/2023 02:51:21
cdn-pullzone: 33990
content-length: 19906
x-bo-server: DE-138
last-modified: Thu, 09 Mar 2023 02:51:21 GMT
server: BunnyCDN-DE1-1053
cdn-proxyver: 1.03
cdn-requestpullcode: 200
x-bo-origindownloadtime: 167
content-type: image/webp
cdn-cache: HIT
cdn-uid: 2c51b53b-2200-4208-b6d0-be336defacc5
cache-control: public, max-age=2592000
x-bo-compressionratio: 21.98%
cdn-requestid: c24acec09f21b04d38e8f5f91af79662
cdn-requestcountrycode: DE
link: <https://boron.orientaldaily.com.my/storage/resize_cache/images/uploads/news-cover/2023/MAR_2023/20230309/97696.jpg/a0f72d45a1d6a06443673db207e9b776.jpg>; rel="canonical"
cdn-status: 200
cdn-requestpullsuccess: True

Redirect headers

Date: Thu, 09 Mar 2023 03:34:33 GMT
Server: nginx/1.21.0
Content-Type: text/html
Location: https://media5.orientaldaily.com.my/storage/resize_cache/images/uploads/news-cover/2023/MAR_2023/20230309/97696.jpg/a0f72d45a1d6a06443673db207e9b776.jpg
Cache-Control: max-age=315360000
Connection: keep-alive
Content-Length: 169
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2

200

273d9e010d84ad6491123f2d02ac5ba8.jpg
media5.orientaldaily.com.my/storage/resize_cache/images/uploads/news-cover/2023/MAR_2023/20230308/she07.jpg/
Redirect Chain

https://www.orientaldaily.com.my/storage/resize_cache/images/uploads/news-cover/2023/MAR_2023/20230308/she07.jpg/273d9e010d84ad6491123f2d02ac5ba8.jpg
https://media5.orientaldaily.com.my/storage/resize_cache/images/uploads/news-cover/2023/MAR_2023/20230308/she07.jpg/273d9e010d84ad6491123f2d02ac5ba8.jpg

14 KB
15 KB

9ms
8ms

Image
image/webp

138.199.36.10
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media5.orientaldaily.com.my/storage/resize_cache/images/uploads/news-cover/2023/MAR_2023/20230308/she07.jpg/273d9e010d84ad6491123f2d02ac5ba8.jpg
Requested by: Host: www.orientaldaily.com.my
URL: https://www.orientaldaily.com.my/
Protocol: H2
Server: 138.199.36.10 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: 138-199-36-10.bunnyinfra.net
Software: BunnyCDN-DE1-1053 /
Resource Hash: 569af2fb04e92b7c002397e2b2d5da15d25775eeb836687e5348f77db14ad5c3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.orientaldaily.com.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 03:34:33 GMT
x-downloadsize: 21721
cdn-edgestorageid: 1075
x-bo-processingtime: 0
cdn-cachedat: 03/08/2023 15:51:44
cdn-pullzone: 33990
content-length: 14802
x-bo-server: LA-215
last-modified: Wed, 08 Mar 2023 15:51:44 GMT
server: BunnyCDN-DE1-1053
cdn-proxyver: 1.03
cdn-requestpullcode: 200
x-bo-origindownloadtime: 354
content-type: image/webp
cdn-cache: HIT
cdn-uid: 2c51b53b-2200-4208-b6d0-be336defacc5
cache-control: public, max-age=2592000
x-bo-compressionratio: 31.85%
cdn-requestid: b9db088e7e4274f6ae8ff0469ef485c6
cdn-requestcountrycode: DE
link: <https://boron.orientaldaily.com.my/storage/resize_cache/images/uploads/news-cover/2023/MAR_2023/20230308/she07.jpg/273d9e010d84ad6491123f2d02ac5ba8.jpg>; rel="canonical"
cdn-status: 200
cdn-requestpullsuccess: True

Redirect headers

Date: Thu, 09 Mar 2023 03:34:33 GMT
Server: nginx/1.21.0
Content-Type: text/html
Location: https://media5.orientaldaily.com.my/storage/resize_cache/images/uploads/news-cover/2023/MAR_2023/20230308/she07.jpg/273d9e010d84ad6491123f2d02ac5ba8.jpg
Cache-Control: max-age=315360000
Connection: keep-alive
Content-Length: 169
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2

200

e71ce87393bb9894fb8519115e409874.jpg
media5.orientaldaily.com.my/storage/resize_cache/images/uploads/news-cover/2023/MAR_2023/20230308/dong05.jpg/
Redirect Chain

https://www.orientaldaily.com.my/storage/resize_cache/images/uploads/news-cover/2023/MAR_2023/20230308/dong05.jpg/e71ce87393bb9894fb8519115e409874.jpg
https://media5.orientaldaily.com.my/storage/resize_cache/images/uploads/news-cover/2023/MAR_2023/20230308/dong05.jpg/e71ce87393bb9894fb8519115e409874.jpg

16 KB
16 KB

8ms
7ms

Image
image/webp

138.199.36.10
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media5.orientaldaily.com.my/storage/resize_cache/images/uploads/news-cover/2023/MAR_2023/20230308/dong05.jpg/e71ce87393bb9894fb8519115e409874.jpg
Requested by: Host: www.orientaldaily.com.my
URL: https://www.orientaldaily.com.my/
Protocol: H2
Server: 138.199.36.10 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: 138-199-36-10.bunnyinfra.net
Software: BunnyCDN-DE1-1053 /
Resource Hash: 7ea7c6d62af4ce5ef418ea31d7bfd4b938eb254ab9088501ac030638abc8447a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.orientaldaily.com.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 03:34:33 GMT
x-downloadsize: 22559
cdn-edgestorageid: 1075
x-bo-processingtime: 1
cdn-cachedat: 03/08/2023 15:51:45
cdn-pullzone: 33990
content-length: 16158
x-bo-server: ASB-209
last-modified: Wed, 08 Mar 2023 15:51:44 GMT
server: BunnyCDN-DE1-1053
cdn-proxyver: 1.03
cdn-requestpullcode: 200
x-bo-origindownloadtime: 447
content-type: image/webp
cdn-cache: HIT
cdn-uid: 2c51b53b-2200-4208-b6d0-be336defacc5
cache-control: public, max-age=2592000
x-bo-compressionratio: 28.37%
cdn-requestid: 775749b90662590800bba229383e4dfa
cdn-requestcountrycode: DE
link: <https://boron.orientaldaily.com.my/storage/resize_cache/images/uploads/news-cover/2023/MAR_2023/20230308/dong05.jpg/e71ce87393bb9894fb8519115e409874.jpg>; rel="canonical"
cdn-status: 200
cdn-requestpullsuccess: True

Redirect headers

Date: Thu, 09 Mar 2023 03:34:33 GMT
Server: nginx/1.21.0
Content-Type: text/html
Location: https://media5.orientaldaily.com.my/storage/resize_cache/images/uploads/news-cover/2023/MAR_2023/20230308/dong05.jpg/e71ce87393bb9894fb8519115e409874.jpg
Cache-Control: max-age=315360000
Connection: keep-alive
Content-Length: 169
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2

200

ad2ef6dce3d2254b7b3a960a7b4ec562.jpg
media5.orientaldaily.com.my/storage/resize_cache/images/uploads/news-cover/2023/MAR_2023/20230308/yoon3.jpg/
Redirect Chain

https://www.orientaldaily.com.my/storage/resize_cache/images/uploads/news-cover/2023/MAR_2023/20230308/yoon3.jpg/ad2ef6dce3d2254b7b3a960a7b4ec562.jpg
https://media5.orientaldaily.com.my/storage/resize_cache/images/uploads/news-cover/2023/MAR_2023/20230308/yoon3.jpg/ad2ef6dce3d2254b7b3a960a7b4ec562.jpg

12 KB
13 KB

10ms
8ms

Image
image/webp

138.199.36.10
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media5.orientaldaily.com.my/storage/resize_cache/images/uploads/news-cover/2023/MAR_2023/20230308/yoon3.jpg/ad2ef6dce3d2254b7b3a960a7b4ec562.jpg
Requested by: Host: www.orientaldaily.com.my
URL: https://www.orientaldaily.com.my/
Protocol: H2
Server: 138.199.36.10 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: 138-199-36-10.bunnyinfra.net
Software: BunnyCDN-DE1-1053 /
Resource Hash: 56105503a9c39b872ec3615e9d946bea910cc8bcf22f30f9ae7ca5f2955ca60c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.orientaldaily.com.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 03:34:33 GMT
x-downloadsize: 18500
cdn-edgestorageid: 1078
x-bo-processingtime: 1
cdn-cachedat: 03/08/2023 12:47:52
cdn-pullzone: 33990
content-length: 12548
x-bo-server: DE-225
last-modified: Wed, 08 Mar 2023 12:47:52 GMT
server: BunnyCDN-DE1-1053
cdn-proxyver: 1.03
cdn-requestpullcode: 200
x-bo-origindownloadtime: 171
content-type: image/webp
cdn-cache: HIT
cdn-uid: 2c51b53b-2200-4208-b6d0-be336defacc5
cache-control: public, max-age=2592000
x-bo-compressionratio: 32.17%
cdn-requestid: 86d9cdd48e7f305e33f80bc58accb0f8
cdn-requestcountrycode: DE
link: <https://boron.orientaldaily.com.my/storage/resize_cache/images/uploads/news-cover/2023/MAR_2023/20230308/yoon3.jpg/ad2ef6dce3d2254b7b3a960a7b4ec562.jpg>; rel="canonical"
cdn-status: 200
cdn-requestpullsuccess: True

Redirect headers

Date: Thu, 09 Mar 2023 03:34:33 GMT
Server: nginx/1.21.0
Content-Type: text/html
Location: https://media5.orientaldaily.com.my/storage/resize_cache/images/uploads/news-cover/2023/MAR_2023/20230308/yoon3.jpg/ad2ef6dce3d2254b7b3a960a7b4ec562.jpg
Cache-Control: max-age=315360000
Connection: keep-alive
Content-Length: 169
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2

200

7fb61144a32946254d5024db76a556dc.jpg
media5.orientaldaily.com.my/storage/resize_cache/images/uploads/news-cover/2023/MAR_2023/20230308/Mandy_c.jpg/
Redirect Chain

https://www.orientaldaily.com.my/storage/resize_cache/images/uploads/news-cover/2023/MAR_2023/20230308/Mandy_c.jpg/7fb61144a32946254d5024db76a556dc.jpg
https://media5.orientaldaily.com.my/storage/resize_cache/images/uploads/news-cover/2023/MAR_2023/20230308/Mandy_c.jpg/7fb61144a32946254d5024db76a556dc.jpg

14 KB
14 KB

10ms
9ms

Image
image/webp

138.199.36.10
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media5.orientaldaily.com.my/storage/resize_cache/images/uploads/news-cover/2023/MAR_2023/20230308/Mandy_c.jpg/7fb61144a32946254d5024db76a556dc.jpg
Requested by: Host: www.orientaldaily.com.my
URL: https://www.orientaldaily.com.my/
Protocol: H2
Server: 138.199.36.10 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: 138-199-36-10.bunnyinfra.net
Software: BunnyCDN-DE1-1053 /
Resource Hash: 5d1151d3a01727a6594099d6bc5812752b1346fdda5e787ae3f641d96666988c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.orientaldaily.com.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 03:34:33 GMT
x-downloadsize: 19852
cdn-edgestorageid: 1081
x-bo-processingtime: 0
cdn-cachedat: 03/08/2023 10:48:45
cdn-pullzone: 33990
content-length: 13868
x-bo-server: DE-95
last-modified: Wed, 08 Mar 2023 10:48:44 GMT
server: BunnyCDN-DE1-1053
cdn-proxyver: 1.03
cdn-requestpullcode: 200
x-bo-origindownloadtime: 671
content-type: image/webp
cdn-cache: HIT
cdn-uid: 2c51b53b-2200-4208-b6d0-be336defacc5
cache-control: public, max-age=2592000
x-bo-compressionratio: 30.14%
cdn-requestid: d41a4c976e8ee149fc6db1776841752f
cdn-requestcountrycode: DE
link: <https://boron.orientaldaily.com.my/storage/resize_cache/images/uploads/news-cover/2023/MAR_2023/20230308/Mandy_c.jpg/7fb61144a32946254d5024db76a556dc.jpg>; rel="canonical"
cdn-status: 200
cdn-requestpullsuccess: True

Redirect headers

Date: Thu, 09 Mar 2023 03:34:33 GMT
Server: nginx/1.21.0
Content-Type: text/html
Location: https://media5.orientaldaily.com.my/storage/resize_cache/images/uploads/news-cover/2023/MAR_2023/20230308/Mandy_c.jpg/7fb61144a32946254d5024db76a556dc.jpg
Cache-Control: max-age=315360000
Connection: keep-alive
Content-Length: 169
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2

200

c7d613fdee265442f419bc50a4de70ef.jpeg
media5.orientaldaily.com.my/storage/resize_cache/images/uploads/news-cover/2023/MAR_2023/20230309/WhatsApp_Image_2023-03-09_at_10.36.53_AM.jpeg/
Redirect Chain

https://www.orientaldaily.com.my/storage/resize_cache/images/uploads/news-cover/2023/MAR_2023/20230309/WhatsApp_Image_2023-03-09_at_10.36.53_AM.jpeg/c7d613fdee265442f419bc50a4de70ef.jpeg
https://media5.orientaldaily.com.my/storage/resize_cache/images/uploads/news-cover/2023/MAR_2023/20230309/WhatsApp_Image_2023-03-09_at_10.36.53_AM.jpeg/c7d613fdee265442f419bc50a4de70ef.jpeg

27 KB
27 KB

9ms
8ms

Image
image/webp

138.199.36.10
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media5.orientaldaily.com.my/storage/resize_cache/images/uploads/news-cover/2023/MAR_2023/20230309/WhatsApp_Image_2023-03-09_at_10.36.53_AM.jpeg/c7d613fdee265442f419bc50a4de70ef.jpeg
Requested by: Host: www.orientaldaily.com.my
URL: https://www.orientaldaily.com.my/
Protocol: H2
Server: 138.199.36.10 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: 138-199-36-10.bunnyinfra.net
Software: BunnyCDN-DE1-1053 /
Resource Hash: b13d0b6748792c697e68610ce52a5ba73e3be8c47bf8a391960ce01dd7e9637c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.orientaldaily.com.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 03:34:34 GMT
x-downloadsize: 30985
cdn-edgestorageid: 1047
x-bo-processingtime: 1
cdn-cachedat: 03/09/2023 02:51:13
cdn-pullzone: 33990
content-length: 27328
x-bo-server: DE-187
last-modified: Thu, 09 Mar 2023 02:51:12 GMT
server: BunnyCDN-DE1-1053
cdn-proxyver: 1.03
cdn-requestpullcode: 200
x-bo-origindownloadtime: 334
content-type: image/webp
cdn-cache: HIT
cdn-uid: 2c51b53b-2200-4208-b6d0-be336defacc5
cache-control: public, max-age=2592000
x-bo-compressionratio: 11.8%
cdn-requestid: d7a68b1e88ec82439b7f0356f099343f
cdn-requestcountrycode: DE
link: <https://boron.orientaldaily.com.my/storage/resize_cache/images/uploads/news-cover/2023/MAR_2023/20230309/WhatsApp_Image_2023-03-09_at_10.36.53_AM.jpeg/c7d613fdee265442f419bc50a4de70ef.jpeg>; rel="canonical"
cdn-status: 200
cdn-requestpullsuccess: True

Redirect headers

Date: Thu, 09 Mar 2023 03:34:33 GMT
Server: nginx/1.21.0
Content-Type: text/html
Location: https://media5.orientaldaily.com.my/storage/resize_cache/images/uploads/news-cover/2023/MAR_2023/20230309/WhatsApp_Image_2023-03-09_at_10.36.53_AM.jpeg/c7d613fdee265442f419bc50a4de70ef.jpeg
Cache-Control: max-age=315360000
Connection: keep-alive
Content-Length: 169
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2

200

3677023ef8b3919d9e86c8a2b15a5a3f.jpg
media5.orientaldaily.com.my/storage/resize_cache/images/uploads/news-cover/2023/MAR_2023/20230309/BNM.jpg/
Redirect Chain

https://www.orientaldaily.com.my/storage/resize_cache/images/uploads/news-cover/2023/MAR_2023/20230309/BNM.jpg/3677023ef8b3919d9e86c8a2b15a5a3f.jpg
https://media5.orientaldaily.com.my/storage/resize_cache/images/uploads/news-cover/2023/MAR_2023/20230309/BNM.jpg/3677023ef8b3919d9e86c8a2b15a5a3f.jpg

15 KB
16 KB

19ms
6ms

Image
image/webp

138.199.36.10
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media5.orientaldaily.com.my/storage/resize_cache/images/uploads/news-cover/2023/MAR_2023/20230309/BNM.jpg/3677023ef8b3919d9e86c8a2b15a5a3f.jpg
Requested by: Host: www.orientaldaily.com.my
URL: https://www.orientaldaily.com.my/
Protocol: H2
Server: 138.199.36.10 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: 138-199-36-10.bunnyinfra.net
Software: BunnyCDN-DE1-1053 /
Resource Hash: 9722064989ddb79703b9917737347ade9b451517c72829be44267a0e31cd7b65

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.orientaldaily.com.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 03:34:34 GMT
x-downloadsize: 21372
cdn-edgestorageid: 752
x-bo-processingtime: 1
cdn-cachedat: 03/09/2023 03:14:36
cdn-pullzone: 33990
content-length: 15542
x-bo-server: ASB-197
last-modified: Thu, 09 Mar 2023 03:14:35 GMT
server: BunnyCDN-DE1-1053
cdn-proxyver: 1.03
cdn-requestpullcode: 200
x-bo-origindownloadtime: 538
content-type: image/webp
cdn-cache: HIT
cdn-uid: 2c51b53b-2200-4208-b6d0-be336defacc5
cache-control: public, max-age=2592000
x-bo-compressionratio: 27.28%
cdn-requestid: 1912a054cc0b7dbcefe56ad021698923
cdn-requestcountrycode: DE
link: <https://boron.orientaldaily.com.my/storage/resize_cache/images/uploads/news-cover/2023/MAR_2023/20230309/BNM.jpg/3677023ef8b3919d9e86c8a2b15a5a3f.jpg>; rel="canonical"
cdn-status: 200
cdn-requestpullsuccess: True

Redirect headers

Date: Thu, 09 Mar 2023 03:34:33 GMT
Server: nginx/1.21.0
Content-Type: text/html
Location: https://media5.orientaldaily.com.my/storage/resize_cache/images/uploads/news-cover/2023/MAR_2023/20230309/BNM.jpg/3677023ef8b3919d9e86c8a2b15a5a3f.jpg
Cache-Control: max-age=315360000
Connection: keep-alive
Content-Length: 169
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK manifest.js Show response
www.orientaldaily.com.my/assets/js/ 1 KB
2 KB 158ms
158ms Script
application/javascript 124.217.235.40
SHINJIRU-MY-AS-AP...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.orientaldaily.com.my/assets/js/manifest.js?id=227795a4cf81cedbd601
Requested by: Host: www.orientaldaily.com.my
URL: https://www.orientaldaily.com.my/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 124.217.235.40 Johor Bahru, Malaysia, ASN45839 (SHINJIRU-MY-AS-AP Shinjiru Technology Sdn Bhd, MY),
Reverse DNS: server1.kamon.la
Software: nginx/1.21.0 /
Resource Hash: 453d30e6feab35156983d8f88c293ebcc88740572e4aca5ef9cb25d5ca7f3262

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.orientaldaily.com.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date: Thu, 09 Mar 2023 03:34:31 GMT
Via: 1.1 varnish (Varnish/6.5)
Age: 74
X-Cache: HIT
Connection: keep-alive
Content-Length: 1450
Last-Modified: Tue, 06 Sep 2022 12:33:06 GMT
Server: nginx/1.21.0
ETag: "63173e02-5aa"
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: application/javascript
X-Varnish: 704118905 669943527
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length,Content-Range
Cache-Control: public
Accept-Ranges: bytes
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
X-Cache-Hits: 475

GET
H/1.1 200
OK vendor.js Show response
www.orientaldaily.com.my/assets/js/ 205 KB
206 KB 154ms
154ms Script
application/javascript 124.217.235.40
SHINJIRU-MY-AS-AP...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.orientaldaily.com.my/assets/js/vendor.js?id=55e20089987d5a7e89ad
Requested by: Host: www.orientaldaily.com.my
URL: https://www.orientaldaily.com.my/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 124.217.235.40 Johor Bahru, Malaysia, ASN45839 (SHINJIRU-MY-AS-AP Shinjiru Technology Sdn Bhd, MY),
Reverse DNS: server1.kamon.la
Software: nginx/1.21.0 /
Resource Hash: 4785f439c8c88370dbc1999303d5f4f0a310d1997a5893ae94798b568e99675b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.orientaldaily.com.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date: Thu, 09 Mar 2023 03:34:31 GMT
Via: 1.1 varnish (Varnish/6.5)
Age: 73
X-Cache: HIT
Connection: keep-alive
Content-Length: 209922
Last-Modified: Tue, 06 Sep 2022 12:33:06 GMT
Server: nginx/1.21.0
ETag: "63173e02-33402"
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: application/javascript
X-Varnish: 755961311 832078989
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length,Content-Range
Cache-Control: public
Accept-Ranges: bytes
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
X-Cache-Hits: 542

GET
H/1.1 200
OK app.js Show response
www.orientaldaily.com.my/assets/js/ 8 KB
9 KB 765ms
159ms Script
application/javascript 124.217.235.40
SHINJIRU-MY-AS-AP...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.orientaldaily.com.my/assets/js/app.js?id=717e201635f1bfbfe7d3
Requested by: Host: www.orientaldaily.com.my
URL: https://www.orientaldaily.com.my/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 124.217.235.40 Johor Bahru, Malaysia, ASN45839 (SHINJIRU-MY-AS-AP Shinjiru Technology Sdn Bhd, MY),
Reverse DNS: server1.kamon.la
Software: nginx/1.21.0 /
Resource Hash: 417cf94ea9a5b2675b5ed19b12da1145aab87ec27aeb4ee9f6c304bf1216c9c2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.orientaldaily.com.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date: Thu, 09 Mar 2023 03:34:32 GMT
Via: 1.1 varnish (Varnish/6.5)
Age: 74
X-Cache: HIT
Connection: keep-alive
Content-Length: 8624
Last-Modified: Tue, 06 Sep 2022 12:33:06 GMT
Server: nginx/1.21.0
ETag: "63173e02-21b0"
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: application/javascript
X-Varnish: 764513099 764512848
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length,Content-Range
Cache-Control: public
Accept-Ranges: bytes
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
X-Cache-Hits: 504

GET
H2 200 css
fonts.googleapis.com/ 2 KB
928 B 193ms
76ms Stylesheet
text/css 2a00:1450:400d:80e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Nunito

Requested by

Host: media5.orientaldaily.com.my
URL: https://media5.orientaldaily.com.my/assets/css/app.css?id=172e03ec463b163fe1a0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80e::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

003ab203aa11cb3ff3da2225f34413d8b77842d2b4597f4b9349d67dab7a0a0d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://media5.orientaldaily.com.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 09 Mar 2023 03:34:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 09 Mar 2023 03:31:45 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 09 Mar 2023 03:34:31 GMT

GET
H2 200 / Show response
ssfpc.orientaldaily.com.my/am/1972/fpid/ 0
472 B 1443ms
1353ms XHR
text/plain 2001:4860:4802:32::15
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://ssfpc.orientaldaily.com.my/am/1972/fpid/
Requested by: Host: anymind360.com
URL: https://anymind360.com/js/1972/ats.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::15 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Google Frontend /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.orientaldaily.com.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 03:34:32 GMT
server: Google Frontend
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: text/plain; charset=utf-8
access-control-allow-origin: https://www.orientaldaily.com.my
x-cloud-trace-context: 984314d1b002ba2d7a417832b282cb95
cache-control: private
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, accept, origin, Cache-Control, X-Requested-With
content-length: 0
expires: Thu, 09 Mar 2023 03:34:32 GMT

GET
H2 404 pwt.js
ads.pubmatic.com/AdServer/js/pwt/990468/8969/ 0
0 1422ms
516ms Script
text/html 2.18.36.193
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/pwt/990468/8969/pwt.js
Requested by: Host: anymind360.com
URL: https://anymind360.com/js/1972/ats.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.36.193 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-36-193.deploy.static.akamaitechnologies.com
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.orientaldaily.com.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 140 KB
53 KB 931ms
45ms Script
application/javascript 2a00:1450:4001:82f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-5CLJZ2K

Requested by

Host: www.orientaldaily.com.my
URL: https://www.orientaldaily.com.my/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

581750a192eb7583673a7927b1c6317b7310afe103a4907aedd904ca5e8ea7c1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.orientaldaily.com.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 03:34:32 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 53957
x-xss-protection: 0
last-modified: Thu, 09 Mar 2023 03:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 09 Mar 2023 03:34:32 GMT

GET
H2 200 beacon.js Show response
sb.scorecardresearch.com/ 4 KB
2 KB 84ms
8ms Script
application/javascript 13.32.99.105
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sb.scorecardresearch.com/beacon.js
Requested by: Host: www.orientaldaily.com.my
URL: https://www.orientaldaily.com.my/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.99.105 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-99-105.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ee54b51af15f1f68f707da981f3c135c249a25e9293871e1e0cbd2c24c7b6117

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.orientaldaily.com.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 00:58:32 GMT
content-encoding: gzip
via: 1.1 68b2682a924ac399aa2724b5b439e75c.cloudfront.net (CloudFront)
last-modified: Tue, 28 Jun 2022 13:19:23 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P3
age: 9359
x-amz-server-side-encryption: AES256
etag: W/"eaf85c1c6758e84acfe134efd70e9373"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=86400
x-amz-cf-id: unW_MHZlz2D2c8QFNlU14lzRPQ6kYCr0COJP_rKu1nPvrXU0YKyNVQ==

GET
H2 200 video.php Show response
www.facebook.com/plugins/ Frame C842 220 KB
58 KB 213ms
150ms Document
text/html 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/plugins/video.php?height=314&href=https%3A%2F%2Fwww.facebook.com%2FOrientalDailyNewsMalaysia%2Fvideos%2F1247106492876856%2F&show_text=false&width=560&t=0

Requested by

Host: www.orientaldaily.com.my
URL: https://www.orientaldaily.com.my/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

42ae6b49f996ca54e77f4b9f29cecb3b614b41723c93866e77d64d13551c643f

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com;font-src data: .gstatic.com .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com .tenor.co media.tenor.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net .giphy.com connect.facebook.net .carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com .whatsapp.net .fb.com .oculuscdn.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com https://.giphy.com data:;frame-src .doubleclick.net .google.com .facebook.com www.googleadservices.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.orientaldaily.com.my/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: private, no-cache, no-store, must-revalidate
content-encoding: br
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-type: text/html; charset="utf-8"
cross-origin-opener-policy: unsafe-none
date: Thu, 09 Mar 2023 03:34:31 GMT
document-policy: force-load-at-top
expires: Sat, 01 Jan 2000 00:00:00 GMT
origin-agent-cluster: ?0
pragma: no-cache
priority: u=3,i
report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
strict-transport-security: max-age=15552000; preload
vary: Accept-Encoding
x-content-type-options: nosniff
x-fb-debug: gWFhLuwOVNSEZPPh6dPwGKURmqHUocB2cf4VfKS8UhaqUIhnaUJdZrl+S6UDWoX0N+XgvMQmUEAYvWR+Ys9dbA==
x-fb-rlafr: 0
x-xss-protection: 0

GET
H2 200 logo-official.png
media5.orientaldaily.com.my/assets/images/ 6 KB
8 KB 7ms
7ms Image
image/webp 138.199.36.10
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media5.orientaldaily.com.my/assets/images/logo-official.png?d075e3a5eda3d0a9e2fabdca6a33dd05
Requested by: Host: media5.orientaldaily.com.my
URL: https://media5.orientaldaily.com.my/assets/css/app.css?id=172e03ec463b163fe1a0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 138.199.36.10 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: 138-199-36-10.bunnyinfra.net
Software: BunnyCDN-DE1-1053 /
Resource Hash: 0d663a8298504aa7d938ea5ce72e27f4e604c153ba1706732b698c1858b7e652

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://media5.orientaldaily.com.my/assets/css/app.css?id=172e03ec463b163fe1a0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

x-downloadsize: 11771
accept-language: en-US, en; q=0.5
sec-fetch-dest: image
cdn-pullzone: 33990
cdn-serverid: 756
cdn-proxyver: 1.03
x-bo-origindownloadtime: 651
content-type: image/webp
cdn-cache: HIT
accept: image/avif, image/webp, */*
cdn-host: media5.orientaldaily.com.my
cache-control: public, max-age=2592000
referer: https://media5.orientaldaily.com.my/assets/css/app.css?id=0c7c94252cabfcc440e9
x-bo-compressionratio: 48.18%
cdn-requestcountrycode: DE
link: <https://boron.orientaldaily.com.my/assets/images/logo-official.png?d075e3a5eda3d0a9e2fabdca6a33dd05>; rel="canonical"
sec-fetch-mode: no-cors
date: Thu, 09 Mar 2023 03:34:31 GMT
via: BunnyCDN
cdn-edgestorageid: 756
x-forwarded-for: 210.10.7.228
x-bo-processingtime: 1
cdn-cachedat: 02/19/2023 00:38:12
cookie: am_FPID=e090476f-ddf3-45cc-bcd3-0778509b0aba; _ga_9ZN17BGY3K=GS1.1.1676765588.2.1.1676767085.0.0.0; _ga=GA1.3.809984109.1676696338; _gid=GA1.3.1599105466.1676696339; _fbp=fb.2.1676696341045.1287746592; __gads=ID=09f3771c6e4d980a-2272229b8ddc0075:T=1676696342:S=ALNI_MaBDPaLG_APmP9MNeAXAWocaQRCFg; __gpi=UID=000009b1d22cfc59:T=1676696342:RT=1676765592:S=ALNI_MZX8otGy4vDz2K3gdiVpvBTO2-Xog; _cc_id=bfbe1f378d7a865653637ebcbad1ddec; panoramaId_expiry=1677301143377; panoramaId=85899f9f48e7b31db25f019591c416d53938f017799cab6e2a5b78e9e1f22c67; cto_bundle=cLpcwl9ZdzdqQzNNUFVQbGhTWDJVelg4bXBEVzBIeVZWdDdCZ1I2eWs1U3pYSjNYemIlMkI1TVZzY3ZwT2ZLRmttZEZ5ZllTRkg2SXBaUUFZbGpPOUo0M3pGb3VDS0ZuT0R3dFNsaDBYWFVleXdFeXlpNXhXMFpLZHZVdGxUMjBjd3U0cG1Ud3BwTGVmSGpmb0RqYWZWYzBQNW9BdyUzRCUzRA; cto_bidid=LlVsPF96NmlXbHlmZG5Bc0Q2UU1Mb0lkeERSYUhKRWpNM2VFWTFYUWxQJTJCMm1IJTJCMjdJeFI1bDhNUEhEJTJGZlNTWHJuRHZjY3VsQXE0VGRGaWl4eHBKd3ZmJTJGeVpHSHNaMmFlYkJXNXdnUGV0eXFnJTJGaW1BNEFHZnlHbjU2cXlVdFNmY0RqTUs; cto_dna_bundle=MPvE7F80M0RITmhlJTJCZkMwOUJGQlhaMUN2czFaejJSYVVvbjVwU2VsOFdGOW5rdWNIVGVpUVdRcjlIaDlIRHVBcTlFcWU; _pubcid=e387f0bc-b624-4347-b96e-0d587d1b67e1; _col_uuid=428fb787-9609-4da6-825c-6105d5ee31e7-h0k8; _gat_UA-21383972-1=1
if-modified-since: Fri, 20 Jan 2023 00:27:04 GMT
cdn-mobiledevice: false
x-forwarded-proto: https
content-length: 6100
cdn-serverzone: DE
x-bo-server: DE-225
last-modified: Sun, 19 Feb 2023 00:38:12 GMT
server: BunnyCDN-DE1-1053
cdn-requestpullcode: 200
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/110.0
cdn-uid: 2c51b53b-2200-4208-b6d0-be336defacc5
cdn-requestid: 26cd8c45ce372e82392a7d63053b3e24
sec-fetch-site: same-origin
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 fontello.woff2
media5.orientaldaily.com.my/assets/fonts/ 11 KB
12 KB 24ms
8ms Font
application/octet-stream 138.199.36.10
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://media5.orientaldaily.com.my/assets/fonts/fontello.woff2?3d346d4ca58d8e2177503c2f69b71f8c
Requested by: Host: media5.orientaldaily.com.my
URL: https://media5.orientaldaily.com.my/assets/css/app.css?id=172e03ec463b163fe1a0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 138.199.36.10 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: 138-199-36-10.bunnyinfra.net
Software: BunnyCDN-DE1-1053 /
Resource Hash: fea25505358a9fb0d38689edd69a01354319a992a2ade513af64420f1a54e231

Request headers

Referer: https://media5.orientaldaily.com.my/assets/css/app.css?id=172e03ec463b163fe1a0
Origin: https://www.orientaldaily.com.my
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 03:34:31 GMT
cdn-edgestorageid: 752
cdn-cachedat: 10/04/2022 16:30:22
cdn-pullzone: 33990
content-length: 11156
last-modified: Thu, 17 Feb 2022 10:15:32 GMT
server: BunnyCDN-DE1-1053
cdn-proxyver: 1.02
cdn-requestpullcode: 206
content-type: application/octet-stream
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: 2c51b53b-2200-4208-b6d0-be336defacc5
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=2592000
cdn-requestid: d51848136657685ea03c533592a171d1
accept-ranges: bytes
cdn-requestcountrycode: DE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
link: <https://boron.orientaldaily.com.my/assets/fonts/fontello.woff2?3d346d4ca58d8e2177503c2f69b71f8c>; rel="canonical"
cdn-requestpullsuccess: True

GET
H2 200 video.php Show response
www.facebook.com/plugins/ Frame A5C6 220 KB
56 KB 205ms
204ms Document
text/html 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/plugins/video.php?height=314&href=https%3A%2F%2Fwww.facebook.com%2FOrientalDailyNewsMalaysia%2Fvideos%2F1247106492876856%2F&show_text=false&width=560&t=0

Requested by

Host: www.orientaldaily.com.my
URL: https://www.orientaldaily.com.my/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

7bf9c9cb00bd532b1ac17fc6babd801383146fd2e97af39bf6c7fbbb5b7f8411

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com;font-src data: .gstatic.com .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com .tenor.co media.tenor.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net .giphy.com connect.facebook.net .carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com .whatsapp.net .fb.com .oculuscdn.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com https://.giphy.com data:;frame-src .doubleclick.net .google.com .facebook.com www.googleadservices.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.orientaldaily.com.my/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: private, no-cache, no-store, must-revalidate
content-encoding: br
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-type: text/html; charset="utf-8"
cross-origin-opener-policy: unsafe-none
date: Thu, 09 Mar 2023 03:34:31 GMT
document-policy: force-load-at-top
expires: Sat, 01 Jan 2000 00:00:00 GMT
origin-agent-cluster: ?0
pragma: no-cache
report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
strict-transport-security: max-age=15552000; preload
vary: Accept-Encoding
x-content-type-options: nosniff
x-fb-debug: CdjksoDqmJoxu+UwztG+212u1e99+DU2f7nNL5SIYB02WhBZW1iQ27aEJ2roYew8Kq3GIYf3E2eNyUc9gCHIaQ==
x-fb-rlafr: 0
x-xss-protection: 0

GET
H2 204 b
sb.scorecardresearch.com/ 0
190 B 9ms
8ms Image
text/plain 13.32.99.105
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b?c1=2&c2=17813110&cs_it=b3&cv=3.8.0.210223&ns__t=1678332871705&ns_c=UTF-8&c7=https%3A%2F%2Fwww.orientaldaily.com.my%2F&c8=%E6%9D%B1%E6%96%B9%E7%B6%B2%20%E9%A6%AC%E4%BE%86%E8%A5%BF%E4%BA%9E%E6%9D%B1%E6%96%B9%E6%97%A5%E5%A0%B1&c9=
Requested by: Host: www.orientaldaily.com.my
URL: https://www.orientaldaily.com.my/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.99.105 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-99-105.fra60.r.cloudfront.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.orientaldaily.com.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 03:34:31 GMT
via: 1.1 68b2682a924ac399aa2724b5b439e75c.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P3
x-amz-cf-id: rBd4TZdFTo8puC3Kknz28YyjMFrbJQuoqxrKITZT_ePt_LZAG0_iOA==
x-cache: Miss from cloudfront

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 80 KB
27 KB 497ms
62ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: anymind360.com
URL: https://anymind360.com/js/1972/ats.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4f0ff945c12d28c62effff8bc09b7ad76aabc037611ced0068d6efe536fc5498

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.orientaldaily.com.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 03:34:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 27465
x-xss-protection: 0
server: sffe
etag: "1505 / 111 of 1000 / last-modified: 1678317114"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Thu, 09 Mar 2023 03:34:32 GMT

GET
H2 200 prebid_2023_2_24_4_58_12.js Show response
anymind360.com/js/1972/ 338 KB
105 KB 7ms
6ms Script
application/javascript 151.101.129.55
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://anymind360.com/js/1972/prebid_2023_2_24_4_58_12.js

Requested by

Host: anymind360.com
URL: https://anymind360.com/js/1972/ats.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.129.55 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

e60ed7ea1dd584fd91b8c3a7288e9b55d10dfbae8f030974087d84dcd914e99a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.orientaldaily.com.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

expires: Fri, 24 Feb 2023 04:58:40 GMT
date: Thu, 09 Mar 2023 03:34:32 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=31557600
age: 1031729
x-guploader-uploadid: ADPycdt8BusovRqepJukEfc9Bl8GD4482QcYQXnLBFm85A_PD-7v93LYJ32ySKGMZcPwSDO5XkVf7KFwKMCXW2v3ckZZWEMWu42Y
x-cache: HIT, HIT
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 107462
x-served-by: cache-tyo11970-TYO, cache-hhn-etou8220020-HHN
last-modified: Fri, 24 Feb 2023 04:58:39 GMT
server: UploadServer
x-timer: S1678332872.096215,VS0,VE0
etag: "a944daf78c34019a04c46ed2dda59feb"
vary: Accept-Encoding
x-goog-generation: 1677214719212809
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
x-goog-hash: crc32c=1LLLCg==, md5=qUTa94w0AZoExG7S3aWf6w==
access-control-expose-headers: Content-Type
cache-control: max-age=31536000, public
x-goog-stored-content-length: 107462
accept-ranges: bytes
x-cache-hits: 50, 6

GET
H2 200 thu5mp64vr8.css
static.xx.fbcdn.net/rsrc.php/v3/ya/l/0,cross/ Frame C842 30 KB
8 KB 65ms
9ms Stylesheet
text/css 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/ya/l/0,cross/thu5mp64vr8.css?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: www.facebook.com
URL: https://www.facebook.com/plugins/video.php?height=314&href=https%3A%2F%2Fwww.facebook.com%2FOrientalDailyNewsMalaysia%2Fvideos%2F1247106492876856%2F&show_text=false&width=560&t=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

71f9b69fc262825e43d17f4db79e52130c11d511b9e568081785fcd75db024f6

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 03:34:32 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: Z1XVW2PffUtgjsBW+G4+ng==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 7325
x-fb-rlafr: 0
x-fb-debug: L0B5izbrCm5PS66Lcrh5f53WuY9gnv/xWUovm8POpQkZeiQLCpmQ/6pHgdJjEPrA/cz460g2/tpCkEQl8BsqTg==
x-fb-trip-id: 686109401
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: text/css; charset=utf-8
access-control-allow-origin: https://www.facebook.com
origin-agent-cluster: ?0
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Fri, 01 Mar 2024 23:20:13 GMT

GET
H2 200 Wb5CWIa4lmf.css
static.xx.fbcdn.net/rsrc.php/v3/yH/l/0,cross/ Frame C842 572 KB
142 KB 71ms
16ms Stylesheet
text/css 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yH/l/0,cross/Wb5CWIa4lmf.css?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

c6a20b56100c4b8c84ebb09390d1296240ee9ccb1fbe64fd927e82f2b63a54a2

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 03:34:32 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: TlN9Uvs7ABoRjkZ7kL869A==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 145519
x-fb-rlafr: 0
x-fb-debug: jSoGQWinCZntUdiMesQWSFlmSdgPGCdqhluHHPHEP7eEZLvjSTWALhCnfH4pgs8dya+9lHiQMpzRu47OouGdmg==
x-fb-trip-id: 686109401
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: text/css; charset=utf-8
access-control-allow-origin: https://www.facebook.com
origin-agent-cluster: ?0
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Fri, 08 Mar 2024 00:17:40 GMT

GET
H2 200 7vpxn5yn4xK.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yn/r/ Frame C842 293 KB
79 KB 96ms
42ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yn/r/7vpxn5yn4xK.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

e1cadf348d4eeeeb5f323d17a00c08f64da022bcd69b8bda096eaf34e06a4906

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 03:34:32 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: s4+IsExiXZRU2I3CoroSqQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 80174
x-fb-rlafr: 0
x-fb-debug: WUeDEJoKX4Gww0ceO9SqrwZm6u0iU/Jc5A5aDUhQwpyoFIY0w2KRx2H9CH2i6xiV5FK+TydsolvwOywqrrEeHQ==
x-fb-trip-id: 686109401
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
origin-agent-cluster: ?0
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
expires: Fri, 08 Mar 2024 00:05:29 GMT

GET
H2 200 1-qO_5q4zgz.js Show response
static.xx.fbcdn.net/rsrc.php/v3ikmW4/yS/l/de_DE/ Frame C842 286 KB
75 KB 99ms
46ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3ikmW4/yS/l/de_DE/1-qO_5q4zgz.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

df2466a7b8017689e5660744681949cd7a0be115ebfe36802be7d76ad8b273ad

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 03:34:32 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: GNdoRNXHow8O6Y4kDcP5rw==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 76643
x-fb-rlafr: 0
x-fb-debug: Qa1/HK3LIGvv1yMtBXe8fipHE6nuTcSjDwfPv6fcLhYRDHek5U1Y0EC5WOKQiqeHC4/I63NVuzWcBOxeebvUFw==
x-fb-trip-id: 686109401
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Fri, 08 Mar 2024 00:39:40 GMT

GET
H2 200 NWqQeo0iGFm.js Show response
static.xx.fbcdn.net/rsrc.php/v3iE_34/y9/l/de_DE/ Frame C842 640 KB
157 KB 95ms
43ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3iE_34/y9/l/de_DE/NWqQeo0iGFm.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

f2e7810ea845d00731c478972aef4555f1e5d42494fc239568f4bc8e48785db7

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 03:34:32 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: ij012tTE7QxtWTKAOMb7Aw==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 159994
x-fb-rlafr: 0
x-fb-debug: tW4Li9HSu6lIA0OL0k8q13tnP5CD/AmJryPyoN8z+u3De6Fj66fFNeTqqQi8sQCGBIBbWy1l7MN/r+JmsOcdpQ==
x-fb-trip-id: 686109401
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Fri, 08 Mar 2024 00:39:40 GMT

GET
H2 200 kVX-Q-qj9fF.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yJ/r/ Frame C842 12 KB
5 KB 94ms
42ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yJ/r/kVX-Q-qj9fF.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

1d6411b506100b3803555638f4f7e0c5c3576c42990b56911c4b3c6ce31c5842

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 03:34:32 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: wFPCW92vS3GQoIkDfja5iw==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 4480
x-fb-rlafr: 0
x-fb-debug: JO1eAOYUjJveQR/9Zs5C9JuTFKWBxh69euN/AMJSRqwOwo3y/G7IZP+DIE8ActeYk0AkIzJVNbK7ruo+z/PTDg==
x-fb-trip-id: 686109401
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Sun, 03 Mar 2024 00:25:59 GMT

GET
H2 200 4UPyB_fNoOt.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yU/r/ Frame C842 2 KB
940 B 96ms
46ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yU/r/4UPyB_fNoOt.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

e117ce508d22eab86014ad62c1fd47df471c2ed678e48591ca318a547b354b6f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 03:34:32 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: yqPq4rlYBqmSgEJZp/5j+A==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 743
x-fb-rlafr: 0
x-fb-debug: AhCXDzVZFtqYkBHmeKYwWbKdRRwxZHHFkLGnWtZ1kbrpyBtDmGrCUVjMPY9sLpwaDIl27IBFH7j4zrRWhcD+EA==
x-fb-trip-id: 686109401
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
origin-agent-cluster: ?0
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Thu, 29 Feb 2024 05:43:00 GMT

GET
H2 200 tQSkwY5dplG.js Show response
static.xx.fbcdn.net/rsrc.php/v3iUWb4/yA/l/de_DE/ Frame C842 70 KB
19 KB 100ms
50ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3iUWb4/yA/l/de_DE/tQSkwY5dplG.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

f1eed60da0364def617ce9ac15226587e135385896e59cc709626dfc9a9c53d9

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 03:34:32 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: WgxUJTQheIgQZNnRL39U6g==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 19593
x-fb-rlafr: 0
x-fb-debug: GxuvL2T7YItnCJCWUEYoLPMZOJvyN63SQ6lgYLt33d/oBPCPtWn8YavpL5jWsAGW+5ya5W9xgnPWWABoplW6uw==
x-fb-trip-id: 686109401
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
expires: Sat, 02 Mar 2024 14:32:07 GMT

GET
H2 200 QLtf78k6DMs.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yI/r/ Frame C842 335 B
347 B 97ms
47ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yI/r/QLtf78k6DMs.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

0660703509222513c21686b7757a50a9df8d5171c4b81505a2ffe90ce9e5b1c2

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 03:34:32 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: fmlwHMP51F/OMr3r9hORog==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 200
x-fb-rlafr: 0
x-fb-debug: zJPJRvOgqhe9P/IG468MSN2t3OPelkbiuaDn7/jhX8zuIzyoVDzgfeBFmmeufs3eZCAABYmCkwLcYFptzs4mcA==
x-fb-trip-id: 686109401
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
origin-agent-cluster: ?0
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Sat, 02 Mar 2024 18:10:31 GMT

GET
H2 200 git3mC1qSZv.js Show response
static.xx.fbcdn.net/rsrc.php/v3/y4/r/ Frame C842 456 KB
103 KB 102ms
52ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/y4/r/git3mC1qSZv.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

f2c751aa74a96faa40eb8ce4c00785ceca874e2dd34fcea8bdc0ac994b073fba

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 03:34:32 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: o9dUZ4f6f/rFKWe7ZZkJXA==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 105418
x-fb-rlafr: 0
x-fb-debug: nCZN+4ZoZ2e1xzAzlIw2JfRvSZmL5BfVJwrv2Q786FzEFbXOwOQG6n7p3097sFCF7Os1x3EWHFFsTptjwBw7uQ==
x-fb-trip-id: 686109401
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
origin-agent-cluster: ?0
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
expires: Fri, 08 Mar 2024 00:17:40 GMT

GET
H2 200 fL0yeWRB1Zn.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yY/r/ Frame C842 12 KB
4 KB 100ms
50ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yY/r/fL0yeWRB1Zn.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

64a0fb9cdda418f4e39f26be0bb9e121ede4af55aee2d3a93947df004db65165

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 03:34:32 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: Fp8Yd3CCBuxo5mu0UFaTCA==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 3868
x-fb-rlafr: 0
x-fb-debug: jEAzXC/PT7lrBVwIDz9bKEni8TzuDwt9JWyPHr8nGzbDz2zdpAYvR0cO1g9QDDrzVtrxKuXuAJdBAzQv+qWBpA==
x-fb-trip-id: 686109401
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
origin-agent-cluster: ?0
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
expires: Sat, 02 Mar 2024 18:10:31 GMT

GET
H2 200 mos2zwGEzeC.js Show response
static.xx.fbcdn.net/rsrc.php/v3/y4/r/ Frame C842 94 KB
25 KB 100ms
51ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/y4/r/mos2zwGEzeC.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

a370b7b3b608858b8aae5e8418503975abee00c4d7f0e90f1d91e7f0cd99c70d

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 03:34:32 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: HbS+VyvrudFGUEIi0qiJjA==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 25715
x-fb-rlafr: 0
x-fb-debug: SqKbMRImJQkIOjDIlPjTtP/1S6m5fx77tsM3EEmyKMOTDb1HLUbpxaIKPBbULoBLLGJlwetIa0q2X3kaOnw4cQ==
x-fb-trip-id: 686109401
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
origin-agent-cluster: ?0
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Fri, 08 Mar 2024 00:17:40 GMT

GET
H2 200 q_VCbSngdSR.js Show response
static.xx.fbcdn.net/rsrc.php/v3iqhx4/y5/l/de_DE/ Frame C842 639 KB
142 KB 102ms
53ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3iqhx4/y5/l/de_DE/q_VCbSngdSR.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

74ed65704f5330002f4c611da5e971c6b0cdbce6c0b41696d026ffb590b7762b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 03:34:32 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: /9js2fef5aem7eE8SujXkQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 145116
x-fb-rlafr: 0
x-fb-debug: mDGC6r9adFuBIiqguU9SvoqsNbAUZ9m+3G/sFZRfxxdqsTTUpuwUEi7TbFFyuKC6vInmNNjX2V8EMaKdRGdOQA==
x-fb-trip-id: 686109401
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
expires: Fri, 08 Mar 2024 00:39:40 GMT

GET
H2 200 334921711_1247124062875099_1480527061843566103_n.jpg
scontent-lhr8-1.xx.fbcdn.net/v/t15.5256-10/ Frame C842 37 KB
37 KB 385ms
294ms Image
image/jpeg 2a03:2880:f058:f:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://scontent-lhr8-1.xx.fbcdn.net/v/t15.5256-10/334921711_1247124062875099_1480527061843566103_n.jpg?stp=dst-jpg_s851x315&_nc_cat=106&ccb=1-7&_nc_sid=08861d&_nc_ohc=F-yZXBMv3iIAX8mkalx&_nc_ht=scontent-lhr8-1.xx&edm=AGo2L-IEAAAA&oh=00_AfCvLrh5cUd76p1rswj6hDPVKSiTJywno0s4DdcOYcJ_sQ&oe=640D617C
Requested by: Host: www.facebook.com
URL: https://www.facebook.com/plugins/video.php?height=314&href=https%3A%2F%2Fwww.facebook.com%2FOrientalDailyNewsMalaysia%2Fvideos%2F1247106492876856%2F&show_text=false&width=560&t=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a03:2880:f058:f:face:b00c:0:3 London, United Kingdom, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: cb6c68a18b558a3fc9fc32afd02ae989ef6fcc2410287f3d239704de9da7bf0f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

x-haystack-needlechecksum: 902931189
date: Thu, 09 Mar 2023 03:34:33 GMT
content-digest: adler32=1873947992
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 37493
x-fb-trip-id: 1679558926
x-storage-error-category: dfs:none;hs_p:200:HS_ESUCCESS
last-modified: Thu, 09 Mar 2023 03:33:58 GMT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=1209600, no-transform
x-fb-edge-debug: oXRTwuHC1iBgEp_W6oECTbuE2afFnRRhXBFrZ8He7vMN4Y1BDERkbeeBv9_3bL6daN5MuJvEsFC7XUYEU0bjxTntwAXlRJ8juYf_IStJzMk
x-needle-checksum: 544188598
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 12524014_1054913491236204_778352620248941913_n.jpg
scontent.frba2-1.fna.fbcdn.net/v/t1.18169-1/ Frame C842 2 KB
2 KB 318ms
57ms Image
image/jpeg 2001:4288:301:1:face:b00c:0:a7
IAM-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://scontent.frba2-1.fna.fbcdn.net/v/t1.18169-1/12524014_1054913491236204_778352620248941913_n.jpg?stp=cp0_dst-jpg_p40x40&_nc_cat=1&ccb=1-7&_nc_sid=dbb9e7&_nc_ohc=4O3A7p9cuuUAX91bj6e&_nc_ht=scontent.frba2-1.fna&edm=AGo2L-IEAAAA&oh=00_AfBocU6zKz_BAgLYzXR11xixvOcrvctKrxfF5kKsicPK0A&oe=6430ABF9
Requested by: Host: www.facebook.com
URL: https://www.facebook.com/plugins/video.php?height=314&href=https%3A%2F%2Fwww.facebook.com%2FOrientalDailyNewsMalaysia%2Fvideos%2F1247106492876856%2F&show_text=false&width=560&t=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4288:301:1:face:b00c:0:a7 , Morocco, ASN6713 (IAM-AS, MA),
Reverse DNS
Software: /
Resource Hash: cffebf8649452a952e130a76308527dfec9740ffd3273096be06649f28392358

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

x-haystack-needlechecksum: 2152374004
date: Thu, 09 Mar 2023 03:34:33 GMT
x-storage-error-category: dfs:none;hs_p:200:HS_ESUCCESS
last-modified: Wed, 13 Jan 2016 04:54:33 GMT
content-type: image/jpeg
access-control-allow-origin: *
content-digest: adler32=1947333124
cache-control: max-age=1209600, no-transform
cross-origin-resource-policy: cross-origin
x-needle-checksum: 2455694812
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=86400
content-length: 1544

GET
H2 200 thu5mp64vr8.css
static.xx.fbcdn.net/rsrc.php/v3/ya/l/0,cross/ Frame A5C6 30 KB
7 KB 77ms
44ms Stylesheet
text/css 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/ya/l/0,cross/thu5mp64vr8.css?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

71f9b69fc262825e43d17f4db79e52130c11d511b9e568081785fcd75db024f6

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 03:34:32 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: Z1XVW2PffUtgjsBW+G4+ng==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 7325
x-fb-rlafr: 0
x-fb-debug: L0B5izbrCm5PS66Lcrh5f53WuY9gnv/xWUovm8POpQkZeiQLCpmQ/6pHgdJjEPrA/cz460g2/tpCkEQl8BsqTg==
x-fb-trip-id: 686109401
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: text/css; charset=utf-8
access-control-allow-origin: https://www.facebook.com
origin-agent-cluster: ?0
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Fri, 01 Mar 2024 23:20:13 GMT

GET
H2 200 Wb5CWIa4lmf.css
static.xx.fbcdn.net/rsrc.php/v3/yH/l/0,cross/ Frame A5C6 572 KB
142 KB 79ms
45ms Stylesheet
text/css 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yH/l/0,cross/Wb5CWIa4lmf.css?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

c6a20b56100c4b8c84ebb09390d1296240ee9ccb1fbe64fd927e82f2b63a54a2

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 03:34:32 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: TlN9Uvs7ABoRjkZ7kL869A==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 145519
x-fb-rlafr: 0
x-fb-debug: jSoGQWinCZntUdiMesQWSFlmSdgPGCdqhluHHPHEP7eEZLvjSTWALhCnfH4pgs8dya+9lHiQMpzRu47OouGdmg==
x-fb-trip-id: 686109401
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: text/css; charset=utf-8
access-control-allow-origin: https://www.facebook.com
origin-agent-cluster: ?0
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Fri, 08 Mar 2024 00:17:40 GMT

GET
H2 200 7vpxn5yn4xK.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yn/r/ Frame A5C6 293 KB
78 KB 82ms
49ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yn/r/7vpxn5yn4xK.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

e1cadf348d4eeeeb5f323d17a00c08f64da022bcd69b8bda096eaf34e06a4906

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 03:34:32 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: s4+IsExiXZRU2I3CoroSqQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 80174
x-fb-rlafr: 0
x-fb-debug: WUeDEJoKX4Gww0ceO9SqrwZm6u0iU/Jc5A5aDUhQwpyoFIY0w2KRx2H9CH2i6xiV5FK+TydsolvwOywqrrEeHQ==
x-fb-trip-id: 686109401
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
origin-agent-cluster: ?0
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
expires: Fri, 08 Mar 2024 00:05:29 GMT

GET
H2 200 1-qO_5q4zgz.js Show response
static.xx.fbcdn.net/rsrc.php/v3ikmW4/yS/l/de_DE/ Frame A5C6 286 KB
75 KB 86ms
53ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3ikmW4/yS/l/de_DE/1-qO_5q4zgz.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

df2466a7b8017689e5660744681949cd7a0be115ebfe36802be7d76ad8b273ad

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 03:34:32 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: GNdoRNXHow8O6Y4kDcP5rw==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 76643
x-fb-rlafr: 0
x-fb-debug: Qa1/HK3LIGvv1yMtBXe8fipHE6nuTcSjDwfPv6fcLhYRDHek5U1Y0EC5WOKQiqeHC4/I63NVuzWcBOxeebvUFw==
x-fb-trip-id: 686109401
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Fri, 08 Mar 2024 00:39:40 GMT

GET
H2 200 NWqQeo0iGFm.js Show response
static.xx.fbcdn.net/rsrc.php/v3iE_34/y9/l/de_DE/ Frame A5C6 640 KB
156 KB 85ms
52ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3iE_34/y9/l/de_DE/NWqQeo0iGFm.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

f2e7810ea845d00731c478972aef4555f1e5d42494fc239568f4bc8e48785db7

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 03:34:32 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: ij012tTE7QxtWTKAOMb7Aw==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 159994
x-fb-rlafr: 0
x-fb-debug: tW4Li9HSu6lIA0OL0k8q13tnP5CD/AmJryPyoN8z+u3De6Fj66fFNeTqqQi8sQCGBIBbWy1l7MN/r+JmsOcdpQ==
x-fb-trip-id: 686109401
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Fri, 08 Mar 2024 00:39:40 GMT

GET
H2 200 kVX-Q-qj9fF.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yJ/r/ Frame A5C6 12 KB
5 KB 81ms
48ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yJ/r/kVX-Q-qj9fF.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

1d6411b506100b3803555638f4f7e0c5c3576c42990b56911c4b3c6ce31c5842

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 03:34:32 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: wFPCW92vS3GQoIkDfja5iw==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 4480
x-fb-rlafr: 0
x-fb-debug: JO1eAOYUjJveQR/9Zs5C9JuTFKWBxh69euN/AMJSRqwOwo3y/G7IZP+DIE8ActeYk0AkIzJVNbK7ruo+z/PTDg==
x-fb-trip-id: 686109401
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Sun, 03 Mar 2024 00:25:59 GMT

GET
H2 200 4UPyB_fNoOt.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yU/r/ Frame A5C6 2 KB
894 B 79ms
46ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yU/r/4UPyB_fNoOt.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

e117ce508d22eab86014ad62c1fd47df471c2ed678e48591ca318a547b354b6f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 03:34:32 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: yqPq4rlYBqmSgEJZp/5j+A==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 743
x-fb-rlafr: 0
x-fb-debug: AhCXDzVZFtqYkBHmeKYwWbKdRRwxZHHFkLGnWtZ1kbrpyBtDmGrCUVjMPY9sLpwaDIl27IBFH7j4zrRWhcD+EA==
x-fb-trip-id: 686109401
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
origin-agent-cluster: ?0
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Thu, 29 Feb 2024 05:43:00 GMT

GET
H2 200 tQSkwY5dplG.js Show response
static.xx.fbcdn.net/rsrc.php/v3iUWb4/yA/l/de_DE/ Frame A5C6 70 KB
19 KB 82ms
49ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3iUWb4/yA/l/de_DE/tQSkwY5dplG.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

f1eed60da0364def617ce9ac15226587e135385896e59cc709626dfc9a9c53d9

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 03:34:32 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: WgxUJTQheIgQZNnRL39U6g==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 19593
x-fb-rlafr: 0
x-fb-debug: GxuvL2T7YItnCJCWUEYoLPMZOJvyN63SQ6lgYLt33d/oBPCPtWn8YavpL5jWsAGW+5ya5W9xgnPWWABoplW6uw==
x-fb-trip-id: 686109401
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
expires: Sat, 02 Mar 2024 14:32:07 GMT

GET
H2 200 QLtf78k6DMs.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yI/r/ Frame A5C6 335 B
391 B 79ms
47ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yI/r/QLtf78k6DMs.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

0660703509222513c21686b7757a50a9df8d5171c4b81505a2ffe90ce9e5b1c2

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 03:34:32 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: fmlwHMP51F/OMr3r9hORog==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 200
x-fb-rlafr: 0
x-fb-debug: zJPJRvOgqhe9P/IG468MSN2t3OPelkbiuaDn7/jhX8zuIzyoVDzgfeBFmmeufs3eZCAABYmCkwLcYFptzs4mcA==
x-fb-trip-id: 686109401
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
origin-agent-cluster: ?0
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Sat, 02 Mar 2024 18:10:31 GMT

GET
H2 200 git3mC1qSZv.js Show response
static.xx.fbcdn.net/rsrc.php/v3/y4/r/ Frame A5C6 456 KB
103 KB 83ms
51ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/y4/r/git3mC1qSZv.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

f2c751aa74a96faa40eb8ce4c00785ceca874e2dd34fcea8bdc0ac994b073fba

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 03:34:32 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: o9dUZ4f6f/rFKWe7ZZkJXA==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 105418
x-fb-rlafr: 0
x-fb-debug: nCZN+4ZoZ2e1xzAzlIw2JfRvSZmL5BfVJwrv2Q786FzEFbXOwOQG6n7p3097sFCF7Os1x3EWHFFsTptjwBw7uQ==
x-fb-trip-id: 686109401
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
origin-agent-cluster: ?0
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
expires: Fri, 08 Mar 2024 00:17:40 GMT

GET
H2 200 fL0yeWRB1Zn.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yY/r/ Frame A5C6 12 KB
4 KB 80ms
48ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yY/r/fL0yeWRB1Zn.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

64a0fb9cdda418f4e39f26be0bb9e121ede4af55aee2d3a93947df004db65165

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 03:34:32 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: Fp8Yd3CCBuxo5mu0UFaTCA==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 3868
x-fb-rlafr: 0
x-fb-debug: jEAzXC/PT7lrBVwIDz9bKEni8TzuDwt9JWyPHr8nGzbDz2zdpAYvR0cO1g9QDDrzVtrxKuXuAJdBAzQv+qWBpA==
x-fb-trip-id: 686109401
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
origin-agent-cluster: ?0
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
expires: Sat, 02 Mar 2024 18:10:31 GMT

GET
H2 200 mos2zwGEzeC.js Show response
static.xx.fbcdn.net/rsrc.php/v3/y4/r/ Frame A5C6 94 KB
25 KB 81ms
49ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/y4/r/mos2zwGEzeC.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

a370b7b3b608858b8aae5e8418503975abee00c4d7f0e90f1d91e7f0cd99c70d

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 03:34:32 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: HbS+VyvrudFGUEIi0qiJjA==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 25715
x-fb-rlafr: 0
x-fb-debug: SqKbMRImJQkIOjDIlPjTtP/1S6m5fx77tsM3EEmyKMOTDb1HLUbpxaIKPBbULoBLLGJlwetIa0q2X3kaOnw4cQ==
x-fb-trip-id: 686109401
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
origin-agent-cluster: ?0
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Fri, 08 Mar 2024 00:17:40 GMT

GET
H2 200 q_VCbSngdSR.js Show response
static.xx.fbcdn.net/rsrc.php/v3iqhx4/y5/l/de_DE/ Frame A5C6 639 KB
142 KB 84ms
52ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3iqhx4/y5/l/de_DE/q_VCbSngdSR.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

74ed65704f5330002f4c611da5e971c6b0cdbce6c0b41696d026ffb590b7762b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 03:34:32 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: /9js2fef5aem7eE8SujXkQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 145116
x-fb-rlafr: 0
x-fb-debug: mDGC6r9adFuBIiqguU9SvoqsNbAUZ9m+3G/sFZRfxxdqsTTUpuwUEi7TbFFyuKC6vInmNNjX2V8EMaKdRGdOQA==
x-fb-trip-id: 686109401
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
expires: Fri, 08 Mar 2024 00:39:40 GMT

GET
H2 200 334921711_1247124062875099_1480527061843566103_n.jpg
scontent-lhr8-1.xx.fbcdn.net/v/t15.5256-10/ Frame A5C6 37 KB
37 KB 398ms
321ms Image
image/jpeg 2a03:2880:f058:f:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://scontent-lhr8-1.xx.fbcdn.net/v/t15.5256-10/334921711_1247124062875099_1480527061843566103_n.jpg?stp=dst-jpg_s851x315&_nc_cat=106&ccb=1-7&_nc_sid=08861d&_nc_ohc=F-yZXBMv3iIAX8mkalx&_nc_ht=scontent-lhr8-1.xx&edm=AGo2L-IEAAAA&oh=00_AfCvLrh5cUd76p1rswj6hDPVKSiTJywno0s4DdcOYcJ_sQ&oe=640D617C
Requested by: Host: www.facebook.com
URL: https://www.facebook.com/plugins/video.php?height=314&href=https%3A%2F%2Fwww.facebook.com%2FOrientalDailyNewsMalaysia%2Fvideos%2F1247106492876856%2F&show_text=false&width=560&t=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a03:2880:f058:f:face:b00c:0:3 London, United Kingdom, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: cb6c68a18b558a3fc9fc32afd02ae989ef6fcc2410287f3d239704de9da7bf0f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

x-haystack-needlechecksum: 902931189
date: Thu, 09 Mar 2023 03:34:33 GMT
x-fb-trip-id: 1679558926
x-storage-error-category: dfs:none;hs_p:200:HS_ESUCCESS
last-modified: Thu, 09 Mar 2023 03:33:58 GMT
content-type: image/jpeg
access-control-allow-origin: *
content-digest: adler32=1873947992
cache-control: max-age=1209600, no-transform
cross-origin-resource-policy: cross-origin
x-needle-checksum: 544188598
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=86400
content-length: 37493

GET
H2 200 12524014_1054913491236204_778352620248941913_n.jpg
scontent.frba2-1.fna.fbcdn.net/v/t1.18169-1/ Frame A5C6 2 KB
2 KB 315ms
55ms Image
image/jpeg 2001:4288:301:1:face:b00c:0:a7
IAM-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://scontent.frba2-1.fna.fbcdn.net/v/t1.18169-1/12524014_1054913491236204_778352620248941913_n.jpg?stp=cp0_dst-jpg_p40x40&_nc_cat=1&ccb=1-7&_nc_sid=dbb9e7&_nc_ohc=4O3A7p9cuuUAX91bj6e&_nc_ht=scontent.frba2-1.fna&edm=AGo2L-IEAAAA&oh=00_AfBocU6zKz_BAgLYzXR11xixvOcrvctKrxfF5kKsicPK0A&oe=6430ABF9
Requested by: Host: www.facebook.com
URL: https://www.facebook.com/plugins/video.php?height=314&href=https%3A%2F%2Fwww.facebook.com%2FOrientalDailyNewsMalaysia%2Fvideos%2F1247106492876856%2F&show_text=false&width=560&t=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4288:301:1:face:b00c:0:a7 , Morocco, ASN6713 (IAM-AS, MA),
Reverse DNS
Software: /
Resource Hash: cffebf8649452a952e130a76308527dfec9740ffd3273096be06649f28392358

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

x-haystack-needlechecksum: 2152374004
date: Thu, 09 Mar 2023 03:34:33 GMT
x-storage-error-category: dfs:none;hs_p:200:HS_ESUCCESS
last-modified: Wed, 13 Jan 2016 04:54:33 GMT
content-type: image/jpeg
access-control-allow-origin: *
content-digest: adler32=1947333124
cache-control: max-age=1209600, no-transform
cross-origin-resource-policy: cross-origin
x-needle-checksum: 2455694812
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=86400
content-length: 1544

GET
H2 200 latest.json Show response
cdn.jsdelivr.net/gh/prebid/currency-file@1/ 2 KB
1 KB 71ms
6ms XHR
application/json 2a04:4e42:200::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json

Requested by

Host: anymind360.com
URL: https://anymind360.com/js/1972/prebid_2023_2_24_4_58_12.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:200::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

340e79a7efae87309e8b015c70816b6d8b2aaecc5b8d4a17193f8d43bf2a7f63

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.orientaldaily.com.my/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type: text/plain

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Thu, 09 Mar 2023 03:34:32 GMT
x-content-type-options: nosniff
content-encoding: gzip
age: 41625
x-jsd-version: 1.0.1640
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 900
x-served-by: cache-fra-eddf8230103-FRA, cache-hhn-etou8220053-HHN
x-jsd-version-type: version
etag: W/"63d-PeDyOB4Gqgq4huu4pMQX1CxVy2k"
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 628 B
2 KB 273ms
102ms XHR
application/json 2602:803:c004:200::140
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17692&site_id=442972&zone_id=2550326%3B2550320%3B2550318%3B2550344&size_id=15%3B2%3B2%3B55&alt_size_ids=10%2C16%3B221%3B%3B&rp_schain=1.0,1!anymanager.io,A1247,1,,,&rf=https%3A%2F%2Fwww.orientaldaily.com.my%2F&tg_i.pbadslot=odn3-sidebar-halfpage%3Bodn3-story-leaderboard%3Bodn3-story-mrec-1%3Bodn3-sticky&tk_flint=pbjs_lite_v7.26.0&x_source.tid=c9153535-4dc3-4c5c-845d-bb2b635fa643%3B5df48e7c-2c9d-43c2-b60e-53c20bc58ecf%3B352827e8-0843-44d1-9e9a-ea4a33a4e0d9%3Bdd2b4d0f-d366-41e7-a22d-03b4578afdc2&l_pb_bid_id=26c6fa6a825c21%3B3d25cfb14369f9%3B40644d770efabc%3B5acdf1cf18eb53&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F2163006%2Fodn3-sidebar-halfpage%3B%2F2163006%2Fodn3-story-leaderboard%3B%2F2163006%2Fodn3-story-mrec-1%3B%2F2163006%2Fodn3-sticky&slots=4&rand=0.21738157629430388
Requested by: Host: anymind360.com
URL: https://anymind360.com/js/1972/prebid_2023_2_24_4_58_12.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c004:200::140 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: c83a0b4217f54bd24f49a06593826ec49df0d9c81d27d4c6035cf930e4ff74cf

Request headers

Referer: https://www.orientaldaily.com.my/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 09 Mar 2023 03:34:32 GMT
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://www.orientaldaily.com.my
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H2 200 pbjs Show response
htlb.casalemedia.com/openrtb/ 35 B
572 B 192ms
37ms XHR
application/json 104.18.24.185
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://htlb.casalemedia.com/openrtb/pbjs?s=864968
Requested by: Host: anymind360.com
URL: https://anymind360.com/js/1972/prebid_2023_2_24_4_58_12.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.24.185 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7ae58ca4886d3d2e2a14a2ebb2033e57a546cb3cadbb5645e1a03a7c6ec6ddde

Request headers

Referer: https://www.orientaldaily.com.my/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 09 Mar 2023 03:34:32 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VEN34d2AF8oAnE7ahJZekFKuOZipAI%2BFZWa3NGJQ6LVI3v8irgZFAu0u8%2B7yg3itp%2FmXSl58sNRFj3sguXuiyFkCSOZ%2FjVKZAlJQbqEFwh0056PKZh4ZLapwg8ZuLCikyjutRcNs"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: https://www.orientaldaily.com.my
cache-control: no-cache
access-control-allow-credentials: true
cf-ray: 7a504346e8e06937-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 35
expires: 0

POST
H2 200 bid-request Show response
a.teads.tv/hb/ 16 B
399 B 496ms
68ms XHR
application/json 92.123.36.4
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://a.teads.tv/hb/bid-request
Requested by: Host: anymind360.com
URL: https://anymind360.com/js/1972/prebid_2023_2_24_4_58_12.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 92.123.36.4 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a92-123-36-4.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 6a7b0c8bf87b2bd5ca31557f25cf2a6c80f93af72bf68a6085e9b55a87fe908c

Request headers

Referer: https://www.orientaldaily.com.my/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 09 Mar 2023 03:34:33 GMT
content-encoding: gzip
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://www.orientaldaily.com.my
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 42
expires: Thu, 09 Mar 2023 03:34:33 GMT

GET
H2 200 arj Show response
adasia-d.openx.net/w/1.0/ 73 B
385 B 173ms
19ms XHR
application/json 35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://adasia-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fwww.orientaldaily.com.my%2F&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=c9153535-4dc3-4c5c-845d-bb2b635fa643%2C5df48e7c-2c9d-43c2-b60e-53c20bc58ecf%2C352827e8-0843-44d1-9e9a-ea4a33a4e0d9%2Cdd2b4d0f-d366-41e7-a22d-03b4578afdc2&nocache=1678332872625&schain=1.0%2C1!anymanager.io%2CA1247%2C1%2C%2C%2C&aus=300x250%2C300x600%2C336x280%7C728x90%2C1x1%7C728x90%7C970x90&divids=odn3-sidebar-halfpage%2Codn3-story-leaderboard%2Codn3-story-mrec-1%2Codn3-sticky&aucs=odn3-sidebar-halfpage%2Codn3-story-leaderboard%2Codn3-story-mrec-1%2Codn3-sticky&auid=557919950%2C557919947%2C557919946%2C557919951
Requested by: Host: anymind360.com
URL: https://anymind360.com/js/1972/prebid_2023_2_24_4_58_12.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 871469d7db411effa912da2f18a5cf1dc710b40987198fe30f98358f982003e8

Request headers

Referer: https://www.orientaldaily.com.my/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 09 Mar 2023 03:34:32 GMT
content-encoding: gzip
via: 1.1 google
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
content-type: application/json
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://www.orientaldaily.com.my
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 79
expires: Mon, 26 Jul 1997 05:00:00 GMT

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ 0
346 B 439ms
21ms XHR
application/json 185.86.139.59
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: anymind360.com
URL: https://anymind360.com/js/1972/prebid_2023_2_24_4_58_12.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.139.59 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.orientaldaily.com.my/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 09 Mar 2023 03:34:32 GMT
vary: Origin
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.orientaldaily.com.my
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: no-cache,no-store
access-control-allow-credentials: true
content-length: 0

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ 0
346 B 435ms
19ms XHR
application/json 185.86.139.59
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: anymind360.com
URL: https://anymind360.com/js/1972/prebid_2023_2_24_4_58_12.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.139.59 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.orientaldaily.com.my/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 09 Mar 2023 03:34:32 GMT
vary: Origin
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.orientaldaily.com.my
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: no-cache,no-store
access-control-allow-credentials: true
content-length: 0

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ 0
346 B 442ms
26ms XHR
application/json 185.86.139.59
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: anymind360.com
URL: https://anymind360.com/js/1972/prebid_2023_2_24_4_58_12.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.139.59 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.orientaldaily.com.my/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 09 Mar 2023 03:34:32 GMT
vary: Origin
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.orientaldaily.com.my
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: no-cache,no-store
access-control-allow-credentials: true
content-length: 0

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ 0
346 B 440ms
24ms XHR
application/json 185.86.139.59
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: anymind360.com
URL: https://anymind360.com/js/1972/prebid_2023_2_24_4_58_12.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.139.59 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.orientaldaily.com.my/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 09 Mar 2023 03:34:32 GMT
vary: Origin
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.orientaldaily.com.my
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: no-cache,no-store
access-control-allow-credentials: true
content-length: 0

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ 171 B
571 B 447ms
32ms XHR
application/json 185.86.139.59
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: anymind360.com
URL: https://anymind360.com/js/1972/prebid_2023_2_24_4_58_12.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.139.59 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer: https://www.orientaldaily.com.my/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 09 Mar 2023 03:34:33 GMT
content-encoding: br
transfer-encoding: chunked
vary: Accept-Encoding, Origin
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.orientaldaily.com.my
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: no-cache,no-store
access-control-allow-credentials: true

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ 171 B
571 B 443ms
28ms XHR
application/json 185.86.139.59
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: anymind360.com
URL: https://anymind360.com/js/1972/prebid_2023_2_24_4_58_12.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.139.59 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer: https://www.orientaldaily.com.my/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 09 Mar 2023 03:34:32 GMT
content-encoding: br
transfer-encoding: chunked
vary: Accept-Encoding, Origin
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.orientaldaily.com.my
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: no-cache,no-store
access-control-allow-credentials: true

POST
H2 200 auction Show response
tlx.3lift.com/header/ 14 KB
5 KB 336ms
186ms XHR
application/json 52.29.147.93
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://tlx.3lift.com/header/auction?lib=prebid&v=7.26.0&referrer=https%3A%2F%2Fwww.orientaldaily.com.my%2F&tmax=2000

Requested by

Host: anymind360.com
URL: https://anymind360.com/js/1972/prebid_2023_2_24_4_58_12.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.29.147.93 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-29-147-93.eu-central-1.compute.amazonaws.com

Software

Resource Hash

31b61b268350ce1d2af81a84c9d87a8ba9219c145ffb55996d5f3c74401784ca

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.orientaldaily.com.my/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 09 Mar 2023 03:34:32 GMT
content-encoding: gzip
accept-ch: sec-ch-ua-mobile,sec-ch-save-data,sec-ch-device-memory,sec-ch-dpr,sec-ch-ua-full-version,sec-ch-ua-model,sec-ch-ua-platform-version,sec-ch-viewport-width,sec-ch-ua-platform,sec-ch-viewport-height,sec-ch-rtt,sec-ch-ua-arch,sec-ch-ua,sec-ch-ua-bitness,sec-ch-prefers-color-scheme,sec-ch-width,sec-ch-ect,user-agent,sec-ch-downlink
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.orientaldaily.com.my
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 4337
x-xss-protection: 0
expires: Thu, 15 Oct 1992 20:10:00 GMT

POST
H2 200 translator Show response
hbopenbid.pubmatic.com/ 16 KB
4 KB 312ms
106ms XHR
application/json 185.64.189.112
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: anymind360.com
URL: https://anymind360.com/js/1972/prebid_2023_2_24_4_58_12.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: ef68890d8c15ee7a37bc96745558795ca96e84a8088368e49eacccdb06d6b483

Request headers

Referer: https://www.orientaldaily.com.my/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.orientaldaily.com.my
date: Thu, 09 Mar 2023 03:34:32 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
x-openrtb-version: 2.3
content-encoding: gzip
content-type: application/json

POST
H2 200 prebid Show response
prebid.media.net/rtb/ 1 KB
1 KB 218ms
76ms XHR
application/json 34.107.148.139
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.media.net/rtb/prebid?cid=8CU3VM41V
Requested by: Host: anymind360.com
URL: https://anymind360.com/js/1972/prebid_2023_2_24_4_58_12.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.107.148.139 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 139.148.107.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: 063ccb8a4a4095ff5fc0064f252c3a913927b086f133806030a6eb5413d6b289

Request headers

Referer: https://www.orientaldaily.com.my/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 09 Mar 2023 03:34:32 GMT
content-encoding: gzip
via: 1.1 google
server: nginx
accept-ch: Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://www.orientaldaily.com.my
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
alt-svc: clear
expires: Thu, 09 Mar 2023 03:34:32 GMT

GET
H2 200 pubads_impl_2023030701.js Show response
securepubads.g.doubleclick.net/gpt/ 394 KB
133 KB 41ms
40ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023030701.js?cb=31072917

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3fbb7dc619788ae13aec18ac90445854ead7eafa6262fe5bd343485f9be7e49a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.orientaldaily.com.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 08 Mar 2023 14:55:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 45533
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 136160
x-xss-protection: 0
last-modified: Tue, 07 Mar 2023 09:35:40 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Thu, 07 Mar 2024 14:55:39 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 5 KB
729 B 173ms
64ms XHR
application/json 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.orientaldaily.com.my

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

573dea8b5a27df76b56b5d17a872bf655eeadd5d7923111c100dcf4252c428ab

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.orientaldaily.com.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 03:34:33 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 704
x-xss-protection: 0
expires: Thu, 09 Mar 2023 03:34:33 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 220 KB
77 KB 73ms
71ms Script
application/javascript 2a00:1450:4001:82f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-9ZN17BGY3K&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5CLJZ2K

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

7834285adf11edb80b477051d5a8ac79671ba775b4d7d55d99bf0b2e458d72de

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.orientaldaily.com.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 03:34:32 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 78787
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 09 Mar 2023 03:34:32 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 199ms
53ms Script
text/javascript 2a00:1450:400d:80a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5CLJZ2K

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.orientaldaily.com.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 09 Mar 2023 03:17:30 GMT
last-modified: Tue, 10 Jan 2023 21:29:14 GMT
server: Golfe2
age: 1023
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20085
expires: Thu, 09 Mar 2023 05:17:30 GMT

GET
H/1.1 200
OK plugin.min.js Show response
static.dable.io/dist/ 99 KB
37 KB 388ms
23ms Script
application/javascript 23.9.6.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://static.dable.io/dist/plugin.min.js
Requested by: Host: www.orientaldaily.com.my
URL: https://www.orientaldaily.com.my/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.9.6.40 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-9-6-40.deploy.static.akamaitechnologies.com
Software: nginx/1.20.0 /
Resource Hash: 4e6beb658e0ddb9f40e89cfd82670b4432588adcf02c19545645e8177ce5c839

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.orientaldaily.com.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

x-amz-version-id: Lhnza54Ays3afPsTVTX_ggU77UV_pRsq
Content-Encoding: gzip
Date: Thu, 09 Mar 2023 03:34:33 GMT
Last-Modified: Thu, 09 Mar 2023 02:23:46 GMT
Server: nginx/1.20.0
x-amz-request-id: NH9DVMW98XS1AN8P
ETag: "a24711846d06735cee2dc9bc4fff56e8"
x-amz-server-side-encryption: AES256
Vary: Accept-Encoding
Content-Type: application/javascript; charset=utf-8
Cache-Control: public, max-age=82192
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 37283
x-amz-id-2: oTiXWmmT8lwv3t7WbxPHd5oGtDBVKf+/LfJo6uTDghxiGZfHErb8FzbNXF2B+vXWWtoMRL2NC+o=

GET
H2 200 ecdfcc1811f34e74c3bab718dd85239c1f9d5a9f.js Show response
cdn.izooto.com/scripts/ 3 KB
2 KB 132ms
19ms Script
application/javascript 2606:4700::6812:d841
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.izooto.com/scripts/ecdfcc1811f34e74c3bab718dd85239c1f9d5a9f.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5CLJZ2K

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:d841 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

53588c6a09b35e691b55d4cc5f7fc0d5617ef36ff4581d6cce52fca27946cd9f

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.orientaldaily.com.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 03:34:33 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Thu, 02 Feb 2023 10:10:28 GMT
server: cloudflare
age: 316385
etag: W/"63db8c14-cf6"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=1382400
cf-ray: 7a504348cf962c3e-FRA
x-xss-protection: 1; mode=block
expires: Sat, 25 Mar 2023 03:34:33 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 107 KB
28 KB 60ms
9ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.orientaldaily.com.my
URL: https://www.orientaldaily.com.my/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

0fca0294cfaf24a4db0852415eee7bcdea7b9766d59e443fb2d5f0c77eb23363

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.orientaldaily.com.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Thu, 09 Mar 2023 03:34:33 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 27907
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: 2dgkG7r1n92KnCUYudE9Yw52pZORJdcNGikPMroy9HD50yvjGPniXHk/51b8IxW1h0+J4CMHBgpECqqZKuR48Q==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-trip-id: 686109401
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 sharethis.js Show response
platform-api.sharethis.com/js/ 198 KB
45 KB 294ms
17ms Script
text/javascript 18.65.39.48
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://platform-api.sharethis.com/js/sharethis.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5CLJZ2K

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.65.39.48 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-65-39-48.ams1.r.cloudfront.net

Software

Resource Hash

d7a1bdec6b5209de5be156a573409f2f9e30488cca22fb380d2234057c7973f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.orientaldaily.com.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 03:27:23 GMT
content-encoding: gzip
via: 1.1 5de5e66003332bec09dff893114ac06c.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-cf-pop: AMS1-P1
age: 430
etag: W/"3184b-xStZrNgO3eG9+q9l3cRkzPWrPx0"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
edge-control: cache-maxage=60m,downstream-ttl=60m
cache-control: max-age=600, public
x-cache: Hit from cloudfront
x-amz-cf-id: ipOUNRTbHU7KQJRkVYVC0W2xJg2ggnyI9jr9kqDHK04px7ND6072Ug==

GET
H3 200 4HP_OP__z76.png
static.xx.fbcdn.net/rsrc.php/v3/yx/r/ Frame C842 5 KB
5 KB 44ms
12ms Image
image/png 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yx/r/4HP_OP__z76.png

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/ya/l/0,cross/thu5mp64vr8.css?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

bb964c19bca49e038593d4e5ca30c941d6667345c0c55e26a1790becbc0be3f4

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://static.xx.fbcdn.net/rsrc.php/v3/ya/l/0,cross/thu5mp64vr8.css?_nc_x=Ij3Wp8lg5Kz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 03:34:33 GMT
x-content-type-options: nosniff
content-md5: Bxb+8AIwvpVrIOkdxHMztQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 4634
x-fb-rlafr: 0
x-fb-debug: qZ5+KlIl6qUDXhkWchvpNxsJlCCfTnH8AxaRzFH0D5gaHXghz+UhyD3i3X/uRaovgANWcraWt9q87E9J2Obrww==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=1,i
expires: Fri, 01 Mar 2024 23:08:13 GMT

GET
H3 200 vwOUmvzU_7P.png
static.xx.fbcdn.net/rsrc.php/v3/yt/r/ Frame C842 4 KB
4 KB 45ms
12ms Image
image/png 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yt/r/vwOUmvzU_7P.png

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yH/l/0,cross/Wb5CWIa4lmf.css?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

3a4fda7b449ddfa3b11ceb4c715c4c2f042e2cc1949701deb1fb8098d02b9b47

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://static.xx.fbcdn.net/rsrc.php/v3/yH/l/0,cross/Wb5CWIa4lmf.css?_nc_x=Ij3Wp8lg5Kz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 03:34:33 GMT
x-content-type-options: nosniff
content-md5: 9RIU8QDS6FQcM7h01mnrGg==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 4152
x-fb-rlafr: 0
x-fb-debug: FYrAPuUJMvy9ZCKKOlZukNBf1ngteKSottGlPzoqZdHOwRY2gi1IIZbQLByjXAXrVfN4nFLc4zI5mfP4LyyMNA==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
content-type: image/png
access-control-allow-origin: *
origin-agent-cluster: ?0
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Sat, 02 Mar 2024 05:26:24 GMT

GET
H3 200 4HP_OP__z76.png
static.xx.fbcdn.net/rsrc.php/v3/yx/r/ Frame A5C6 5 KB
5 KB 37ms
11ms Image
image/png 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yx/r/4HP_OP__z76.png

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/ya/l/0,cross/thu5mp64vr8.css?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

bb964c19bca49e038593d4e5ca30c941d6667345c0c55e26a1790becbc0be3f4

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://static.xx.fbcdn.net/rsrc.php/v3/ya/l/0,cross/thu5mp64vr8.css?_nc_x=Ij3Wp8lg5Kz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 03:34:33 GMT
x-content-type-options: nosniff
content-md5: Bxb+8AIwvpVrIOkdxHMztQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 4634
x-fb-rlafr: 0
x-fb-debug: qZ5+KlIl6qUDXhkWchvpNxsJlCCfTnH8AxaRzFH0D5gaHXghz+UhyD3i3X/uRaovgANWcraWt9q87E9J2Obrww==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=1,i
expires: Fri, 01 Mar 2024 23:08:13 GMT

GET
H3 200 vwOUmvzU_7P.png
static.xx.fbcdn.net/rsrc.php/v3/yt/r/ Frame A5C6 4 KB
4 KB 36ms
11ms Image
image/png 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yt/r/vwOUmvzU_7P.png

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yH/l/0,cross/Wb5CWIa4lmf.css?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

3a4fda7b449ddfa3b11ceb4c715c4c2f042e2cc1949701deb1fb8098d02b9b47

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://static.xx.fbcdn.net/rsrc.php/v3/yH/l/0,cross/Wb5CWIa4lmf.css?_nc_x=Ij3Wp8lg5Kz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 03:34:33 GMT
x-content-type-options: nosniff
content-md5: 9RIU8QDS6FQcM7h01mnrGg==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 4152
x-fb-rlafr: 0
x-fb-debug: FYrAPuUJMvy9ZCKKOlZukNBf1ngteKSottGlPzoqZdHOwRY2gi1IIZbQLByjXAXrVfN4nFLc4zI5mfP4LyyMNA==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
content-type: image/png
access-control-allow-origin: *
origin-agent-cluster: ?0
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Sat, 02 Mar 2024 05:26:24 GMT

GET
H2 200 12524014_1054913491236204_778352620248941913_n.jpg
scontent.frba2-1.fna.fbcdn.net/v/t1.18169-1/ Frame C842 2 KB
2 KB 79ms
65ms Image
image/jpeg 2001:4288:301:1:face:b00c:0:a7
IAM-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://scontent.frba2-1.fna.fbcdn.net/v/t1.18169-1/12524014_1054913491236204_778352620248941913_n.jpg?stp=cp0_dst-jpg_p40x40&_nc_cat=1&ccb=1-7&_nc_sid=dbb9e7&_nc_ohc=4O3A7p9cuuUAX91bj6e&_nc_ht=scontent.frba2-1.fna&edm=AGo2L-IEAAAA&oh=00_AfBocU6zKz_BAgLYzXR11xixvOcrvctKrxfF5kKsicPK0A&oe=6430ABF9
Requested by: Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yn/r/7vpxn5yn4xK.js?_nc_x=Ij3Wp8lg5Kz
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4288:301:1:face:b00c:0:a7 , Morocco, ASN6713 (IAM-AS, MA),
Reverse DNS
Software: /
Resource Hash: cffebf8649452a952e130a76308527dfec9740ffd3273096be06649f28392358

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

x-haystack-needlechecksum: 2152374004
date: Thu, 09 Mar 2023 03:34:33 GMT
x-storage-error-category: dfs:none;hs_p:200:HS_ESUCCESS
last-modified: Wed, 13 Jan 2016 04:54:33 GMT
content-type: image/jpeg
access-control-allow-origin: *
content-digest: adler32=1947333124
cache-control: max-age=1209600, no-transform
cross-origin-resource-policy: cross-origin
x-needle-checksum: 2455694812
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=86400
content-length: 1544

GET
H2 200 10000000_2771555772978778_5619920907914227032_n.mp4 Show response
video-lhr8-2.xx.fbcdn.net/v/t42.1790-29/ Frame C842 732 B
1 KB 89ms
29ms Fetch
video/mp4 2a03:2880:f058:113:face:b00c:0:1823
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL: https://video-lhr8-2.xx.fbcdn.net/v/t42.1790-29/10000000_2771555772978778_5619920907914227032_n.mp4?_nc_cat=105&ccb=1-7&_nc_sid=5aebc0&efg=eyJ2ZW5jb2RlX3RhZyI6ImRhc2hfbGl2ZV9tZF9mcmFnXzJfdmlkZW8ifQ%3D%3D&_nc_ohc=JZ8prLWYxXMAX9zqyq8&_nc_ht=video-lhr8-2.xx&edm=AGo2L-IEAAAA&oh=00_AfBhPeBKGPJ980W5KDKTYFPk5g_9z5lnoDD5RK-esPQNNA&oe=6409772D&bytestart=0&byteend=731
Requested by: Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3iE_34/y9/l/de_DE/NWqQeo0iGFm.js?_nc_x=Ij3Wp8lg5Kz
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a03:2880:f058:113:face:b00c:0:1823 London, United Kingdom, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: 3772b63eb39dcce11a3014a8d4a94011954d9bef7e3f5e7c17e949b6a9c9295c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 03:34:33 GMT
x-fb-trip-id: 207616858
x-storage-error-category: dfs:none;sc_p:206:WSE_NOT_SET
last-modified: Thu, 09 Mar 2023 03:28:07 GMT
vary: Origin
content-type: video/mp4
access-control-allow-origin: https://www.facebook.com
cache-control: max-age=1209600, no-transform
x-fb-edge-debug: AjzuCrvgVHwDq5Q1RKfHiesqKZR4jVCFZ2Mjm3En5TkIx6CcBsTNoO3se9Gi_GhmSei7mpCFwJqQ415V00u4exr_IJzrpadMxhB7EG5z60I
cross-origin-resource-policy: cross-origin
x-upstream-checksum-algorithm: crc32
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=86400
content-length: 732

GET
H2 200 10000000_2771555772978778_5619920907914227032_n.mp4 Show response
video-lhr8-2.xx.fbcdn.net/v/t42.1790-29/ Frame C842 13 KB
13 KB 93ms
39ms Fetch
video/mp4 2a03:2880:f058:113:face:b00c:0:1823
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL: https://video-lhr8-2.xx.fbcdn.net/v/t42.1790-29/10000000_2771555772978778_5619920907914227032_n.mp4?_nc_cat=105&ccb=1-7&_nc_sid=5aebc0&efg=eyJ2ZW5jb2RlX3RhZyI6ImRhc2hfbGl2ZV9tZF9mcmFnXzJfdmlkZW8ifQ%3D%3D&_nc_ohc=JZ8prLWYxXMAX9zqyq8&_nc_ht=video-lhr8-2.xx&edm=AGo2L-IEAAAA&oh=00_AfBhPeBKGPJ980W5KDKTYFPk5g_9z5lnoDD5RK-esPQNNA&oe=6409772D&bytestart=732&byteend=14335
Requested by: Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3iE_34/y9/l/de_DE/NWqQeo0iGFm.js?_nc_x=Ij3Wp8lg5Kz
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a03:2880:f058:113:face:b00c:0:1823 London, United Kingdom, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: eeee411a6fdc61456f2b5e79970b343b31c34be7b139a0713b24e94d036cb852

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 03:34:33 GMT
x-fb-trip-id: 207616858
x-storage-error-category: dfs:none;sc_p:206:WSE_NOT_SET
last-modified: Thu, 09 Mar 2023 03:28:07 GMT
vary: Origin
content-type: video/mp4
access-control-allow-origin: https://www.facebook.com
cache-control: max-age=1209600, no-transform
cross-origin-resource-policy: cross-origin
x-upstream-checksum-algorithm: crc32
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=86400
content-length: 13604

GET
H2 200 10000000_2771555772978778_5619920907914227032_n.mp4 Show response
video-lhr8-2.xx.fbcdn.net/v/t42.1790-29/ Frame C842 171 KB
171 KB 85ms
33ms Fetch
video/mp4 2a03:2880:f058:113:face:b00c:0:1823
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL: https://video-lhr8-2.xx.fbcdn.net/v/t42.1790-29/10000000_2771555772978778_5619920907914227032_n.mp4?_nc_cat=105&ccb=1-7&_nc_sid=5aebc0&efg=eyJ2ZW5jb2RlX3RhZyI6ImRhc2hfbGl2ZV9tZF9mcmFnXzJfdmlkZW8ifQ%3D%3D&_nc_ohc=JZ8prLWYxXMAX9zqyq8&_nc_ht=video-lhr8-2.xx&edm=AGo2L-IEAAAA&oh=00_AfBhPeBKGPJ980W5KDKTYFPk5g_9z5lnoDD5RK-esPQNNA&oe=6409772D&bytestart=14336&byteend=189315
Requested by: Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3iE_34/y9/l/de_DE/NWqQeo0iGFm.js?_nc_x=Ij3Wp8lg5Kz
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a03:2880:f058:113:face:b00c:0:1823 London, United Kingdom, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: fd2e133a817bc2e4aee6ed34b3684c18a3ce22cfec6cb1aebfa1d9151de1c1f1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 03:34:33 GMT
x-fb-trip-id: 207616858
x-storage-error-category: dfs:none;sc_p:206:WSE_NOT_SET
last-modified: Thu, 09 Mar 2023 03:28:07 GMT
vary: Origin
content-type: video/mp4
access-control-allow-origin: https://www.facebook.com
cache-control: max-age=1209600, no-transform
cross-origin-resource-policy: cross-origin
x-upstream-checksum-algorithm: crc32
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=86400
content-length: 174980

GET
H2 200 10000000_1600936633706790_4061514357092947234_n.mp4 Show response
video-lhr8-1.xx.fbcdn.net/v/t42.1790-29/ Frame C842 694 B
1002 B 70ms
20ms Fetch
video/mp4 2a03:2880:f058:9:face:b00c:0:1823
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL: https://video-lhr8-1.xx.fbcdn.net/v/t42.1790-29/10000000_1600936633706790_4061514357092947234_n.mp4?_nc_cat=107&ccb=1-7&_nc_sid=5aebc0&efg=eyJ2ZW5jb2RlX3RhZyI6ImRhc2hfbGl2ZV9tZF9mcmFnXzJfYXVkaW8ifQ%3D%3D&_nc_ohc=_gwsUAA-o0cAX8Mrj0U&_nc_ht=video-lhr8-1.xx&edm=AGo2L-IEAAAA&oh=00_AfBVvE6hO-T_utdrlG6iFIsxCHhwUEy2YubId63VIktcPg&oe=64097A83&bytestart=0&byteend=693
Requested by: Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3iE_34/y9/l/de_DE/NWqQeo0iGFm.js?_nc_x=Ij3Wp8lg5Kz
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a03:2880:f058:9:face:b00c:0:1823 London, United Kingdom, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: 4d5c4f86aa07a673942105061dc477b7b95f08e7aec749814a20e80e2be9fda3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 03:34:33 GMT
x-fb-trip-id: 207616858
x-storage-error-category: dfs:none;sc_p:206:WSE_NOT_SET
last-modified: Thu, 09 Mar 2023 03:28:05 GMT
vary: Origin
content-type: video/mp4
access-control-allow-origin: https://www.facebook.com
cache-control: max-age=1209600, no-transform
cross-origin-resource-policy: cross-origin
x-upstream-checksum-algorithm: crc32
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=86400
content-length: 694

GET
H2 200 10000000_1600936633706790_4061514357092947234_n.mp4 Show response
video-lhr8-1.xx.fbcdn.net/v/t42.1790-29/ Frame C842 14 KB
14 KB 70ms
20ms Fetch
video/mp4 2a03:2880:f058:9:face:b00c:0:1823
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL: https://video-lhr8-1.xx.fbcdn.net/v/t42.1790-29/10000000_1600936633706790_4061514357092947234_n.mp4?_nc_cat=107&ccb=1-7&_nc_sid=5aebc0&efg=eyJ2ZW5jb2RlX3RhZyI6ImRhc2hfbGl2ZV9tZF9mcmFnXzJfYXVkaW8ifQ%3D%3D&_nc_ohc=_gwsUAA-o0cAX8Mrj0U&_nc_ht=video-lhr8-1.xx&edm=AGo2L-IEAAAA&oh=00_AfBVvE6hO-T_utdrlG6iFIsxCHhwUEy2YubId63VIktcPg&oe=64097A83&bytestart=694&byteend=14957
Requested by: Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3iE_34/y9/l/de_DE/NWqQeo0iGFm.js?_nc_x=Ij3Wp8lg5Kz
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a03:2880:f058:9:face:b00c:0:1823 London, United Kingdom, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: cc3df6946d1b948b6ad4945ddc454682a9653aa30ef0afca256c948cb43d04f4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 03:34:33 GMT
x-fb-trip-id: 207616858
x-storage-error-category: dfs:none;sc_p:206:WSE_NOT_SET
last-modified: Thu, 09 Mar 2023 03:28:05 GMT
vary: Origin
content-type: video/mp4
access-control-allow-origin: https://www.facebook.com
cache-control: max-age=1209600, no-transform
cross-origin-resource-policy: cross-origin
x-upstream-checksum-algorithm: crc32
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=86400
content-length: 14264

GET
H2 200 10000000_1600936633706790_4061514357092947234_n.mp4 Show response
video-lhr8-1.xx.fbcdn.net/v/t42.1790-29/ Frame C842 12 KB
12 KB 69ms
21ms Fetch
video/mp4 2a03:2880:f058:9:face:b00c:0:1823
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL: https://video-lhr8-1.xx.fbcdn.net/v/t42.1790-29/10000000_1600936633706790_4061514357092947234_n.mp4?_nc_cat=107&ccb=1-7&_nc_sid=5aebc0&efg=eyJ2ZW5jb2RlX3RhZyI6ImRhc2hfbGl2ZV9tZF9mcmFnXzJfYXVkaW8ifQ%3D%3D&_nc_ohc=_gwsUAA-o0cAX8Mrj0U&_nc_ht=video-lhr8-1.xx&edm=AGo2L-IEAAAA&oh=00_AfBVvE6hO-T_utdrlG6iFIsxCHhwUEy2YubId63VIktcPg&oe=64097A83&bytestart=14958&byteend=27362
Requested by: Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3iE_34/y9/l/de_DE/NWqQeo0iGFm.js?_nc_x=Ij3Wp8lg5Kz
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a03:2880:f058:9:face:b00c:0:1823 London, United Kingdom, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: ee97905ba7364e36e118c37ed1f877cf8f4c7addcd2ed9e003fee2af1015646e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 03:34:33 GMT
x-fb-trip-id: 207616858
x-storage-error-category: dfs:none;sc_p:206:WSE_NOT_SET
last-modified: Thu, 09 Mar 2023 03:28:05 GMT
vary: Origin
content-type: video/mp4
access-control-allow-origin: https://www.facebook.com
cache-control: max-age=1209600, no-transform
cross-origin-resource-policy: cross-origin
x-upstream-checksum-algorithm: crc32
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=86400
content-length: 12405

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
532 B 291ms
70ms Script
application/javascript 2a00:1450:400d:805::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.orientaldaily.com.my

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023030701.js?cb=31072917

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:805::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.orientaldaily.com.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 03:34:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
457 B 218ms
73ms Script
application/javascript 2a00:1450:400d:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.orientaldaily.com.my

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023030701.js?cb=31072917

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:806::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.orientaldaily.com.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 03:34:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 106 KB
27 KB 423ms
420ms XHR
text/plain 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1676360787140896&correlator=4162886904116286&eid=31072734%2C31072917%2C31070232&output=ldjh&gdfp_req=1&vrg=2023030701&ptt=17&impl=fifs&iu_parts=2163006%2Codn3-stream-leaderboard%2Codn3-sidebar-halfpage%2CODN_Story_Article_Recommendation_2%2CODN_Story_Article_Recommendation%2CODN_Story_Article_Recommendation_3%2CODN_Story_Article_Recommendation_4%2CODN_Story_Article_Recommendation_5%2Codn3-sidebar-mrec-1%2Codn3-sidebar-mrec-2%2Codn3-out-of-page%2Codn3-sticky%2Codn3-billboard&enc_prev_ius=%2F0%2F1%2C%2F0%2F2%2C%2F0%2F3%2C%2F0%2F4%2C%2F0%2F5%2C%2F0%2F6%2C%2F0%2F7%2C%2F0%2F8%2C%2F0%2F9%2C%2F0%2F10%2C%2F0%2F11%2C%2F0%2F12&prev_iu_szs=320x50%7C728x90%2C300x600%7C300x250%7C336x280%2C320x50%7C1x1%2C320x50%7C1x1%2C320x50%7C1x1%2C320x50%7C1x1%2C320x50%7C1x1%2C320x50%7C300x250%7C336x280%2C300x250%7C336x280%2C1x1%2C970x90%2C970x250%7C336x280&fluid=height%2C0%2Cheight%2Cheight%2Cheight%2Cheight%2Cheight%2Cheight%2C0%2C0%2C0%2C0&ifi=1&adks=1529660064%2C3137305880%2C3352599609%2C985798613%2C3041980942%2C471554251%2C2784225727%2C3124020751%2C1138385417%2C4291626634%2C2734664800%2C573015177&didk=2768310274~4093834466~1163465756~879971070~1163462853~1163881468~1163884357~970030836~970007992~4154345563~1986944763~446654551&sfv=1-0-40&ists=4&eri=1&cust_params=url%3D%252F%26ref%3Dnull%26env%3Dproduction%26route%3Dindex%26pageType%3Dindex%26page%3D1&sc=1&cookie_enabled=1&abxe=1&dt=1678332873405&lmt=1678332873&dlt=1678332870676&idt=2623&adxs=230%2C990%2C1030%2C1030%2C1030%2C1030%2C1030%2C990%2C990%2C800%2C-12245933%2C245&adys=495%2C801%2C1692%2C1432%2C2317%2C2317%2C2317%2C2499%2C2997%2C0%2C-12245933%2C75&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0%7C0%7C1%7C2%7C3%7C4%7C5%7C6%7C7%7C0%7C-1%7C0&ucis=1%7C2%7C3%7C4%7C5%7C6%7C7%7C8%7C9%7Ca%7Cb%7Cc&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.orientaldaily.com.my%2F&frm=20&vis=1&psz=760x535%7C380x311%7C300x910%7C300x910%7C300x910%7C300x910%7C300x910%7C380x1076%7C380x224%7C1600x4640%7C0x0%7C1140x0&msz=728x25%7C300x24%7C119x24%7C119x24%7C119x24%7C119x24%7C119x24%7C300x24%7C300x24%7C1600x0%7C0x0%7C970x24&fws=128%2C640%2C640%2C640%2C640%2C640%2C640%2C640%2C640%2C0%2C644%2C128&ohw=0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0&ga_vid=638583148.1678332873&ga_sid=1678332873&ga_hid=485962870&ga_fc=false

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023030701.js?cb=31072917

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8562240ec6aa051f41a4daca76c9e8a1b87cc1e4f976897c82948b2b8431cd2b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.orientaldaily.com.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 03:34:33 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2,-2,-2,-2,-2,-2,-2,-2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 27962
x-xss-protection: 0
google-lineitem-id: -1,-1,-2,-2,-2,-2,-2,-1,-1,5813470974,-2,5806164408
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -1,-1,-2,-2,-2,-2,-2,-1,-1,138368627148,-2,138366777533
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.orientaldaily.com.my
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
25f0b6c781c28f0ec66a58e178665f44.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 185C 6 KB
3 KB 333ms
80ms Document
text/html 2a00:1450:400d:80c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://25f0b6c781c28f0ec66a58e178665f44.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023030701.js?cb=31072917

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80c::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.orientaldaily.com.my/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 09 Mar 2023 03:34:33 GMT
expires: Fri, 08 Mar 2024 03:34:33 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 12524014_1054913491236204_778352620248941913_n.jpg
scontent.frba2-1.fna.fbcdn.net/v/t1.18169-1/ Frame A5C6 2 KB
2 KB 60ms
58ms Image
image/jpeg 2001:4288:301:1:face:b00c:0:a7
IAM-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://scontent.frba2-1.fna.fbcdn.net/v/t1.18169-1/12524014_1054913491236204_778352620248941913_n.jpg?stp=cp0_dst-jpg_p40x40&_nc_cat=1&ccb=1-7&_nc_sid=dbb9e7&_nc_ohc=4O3A7p9cuuUAX91bj6e&_nc_ht=scontent.frba2-1.fna&edm=AGo2L-IEAAAA&oh=00_AfBocU6zKz_BAgLYzXR11xixvOcrvctKrxfF5kKsicPK0A&oe=6430ABF9
Requested by: Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yn/r/7vpxn5yn4xK.js?_nc_x=Ij3Wp8lg5Kz
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4288:301:1:face:b00c:0:a7 , Morocco, ASN6713 (IAM-AS, MA),
Reverse DNS
Software: /
Resource Hash: cffebf8649452a952e130a76308527dfec9740ffd3273096be06649f28392358

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

x-haystack-needlechecksum: 2152374004
date: Thu, 09 Mar 2023 03:34:33 GMT
x-storage-error-category: dfs:none;hs_p:200:HS_ESUCCESS
last-modified: Wed, 13 Jan 2016 04:54:33 GMT
content-type: image/jpeg
access-control-allow-origin: *
content-digest: adler32=1947333124
cache-control: max-age=1209600, no-transform
cross-origin-resource-policy: cross-origin
x-needle-checksum: 2455694812
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=86400
content-length: 1544

GET
H2 200 10000000_2771555772978778_5619920907914227032_n.mp4 Show response
video-lhr8-2.xx.fbcdn.net/v/t42.1790-29/ Frame A5C6 732 B
794 B 17ms
16ms Fetch
video/mp4 2a03:2880:f058:113:face:b00c:0:1823
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL: https://video-lhr8-2.xx.fbcdn.net/v/t42.1790-29/10000000_2771555772978778_5619920907914227032_n.mp4?_nc_cat=105&ccb=1-7&_nc_sid=5aebc0&efg=eyJ2ZW5jb2RlX3RhZyI6ImRhc2hfbGl2ZV9tZF9mcmFnXzJfdmlkZW8ifQ%3D%3D&_nc_ohc=JZ8prLWYxXMAX9zqyq8&_nc_ht=video-lhr8-2.xx&edm=AGo2L-IEAAAA&oh=00_AfBhPeBKGPJ980W5KDKTYFPk5g_9z5lnoDD5RK-esPQNNA&oe=6409772D&bytestart=0&byteend=731
Requested by: Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3iE_34/y9/l/de_DE/NWqQeo0iGFm.js?_nc_x=Ij3Wp8lg5Kz
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a03:2880:f058:113:face:b00c:0:1823 London, United Kingdom, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: 3772b63eb39dcce11a3014a8d4a94011954d9bef7e3f5e7c17e949b6a9c9295c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 03:34:33 GMT
x-fb-trip-id: 207616858
x-storage-error-category: dfs:none;sc_p:206:WSE_NOT_SET
last-modified: Thu, 09 Mar 2023 03:28:07 GMT
vary: Origin
content-type: video/mp4
access-control-allow-origin: https://www.facebook.com
cache-control: max-age=1209600, no-transform
cross-origin-resource-policy: cross-origin
x-upstream-checksum-algorithm: crc32
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=86400
content-length: 732

GET
H2 200 10000000_2771555772978778_5619920907914227032_n.mp4 Show response
video-lhr8-2.xx.fbcdn.net/v/t42.1790-29/ Frame A5C6 13 KB
13 KB 20ms
20ms Fetch
video/mp4 2a03:2880:f058:113:face:b00c:0:1823
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL: https://video-lhr8-2.xx.fbcdn.net/v/t42.1790-29/10000000_2771555772978778_5619920907914227032_n.mp4?_nc_cat=105&ccb=1-7&_nc_sid=5aebc0&efg=eyJ2ZW5jb2RlX3RhZyI6ImRhc2hfbGl2ZV9tZF9mcmFnXzJfdmlkZW8ifQ%3D%3D&_nc_ohc=JZ8prLWYxXMAX9zqyq8&_nc_ht=video-lhr8-2.xx&edm=AGo2L-IEAAAA&oh=00_AfBhPeBKGPJ980W5KDKTYFPk5g_9z5lnoDD5RK-esPQNNA&oe=6409772D&bytestart=732&byteend=14335
Requested by: Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3iE_34/y9/l/de_DE/NWqQeo0iGFm.js?_nc_x=Ij3Wp8lg5Kz
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a03:2880:f058:113:face:b00c:0:1823 London, United Kingdom, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: eeee411a6fdc61456f2b5e79970b343b31c34be7b139a0713b24e94d036cb852

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 03:34:33 GMT
x-fb-trip-id: 207616858
x-storage-error-category: dfs:none;sc_p:206:WSE_NOT_SET
last-modified: Thu, 09 Mar 2023 03:28:07 GMT
vary: Origin
content-type: video/mp4
access-control-allow-origin: https://www.facebook.com
cache-control: max-age=1209600, no-transform
cross-origin-resource-policy: cross-origin
x-upstream-checksum-algorithm: crc32
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=86400
content-length: 13604

GET
H2 200 10000000_2771555772978778_5619920907914227032_n.mp4 Show response
video-lhr8-2.xx.fbcdn.net/v/t42.1790-29/ Frame A5C6 171 KB
171 KB 20ms
19ms Fetch
video/mp4 2a03:2880:f058:113:face:b00c:0:1823
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL: https://video-lhr8-2.xx.fbcdn.net/v/t42.1790-29/10000000_2771555772978778_5619920907914227032_n.mp4?_nc_cat=105&ccb=1-7&_nc_sid=5aebc0&efg=eyJ2ZW5jb2RlX3RhZyI6ImRhc2hfbGl2ZV9tZF9mcmFnXzJfdmlkZW8ifQ%3D%3D&_nc_ohc=JZ8prLWYxXMAX9zqyq8&_nc_ht=video-lhr8-2.xx&edm=AGo2L-IEAAAA&oh=00_AfBhPeBKGPJ980W5KDKTYFPk5g_9z5lnoDD5RK-esPQNNA&oe=6409772D&bytestart=14336&byteend=189315
Requested by: Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3iE_34/y9/l/de_DE/NWqQeo0iGFm.js?_nc_x=Ij3Wp8lg5Kz
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a03:2880:f058:113:face:b00c:0:1823 London, United Kingdom, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: fd2e133a817bc2e4aee6ed34b3684c18a3ce22cfec6cb1aebfa1d9151de1c1f1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 03:34:33 GMT
x-fb-trip-id: 207616858
x-storage-error-category: dfs:none;sc_p:206:WSE_NOT_SET
last-modified: Thu, 09 Mar 2023 03:28:07 GMT
vary: Origin
content-type: video/mp4
access-control-allow-origin: https://www.facebook.com
cache-control: max-age=1209600, no-transform
cross-origin-resource-policy: cross-origin
x-upstream-checksum-algorithm: crc32
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=86400
content-length: 174980

GET
H2 200 10000000_1600936633706790_4061514357092947234_n.mp4 Show response
video-lhr8-1.xx.fbcdn.net/v/t42.1790-29/ Frame A5C6 694 B
756 B 20ms
20ms Fetch
video/mp4 2a03:2880:f058:9:face:b00c:0:1823
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL: https://video-lhr8-1.xx.fbcdn.net/v/t42.1790-29/10000000_1600936633706790_4061514357092947234_n.mp4?_nc_cat=107&ccb=1-7&_nc_sid=5aebc0&efg=eyJ2ZW5jb2RlX3RhZyI6ImRhc2hfbGl2ZV9tZF9mcmFnXzJfYXVkaW8ifQ%3D%3D&_nc_ohc=_gwsUAA-o0cAX8Mrj0U&_nc_ht=video-lhr8-1.xx&edm=AGo2L-IEAAAA&oh=00_AfBVvE6hO-T_utdrlG6iFIsxCHhwUEy2YubId63VIktcPg&oe=64097A83&bytestart=0&byteend=693
Requested by: Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3iE_34/y9/l/de_DE/NWqQeo0iGFm.js?_nc_x=Ij3Wp8lg5Kz
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a03:2880:f058:9:face:b00c:0:1823 London, United Kingdom, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: 4d5c4f86aa07a673942105061dc477b7b95f08e7aec749814a20e80e2be9fda3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 03:34:33 GMT
x-fb-trip-id: 207616858
x-storage-error-category: dfs:none;sc_p:206:WSE_NOT_SET
last-modified: Thu, 09 Mar 2023 03:28:05 GMT
vary: Origin
content-type: video/mp4
access-control-allow-origin: https://www.facebook.com
cache-control: max-age=1209600, no-transform
cross-origin-resource-policy: cross-origin
x-upstream-checksum-algorithm: crc32
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=86400
content-length: 694

GET
H2 200 10000000_1600936633706790_4061514357092947234_n.mp4 Show response
video-lhr8-1.xx.fbcdn.net/v/t42.1790-29/ Frame A5C6 14 KB
14 KB 20ms
20ms Fetch
video/mp4 2a03:2880:f058:9:face:b00c:0:1823
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL: https://video-lhr8-1.xx.fbcdn.net/v/t42.1790-29/10000000_1600936633706790_4061514357092947234_n.mp4?_nc_cat=107&ccb=1-7&_nc_sid=5aebc0&efg=eyJ2ZW5jb2RlX3RhZyI6ImRhc2hfbGl2ZV9tZF9mcmFnXzJfYXVkaW8ifQ%3D%3D&_nc_ohc=_gwsUAA-o0cAX8Mrj0U&_nc_ht=video-lhr8-1.xx&edm=AGo2L-IEAAAA&oh=00_AfBVvE6hO-T_utdrlG6iFIsxCHhwUEy2YubId63VIktcPg&oe=64097A83&bytestart=694&byteend=14957
Requested by: Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3iE_34/y9/l/de_DE/NWqQeo0iGFm.js?_nc_x=Ij3Wp8lg5Kz
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a03:2880:f058:9:face:b00c:0:1823 London, United Kingdom, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: cc3df6946d1b948b6ad4945ddc454682a9653aa30ef0afca256c948cb43d04f4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 03:34:33 GMT
x-fb-trip-id: 207616858
x-storage-error-category: dfs:none;sc_p:206:WSE_NOT_SET
last-modified: Thu, 09 Mar 2023 03:28:05 GMT
vary: Origin
content-type: video/mp4
access-control-allow-origin: https://www.facebook.com
cache-control: max-age=1209600, no-transform
cross-origin-resource-policy: cross-origin
x-upstream-checksum-algorithm: crc32
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=86400
content-length: 14264

GET
H2 200 10000000_1600936633706790_4061514357092947234_n.mp4 Show response
video-lhr8-1.xx.fbcdn.net/v/t42.1790-29/ Frame A5C6 12 KB
12 KB 23ms
22ms Fetch
video/mp4 2a03:2880:f058:9:face:b00c:0:1823
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL: https://video-lhr8-1.xx.fbcdn.net/v/t42.1790-29/10000000_1600936633706790_4061514357092947234_n.mp4?_nc_cat=107&ccb=1-7&_nc_sid=5aebc0&efg=eyJ2ZW5jb2RlX3RhZyI6ImRhc2hfbGl2ZV9tZF9mcmFnXzJfYXVkaW8ifQ%3D%3D&_nc_ohc=_gwsUAA-o0cAX8Mrj0U&_nc_ht=video-lhr8-1.xx&edm=AGo2L-IEAAAA&oh=00_AfBVvE6hO-T_utdrlG6iFIsxCHhwUEy2YubId63VIktcPg&oe=64097A83&bytestart=14958&byteend=27362
Requested by: Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3iE_34/y9/l/de_DE/NWqQeo0iGFm.js?_nc_x=Ij3Wp8lg5Kz
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a03:2880:f058:9:face:b00c:0:1823 London, United Kingdom, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: ee97905ba7364e36e118c37ed1f877cf8f4c7addcd2ed9e003fee2af1015646e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 03:34:33 GMT
x-fb-trip-id: 207616858
x-storage-error-category: dfs:none;sc_p:206:WSE_NOT_SET
last-modified: Thu, 09 Mar 2023 03:28:05 GMT
vary: Origin
content-type: video/mp4
access-control-allow-origin: https://www.facebook.com
cache-control: max-age=1209600, no-transform
cross-origin-resource-policy: cross-origin
x-upstream-checksum-algorithm: crc32
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=86400
content-length: 12405

POST
H2 204 collect
region1.google-analytics.com/g/ 0
262 B 55ms
19ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-9ZN17BGY3K&gtm=45je3360&_p=485962870&cid=638583148.1678332873&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1678332873&sct=1&seg=0&dl=https%3A%2F%2Fwww.orientaldaily.com.my%2F&dt=%E6%9D%B1%E6%96%B9%E7%B6%B2%20%E9%A6%AC%E4%BE%86%E8%A5%BF%E4%BA%9E%E6%9D%B1%E6%96%B9%E6%97%A5%E5%A0%B1&en=page_view&_fv=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-9ZN17BGY3K&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.orientaldaily.com.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 09 Mar 2023 03:34:33 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.orientaldaily.com.my
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 izooto.js Show response
cdn.izooto.com/scripts/sdk/ 269 KB
64 KB 24ms
20ms Script
application/javascript 2606:4700::6812:d841
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.izooto.com/scripts/sdk/izooto.js

Requested by

Host: cdn.izooto.com
URL: https://cdn.izooto.com/scripts/ecdfcc1811f34e74c3bab718dd85239c1f9d5a9f.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:d841 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

099d4d993ce686e96b1a6f456b88a70c2b290c1afd3b305f66c1bc63534f2dab

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.orientaldaily.com.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 03:34:33 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Mon, 06 Mar 2023 12:47:06 GMT
server: cloudflare
age: 226008
etag: W/"6405e0ca-4349e"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=1382400
cf-ray: 7a50434bf9492c3e-FRA
x-xss-protection: 1; mode=block
expires: Sat, 25 Mar 2023 03:34:33 GMT

GET
H3 200 2371761693035398 Show response
connect.facebook.net/signals/config/ 377 KB
108 KB 12ms
11ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/2371761693035398?v=2.9.98&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

1a100b1434e7247c3c43eeb23382e9022896bd646c29f52cfb2fed33fafff373

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.orientaldaily.com.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Thu, 09 Mar 2023 03:34:33 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 110225
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: +TNuvRv4GgUJwZAahzoVnVdckudXZOVUUPCZ6Jrcxx9kTnVccEZ/dDIN6maUanx71P4eafehh6HO40elJ31LUQ==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
cache-control: public, max-age=1200
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 E3aVjH1G1Nz.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yS/r/ Frame C842 325 KB
64 KB 11ms
9ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yS/r/E3aVjH1G1Nz.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yn/r/7vpxn5yn4xK.js?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

170105cb5252ff71acdc7dde058455eb7dac2c6e0744f0c81653dd832ede0b13

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 03:34:33 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: EjNuK98g+eAdG4ii7ipCKA==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 65281
x-fb-rlafr: 0
x-fb-debug: aI/VtcUeWygjemmLz4LYdkNU6j6WSpbQ9V3yA02yev0nf5k1KF+u8IE7LDNSG2uiqJGs0uhTFLCtsLcDiwIXvw==
x-fb-trip-id: 686109401
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
origin-agent-cluster: ?0
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
expires: Fri, 08 Mar 2024 00:17:58 GMT

GET
H2 200 r70CrBLwr16.js Show response
static.xx.fbcdn.net/rsrc.php/v3i1mF4/yb/l/de_DE/ Frame C842 263 KB
63 KB 26ms
24ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3i1mF4/yb/l/de_DE/r70CrBLwr16.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yn/r/7vpxn5yn4xK.js?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

90ae3adc0fd9cc61b41f34782236b9d3933d3be626b7f6baa1b883a8ceeaaa0c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 03:34:33 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: h2vJPj10OoYBk8VpIqVQuQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 64587
x-fb-rlafr: 0
x-fb-debug: oguJ+Xhto7PMGM6ioWTCO+T6qD1AiveZzjlrz5LAUESZ5R/mZNbIUDcalgds+HCOd1FGhkeyR5v8cyksgUcBxw==
x-fb-trip-id: 686109401
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Wed, 06 Mar 2024 00:59:53 GMT

GET
H2 200 EDFgck-vtzw.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yb/r/ Frame C842 29 KB
7 KB 18ms
16ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yb/r/EDFgck-vtzw.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yn/r/7vpxn5yn4xK.js?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

16a9ac84a15152e7da59099fc687c86b0964506e89dbc1131830f80e503a16eb

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 03:34:33 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: MA2yB+od6HOn2YOMF/WNCw==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 7251
x-fb-rlafr: 0
x-fb-debug: OKdRSqwovwLSuaiZdWPw4OmrTKNh5QAgN9SLskfV6xDrDeI6BBOdEsE6+veeHTWTqDphXrLSfROhz7AtasnqjQ==
x-fb-trip-id: 686109401
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
origin-agent-cluster: ?0
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Sat, 02 Mar 2024 17:30:05 GMT

GET
H2 200 E1W52zVMGHx.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yi/r/ Frame C842 64 KB
17 KB 13ms
11ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yi/r/E1W52zVMGHx.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yn/r/7vpxn5yn4xK.js?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

19e6c62be760514e8846c3853afec5882dfaf81c1da4e374e3fc24630faf5a7e

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 03:34:33 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: kwfZseWl0BfFbsOXwGwuvQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 17428
x-fb-rlafr: 0
x-fb-debug: /ofKSh8NV2sxAclOkFQrl6qZT0WTxioj2wX0ArtFDNGnKnpqOwhhId0WKqKUWb9ApiirXCzRRcQEHBv0NjYIPQ==
x-fb-trip-id: 686109401
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
origin-agent-cluster: ?0
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Thu, 29 Feb 2024 03:45:10 GMT

GET
H2 200 W0yC4VOqnS7.js Show response
static.xx.fbcdn.net/rsrc.php/v3iGxz4/yR/l/de_DE/ Frame C842 315 KB
77 KB 19ms
18ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3iGxz4/yR/l/de_DE/W0yC4VOqnS7.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yn/r/7vpxn5yn4xK.js?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

a5caf35e21831d47f0af509096ff73c43dadadc49c7eb31274773db0a70e08bb

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 03:34:33 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: lMkJ7LmS9gIP4p8ZVGiUrA==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 78793
x-fb-rlafr: 0
x-fb-debug: 1ulDBQyVBSafBEYBAmhbepVjTTBnnrvUzDFhPIjQOvXEvF9DIdUzsqo9QTaP62SXUoxlr7Mt43rz2rdZuBrOBA==
x-fb-trip-id: 686109401
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Thu, 07 Mar 2024 18:56:17 GMT

GET
H2 200 5WwdaMwKAXV.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yi/r/ Frame C842 10 KB
3 KB 13ms
12ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yi/r/5WwdaMwKAXV.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yn/r/7vpxn5yn4xK.js?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

f45efbdb50ee77b396d73399998beafef8f5d87d88c3aee0e7979d220dc06727

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 03:34:33 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: xGEWAb+qwMFKWzWkjRbm4A==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 3349
x-fb-rlafr: 0
x-fb-debug: TUPvUVzaGmFE/ktugyd+BpNI8EwM3yOdQgim+6yXzYTMawWBgRjOJakyF8KnTpUsh56YCN5yIpeegjsszhwTgg==
x-fb-trip-id: 686109401
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Sun, 03 Mar 2024 00:25:59 GMT

GET
H2 200 XudSw9So4-d.css
static.xx.fbcdn.net/rsrc.php/v3/yf/l/0,cross/ Frame C842 37 KB
8 KB 18ms
17ms Stylesheet
text/css 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yf/l/0,cross/XudSw9So4-d.css?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yn/r/7vpxn5yn4xK.js?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

f0f725ceaee9ee49ea7a80df9cc1bbb66ecc5f6af62aa37e6d37a07eb1d04ad7

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 03:34:33 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: ltRXGZO/TolBhB98qHWXig==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 7688
x-fb-rlafr: 0
x-fb-debug: 5EQ5wVWnaIn/YGQ3B9eQPUyTD6YxZIxfhATZ/mryEdvamg2gqc4ye9yvPSn+rgNjMldnlV0OXjdHOcXKnVYk5Q==
x-fb-trip-id: 686109401
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: text/css; charset=utf-8
access-control-allow-origin: https://www.facebook.com
origin-agent-cluster: ?0
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
expires: Sat, 02 Mar 2024 17:25:16 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 4 B
217 B 68ms
67ms XHR
text/plain 2a00:1450:400d:80a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j99&a=485962870&t=pageview&_s=1&dl=https%3A%2F%2Fwww.orientaldaily.com.my%2F&ul=en-us&de=UTF-8&dt=%E6%9D%B1%E6%96%B9%E7%B6%B2%20%E9%A6%AC%E4%BE%86%E8%A5%BF%E4%BA%9E%E6%9D%B1%E6%96%B9%E6%97%A5%E5%A0%B1&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAEABAAAAACAAI~&jid=657385683&gjid=980119039&cid=638583148.1678332873&tid=UA-21383972-1&_gid=1819105100.1678332874&_r=1&_slc=1&gtm=45He3360n815CLJZ2K&cd6=11&cd10=index&cd11=index&cd12=1&z=33280229

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.orientaldaily.com.my/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 09 Mar 2023 03:34:33 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.orientaldaily.com.my
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 E3aVjH1G1Nz.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yS/r/ Frame A5C6 325 KB
64 KB 10ms
9ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yS/r/E3aVjH1G1Nz.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yn/r/7vpxn5yn4xK.js?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

170105cb5252ff71acdc7dde058455eb7dac2c6e0744f0c81653dd832ede0b13

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 03:34:33 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: EjNuK98g+eAdG4ii7ipCKA==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 65281
x-fb-rlafr: 0
x-fb-debug: aI/VtcUeWygjemmLz4LYdkNU6j6WSpbQ9V3yA02yev0nf5k1KF+u8IE7LDNSG2uiqJGs0uhTFLCtsLcDiwIXvw==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
origin-agent-cluster: ?0
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=1
expires: Fri, 08 Mar 2024 00:17:58 GMT

GET
H3 200 r70CrBLwr16.js Show response
static.xx.fbcdn.net/rsrc.php/v3i1mF4/yb/l/de_DE/ Frame A5C6 263 KB
63 KB 19ms
18ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3i1mF4/yb/l/de_DE/r70CrBLwr16.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yn/r/7vpxn5yn4xK.js?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

90ae3adc0fd9cc61b41f34782236b9d3933d3be626b7f6baa1b883a8ceeaaa0c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 03:34:33 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: h2vJPj10OoYBk8VpIqVQuQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 64587
x-fb-rlafr: 0
x-fb-debug: oguJ+Xhto7PMGM6ioWTCO+T6qD1AiveZzjlrz5LAUESZ5R/mZNbIUDcalgds+HCOd1FGhkeyR5v8cyksgUcBxw==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Wed, 06 Mar 2024 00:59:53 GMT

GET
H3 200 EDFgck-vtzw.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yb/r/ Frame A5C6 29 KB
7 KB 19ms
19ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yb/r/EDFgck-vtzw.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yn/r/7vpxn5yn4xK.js?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

16a9ac84a15152e7da59099fc687c86b0964506e89dbc1131830f80e503a16eb

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 03:34:33 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: MA2yB+od6HOn2YOMF/WNCw==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 7251
x-fb-rlafr: 0
x-fb-debug: OKdRSqwovwLSuaiZdWPw4OmrTKNh5QAgN9SLskfV6xDrDeI6BBOdEsE6+veeHTWTqDphXrLSfROhz7AtasnqjQ==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
origin-agent-cluster: ?0
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Sat, 02 Mar 2024 17:30:05 GMT

GET
H3 200 E1W52zVMGHx.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yi/r/ Frame A5C6 64 KB
17 KB 19ms
19ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yi/r/E1W52zVMGHx.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yn/r/7vpxn5yn4xK.js?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

19e6c62be760514e8846c3853afec5882dfaf81c1da4e374e3fc24630faf5a7e

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 03:34:33 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: kwfZseWl0BfFbsOXwGwuvQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 17428
x-fb-rlafr: 0
x-fb-debug: /ofKSh8NV2sxAclOkFQrl6qZT0WTxioj2wX0ArtFDNGnKnpqOwhhId0WKqKUWb9ApiirXCzRRcQEHBv0NjYIPQ==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
origin-agent-cluster: ?0
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Thu, 29 Feb 2024 03:45:10 GMT

GET
H3 200 W0yC4VOqnS7.js Show response
static.xx.fbcdn.net/rsrc.php/v3iGxz4/yR/l/de_DE/ Frame A5C6 315 KB
77 KB 21ms
21ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3iGxz4/yR/l/de_DE/W0yC4VOqnS7.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yn/r/7vpxn5yn4xK.js?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

a5caf35e21831d47f0af509096ff73c43dadadc49c7eb31274773db0a70e08bb

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 03:34:33 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: lMkJ7LmS9gIP4p8ZVGiUrA==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 78793
x-fb-rlafr: 0
x-fb-debug: 1ulDBQyVBSafBEYBAmhbepVjTTBnnrvUzDFhPIjQOvXEvF9DIdUzsqo9QTaP62SXUoxlr7Mt43rz2rdZuBrOBA==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Thu, 07 Mar 2024 18:56:17 GMT

GET
H3 200 5WwdaMwKAXV.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yi/r/ Frame A5C6 10 KB
3 KB 22ms
22ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yi/r/5WwdaMwKAXV.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yn/r/7vpxn5yn4xK.js?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

f45efbdb50ee77b396d73399998beafef8f5d87d88c3aee0e7979d220dc06727

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 03:34:33 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: xGEWAb+qwMFKWzWkjRbm4A==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 3349
x-fb-rlafr: 0
x-fb-debug: TUPvUVzaGmFE/ktugyd+BpNI8EwM3yOdQgim+6yXzYTMawWBgRjOJakyF8KnTpUsh56YCN5yIpeegjsszhwTgg==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Sun, 03 Mar 2024 00:25:59 GMT

GET
H3 200 XudSw9So4-d.css
static.xx.fbcdn.net/rsrc.php/v3/yf/l/0,cross/ Frame A5C6 37 KB
8 KB 13ms
13ms Stylesheet
text/css 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yf/l/0,cross/XudSw9So4-d.css?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yn/r/7vpxn5yn4xK.js?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

f0f725ceaee9ee49ea7a80df9cc1bbb66ecc5f6af62aa37e6d37a07eb1d04ad7

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 03:34:33 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: ltRXGZO/TolBhB98qHWXig==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 7688
x-fb-rlafr: 0
x-fb-debug: 5EQ5wVWnaIn/YGQ3B9eQPUyTD6YxZIxfhATZ/mryEdvamg2gqc4ye9yvPSn+rgNjMldnlV0OXjdHOcXKnVYk5Q==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: text/css; charset=utf-8
access-control-allow-origin: https://www.facebook.com
origin-agent-cluster: ?0
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=0
expires: Sat, 02 Mar 2024 17:25:16 GMT

GET
H2 200 60ed26814eda65001a0bbb3e.js Show response
buttons-config.sharethis.com/js/ 1 KB
1014 B 145ms
10ms Script
text/javascript 2600:9000:223c:3c00:c:abe:f440:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://buttons-config.sharethis.com/js/60ed26814eda65001a0bbb3e.js

Requested by

Host: platform-api.sharethis.com
URL: https://platform-api.sharethis.com/js/sharethis.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223c:3c00:c:abe:f440:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

96fd606edfd369bf8b415587eff5b112556eff4896eb6ae7f3d65a826323f50f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.orientaldaily.com.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 03:34:33 GMT
content-encoding: gzip
via: 1.1 83f1b8f73f37458f38e2ee1fc0b9e68c.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Mon, 26 Jul 2021 05:07:44 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P2
age: 42
x-amz-server-side-encryption: AES256
etag: W/"3adffd126fe3682bf9db5bc2c7c6c570"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: public, max-age=60
x-amz-cf-id: VFoThS2wq6CyFTQDdnX90X2R2Gte3MuLBgrY_pjiA-RrNMMn7qtcKA==

GET
H/1.1 204
No Content pview Show response
l.sharethis.com/ 0
411 B 98ms
9ms XHR
text/plain 52.29.239.121
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://l.sharethis.com/pview?event=pview&hostname=www.orientaldaily.com.my&location=%2F&product=inline-share-buttons&url=https%3A%2F%2Fwww.orientaldaily.com.my%2F&source=sharethis.js&fcmp=false&fcmpv2=false&has_segmentio=false&title=%E6%9D%B1%E6%96%B9%E7%B6%B2%20%E9%A6%AC%E4%BE%86%E8%A5%BF%E4%BA%9E%E6%9D%B1%E6%96%B9%E6%97%A5%E5%A0%B1&cms=unknown&publisher=60ed26814eda65001a0bbb3e&embeds_csv=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fvideo.php%3Fheight%3D314%26href%3Dhttps%3A%2F%2Fwww.facebook.com%2FOrientalDailyNewsMalaysia%2Fvideos%2F1247106492876856%2F%26show_text%3Dfalse%26width%3D560%26t%3D0&sop=true&version=st_sop.js&lang=en&description=%E5%9C%A8%E9%A6%AC%E4%BE%86%E8%A5%BF%E4%BA%9E%E8%8F%AF%E4%BA%BA%E7%A4%BE%E6%9C%83%E7%9A%84%E7%9C%BC%E4%B8%AD%EF%BC%8C%E3%80%8A%E6%9D%B1%E6%96%B9%E6%97%A5%E5%A0%B1%E3%80%8B%E6%98%AF%E4%B8%80%E4%BB%BD%E6%95%A2%E5%A0%B1%E5%B0%8E%E7%9C%9F%E7%9B%B8%EF%BC%8C%E7%8D%A8%E7%AB%8B%EF%BC%8C%E4%B8%AD%E7%AB%8B%E7%9A%84%E4%B8%AD%E6%96%87%E6%97%A5%E5%A0%B1%EF%BC%9B%E8%AE%93%E5%85%AC%E7%9C%BE%E7%9C%8B%E5%88%B0%E6%96%B0%E8%81%9E%E4%BA%8B%E4%BB%B6%E7%9C%9F%E7%9B%B8%EF%BC%8C%E7%9C%9F%E6%AD%A3%E7%9A%84%E4%BA%BA%E5%80%91%E5%96%89%E8%88%8C%E3%80%82%E3%80%8A%E6%9D%B1%E6%96%B9%E6%97%A5%E5%A0%B1%E3%80%8B%E5%89%B5%E5%88%8A%E6%96%BC2002%E5%B9%B4%EF%BC%8C%E7%B8%BD%E7%A4%BE%E5%BA%A7%E8%90%BD%E5%9C%A8%E9%A6%AC%E4%BE%86%E8%A5%BF%E4%BA%9E%E9%A6%96%E9%83%BD%E5%90%89%E9%9A%86%E5%9D%A1%EF%BC%8C%E5%AE%9A%E4%BD%8D%E7%82%BA%E4%B8%AD%E4%B8%8A%E9%9A%8E%E5%B1%A4%E7%9A%84%E5%84%AA%E8%B3%AA%E5%A0%B1%E7%B4%99%EF%BC%8C%E9%87%8D%E8%A6%96%E5%82%B3%E9%81%94%E7%9F%A5%E8%AD%98%EF%BC%8C%E5%B8%B6%E5%8B%95%E7%A4%BE%E6%9C%83%E9%80%B2%E6%AD%A5%E3%80%82&ua=&ua_mobile=false&ua_full_version_list=

Requested by

Host: platform-api.sharethis.com
URL: https://platform-api.sharethis.com/js/sharethis.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.29.239.121 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-29-239-121.eu-central-1.compute.amazonaws.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.orientaldaily.com.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date: Thu, 09 Mar 2023 03:34:33 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains;
Access-Control-Max-Age: 1728000
Access-Control-Allow-Origin: https://www.orientaldaily.com.my
Access-Control-Expose-Headers: stid
Cache-Control: no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: *

GET
H3 200 10000000_1176832589685551_7617901074642110564_n.mp4 Show response
video-lhr8-1.xx.fbcdn.net/v/t66.36281-29/ Frame C842 13 KB
13 KB 17ms
16ms Fetch
video/mp4 2a03:2880:f058:9:face:b00c:0:1823
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL: https://video-lhr8-1.xx.fbcdn.net/v/t66.36281-29/10000000_1176832589685551_7617901074642110564_n.mp4?_nc_cat=103&ccb=1-7&_nc_sid=5aebc0&efg=eyJ2ZW5jb2RlX3RhZyI6ImRhc2hfbGl2ZV9wc3RfZnJhZ18yX3ZpZGVvIn0%3D&_nc_ohc=ToaPEU2MgTcAX9q9Nx0&_nc_ht=video-lhr8-1.xx&edm=AGo2L-IEAAAA&oh=00_AfDUreijWpPAntDVEj9sGxuzjHMk1YWhxPAvpQ349Jdmcg&oe=640EF047&bytestart=728&byteend=14331
Requested by: Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yS/r/E3aVjH1G1Nz.js?_nc_x=Ij3Wp8lg5Kz
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a03:2880:f058:9:face:b00c:0:1823 London, United Kingdom, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: 61dbce7aa2ccecc67730272f173b6239241441ba052c3cb4cf2078266e4b443e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 03:34:33 GMT
x-storage-error-category: dfs:none;hs_p:206:HS_ERANGE_SUCCESS
last-modified: Thu, 09 Mar 2023 03:28:24 GMT
vary: Origin
content-type: video/mp4
access-control-allow-origin: https://www.facebook.com
cache-control: max-age=1209600, no-transform
cross-origin-resource-policy: cross-origin
x-upstream-checksum-algorithm: crc32
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=86400
content-length: 13604
priority: u=1,i
proxy-status: http_response_ok; e_clientaddr="AcJKbJbqaTlZrtn7_BHoplHXSehGRXU9uqETj-fkB6WwyQu3D8iGYjdTgMPwnzGRI8_kmyr8Jlyjc5Ums7-gSW9NYK21LwWYjMZe2XNcIg"; e_fb_vipaddr="AcKWKNCqi1HyLxOvnHh2SSAffEafc8e9xctpr3V-wPqBglwKyjaMK7CSrQ3QgFqfS55qLqumuIk477PdNw5vjYRe82Hb_xSn25klqvnS"; e_fb_builduser="AcKGJIr5hq0vCy27dY05mXVky1MtvFabLmyfqhZdaejL6dYo6bmczwr_ogyJMd1DW8Q"; e_fb_binaryversion="AcKE0f4HlLVpDahPX7OOQaOD4FTD7lGuJHrIBil2hzDZ1s7pw9PSFD6SuSezYn96cmTx7azZsuqtxBdb0NXpU3q-Vn0YH53jnAA"; e_proxy="AcIl1pbY5YH60yQGeMxQKn401xRGKUIRMxrIeX1Qvb-wINCUQK8VI-z6uRiSRKPpdu_CKQ_fOVk_PtyfNuY"

GET
H3 200 10000000_2771555772978778_5619920907914227032_n.mp4 Show response
video-lhr8-2.xx.fbcdn.net/v/t42.1790-29/ Frame C842 129 KB
129 KB 17ms
17ms Fetch
video/mp4 2a03:2880:f058:113:face:b00c:0:1823
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL: https://video-lhr8-2.xx.fbcdn.net/v/t42.1790-29/10000000_2771555772978778_5619920907914227032_n.mp4?_nc_cat=105&ccb=1-7&_nc_sid=5aebc0&efg=eyJ2ZW5jb2RlX3RhZyI6ImRhc2hfbGl2ZV9tZF9mcmFnXzJfdmlkZW8ifQ%3D%3D&_nc_ohc=JZ8prLWYxXMAX9zqyq8&_nc_ht=video-lhr8-2.xx&edm=AGo2L-IEAAAA&oh=00_AfBhPeBKGPJ980W5KDKTYFPk5g_9z5lnoDD5RK-esPQNNA&oe=6409772D&bytestart=189316&byteend=321121
Requested by: Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yS/r/E3aVjH1G1Nz.js?_nc_x=Ij3Wp8lg5Kz
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a03:2880:f058:113:face:b00c:0:1823 London, United Kingdom, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: 7dfbecc7f60754c9c4a71ccd3801d4b4fdb83c902dc7400db4ee03b45b96896e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 03:34:33 GMT
x-storage-error-category: dfs:none;sc_p:206:WSE_NOT_SET
last-modified: Thu, 09 Mar 2023 03:28:07 GMT
vary: Origin
content-type: video/mp4
access-control-allow-origin: https://www.facebook.com
cache-control: max-age=1209600, no-transform
cross-origin-resource-policy: cross-origin
x-upstream-checksum-algorithm: crc32
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=86400
content-length: 131806
priority: u=1,i

GET
H3 200 10000000_1600936633706790_4061514357092947234_n.mp4 Show response
video-lhr8-1.xx.fbcdn.net/v/t42.1790-29/ Frame C842 20 KB
20 KB 18ms
17ms Fetch
video/mp4 2a03:2880:f058:9:face:b00c:0:1823
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL: https://video-lhr8-1.xx.fbcdn.net/v/t42.1790-29/10000000_1600936633706790_4061514357092947234_n.mp4?_nc_cat=107&ccb=1-7&_nc_sid=5aebc0&efg=eyJ2ZW5jb2RlX3RhZyI6ImRhc2hfbGl2ZV9tZF9mcmFnXzJfYXVkaW8ifQ%3D%3D&_nc_ohc=_gwsUAA-o0cAX8Mrj0U&_nc_ht=video-lhr8-1.xx&edm=AGo2L-IEAAAA&oh=00_AfBVvE6hO-T_utdrlG6iFIsxCHhwUEy2YubId63VIktcPg&oe=64097A83&bytestart=27363&byteend=48033
Requested by: Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yS/r/E3aVjH1G1Nz.js?_nc_x=Ij3Wp8lg5Kz
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a03:2880:f058:9:face:b00c:0:1823 London, United Kingdom, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: fc678d1290a88c4b9d340d98cf770f9b95790ac5e935686bfa319ce720336f64

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 03:34:33 GMT
x-storage-error-category: dfs:none;sc_p:206:WSE_NOT_SET
last-modified: Thu, 09 Mar 2023 03:28:05 GMT
vary: Origin
content-type: video/mp4
access-control-allow-origin: https://www.facebook.com
cache-control: max-age=1209600, no-transform
cross-origin-resource-policy: cross-origin
x-upstream-checksum-algorithm: crc32
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=86400
content-length: 20671
priority: u=1,i

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
357 B 61ms
18ms XHR
text/plain 2a00:1450:400c:c00::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-21383972-1&cid=638583148.1678332873&jid=657385683&gjid=980119039&_gid=1819105100.1678332874&_u=YADAAEAAAAAAACAAI~&z=734062701

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c00::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.orientaldaily.com.my/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Thu, 09 Mar 2023 03:34:33 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.orientaldaily.com.my
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
25f0b6c781c28f0ec66a58e178665f44.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame B135 6 KB
3 KB 48ms
47ms Document
text/html 2a00:1450:400d:80c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://25f0b6c781c28f0ec66a58e178665f44.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023030701.js?cb=31072917

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80c::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.orientaldaily.com.my/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 09 Mar 2023 03:34:33 GMT
expires: Fri, 08 Mar 2024 03:34:33 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 container.html Show response
25f0b6c781c28f0ec66a58e178665f44.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 8C5A 6 KB
3 KB 47ms
47ms Document
text/html 2a00:1450:400d:80c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://25f0b6c781c28f0ec66a58e178665f44.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023030701.js?cb=31072917

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80c::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.orientaldaily.com.my/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 09 Mar 2023 03:34:33 GMT
expires: Fri, 08 Mar 2024 03:34:33 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 container.html Show response
25f0b6c781c28f0ec66a58e178665f44.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 0E74 6 KB
3 KB 47ms
46ms Document
text/html 2a00:1450:400d:80c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://25f0b6c781c28f0ec66a58e178665f44.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023030701.js?cb=31072917

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80c::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.orientaldaily.com.my/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 09 Mar 2023 03:34:33 GMT
expires: Fri, 08 Mar 2024 03:34:33 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 container.html Show response
25f0b6c781c28f0ec66a58e178665f44.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 7B35 6 KB
3 KB 47ms
46ms Document
text/html 2a00:1450:400d:80c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://25f0b6c781c28f0ec66a58e178665f44.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023030701.js?cb=31072917

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80c::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.orientaldaily.com.my/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 09 Mar 2023 03:34:33 GMT
expires: Fri, 08 Mar 2024 03:34:33 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ Frame 7A12 80 KB
27 KB 44ms
44ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023030701.js?cb=31072917

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8d0737e0ece483f6e5ce03c5001f43b81f7d032ee74c65374e9f1d40f4a85cf6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.orientaldaily.com.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 03:34:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 27447
x-xss-protection: 0
server: sffe
etag: "1505 / 22 of 1000 / last-modified: 1678316874"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Thu, 09 Mar 2023 03:34:34 GMT

GET
DATA 200
OK truncated
/ Frame 7A12 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8a72db19bbe66583d4cd7840d76965b8a91774a6c4ec0556e2d8a933e8b52ea8

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame C515 0
0 72ms
71ms Fetch
image/gif 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssM9OK3hpufibbhXUukH-eZcMOShAsgE-u3ACK3bZ3GVcNxziBZZLKZAM3QIGHhKg1FMi4Bhxr8943E-p56VAC1LGE-W_WxAbdCUNLG8zOswOpecN7GhcjkIu8Rn_SProMPaXN_5uck8CO1pAjIu9DP5um6IRfqxJH2OwyNPFSxeb21-we3jt1mZ__1qbGrEae05wSFWyFp4tCLJLu2l96fMIlw6yPChb7PnPeqaSdkhdnlF6NjMk-QzFE9AqVabaQ_Ss7H9dT3WTOdQzVKiiSIr88RYxo04-ThsOghlU4K54aN93Msi2oetEUBAkfVFqoY45wS7xG9LFHdTMd-&sai=AMfl-YQ8SqjT5mX62509_JQaYze8ggDbduEX5Zzl8ueOYoD-qr31kVa3VA1OeL5BQrHCbhcwMkKxfbjF_z1G0Jsdj6scApw-0q0B_Z4TMsfEaUT80NXUJixfGZq8owjl6rKotMjOD16a4B4X8GhOaNo&sig=Cg0ArKJSzMHXI_UjwJLCEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: www.orientaldaily.com.my
URL: https://www.orientaldaily.com.my/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.orientaldaily.com.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 03:34:34 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Thu, 09 Mar 2023 03:34:34 GMT

GET
H2 200 tags.js Show response
tags.expo9.exponential.com/tags/orientaldailycom/desktop/ Frame C515 59 KB
14 KB 255ms
189ms Script
application/x-javascript 2606:4700::6812:cdb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.expo9.exponential.com/tags/orientaldailycom/desktop/tags.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023030701.js?cb=31072917
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:cdb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dae53f389f4c01c7e1367d5a22350d9c8d6fe84483967b7484cb652f20222048

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.orientaldaily.com.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 03:34:34 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
p3p: CP="NOI DEVo TAIa OUR BUS"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 14173
x-function: 151
last-modified: Fri, 17 Feb 2023 18:05:21 GMT
server: cloudflare
x-reuse-index: 2378
etag: 17736689161801921778
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=3600, private
cf-ray: 7a50434f1f1f35f6-FRA
expires: Thu, 09 Mar 2023 04:34:34 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame C515 158 KB
49 KB 112ms
111ms Script
text/javascript 2a00:1450:400d:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023030701.js?cb=31072917

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80d::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4126ffde4b9e571b1c3e55b45a7e9596e139ad2de1bdbfe851a2e2b2c7da7f38

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.orientaldaily.com.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 03:34:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49657
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1678278820084806"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 09 Mar 2023 03:34:34 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 7A12 0
29 B 73ms
73ms Image
image/gif 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssZEX-PT-VvCnPQeDc5Sof-X6AnwqY91YGEU6wRuT7jfCYBDxbdOci8sLxq3m2jG-Vj4G3dIIZiZQhHRu8GXkexFf7HoNYrVWU7YquN8jNA3IM6qIML7kgrRU_sZYu3j1LI-uaubGDT3-YbDDf0FH-Ql30Hfl8v2kW3qk7QKFsDZU6nHyMJ248wtlohRdZ31sBajEygA9rRM8qTBgrKwnzi1gIUfyyZFL7V9wcGcVNvDu2raGE05nA4p0SJ_BVZ6OpBFQ27Eh94B8oIkKX_2HEtYmckQYKJvImUC2-o_3314bkDN-iFeJ-MZqhzF1hjvMHNqo94SquB-biLw3U&sai=AMfl-YStkicQ4ygYy5I5yYsaNA6O2QwrLXC06xBIaGhtTeYTDRevLlyoB3s6TdalBH3QyRKUVuNshV1s9gk4f7DRHwBEHWOVMsIdVDHSS_bdZIFCOvnSCVPmV_swZUPnwStbMeV37i3moSWTpHRFPSU&sig=Cg0ArKJSzGREZJV6MI1xEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: www.orientaldaily.com.my
URL: https://www.orientaldaily.com.my/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.orientaldaily.com.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 03:34:34 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Thu, 09 Mar 2023 03:34:34 GMT

GET
H3 200 10000000_1176832589685551_7617901074642110564_n.mp4 Show response
video-lhr8-1.xx.fbcdn.net/v/t66.36281-29/ Frame A5C6 13 KB
13 KB 17ms
16ms Fetch
video/mp4 2a03:2880:f058:9:face:b00c:0:1823
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL: https://video-lhr8-1.xx.fbcdn.net/v/t66.36281-29/10000000_1176832589685551_7617901074642110564_n.mp4?_nc_cat=103&ccb=1-7&_nc_sid=5aebc0&efg=eyJ2ZW5jb2RlX3RhZyI6ImRhc2hfbGl2ZV9wc3RfZnJhZ18yX3ZpZGVvIn0%3D&_nc_ohc=ToaPEU2MgTcAX9q9Nx0&_nc_ht=video-lhr8-1.xx&edm=AGo2L-IEAAAA&oh=00_AfDUreijWpPAntDVEj9sGxuzjHMk1YWhxPAvpQ349Jdmcg&oe=640EF047&bytestart=728&byteend=14331
Requested by: Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yS/r/E3aVjH1G1Nz.js?_nc_x=Ij3Wp8lg5Kz
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a03:2880:f058:9:face:b00c:0:1823 London, United Kingdom, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: 61dbce7aa2ccecc67730272f173b6239241441ba052c3cb4cf2078266e4b443e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 03:34:34 GMT
x-storage-error-category: dfs:none;hs_p:206:HS_ERANGE_SUCCESS
last-modified: Thu, 09 Mar 2023 03:28:24 GMT
vary: Origin
content-type: video/mp4
access-control-allow-origin: https://www.facebook.com
cache-control: max-age=1209600, no-transform
cross-origin-resource-policy: cross-origin
x-upstream-checksum-algorithm: crc32
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=86400
content-length: 13604
priority: u=1,i
proxy-status: http_response_ok; e_clientaddr="AcJKbJbqaTlZrtn7_BHoplHXSehGRXU9uqETj-fkB6WwyQu3D8iGYjdTgMPwnzGRI8_kmyr8Jlyjc5Ums7-gSW9NYK21LwWYjMZe2XNcIg"; e_fb_vipaddr="AcKWKNCqi1HyLxOvnHh2SSAffEafc8e9xctpr3V-wPqBglwKyjaMK7CSrQ3QgFqfS55qLqumuIk477PdNw5vjYRe82Hb_xSn25klqvnS"; e_fb_builduser="AcKGJIr5hq0vCy27dY05mXVky1MtvFabLmyfqhZdaejL6dYo6bmczwr_ogyJMd1DW8Q"; e_fb_binaryversion="AcKE0f4HlLVpDahPX7OOQaOD4FTD7lGuJHrIBil2hzDZ1s7pw9PSFD6SuSezYn96cmTx7azZsuqtxBdb0NXpU3q-Vn0YH53jnAA"; e_proxy="AcIl1pbY5YH60yQGeMxQKn401xRGKUIRMxrIeX1Qvb-wINCUQK8VI-z6uRiSRKPpdu_CKQ_fOVk_PtyfNuY"

GET
H3 200 10000000_2771555772978778_5619920907914227032_n.mp4 Show response
video-lhr8-2.xx.fbcdn.net/v/t42.1790-29/ Frame A5C6 129 KB
129 KB 20ms
19ms Fetch
video/mp4 2a03:2880:f058:113:face:b00c:0:1823
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL: https://video-lhr8-2.xx.fbcdn.net/v/t42.1790-29/10000000_2771555772978778_5619920907914227032_n.mp4?_nc_cat=105&ccb=1-7&_nc_sid=5aebc0&efg=eyJ2ZW5jb2RlX3RhZyI6ImRhc2hfbGl2ZV9tZF9mcmFnXzJfdmlkZW8ifQ%3D%3D&_nc_ohc=JZ8prLWYxXMAX9zqyq8&_nc_ht=video-lhr8-2.xx&edm=AGo2L-IEAAAA&oh=00_AfBhPeBKGPJ980W5KDKTYFPk5g_9z5lnoDD5RK-esPQNNA&oe=6409772D&bytestart=189316&byteend=321121
Requested by: Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yS/r/E3aVjH1G1Nz.js?_nc_x=Ij3Wp8lg5Kz
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a03:2880:f058:113:face:b00c:0:1823 London, United Kingdom, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: 7dfbecc7f60754c9c4a71ccd3801d4b4fdb83c902dc7400db4ee03b45b96896e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 03:34:34 GMT
x-storage-error-category: dfs:none;sc_p:206:WSE_NOT_SET
last-modified: Thu, 09 Mar 2023 03:28:07 GMT
vary: Origin
content-type: video/mp4
access-control-allow-origin: https://www.facebook.com
cache-control: max-age=1209600, no-transform
cross-origin-resource-policy: cross-origin
x-upstream-checksum-algorithm: crc32
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=86400
content-length: 131806
priority: u=1,i

GET
H3 200 10000000_1600936633706790_4061514357092947234_n.mp4 Show response
video-lhr8-1.xx.fbcdn.net/v/t42.1790-29/ Frame A5C6 20 KB
20 KB 18ms
18ms Fetch
video/mp4 2a03:2880:f058:9:face:b00c:0:1823
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL: https://video-lhr8-1.xx.fbcdn.net/v/t42.1790-29/10000000_1600936633706790_4061514357092947234_n.mp4?_nc_cat=107&ccb=1-7&_nc_sid=5aebc0&efg=eyJ2ZW5jb2RlX3RhZyI6ImRhc2hfbGl2ZV9tZF9mcmFnXzJfYXVkaW8ifQ%3D%3D&_nc_ohc=_gwsUAA-o0cAX8Mrj0U&_nc_ht=video-lhr8-1.xx&edm=AGo2L-IEAAAA&oh=00_AfBVvE6hO-T_utdrlG6iFIsxCHhwUEy2YubId63VIktcPg&oe=64097A83&bytestart=27363&byteend=48033
Requested by: Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yS/r/E3aVjH1G1Nz.js?_nc_x=Ij3Wp8lg5Kz
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a03:2880:f058:9:face:b00c:0:1823 London, United Kingdom, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: fc678d1290a88c4b9d340d98cf770f9b95790ac5e935686bfa319ce720336f64

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 03:34:34 GMT
x-storage-error-category: dfs:none;sc_p:206:WSE_NOT_SET
last-modified: Thu, 09 Mar 2023 03:28:05 GMT
vary: Origin
content-type: video/mp4
access-control-allow-origin: https://www.facebook.com
cache-control: max-age=1209600, no-transform
cross-origin-resource-policy: cross-origin
x-upstream-checksum-algorithm: crc32
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=86400
content-length: 20671
priority: u=1,i

GET
H2 200 iz_setcid.html Show response
cdn.izooto.com/scripts/sak/ Frame F9FC 4 KB
1 KB 23ms
19ms Document
text/html 2606:4700::6812:d841
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.izooto.com/scripts/sak/iz_setcid.html?v=1

Requested by

Host: cdn.izooto.com
URL: https://cdn.izooto.com/scripts/sdk/izooto.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:d841 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d1baf1e3c12564049e49e6a2f91ab528957fa12cb80c3dc0b113329a44d4216c

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.orientaldaily.com.my/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-origin: *
age: 2567163
cache-control: public, max-age=2678400
cf-cache-status: HIT
cf-ray: 7a50434f7b172c3e-FRA
content-encoding: br
content-type: text/html
date: Thu, 09 Mar 2023 03:34:34 GMT
expires: Sun, 09 Apr 2023 03:34:34 GMT
last-modified: Tue, 07 Feb 2023 10:27:13 GMT
server: cloudflare
vary: Accept-Encoding
x-xss-protection: 1; mode=block

GET
H3 200 7KqoyV1Z787.js Show response
static.xx.fbcdn.net/rsrc.php/v3io6F4/yq/l/de_DE/ Frame C842 2 MB
452 KB 17ms
15ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3io6F4/yq/l/de_DE/7KqoyV1Z787.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yn/r/7vpxn5yn4xK.js?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

f6facfb2f1508e6db75710c7f95f07e9d9cca538b230a5ab4464c9dee49befd6

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 03:34:34 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: 1BOcCmaxFMLhp78CqFFQQg==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 462316
x-fb-rlafr: 0
x-fb-debug: DaciEV/GE5ZT+b8OgsBZjRqI+wdIegcAxoYa2ijpG0KNF7X8Gx9bJk3F305RkiJcb2Rgd1MebMgnV7IYhr/jBw==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=1,i
expires: Thu, 07 Mar 2024 19:08:06 GMT

GET
H3 200 KSMZvnGtWOM.js Show response
static.xx.fbcdn.net/rsrc.php/v3iY6z4/yl/l/de_DE/ Frame C842 26 KB
7 KB 14ms
13ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3iY6z4/yl/l/de_DE/KSMZvnGtWOM.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yn/r/7vpxn5yn4xK.js?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

4d78910da55f15b014f7d5aa1f3d7e1fb6a3a3ba2bf80922c14a5269ec05b72c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 03:34:34 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: 1J+iaZUtb0w8HNwnCGcFBg==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 6795
x-fb-rlafr: 0
x-fb-debug: RZotkidN00sIA6cRxmtco/UY99XTx4DW2XX9DIVaXH7ULEsKEvmtYskT0Yw3zMx6Xq4tmcSkLHEWjpuCuVfIyQ==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
origin-agent-cluster: ?0
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=1
expires: Sat, 02 Mar 2024 15:23:23 GMT

GET
H3 200 LEsDsskAQMP.css
static.xx.fbcdn.net/rsrc.php/v3/yW/l/0,cross/ Frame C842 2 KB
745 B 11ms
10ms Stylesheet
text/css 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yW/l/0,cross/LEsDsskAQMP.css?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yn/r/7vpxn5yn4xK.js?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

c24812d7d0be82ec747b2311d03312580d35b63cadfe507a1972c9c8d5532f01

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 03:34:34 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: FC3nHWHqX3/7H1+9378Xvw==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 690
x-fb-rlafr: 0
x-fb-debug: jVfOvkpKcG5KzOoPg3bQhmG7R9WziVn7wJ2rWWTAlaw4omcyMIR/0eERhRWscuh7mp5X0b4+nSdVV7HQmjvIMA==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: text/css; charset=utf-8
access-control-allow-origin: https://www.facebook.com
origin-agent-cluster: ?0
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=0
expires: Tue, 05 Mar 2024 05:11:53 GMT

GET
H3 200 w57KfC8WeQr.css
static.xx.fbcdn.net/rsrc.php/v3/y7/l/0,cross/ Frame C842 14 KB
3 KB 13ms
12ms Stylesheet
text/css 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/y7/l/0,cross/w57KfC8WeQr.css?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yn/r/7vpxn5yn4xK.js?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

ef69f9873a759e5935b2a9f346888d28c31d586133848aa2b0ad5108032e06d8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 03:34:34 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: jpacqq5McgChUoP15s+WBg==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 3503
x-fb-rlafr: 0
x-fb-debug: BMS25TXBPjEDJ9LI/CRG+6BN0IxFYKTfW/JlSMgTtLknbyG1BJ87H39XVWeKvl+hpBSs3QyBFPBmlI7XNBiKnQ==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: text/css; charset=utf-8
access-control-allow-origin: https://www.facebook.com
origin-agent-cluster: ?0
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=0
expires: Wed, 06 Mar 2024 16:55:31 GMT

GET
H3 200 9dN_FA4mMHO.js Show response
static.xx.fbcdn.net/rsrc.php/v3i2aq4/yv/l/de_DE/ Frame C842 7 KB
3 KB 15ms
14ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3i2aq4/yv/l/de_DE/9dN_FA4mMHO.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yn/r/7vpxn5yn4xK.js?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

df5da0ce655f8d17eb4b5bb4a48afbd097d20f35766103e74a1d225f8e4dec86

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 03:34:34 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: 010SNXU1QEKN4q1s3PrLUA==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 2777
x-fb-rlafr: 0
x-fb-debug: tjRLqXvhGjy3XLEjsP0RHshCyujtEVgfMHgy6Nku9uSDYhQ1Th/pFtZr/bD9dxV1cDnRiRk7wvu81GqIIlbw9A==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=1
expires: Fri, 01 Mar 2024 03:18:40 GMT

GET
H3 200 jLGNJFhwnYJ.js Show response
static.xx.fbcdn.net/rsrc.php/v3iSmF4/yo/l/de_DE/ Frame C842 155 KB
38 KB 18ms
16ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3iSmF4/yo/l/de_DE/jLGNJFhwnYJ.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yn/r/7vpxn5yn4xK.js?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

c9a84ac7702d1f4877c64fbf066db1ea7ef1caef884d5700488aaa06884d9c2a

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 03:34:34 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: Sgvzy9jM/c4M9iDVUIFYkw==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 39261
x-fb-rlafr: 0
x-fb-debug: 89vm71CcKucp8By0BgBwd/DrSV0DQd1dm74XhbWomuKCDYGf/RBRIVCWdM+gcWetiP6Pgvcf2ITDItOC+weSuQ==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=1
expires: Thu, 07 Mar 2024 19:18:01 GMT

GET
H3 200 kdZ0zGkKPib.css
static.xx.fbcdn.net/rsrc.php/v3/yC/l/0,cross/ Frame C842 16 KB
4 KB 17ms
15ms Stylesheet
text/css 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yC/l/0,cross/kdZ0zGkKPib.css?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yn/r/7vpxn5yn4xK.js?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

f92ae17d255fdb41ac5a0c5004ef5b9b8cd4d21bbfb09c964324b494b4a58d9f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 03:34:34 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: iWOxenzUxFBqK0xTW0FDbg==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 4024
x-fb-rlafr: 0
x-fb-debug: MCMDyWNg5OCpg2+SF13NTYiyppaZ35z3P8OUppSHbBzD19+tXO59820697jPE2Ug+IyyD2q3nLyzBdluK3cSTw==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: text/css; charset=utf-8
access-control-allow-origin: https://www.facebook.com
origin-agent-cluster: ?0
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=0
expires: Wed, 06 Mar 2024 11:03:21 GMT

GET
H3 200 cbgzUfWunSr.css
static.xx.fbcdn.net/rsrc.php/v3/yw/l/0,cross/ Frame C842 16 KB
2 KB 17ms
16ms Stylesheet
text/css 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yw/l/0,cross/cbgzUfWunSr.css?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yn/r/7vpxn5yn4xK.js?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

454016dbf6fa6ca8f91deac46b5f60678ca5c29ddc35772c4d1ba09b70853283

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 03:34:34 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: yiyjHaIooLpHtNeY9ZXQmg==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 2103
x-fb-rlafr: 0
x-fb-debug: mlWyapLpYD2PULp5wsNGi0KmkIV8h8UsIMTvfC4VQP1bVmhdyEdcfCj1dkKGkzdvS8zoMeFVUA15Ihno3QJgsg==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: text/css; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=0
expires: Thu, 07 Mar 2024 18:50:28 GMT

GET
H3 200 2690700094490823 Show response
connect.facebook.net/signals/config/ 377 KB
108 KB 14ms
13ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/2690700094490823?v=2.9.98&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

0a6906352cd058f77f63594678aba26de413a91f1973cbfeebf32ccc7aca96a7

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.orientaldaily.com.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Thu, 09 Mar 2023 03:34:34 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 110230
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: Po6vQtsfnu6VPm6EO8oZS0U0O4nCaxACg4q9Z9gflT7iVA2Jr4ZmFCWH+uFvT4ATktCH2CMrCK6WHaoHQBuY1A==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
cache-control: public, max-age=1200
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
159 B 8ms
7ms Image
text/plain 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=2371761693035398&ev=PageView&dl=https%3A%2F%2Fwww.orientaldaily.com.my%2F&rl=&if=false&ts=1678332874233&sw=1600&sh=1200&v=2.9.98&r=stable&ec=0&o=30&cs_est=true&fbp=fb.2.1678332874232.1651155222&it=1678332873598&coo=false&rqm=GET

Requested by

Host: www.orientaldaily.com.my
URL: https://www.orientaldaily.com.my/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.orientaldaily.com.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Thu, 09 Mar 2023 03:34:34 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H3 200 ag-Kz-WMvnK.png
static.xx.fbcdn.net/rsrc.php/v3/yt/r/ Frame C842 330 B
383 B 7ms
7ms Image
image/png 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yt/r/ag-Kz-WMvnK.png

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/ya/l/0,cross/thu5mp64vr8.css?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

45445cdb742ba713feadbb749a2328f90698cc052372bb736682afcb5e7c6345

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://static.xx.fbcdn.net/rsrc.php/v3/ya/l/0,cross/thu5mp64vr8.css?_nc_x=Ij3Wp8lg5Kz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 03:34:34 GMT
x-content-type-options: nosniff
content-md5: eAFd0hA109+Saq2CKxwDiw==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 330
x-fb-rlafr: 0
x-fb-debug: jiAvxSwu+mIFSPok7bX2Ez2OYnl2IxnLfktZhZlhLRubx1W9lAmH7R+F1pNUNj5UJQN/BwLj1JXve+TpUhLkLA==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
content-type: image/png
access-control-allow-origin: *
origin-agent-cluster: ?0
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Fri, 01 Mar 2024 00:48:32 GMT

GET
H3 200 Vji3KgKRZhR.png
static.xx.fbcdn.net/rsrc.php/v3/yZ/r/ Frame C842 7 KB
7 KB 8ms
7ms Image
image/png 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yZ/r/Vji3KgKRZhR.png

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yf/l/0,cross/XudSw9So4-d.css?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

4ef61c947239953e2afbca18eefdd0d022c7e32db285de43561b9188f74c41ae

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://static.xx.fbcdn.net/rsrc.php/v3/yf/l/0,cross/XudSw9So4-d.css?_nc_x=Ij3Wp8lg5Kz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 03:34:34 GMT
x-content-type-options: nosniff
content-md5: vl15tkSxqq7MUuETmSO30w==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 7311
x-fb-rlafr: 0
x-fb-debug: 3BBHkO8lsTOBuyRG884hCx1dlRYdOzKy7OfWt53smZGQBaH9cASUC3mIhXvYXwGC+rX83qusY4sTTG99AwDpog==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
content-type: image/png
access-control-allow-origin: *
origin-agent-cluster: ?0
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Fri, 01 Mar 2024 20:57:13 GMT

GET
H3 200 / Show response
www.facebook.com/ajax/bootloader-endpoint/ Frame C842 15 KB
4 KB 52ms
51ms XHR
text/javascript 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/ajax/bootloader-endpoint/?modules=VideoSettingsControl.react&__user=0&__a=1&__dyn=7xeUmxa13xu1syUbFp63m1FwAxu13wqovzEcWwMwNwhE4mdwJwyU5C0TUhwem265o3wwobG1ewho24wbG782Cwoovy85ufxq0mqUS2G3i0ha2l0Fw4HwnEfovw8OfK0EUjwdq1iwKwHw8W5U4q0HUvw4JwJwSyES0gq0Lo4K2e1FwbO1pw&__csr=&__req=1&__hs=19425.BP%3Aplugin_video_pkg.2.0.0.0.0&dpr=1&__ccg=EXCELLENT&__rev=1007078559&__s=%3A%3A8lveae&__hsi=7208384793091610975&__comet_req=0&__sp=1

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yn/r/7vpxn5yn4xK.js?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

8dcefacf777ae6a6dfd5a21fd33880f42a5b44477d5c9cce78c2ddd32933dd18

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com;font-src data: .gstatic.com .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com .tenor.co media.tenor.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net .giphy.com connect.facebook.net .carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com .whatsapp.net .fb.com .oculuscdn.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com https://.giphy.com data:;frame-src .doubleclick.net .google.com .facebook.com www.googleadservices.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.facebook.com/plugins/video.php?height=314&href=https%3A%2F%2Fwww.facebook.com%2FOrientalDailyNewsMalaysia%2Fvideos%2F1247106492876856%2F&show_text=false&width=560&t=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=15552000; preload
date: Thu, 09 Mar 2023 03:34:34 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: same-origin
alt-svc: h3=":443"; ma=86400
x-fb-rlafr: 0
x-xss-protection: 0
pragma: no-cache
x-fb-debug: U0ONku9tJ0Z9pybTFawduBfx/Wuvdj0HKMZOhgCyghdll+uSLT3OeA9NmZrT3eojqkFf7nsfS95mCKebkHAXzA==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
content-type: text/javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: private, no-cache, no-store, must-revalidate
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
409 B 193ms
71ms Image
image/gif 2a00:1450:400d:80d::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-21383972-1&cid=638583148.1678332873&jid=657385683&_u=YADAAEAAAAAAACAAI~&z=846423623

Requested by

Host: www.orientaldaily.com.my
URL: https://www.orientaldaily.com.my/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80d::2004 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.orientaldaily.com.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 09 Mar 2023 03:34:34 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
409 B 139ms
51ms Image
image/gif 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-21383972-1&cid=638583148.1678332873&jid=657385683&_u=YADAAEAAAAAAACAAI~&z=846423623

Requested by

Host: www.orientaldaily.com.my
URL: https://www.orientaldaily.com.my/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.orientaldaily.com.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 09 Mar 2023 03:34:34 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame B135 0
0 79ms
79ms Fetch
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=Cf7Y9yVMJZOrdH-SSjuwPn4ScgAjJntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTM0MzA1NjExOTY5Mjg1ODnIAQmpAtM_RZHLsrE-4AIAqAMBqgSbAk_QC3983TOuZ_6cUZC_jLGOjjsIB1vUUs0YDIayT-PvEW8z5S2NzwH1rkp07Y4w-sc3L8j6p9jeJNoAvT5wZMsucFyh1vPYx63lDZ7QKH647oZMggJHpC7cQ5f3-YSUgGs2OTvz6uCcD-d8S8wKdJoAbfNNH7cxXt_K7uan_SvE8D3QEsv-dfYoSwGvCnPEE-H84PSjIgfmGmrtj75XVffD-MMfqSoNgpuPQ5t1BZsCWnSNXwyDqk1h-E16oSdAgSUGPZnBbb4XtuCLEjxX5bQhbKa6CnIS7ygIZPwiEi668wTMj0Liezs8PqLt4bkvuuaD1UJwYtxieK-TC8Doo5qd52yhkOyL-3NH5JYxl-Gclmda6tMDfUzTq5HgBAGABomI8PONoIr5e6AGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgECACgP6CwIIAYAMAdAVAYAXAbIXHAoaEhRwdWItMzQzMDU2MTE5NjkyODU4ORiWvgw&sigh=Dv0nYxIgn88&uach_m=[UACH]&cid=CAQSSwDUE5ymgSwBz0_VRlBANJjo9I2ImuFTowaE6h8LHWs4UXd6rs_uIlSB0JzxFKR-9FcHXwaNxJH-v28_eBwcL2pXCXll8s9bInYVSxgB
Requested by: Host: www.orientaldaily.com.my
URL: https://www.orientaldaily.com.my/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://25f0b6c781c28f0ec66a58e178665f44.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

GET
H2 200 notify
rtb.nl3.eu.criteo.com/google/auction/ Frame B135 0
0 62ms
15ms Fetch 2a02:2638:3::9
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://rtb.nl3.eu.criteo.com/google/auction/notify?profile=14&payload=k_79Esg12AVanYNiAgIAAAAj_vPX-wB5NlU6J3RRG5sTEMlTCWSgQ8p36wWJ8ijYAAASAAAKDkFRVURBUVlCQVFFQkFR&wp=ZAlTyQAH7uoHg4lkAAcCHwY9rB0B_Dtr97kcrw

Requested by

Host: www.orientaldaily.com.my
URL: https://www.orientaldaily.com.my/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://25f0b6c781c28f0ec66a58e178665f44.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 03:34:33 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
server-processing-duration-in-ticks: 153308
content-length: 0

GET
H2 200 afr.php Show response
ads.eu.criteo.com/delivery/r/ Frame D221 215 KB
59 KB 147ms
79ms Document
text/html 2a02:2638:3::12
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.eu.criteo.com/delivery/r/afr.php?z=ZAlTyQAH7uoHg4lkAAcCHwY9rB0B_Dtr97kcrw&u=%7CAsVilzsezzsOTEai18J74VJ%2FuS3Q7CKTWFVUxdNglwk%3D%7C&c1=VEd5MTeK-DVtvwpxQwkatQ5fNcsqqVzrn0bJRZSWEljoMqTy8nHmy-ZCx2l8r38z-Y5KeOqAmeGKc9dh3PNWVW8NiZSZp2iaXZw_LLndzIJkV4PHUDLGexVC6DFm_RxZyajzipHIo5EMUQQ9nMJy0B1iE5Un-16Sq2bsQ49gJZ9YTAWCmMkr9jUiC4KmQtU_bdEGpPf7gccvzeUOyrhX6qwxgI7ZFd47-Sw4XedVZDUBql05Q7ll7qRgO68h9x3I2gILquGEmaV6dRHdP8XsMmAPi3XfONBZOt8aBKIV-jIPhedJT9cDDRTviwYZS5BDHEPtQIDavVa9Y8e5Hm1FHRVK06FWnl863N80e8UK1eDQy0vVpz6bDi3tWx2oKngpVMwIBMfWz9-KmhqB0lDeW9K8NFvbatUUyg2U_ohRgr2b-4FpZ3W-icsYi2VPpeS56wlIrCUlPlGzXNzQoV88BTp5UyyqkVOfdAMXTFnjk1PIyJxry_DrNa-w-AD7Gfd64TYKpSMNjyH8bYHSKelvEMLpJZwJuAX-QI9stShuNpIruk8p0YOlBdwdhIYz925AQAShJuOiJ1dawS3DriVZYyRtEyrbcL5c6E9FI1dFSd-kVBGOgem0HSOOvY3oOs4cWoEs-4I1FPs&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCujTTyVMJZOrdH-SSjuwPn4ScgAjJntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTM0MzA1NjExOTY5Mjg1ODnIAQmpAtM_RZHLsrE-4AIAqAMBqgSeAk_QC3983TOuZ_6cUZC_jLGOjjsIB1vUUs0YDIayT-PvEW8z5S2NzwH1rkp07Y4w-sc3L8j6p9jeJNoAvT5wZMsucFyh1vPYx63lDZ7QKH647oZMggJHpC7cQ5f3-YSUgGs2OTvz6uCcD-d8S8wKdJoAbfNNH7cxXt_K7uan_SvE8D3QEsv-dfYoSwGvCnPEE-H84PSjIgfmGmrtj75XVffD-MMfqSoNgpuPQ5t1BZsCWnSNXwyDqk1h-E16oSdAgSUGPZnBbb4XtuCLEjxX5bQhbKa6CnIS7ygIZPwiEi668wTMj0Liezs8PqLt4bkvuuaD1UJwIN5D6igcl9NXP44-N1EHaOWf8cVNyo6zIymhMJXl9P8b-OZXuC7qX2HgBAGABomI8PONoIr5e6AGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2_bwgh13-dieKy3m2hl3OSjTZ9lQ%26client%3Dca-pub-3430561196928589%26adurl%3D

Requested by

Host: 25f0b6c781c28f0ec66a58e178665f44.safeframe.googlesyndication.com
URL: https://25f0b6c781c28f0ec66a58e178665f44.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::12 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

548703c5b3f25bd130cdac45774268fd9162c65d942640851871b2ad1a69811b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://25f0b6c781c28f0ec66a58e178665f44.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1000
cache-control: private, max-age=0, no-cache
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
date: Thu, 09 Mar 2023 03:34:33 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
link: <pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p: CP='CUR ADM OUR NOR STA NID'
pragma: no-cache
report-to: {"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=lG8G7mT-_0_ex_Fbhpd9S2ow9dOI1Qqrwi9CadioBTL5tACsSmbipyvyykobnefYm9IL2DbtlNZNSP7AqARfHjhUhgawS_wqkYE1m6f5MG-saS5EFV1UGmayo6QuySftbCbJs_hsffuo5XffH1m3qEtpMq7h6bqNd4hYQSlu-AkICV_wh03nPKt6raJotx05NzZE3yu8_jDf6o3kVggRozgTUaiABRzpxJPtsNYIM0S3NE96dxtp_Itr7FYVNkxF4LmEKA"}], "max_age": 86400}
server: Kestrel
server-processing-duration-in-ticks: 57586213
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230306/r20110914/client/ Frame B135 3 KB
1 KB 230ms
111ms Script
text/javascript 2a00:1450:400d:807::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230306/r20110914/client/window_focus_fy2021.js

Requested by

Host: 25f0b6c781c28f0ec66a58e178665f44.safeframe.googlesyndication.com
URL: https://25f0b6c781c28f0ec66a58e178665f44.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:807::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://25f0b6c781c28f0ec66a58e178665f44.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 08 Mar 2023 18:16:58 GMT
content-encoding: br
x-content-type-options: nosniff
age: 33456
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 22 Mar 2023 18:16:58 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230306/r20110914/client/ Frame B135 20 KB
9 KB 165ms
47ms Script
text/javascript 2a00:1450:400d:807::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230306/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 25f0b6c781c28f0ec66a58e178665f44.safeframe.googlesyndication.com
URL: https://25f0b6c781c28f0ec66a58e178665f44.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:807::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6c95fae81c74bcffbf17e425b12ade6b9a510178a5fc66ddfaeee0d0db76c5c5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://25f0b6c781c28f0ec66a58e178665f44.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 08 Mar 2023 18:16:57 GMT
content-encoding: br
x-content-type-options: nosniff
age: 33457
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8558
x-xss-protection: 0
server: cafe
etag: 3110455901848521628
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 22 Mar 2023 18:16:57 GMT

GET
H2 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame B135 24 KB
7 KB 171ms
53ms Script
text/javascript 2a00:1450:400d:807::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js

Requested by

Host: 25f0b6c781c28f0ec66a58e178665f44.safeframe.googlesyndication.com
URL: https://25f0b6c781c28f0ec66a58e178665f44.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:807::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://25f0b6c781c28f0ec66a58e178665f44.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 08 Mar 2023 18:16:56 GMT
content-encoding: br
x-content-type-options: nosniff
age: 33458
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6402
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Thu, 07 Mar 2024 18:16:56 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame B135 158 KB
49 KB 111ms
110ms Script
text/javascript 2a00:1450:400d:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 25f0b6c781c28f0ec66a58e178665f44.safeframe.googlesyndication.com
URL: https://25f0b6c781c28f0ec66a58e178665f44.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80d::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4126ffde4b9e571b1c3e55b45a7e9596e139ad2de1bdbfe851a2e2b2c7da7f38

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://25f0b6c781c28f0ec66a58e178665f44.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 03:34:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49657
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1678278820084806"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 09 Mar 2023 03:34:34 GMT

GET
H2 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 8E8D 624 B
286 B 131ms
48ms Document
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=COed9gIQ_eHmjwIYzNWa4QEwAQ&v=APEucNXpAHoSNHV40EMmny5gCQTGHk8NEfazwv3nNl2xonGLcschS761yPlSooYJP5e0EXr4PqLvDIiguQqJKC1nC60x7yg-UyE6CzwMcj3YSOIYx_ROdEuYFnWkjNKssywt5ldggsjpW1ZwSzz-fjw9A9HY7-1pW7qP7wWt8Zj3AbUQl6gnYws

Requested by

Host: 25f0b6c781c28f0ec66a58e178665f44.safeframe.googlesyndication.com
URL: https://25f0b6c781c28f0ec66a58e178665f44.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://25f0b6c781c28f0ec66a58e178665f44.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 09 Mar 2023 03:34:34 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 8C5A 78 KB
27 KB 269ms
85ms Script
text/javascript 2a00:1450:400d:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Host: 25f0b6c781c28f0ec66a58e178665f44.safeframe.googlesyndication.com
URL: https://25f0b6c781c28f0ec66a58e178665f44.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:808::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

16b432ac8f43a6b2d8aa358f41ee60e2ef5923b2645bf2c37f3a06f8334b1557

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://25f0b6c781c28f0ec66a58e178665f44.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 03:34:34 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 27790
x-xss-protection: 0
server: cafe
etag: 3677590245327912432
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Thu, 09 Mar 2023 03:34:34 GMT

GET
H2 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 8C5A 42 B
111 B 261ms
77ms Image
image/gif 2a00:1450:400d:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-CwgUtqFzRASwWIX_9mwIQZ0r5Q7Yz9RUN9EUy50rTDsZnRSQyghKs1dL9vOGq9WAk7N8Fc49DqocjvejxyB-RQZRkV9mBSET2mGhhpIwUGND5T_qc

Requested by

Host: 25f0b6c781c28f0ec66a58e178665f44.safeframe.googlesyndication.com
URL: https://25f0b6c781c28f0ec66a58e178665f44.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:808::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://25f0b6c781c28f0ec66a58e178665f44.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 09 Mar 2023 03:34:34 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 8C5A 0
350 B 260ms
77ms Image
image/gif 2a00:1450:400d:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=8818878692447593189&x=1&ct=76

Requested by

Host: 25f0b6c781c28f0ec66a58e178665f44.safeframe.googlesyndication.com
URL: https://25f0b6c781c28f0ec66a58e178665f44.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:808::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://25f0b6c781c28f0ec66a58e178665f44.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 09 Mar 2023 03:34:34 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230306/r20110914/client/ Frame 8C5A 3 KB
1 KB 228ms
114ms Script
text/javascript 2a00:1450:400d:807::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230306/r20110914/client/window_focus_fy2021.js

Requested by

Host: 25f0b6c781c28f0ec66a58e178665f44.safeframe.googlesyndication.com
URL: https://25f0b6c781c28f0ec66a58e178665f44.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:807::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://25f0b6c781c28f0ec66a58e178665f44.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 08 Mar 2023 18:16:58 GMT
content-encoding: br
x-content-type-options: nosniff
age: 33456
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 22 Mar 2023 18:16:58 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230306/r20110914/client/ Frame 8C5A 20 KB
8 KB 171ms
57ms Script
text/javascript 2a00:1450:400d:807::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230306/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 25f0b6c781c28f0ec66a58e178665f44.safeframe.googlesyndication.com
URL: https://25f0b6c781c28f0ec66a58e178665f44.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:807::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6c95fae81c74bcffbf17e425b12ade6b9a510178a5fc66ddfaeee0d0db76c5c5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://25f0b6c781c28f0ec66a58e178665f44.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 08 Mar 2023 18:16:57 GMT
content-encoding: br
x-content-type-options: nosniff
age: 33457
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8558
x-xss-protection: 0
server: cafe
etag: 3110455901848521628
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 22 Mar 2023 18:16:57 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 8C5A 158 KB
49 KB 169ms
169ms Script
text/javascript 2a00:1450:400d:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 25f0b6c781c28f0ec66a58e178665f44.safeframe.googlesyndication.com
URL: https://25f0b6c781c28f0ec66a58e178665f44.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80d::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4126ffde4b9e571b1c3e55b45a7e9596e139ad2de1bdbfe851a2e2b2c7da7f38

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://25f0b6c781c28f0ec66a58e178665f44.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 03:34:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49657
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1678278820084806"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 09 Mar 2023 03:34:34 GMT

GET
H2 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 1714 624 B
286 B 127ms
49ms Document
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxjgyrvGATAB&v=APEucNVK2Ld0jWAzynESV-gEQEIoSEsu_j_vkhF_wtM14fThoecBbyKAUuWWtpd4qN-UDb5_tNpsD-A_pRE3oTY2quGkIZKvNwSIdibtkNvYeIfbH_LpZqYnKabS1BudyXLwOX2_IYXQL3OIe_EgqU8Va2dEI6EcO55A8iMBLkv5ZzxqXg1_sG0

Requested by

Host: 25f0b6c781c28f0ec66a58e178665f44.safeframe.googlesyndication.com
URL: https://25f0b6c781c28f0ec66a58e178665f44.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://25f0b6c781c28f0ec66a58e178665f44.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 09 Mar 2023 03:34:34 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 0E74 78 KB
27 KB 349ms
169ms Script
text/javascript 2a00:1450:400d:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Host: 25f0b6c781c28f0ec66a58e178665f44.safeframe.googlesyndication.com
URL: https://25f0b6c781c28f0ec66a58e178665f44.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:808::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

16b432ac8f43a6b2d8aa358f41ee60e2ef5923b2645bf2c37f3a06f8334b1557

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://25f0b6c781c28f0ec66a58e178665f44.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 03:34:34 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 27790
x-xss-protection: 0
server: cafe
etag: 3677590245327912432
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Thu, 09 Mar 2023 03:34:34 GMT

GET
H2 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 0E74 42 B
108 B 257ms
78ms Image
image/gif 2a00:1450:400d:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-BSQvFnUOuv7nPVQSnRrq8aE2XWMva9hFbjv7iO9VjlF31wqgikW_PiQoKZMGT9QwV93OzRivofM2SWNoUJhLdyUr39wDn6rd0EO67EmFSIP7bRQHM

Requested by

Host: 25f0b6c781c28f0ec66a58e178665f44.safeframe.googlesyndication.com
URL: https://25f0b6c781c28f0ec66a58e178665f44.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:808::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://25f0b6c781c28f0ec66a58e178665f44.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 09 Mar 2023 03:34:34 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 0E74 0
57 B 323ms
144ms Image
image/gif 2a00:1450:400d:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=3020198889107654097&x=1&ct=77

Requested by

Host: 25f0b6c781c28f0ec66a58e178665f44.safeframe.googlesyndication.com
URL: https://25f0b6c781c28f0ec66a58e178665f44.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:808::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://25f0b6c781c28f0ec66a58e178665f44.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 09 Mar 2023 03:34:34 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230306/r20110914/client/ Frame 0E74 3 KB
1 KB 225ms
115ms Script
text/javascript 2a00:1450:400d:807::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230306/r20110914/client/window_focus_fy2021.js

Requested by

Host: 25f0b6c781c28f0ec66a58e178665f44.safeframe.googlesyndication.com
URL: https://25f0b6c781c28f0ec66a58e178665f44.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:807::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://25f0b6c781c28f0ec66a58e178665f44.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 08 Mar 2023 18:16:58 GMT
content-encoding: br
x-content-type-options: nosniff
age: 33456
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 22 Mar 2023 18:16:58 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230306/r20110914/client/ Frame 0E74 20 KB
8 KB 211ms
101ms Script
text/javascript 2a00:1450:400d:807::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230306/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 25f0b6c781c28f0ec66a58e178665f44.safeframe.googlesyndication.com
URL: https://25f0b6c781c28f0ec66a58e178665f44.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:807::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6c95fae81c74bcffbf17e425b12ade6b9a510178a5fc66ddfaeee0d0db76c5c5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://25f0b6c781c28f0ec66a58e178665f44.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 08 Mar 2023 18:16:57 GMT
content-encoding: br
x-content-type-options: nosniff
age: 33457
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8558
x-xss-protection: 0
server: cafe
etag: 3110455901848521628
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 22 Mar 2023 18:16:57 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 0E74 158 KB
49 KB 180ms
179ms Script
text/javascript 2a00:1450:400d:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 25f0b6c781c28f0ec66a58e178665f44.safeframe.googlesyndication.com
URL: https://25f0b6c781c28f0ec66a58e178665f44.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80d::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4126ffde4b9e571b1c3e55b45a7e9596e139ad2de1bdbfe851a2e2b2c7da7f38

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://25f0b6c781c28f0ec66a58e178665f44.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 03:34:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49657
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1678278820084806"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 09 Mar 2023 03:34:34 GMT

GET
H2 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 3990 624 B
578 B 122ms
46ms Document
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxjgyrvGATAB&v=APEucNXx3xyrZC6lgHz5gaPVCKytCQMZUwAw0e4rBM5-7QCYqPWOteg3WNv4oOjO2biyxm68UN0KaqcHN_ypvadd_oTXPIuVCKAdP7yDaRItRDbzT_doguk87pFMFqOtW7HhILga_-kEXrTk6N74PkHJ9HyCVtH3NlXRbk2VouGEd6Tp7FbJvTg

Requested by

Host: 25f0b6c781c28f0ec66a58e178665f44.safeframe.googlesyndication.com
URL: https://25f0b6c781c28f0ec66a58e178665f44.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://25f0b6c781c28f0ec66a58e178665f44.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 09 Mar 2023 03:34:34 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 7B35 78 KB
27 KB 332ms
155ms Script
text/javascript 2a00:1450:400d:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Host: 25f0b6c781c28f0ec66a58e178665f44.safeframe.googlesyndication.com
URL: https://25f0b6c781c28f0ec66a58e178665f44.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:808::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

16b432ac8f43a6b2d8aa358f41ee60e2ef5923b2645bf2c37f3a06f8334b1557

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://25f0b6c781c28f0ec66a58e178665f44.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 03:34:34 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 27790
x-xss-protection: 0
server: cafe
etag: 3677590245327912432
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Thu, 09 Mar 2023 03:34:34 GMT

GET
H2 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 7B35 42 B
108 B 254ms
78ms Image
image/gif 2a00:1450:400d:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-Cq9eq8A6dsUaQM2Va-Cxy4nDPGZRuqP3se0n3KNw6Dpwbx9cj3lYCuIGLRDCo2ztAsm_KtYIVu25AY35HMeoflUi7BK0azkHNJU9_8Rn695enLLg4

Requested by

Host: 25f0b6c781c28f0ec66a58e178665f44.safeframe.googlesyndication.com
URL: https://25f0b6c781c28f0ec66a58e178665f44.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:808::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://25f0b6c781c28f0ec66a58e178665f44.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 09 Mar 2023 03:34:34 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 7B35 0
57 B 254ms
78ms Image
image/gif 2a00:1450:400d:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=5957868261546642804&x=1&ct=77

Requested by

Host: 25f0b6c781c28f0ec66a58e178665f44.safeframe.googlesyndication.com
URL: https://25f0b6c781c28f0ec66a58e178665f44.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:808::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://25f0b6c781c28f0ec66a58e178665f44.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 09 Mar 2023 03:34:34 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230306/r20110914/client/ Frame 7B35 3 KB
1 KB 216ms
110ms Script
text/javascript 2a00:1450:400d:807::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230306/r20110914/client/window_focus_fy2021.js

Requested by

Host: 25f0b6c781c28f0ec66a58e178665f44.safeframe.googlesyndication.com
URL: https://25f0b6c781c28f0ec66a58e178665f44.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:807::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://25f0b6c781c28f0ec66a58e178665f44.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 08 Mar 2023 18:16:58 GMT
content-encoding: br
x-content-type-options: nosniff
age: 33456
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 22 Mar 2023 18:16:58 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230306/r20110914/client/ Frame 7B35 20 KB
8 KB 200ms
94ms Script
text/javascript 2a00:1450:400d:807::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230306/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 25f0b6c781c28f0ec66a58e178665f44.safeframe.googlesyndication.com
URL: https://25f0b6c781c28f0ec66a58e178665f44.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:807::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6c95fae81c74bcffbf17e425b12ade6b9a510178a5fc66ddfaeee0d0db76c5c5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://25f0b6c781c28f0ec66a58e178665f44.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 08 Mar 2023 18:16:57 GMT
content-encoding: br
x-content-type-options: nosniff
age: 33457
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8558
x-xss-protection: 0
server: cafe
etag: 3110455901848521628
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 22 Mar 2023 18:16:57 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 7B35 158 KB
49 KB 170ms
169ms Script
text/javascript 2a00:1450:400d:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 25f0b6c781c28f0ec66a58e178665f44.safeframe.googlesyndication.com
URL: https://25f0b6c781c28f0ec66a58e178665f44.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80d::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4126ffde4b9e571b1c3e55b45a7e9596e139ad2de1bdbfe851a2e2b2c7da7f38

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://25f0b6c781c28f0ec66a58e178665f44.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 03:34:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49657
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1678278820084806"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 09 Mar 2023 03:34:34 GMT

GET
H3 200 10000000_2771555772978778_5619920907914227032_n.mp4 Show response
video-lhr8-2.xx.fbcdn.net/v/t42.1790-29/ Frame C842 123 KB
123 KB 18ms
17ms Fetch
video/mp4 2a03:2880:f058:113:face:b00c:0:1823
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL: https://video-lhr8-2.xx.fbcdn.net/v/t42.1790-29/10000000_2771555772978778_5619920907914227032_n.mp4?_nc_cat=105&ccb=1-7&_nc_sid=5aebc0&efg=eyJ2ZW5jb2RlX3RhZyI6ImRhc2hfbGl2ZV9tZF9mcmFnXzJfdmlkZW8ifQ%3D%3D&_nc_ohc=JZ8prLWYxXMAX9zqyq8&_nc_ht=video-lhr8-2.xx&edm=AGo2L-IEAAAA&oh=00_AfBhPeBKGPJ980W5KDKTYFPk5g_9z5lnoDD5RK-esPQNNA&oe=6409772D&bytestart=321122&byteend=447350
Requested by: Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yS/r/E3aVjH1G1Nz.js?_nc_x=Ij3Wp8lg5Kz
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a03:2880:f058:113:face:b00c:0:1823 London, United Kingdom, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: cc116790e7045ea4eee628eb9b10d6cad980f15ffa253bfcfe361d4c7ad4bc10

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 03:34:34 GMT
x-storage-error-category: dfs:none;sc_p:206:WSE_NOT_SET
last-modified: Thu, 09 Mar 2023 03:28:07 GMT
vary: Origin
content-type: video/mp4
access-control-allow-origin: https://www.facebook.com
cache-control: max-age=1209600, no-transform
cross-origin-resource-policy: cross-origin
x-upstream-checksum-algorithm: crc32
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=86400
content-length: 126229
priority: u=1,i

GET
H3 200 10000000_1600936633706790_4061514357092947234_n.mp4 Show response
video-lhr8-1.xx.fbcdn.net/v/t42.1790-29/ Frame C842 20 KB
20 KB 16ms
16ms Fetch
video/mp4 2a03:2880:f058:9:face:b00c:0:1823
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL: https://video-lhr8-1.xx.fbcdn.net/v/t42.1790-29/10000000_1600936633706790_4061514357092947234_n.mp4?_nc_cat=107&ccb=1-7&_nc_sid=5aebc0&efg=eyJ2ZW5jb2RlX3RhZyI6ImRhc2hfbGl2ZV9tZF9mcmFnXzJfYXVkaW8ifQ%3D%3D&_nc_ohc=_gwsUAA-o0cAX8Mrj0U&_nc_ht=video-lhr8-1.xx&edm=AGo2L-IEAAAA&oh=00_AfBVvE6hO-T_utdrlG6iFIsxCHhwUEy2YubId63VIktcPg&oe=64097A83&bytestart=48034&byteend=68703
Requested by: Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yS/r/E3aVjH1G1Nz.js?_nc_x=Ij3Wp8lg5Kz
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a03:2880:f058:9:face:b00c:0:1823 London, United Kingdom, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: 08447a7421d539fe19e6fba61968dc461ee38f415317aa6e024ce07a21608e5c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 03:34:34 GMT
x-storage-error-category: dfs:none;sc_p:206:WSE_NOT_SET
last-modified: Thu, 09 Mar 2023 03:28:05 GMT
vary: Origin
content-type: video/mp4
access-control-allow-origin: https://www.facebook.com
cache-control: max-age=1209600, no-transform
cross-origin-resource-policy: cross-origin
x-upstream-checksum-algorithm: crc32
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=86400
content-length: 20670
priority: u=1,i

GET
H2 200 displayAd.js Show response
s.tribalfusion.com/ Frame C515 679 B
892 B 233ms
186ms Script
application/x-javascript 2606:4700::6812:19ad
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s.tribalfusion.com/displayAd.js?dver=0.9&th=7555152956
Requested by: Host: tags.expo9.exponential.com
URL: https://tags.expo9.exponential.com/tags/orientaldailycom/desktop/tags.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:19ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 80f5daf27fab81d89bd7fce3e1ee19f2d157c16203e08e03ecc838c4fd6c9160

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.orientaldaily.com.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 03:34:34 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
x-function: 153
last-modified: Fri, 17 Feb 2023 18:04:49 GMT
server: cloudflare
x-reuse-index: 48
vary: Accept-Encoding
content-type: application/x-javascript
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: private
cf-ray: 7a504351b81430ea-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 333
expires: Wed, 07 Jun 2023 03:34:34 GMT

GET
H3 200 pubads_impl_2023030201.js Show response
securepubads.g.doubleclick.net/gpt/ Frame 7A12 385 KB
130 KB 38ms
37ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023030201.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2f840763a07b5312fc63528256e33b2b0c49ba19d3ff5a2167d3496236f0afc7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.orientaldaily.com.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 08 Mar 2023 23:35:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 14350
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 133088
x-xss-protection: 0
last-modified: Thu, 02 Mar 2023 09:36:32 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Thu, 07 Mar 2024 23:35:24 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ Frame 7A12 5 KB
729 B 64ms
64ms XHR
application/json 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.orientaldaily.com.my

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

573dea8b5a27df76b56b5d17a872bf655eeadd5d7923111c100dcf4252c428ab

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.orientaldaily.com.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 03:34:34 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 704
x-xss-protection: 0
expires: Thu, 09 Mar 2023 03:34:34 GMT

GET
H3 200 10000000_2771555772978778_5619920907914227032_n.mp4 Show response
video-lhr8-2.xx.fbcdn.net/v/t42.1790-29/ Frame A5C6 123 KB
123 KB 31ms
26ms Fetch
video/mp4 2a03:2880:f058:113:face:b00c:0:1823
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL: https://video-lhr8-2.xx.fbcdn.net/v/t42.1790-29/10000000_2771555772978778_5619920907914227032_n.mp4?_nc_cat=105&ccb=1-7&_nc_sid=5aebc0&efg=eyJ2ZW5jb2RlX3RhZyI6ImRhc2hfbGl2ZV9tZF9mcmFnXzJfdmlkZW8ifQ%3D%3D&_nc_ohc=JZ8prLWYxXMAX9zqyq8&_nc_ht=video-lhr8-2.xx&edm=AGo2L-IEAAAA&oh=00_AfBhPeBKGPJ980W5KDKTYFPk5g_9z5lnoDD5RK-esPQNNA&oe=6409772D&bytestart=321122&byteend=447350
Requested by: Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yS/r/E3aVjH1G1Nz.js?_nc_x=Ij3Wp8lg5Kz
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a03:2880:f058:113:face:b00c:0:1823 London, United Kingdom, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: cc116790e7045ea4eee628eb9b10d6cad980f15ffa253bfcfe361d4c7ad4bc10

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 03:34:34 GMT
x-storage-error-category: dfs:none;sc_p:206:WSE_NOT_SET
last-modified: Thu, 09 Mar 2023 03:28:07 GMT
vary: Origin
content-type: video/mp4
access-control-allow-origin: https://www.facebook.com
cache-control: max-age=1209600, no-transform
cross-origin-resource-policy: cross-origin
x-upstream-checksum-algorithm: crc32
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=86400
content-length: 126229
priority: u=1,i

GET
H3 200 10000000_1600936633706790_4061514357092947234_n.mp4 Show response
video-lhr8-1.xx.fbcdn.net/v/t42.1790-29/ Frame A5C6 20 KB
20 KB 29ms
27ms Fetch
video/mp4 2a03:2880:f058:9:face:b00c:0:1823
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL: https://video-lhr8-1.xx.fbcdn.net/v/t42.1790-29/10000000_1600936633706790_4061514357092947234_n.mp4?_nc_cat=107&ccb=1-7&_nc_sid=5aebc0&efg=eyJ2ZW5jb2RlX3RhZyI6ImRhc2hfbGl2ZV9tZF9mcmFnXzJfYXVkaW8ifQ%3D%3D&_nc_ohc=_gwsUAA-o0cAX8Mrj0U&_nc_ht=video-lhr8-1.xx&edm=AGo2L-IEAAAA&oh=00_AfBVvE6hO-T_utdrlG6iFIsxCHhwUEy2YubId63VIktcPg&oe=64097A83&bytestart=48034&byteend=68703
Requested by: Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yS/r/E3aVjH1G1Nz.js?_nc_x=Ij3Wp8lg5Kz
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a03:2880:f058:9:face:b00c:0:1823 London, United Kingdom, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: 08447a7421d539fe19e6fba61968dc461ee38f415317aa6e024ce07a21608e5c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 03:34:34 GMT
x-storage-error-category: dfs:none;sc_p:206:WSE_NOT_SET
last-modified: Thu, 09 Mar 2023 03:28:05 GMT
vary: Origin
content-type: video/mp4
access-control-allow-origin: https://www.facebook.com
cache-control: max-age=1209600, no-transform
cross-origin-resource-policy: cross-origin
x-upstream-checksum-algorithm: crc32
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=86400
content-length: 20670
priority: u=1,i

GET
H3 200 10000000_2771555772978778_5619920907914227032_n.mp4 Show response
video-lhr8-2.xx.fbcdn.net/v/t42.1790-29/ Frame C842 259 KB
260 KB 39ms
17ms Fetch
video/mp4 2a03:2880:f058:113:face:b00c:0:1823
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL: https://video-lhr8-2.xx.fbcdn.net/v/t42.1790-29/10000000_2771555772978778_5619920907914227032_n.mp4?_nc_cat=105&ccb=1-7&_nc_sid=5aebc0&efg=eyJ2ZW5jb2RlX3RhZyI6ImRhc2hfbGl2ZV9tZF9mcmFnXzJfdmlkZW8ifQ%3D%3D&_nc_ohc=JZ8prLWYxXMAX9zqyq8&_nc_ht=video-lhr8-2.xx&edm=AGo2L-IEAAAA&oh=00_AfBhPeBKGPJ980W5KDKTYFPk5g_9z5lnoDD5RK-esPQNNA&oe=6409772D&bytestart=447351&byteend=713050
Requested by: Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yS/r/E3aVjH1G1Nz.js?_nc_x=Ij3Wp8lg5Kz
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a03:2880:f058:113:face:b00c:0:1823 London, United Kingdom, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: 0bee153352b63685e80f22f1e0d6637ffe18e38c20bf3737e414c4ccb644463f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 03:34:34 GMT
x-storage-error-category: dfs:none;sc_p:206:WSE_NOT_SET
last-modified: Thu, 09 Mar 2023 03:28:07 GMT
vary: Origin
content-type: video/mp4
access-control-allow-origin: https://www.facebook.com
cache-control: max-age=1209600, no-transform
cross-origin-resource-policy: cross-origin
x-upstream-checksum-algorithm: crc32
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=86400
content-length: 265700
priority: u=1,i

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 3990
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPTq5uUb0-oMm2n08InGmmg&google_cver=1

43 B
632 B

10ms
8ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPTq5uUb0-oMm2n08InGmmg&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxjgyrvGATAB&v=APEucNXx3xyrZC6lgHz5gaPVCKytCQMZUwAw0e4rBM5-7QCYqPWOteg3WNv4oOjO2biyxm68UN0KaqcHN_ypvadd_oTXPIuVCKAdP7yDaRItRDbzT_doguk87pFMFqOtW7HhILga_-kEXrTk6N74PkHJ9HyCVtH3NlXRbk2VouGEd6Tp7FbJvTg
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 09 Mar 2023 03:34:34 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=498
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Thu, 09 Mar 2023 03:34:34 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPTq5uUb0-oMm2n08InGmmg&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 3990
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZAlTyvjUpeZJG3e3wedcfAAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPTq5uUb0-oMm2n08InGmmg&google_cver=1

43 B
766 B

9ms
8ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPTq5uUb0-oMm2n08InGmmg&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxjgyrvGATAB&v=APEucNXx3xyrZC6lgHz5gaPVCKytCQMZUwAw0e4rBM5-7QCYqPWOteg3WNv4oOjO2biyxm68UN0KaqcHN_ypvadd_oTXPIuVCKAdP7yDaRItRDbzT_doguk87pFMFqOtW7HhILga_-kEXrTk6N74PkHJ9HyCVtH3NlXRbk2VouGEd6Tp7FbJvTg
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 09 Mar 2023 03:34:35 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=498
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Thu, 09 Mar 2023 03:34:34 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPTq5uUb0-oMm2n08InGmmg&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame 3990
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEKo1JMDhcjfaXKr33rWGjFA&google_cver=1

43 B
1 KB

22ms
7ms

Image
image/gif

37.252.171.84
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEKo1JMDhcjfaXKr33rWGjFA&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxjgyrvGATAB&v=APEucNXx3xyrZC6lgHz5gaPVCKytCQMZUwAw0e4rBM5-7QCYqPWOteg3WNv4oOjO2biyxm68UN0KaqcHN_ypvadd_oTXPIuVCKAdP7yDaRItRDbzT_doguk87pFMFqOtW7HhILga_-kEXrTk6N74PkHJ9HyCVtH3NlXRbk2VouGEd6Tp7FbJvTg

Protocol

HTTP/1.1

Server

37.252.171.84 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

1002.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 09 Mar 2023 03:34:34 GMT
AN-X-Request-Uuid: c1c8f466-101b-4faa-b6a3-3da907d2f686
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: image/gif
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 185.213.155.181; 185.213.155.181; 1002.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 09 Mar 2023 03:34:34 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEKo1JMDhcjfaXKr33rWGjFA&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 3990
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzMxMzM3MzA4MDkxMTM3MTI0NQ%3D%3D

170 B
188 B

48ms
46ms

Image
image/png

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzMxMzM3MzA4MDkxMTM3MTI0NQ%3D%3D

Requested by

Protocol

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 09 Mar 2023 03:34:35 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Thu, 09 Mar 2023 03:34:34 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 185.213.155.181; 185.213.155.181; 1002.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: 42de7c3d-993f-4239-a9f1-aaf4025d1ac5
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzMxMzM3MzA4MDkxMTM3MTI0NQ%3D%3D
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 8E8D
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPTq5uUb0-oMm2n08InGmmg&google_cver=1

43 B
632 B

11ms
9ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPTq5uUb0-oMm2n08InGmmg&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COed9gIQ_eHmjwIYzNWa4QEwAQ&v=APEucNXpAHoSNHV40EMmny5gCQTGHk8NEfazwv3nNl2xonGLcschS761yPlSooYJP5e0EXr4PqLvDIiguQqJKC1nC60x7yg-UyE6CzwMcj3YSOIYx_ROdEuYFnWkjNKssywt5ldggsjpW1ZwSzz-fjw9A9HY7-1pW7qP7wWt8Zj3AbUQl6gnYws
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 09 Mar 2023 03:34:34 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=498
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Thu, 09 Mar 2023 03:34:34 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPTq5uUb0-oMm2n08InGmmg&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 8E8D
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZAlTyvjUpeZJG3e3wedcfAAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPTq5uUb0-oMm2n08InGmmg&google_cver=1

43 B
632 B

9ms
8ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPTq5uUb0-oMm2n08InGmmg&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COed9gIQ_eHmjwIYzNWa4QEwAQ&v=APEucNXpAHoSNHV40EMmny5gCQTGHk8NEfazwv3nNl2xonGLcschS761yPlSooYJP5e0EXr4PqLvDIiguQqJKC1nC60x7yg-UyE6CzwMcj3YSOIYx_ROdEuYFnWkjNKssywt5ldggsjpW1ZwSzz-fjw9A9HY7-1pW7qP7wWt8Zj3AbUQl6gnYws
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 09 Mar 2023 03:34:35 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=497
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Thu, 09 Mar 2023 03:34:34 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPTq5uUb0-oMm2n08InGmmg&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame 8E8D
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEKo1JMDhcjfaXKr33rWGjFA&google_cver=1

43 B
1 KB

20ms
6ms

Image
image/gif

37.252.171.84
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEKo1JMDhcjfaXKr33rWGjFA&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COed9gIQ_eHmjwIYzNWa4QEwAQ&v=APEucNXpAHoSNHV40EMmny5gCQTGHk8NEfazwv3nNl2xonGLcschS761yPlSooYJP5e0EXr4PqLvDIiguQqJKC1nC60x7yg-UyE6CzwMcj3YSOIYx_ROdEuYFnWkjNKssywt5ldggsjpW1ZwSzz-fjw9A9HY7-1pW7qP7wWt8Zj3AbUQl6gnYws

Protocol

HTTP/1.1

Server

37.252.171.84 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

1002.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 09 Mar 2023 03:34:34 GMT
AN-X-Request-Uuid: 62927c8e-d310-495d-88b0-b5c557c0f22c
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: image/gif
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 185.213.155.181; 185.213.155.181; 1002.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 09 Mar 2023 03:34:34 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEKo1JMDhcjfaXKr33rWGjFA&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 8E8D
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzMxMzM3MzA4MDkxMTM3MTI0NQ%3D%3D

170 B
188 B

52ms
50ms

Image
image/png

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzMxMzM3MzA4MDkxMTM3MTI0NQ%3D%3D

Requested by

Protocol

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 09 Mar 2023 03:34:35 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Thu, 09 Mar 2023 03:34:34 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 185.213.155.181; 185.213.155.181; 1002.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: e8caa231-9f78-474a-bae6-39c16bd79dfa
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzMxMzM3MzA4MDkxMTM3MTI0NQ%3D%3D
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 /
www.facebook.com/tr/ 0
15 B 7ms
7ms Image
text/plain 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=2690700094490823&ev=PageView&dl=https%3A%2F%2Fwww.orientaldaily.com.my%2F&rl=&if=false&ts=1678332874597&sw=1600&sh=1200&v=2.9.98&r=stable&ec=0&o=30&cs_est=true&fbp=fb.2.1678332874232.1651155222&it=1678332873598&coo=false&rqm=GET

Requested by

Host: www.orientaldaily.com.my
URL: https://www.orientaldaily.com.my/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.orientaldaily.com.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Thu, 09 Mar 2023 03:34:34 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
priority: u=3,i

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 1714
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPTq5uUb0-oMm2n08InGmmg&google_cver=1

43 B
632 B

9ms
9ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPTq5uUb0-oMm2n08InGmmg&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxjgyrvGATAB&v=APEucNVK2Ld0jWAzynESV-gEQEIoSEsu_j_vkhF_wtM14fThoecBbyKAUuWWtpd4qN-UDb5_tNpsD-A_pRE3oTY2quGkIZKvNwSIdibtkNvYeIfbH_LpZqYnKabS1BudyXLwOX2_IYXQL3OIe_EgqU8Va2dEI6EcO55A8iMBLkv5ZzxqXg1_sG0
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 09 Mar 2023 03:34:34 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=497
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Thu, 09 Mar 2023 03:34:34 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPTq5uUb0-oMm2n08InGmmg&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 1714
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZAlTyvjUpeZJG3e3wedcfAAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPTq5uUb0-oMm2n08InGmmg&google_cver=1

43 B
632 B

8ms
8ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPTq5uUb0-oMm2n08InGmmg&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxjgyrvGATAB&v=APEucNVK2Ld0jWAzynESV-gEQEIoSEsu_j_vkhF_wtM14fThoecBbyKAUuWWtpd4qN-UDb5_tNpsD-A_pRE3oTY2quGkIZKvNwSIdibtkNvYeIfbH_LpZqYnKabS1BudyXLwOX2_IYXQL3OIe_EgqU8Va2dEI6EcO55A8iMBLkv5ZzxqXg1_sG0
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 09 Mar 2023 03:34:35 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=496
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Thu, 09 Mar 2023 03:34:34 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPTq5uUb0-oMm2n08InGmmg&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame 1714
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEKo1JMDhcjfaXKr33rWGjFA&google_cver=1

43 B
1 KB

8ms
7ms

Image
image/gif

37.252.171.84
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEKo1JMDhcjfaXKr33rWGjFA&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxjgyrvGATAB&v=APEucNVK2Ld0jWAzynESV-gEQEIoSEsu_j_vkhF_wtM14fThoecBbyKAUuWWtpd4qN-UDb5_tNpsD-A_pRE3oTY2quGkIZKvNwSIdibtkNvYeIfbH_LpZqYnKabS1BudyXLwOX2_IYXQL3OIe_EgqU8Va2dEI6EcO55A8iMBLkv5ZzxqXg1_sG0

Protocol

HTTP/1.1

Server

37.252.171.84 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

1002.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 09 Mar 2023 03:34:34 GMT
AN-X-Request-Uuid: dd4fdf77-52f0-46f5-89fb-2c272aa48aa6
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: image/gif
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 185.213.155.181; 185.213.155.181; 1002.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 09 Mar 2023 03:34:34 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEKo1JMDhcjfaXKr33rWGjFA&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 1714
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzMxMzM3MzA4MDkxMTM3MTI0NQ%3D%3D

170 B
188 B

46ms
46ms

Image
image/png

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzMxMzM3MzA4MDkxMTM3MTI0NQ%3D%3D

Requested by

Protocol

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 09 Mar 2023 03:34:35 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Thu, 09 Mar 2023 03:34:34 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 185.213.155.181; 185.213.155.181; 1002.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: 463d1b7b-1210-43b4-809e-d2a1b3983ff5
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzMxMzM3MzA4MDkxMTM3MTI0NQ%3D%3D
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 privacy_small.svg
static.criteo.net/flash/icon/ Frame D221 2 KB
1 KB 195ms
19ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy_small.svg

Requested by

Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZAlTyQAH7uoHg4lkAAcCHwY9rB0B_Dtr97kcrw&u=%7CAsVilzsezzsOTEai18J74VJ%2FuS3Q7CKTWFVUxdNglwk%3D%7C&c1=VEd5MTeK-DVtvwpxQwkatQ5fNcsqqVzrn0bJRZSWEljoMqTy8nHmy-ZCx2l8r38z-Y5KeOqAmeGKc9dh3PNWVW8NiZSZp2iaXZw_LLndzIJkV4PHUDLGexVC6DFm_RxZyajzipHIo5EMUQQ9nMJy0B1iE5Un-16Sq2bsQ49gJZ9YTAWCmMkr9jUiC4KmQtU_bdEGpPf7gccvzeUOyrhX6qwxgI7ZFd47-Sw4XedVZDUBql05Q7ll7qRgO68h9x3I2gILquGEmaV6dRHdP8XsMmAPi3XfONBZOt8aBKIV-jIPhedJT9cDDRTviwYZS5BDHEPtQIDavVa9Y8e5Hm1FHRVK06FWnl863N80e8UK1eDQy0vVpz6bDi3tWx2oKngpVMwIBMfWz9-KmhqB0lDeW9K8NFvbatUUyg2U_ohRgr2b-4FpZ3W-icsYi2VPpeS56wlIrCUlPlGzXNzQoV88BTp5UyyqkVOfdAMXTFnjk1PIyJxry_DrNa-w-AD7Gfd64TYKpSMNjyH8bYHSKelvEMLpJZwJuAX-QI9stShuNpIruk8p0YOlBdwdhIYz925AQAShJuOiJ1dawS3DriVZYyRtEyrbcL5c6E9FI1dFSd-kVBGOgem0HSOOvY3oOs4cWoEs-4I1FPs&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCujTTyVMJZOrdH-SSjuwPn4ScgAjJntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTM0MzA1NjExOTY5Mjg1ODnIAQmpAtM_RZHLsrE-4AIAqAMBqgSeAk_QC3983TOuZ_6cUZC_jLGOjjsIB1vUUs0YDIayT-PvEW8z5S2NzwH1rkp07Y4w-sc3L8j6p9jeJNoAvT5wZMsucFyh1vPYx63lDZ7QKH647oZMggJHpC7cQ5f3-YSUgGs2OTvz6uCcD-d8S8wKdJoAbfNNH7cxXt_K7uan_SvE8D3QEsv-dfYoSwGvCnPEE-H84PSjIgfmGmrtj75XVffD-MMfqSoNgpuPQ5t1BZsCWnSNXwyDqk1h-E16oSdAgSUGPZnBbb4XtuCLEjxX5bQhbKa6CnIS7ygIZPwiEi668wTMj0Liezs8PqLt4bkvuuaD1UJwIN5D6igcl9NXP44-N1EHaOWf8cVNyo6zIymhMJXl9P8b-OZXuC7qX2HgBAGABomI8PONoIr5e6AGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2_bwgh13-dieKy3m2hl3OSjTZ9lQ%26client%3Dca-pub-3430561196928589%26adurl%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 03:34:34 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:30:28 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42ba84-6aa"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sun, 03 Mar 2024 03:34:34 GMT

GET
H2 200 adchoices_de.svg
static.criteo.net/flash/icon/ Frame D221 2 KB
1 KB 193ms
17ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/adchoices_de.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 03:34:34 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:27:58 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42b9ee-763"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sun, 03 Mar 2024 03:34:34 GMT

GET
H2 200 close_button.svg
static.criteo.net/flash/icon/ Frame D221 308 B
637 B 116ms
14ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/close_button.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 03:34:34 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Fri, 14 Feb 2020 13:51:32 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "5e46a5e4-134"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 308
expires: Sun, 03 Mar 2024 03:34:34 GMT

GET
H2 200 back_button2.svg
static.criteo.net/flash/icon/ Frame D221 293 B
621 B 120ms
18ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/back_button2.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 03:34:34 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 28 Apr 2022 09:09:48 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "626a59dc-125"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 293
expires: Sun, 03 Mar 2024 03:34:34 GMT

GET
H2 200 lg.php
cat.nl3.eu.criteo.com/delivery/ Frame D221 43 B
348 B 122ms
21ms Image
image/gif 178.250.1.6
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cat.nl3.eu.criteo.com/delivery/lg.php?cppv=3&cpp=q1MOzf2upA9uRNs0XA-7swVfECiidbrTflf1PJseT4T-7ikQScu0WGL_MAlVZ3eNMzAEb2ueIn8sUn6Vf5XbJQ2GVFL42sHPl_MCQahNH0f6xl6sjn_IbxhN0jeRmowv4CPZL-hgcm3c4FAuYduvOn_DD3Oq-991oNHgB4aoxrMvQ2xArZldjUo8mh9AFJfo0uDO_Le9epsS5-Y2Ehrw9UmSY8tAfPBF8P9rJDmSVxxbsF6hmHk5V91dtmOD5Sjcr5c-K11v4Qs2XK4LZsUC7Nex15ZcmpmYQaDdtE8XU9BlUs483rSPTqs66CCHp8UWkczJXpDvF4ioJ-L_L1VbyPUs_sLATb6cg2p9N5DkvjgoQbC09WOQqZoCB9LG1KsLMtsZFi1vNDqtVI3oj3ViOEnLmBzjGiYXQqMl6LgTkZ188uWOD96P5qAbAhnvmQmZmR498g

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.6 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 09 Mar 2023 03:34:34 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 1930506
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 prefs2 Show response
api.dable.io/plugin/services/orientaldaily.com.my/ 899 B
1 KB 913ms
290ms Script
text/javascript 3.37.19.165
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.dable.io/plugin/services/orientaldaily.com.my/prefs2?cached_uid=&tcfapiSet=0&gdpr=0&callback=dbljson1

Requested by

Host: static.dable.io
URL: https://static.dable.io/dist/plugin.min.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

3.37.19.165 Incheon, Korea, Republic Of, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-37-19-165.ap-northeast-2.compute.amazonaws.com

Software

istio-envoy /

Resource Hash

bcde4cd47f8e59dbca565f2bc9d6efe9f872d5199630d7f596bd87838efb6c5d

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.orientaldaily.com.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 03:34:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-envoy-decorator-operation: reco-api-service-local.reco-api.svc.cluster.local:80/*
server: istio-envoy
etag: W/"383-8G/A9el3hgAZgiHQtngWXGsHBn0"
content-type: text/javascript; charset=utf-8
x-envoy-upstream-service-time: 4

GET
H3 200 10000000_1600936633706790_4061514357092947234_n.mp4 Show response
video-lhr8-1.xx.fbcdn.net/v/t42.1790-29/ Frame C842 20 KB
20 KB 17ms
16ms Fetch
video/mp4 2a03:2880:f058:9:face:b00c:0:1823
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL: https://video-lhr8-1.xx.fbcdn.net/v/t42.1790-29/10000000_1600936633706790_4061514357092947234_n.mp4?_nc_cat=107&ccb=1-7&_nc_sid=5aebc0&efg=eyJ2ZW5jb2RlX3RhZyI6ImRhc2hfbGl2ZV9tZF9mcmFnXzJfYXVkaW8ifQ%3D%3D&_nc_ohc=_gwsUAA-o0cAX8Mrj0U&_nc_ht=video-lhr8-1.xx&edm=AGo2L-IEAAAA&oh=00_AfBVvE6hO-T_utdrlG6iFIsxCHhwUEy2YubId63VIktcPg&oe=64097A83&bytestart=68704&byteend=89295
Requested by: Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yS/r/E3aVjH1G1Nz.js?_nc_x=Ij3Wp8lg5Kz
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a03:2880:f058:9:face:b00c:0:1823 London, United Kingdom, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: cd976551ef2101a9e270f48396030c61d3a52d54afda29a39bb455e9d24aa5a3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 03:34:34 GMT
x-storage-error-category: dfs:none;sc_p:206:WSE_NOT_SET
last-modified: Thu, 09 Mar 2023 03:28:05 GMT
vary: Origin
content-type: video/mp4
access-control-allow-origin: https://www.facebook.com
cache-control: max-age=1209600, no-transform
cross-origin-resource-policy: cross-origin
x-upstream-checksum-algorithm: crc32
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=86400
content-length: 20592
priority: u=1,i

GET
H3 200 0L5gppRlswe.png
static.xx.fbcdn.net/rsrc.php/v3/yh/r/ Frame C842 404 B
457 B 10ms
10ms Image
image/png 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yh/r/0L5gppRlswe.png

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yW/l/0,cross/LEsDsskAQMP.css?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

b22620fc4d630726cb3f47fac6ade45801e71c9d90dc6ab148e51dbcc910944e

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://static.xx.fbcdn.net/rsrc.php/v3/yW/l/0,cross/LEsDsskAQMP.css?_nc_x=Ij3Wp8lg5Kz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 03:34:34 GMT
x-content-type-options: nosniff
content-md5: bDizLuK+pYt04fjxlQ20xQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 404
x-fb-rlafr: 0
x-fb-debug: 3mFDDXNlt6IJ5eNp9xqa2c1f4hNGmHOBuHpf//QPm+BMyLsJX4RAnloXo5C6TxuStcyQX8sR2y1P6HvZVgQF1w==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
content-type: image/png
access-control-allow-origin: *
origin-agent-cluster: ?0
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Thu, 29 Feb 2024 03:23:33 GMT

GET
H2 200 webfontloader.js Show response
cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/ Frame D221 12 KB
5 KB 39ms
13ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 03:34:34 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 4412113
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 4420
last-modified: Mon, 04 May 2020 16:17:52 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb04030-30d9"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hLKpLHWZfU%2BYiOT4SnbkWgcSGD18NADIQ9Ytlmu4oro9KelfXsHhX1uiQGlDtjhpEVaFL4oG1JOoHxgUF3ZwhgUJp05t%2F5eFLFXc7bHaQdl3dO3OLzUsN5isRFyooOVZChflzQhdE1h3j1gUvjIePDyK"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 7a5043532903bb59-FRA
expires: Tue, 27 Feb 2024 03:34:34 GMT

GET
H3 200 10000000_2771555772978778_5619920907914227032_n.mp4 Show response
video-lhr8-2.xx.fbcdn.net/v/t42.1790-29/ Frame A5C6 259 KB
260 KB 18ms
17ms Fetch
video/mp4 2a03:2880:f058:113:face:b00c:0:1823
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL: https://video-lhr8-2.xx.fbcdn.net/v/t42.1790-29/10000000_2771555772978778_5619920907914227032_n.mp4?_nc_cat=105&ccb=1-7&_nc_sid=5aebc0&efg=eyJ2ZW5jb2RlX3RhZyI6ImRhc2hfbGl2ZV9tZF9mcmFnXzJfdmlkZW8ifQ%3D%3D&_nc_ohc=JZ8prLWYxXMAX9zqyq8&_nc_ht=video-lhr8-2.xx&edm=AGo2L-IEAAAA&oh=00_AfBhPeBKGPJ980W5KDKTYFPk5g_9z5lnoDD5RK-esPQNNA&oe=6409772D&bytestart=447351&byteend=713050
Requested by: Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yS/r/E3aVjH1G1Nz.js?_nc_x=Ij3Wp8lg5Kz
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a03:2880:f058:113:face:b00c:0:1823 London, United Kingdom, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: 0bee153352b63685e80f22f1e0d6637ffe18e38c20bf3737e414c4ccb644463f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 03:34:34 GMT
x-storage-error-category: dfs:none;sc_p:206:WSE_NOT_SET
last-modified: Thu, 09 Mar 2023 03:28:07 GMT
vary: Origin
content-type: video/mp4
access-control-allow-origin: https://www.facebook.com
cache-control: max-age=1209600, no-transform
cross-origin-resource-policy: cross-origin
x-upstream-checksum-algorithm: crc32
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=86400
content-length: 265700
priority: u=1,i

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ Frame 7A12 107 B
166 B 70ms
68ms Script
application/javascript 2a00:1450:400d:805::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.orientaldaily.com.my

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023030201.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:805::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.orientaldaily.com.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 03:34:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ Frame 7A12 107 B
166 B 70ms
69ms Script
application/javascript 2a00:1450:400d:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.orientaldaily.com.my

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023030201.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:806::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.orientaldaily.com.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 03:34:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 10000000_2771555772978778_5619920907914227032_n.mp4 Show response
video-lhr8-2.xx.fbcdn.net/v/t42.1790-29/ Frame C842 257 KB
257 KB 28ms
28ms Fetch
video/mp4 2a03:2880:f058:113:face:b00c:0:1823
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL: https://video-lhr8-2.xx.fbcdn.net/v/t42.1790-29/10000000_2771555772978778_5619920907914227032_n.mp4?_nc_cat=105&ccb=1-7&_nc_sid=5aebc0&efg=eyJ2ZW5jb2RlX3RhZyI6ImRhc2hfbGl2ZV9tZF9mcmFnXzJfdmlkZW8ifQ%3D%3D&_nc_ohc=JZ8prLWYxXMAX9zqyq8&_nc_ht=video-lhr8-2.xx&edm=AGo2L-IEAAAA&oh=00_AfBhPeBKGPJ980W5KDKTYFPk5g_9z5lnoDD5RK-esPQNNA&oe=6409772D&bytestart=713051&byteend=976252
Requested by: Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yS/r/E3aVjH1G1Nz.js?_nc_x=Ij3Wp8lg5Kz
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a03:2880:f058:113:face:b00c:0:1823 London, United Kingdom, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: ae1187aeaddfa5ec5f13dbe818a951da3d3961bdccc8d8a8058d4ea67549d873

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 03:34:34 GMT
x-storage-error-category: dfs:none;sc_p:206:WSE_NOT_SET
last-modified: Thu, 09 Mar 2023 03:28:07 GMT
vary: Origin
content-type: video/mp4
access-control-allow-origin: https://www.facebook.com
cache-control: max-age=1209600, no-transform
cross-origin-resource-policy: cross-origin
x-upstream-checksum-algorithm: crc32
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=86400
content-length: 263202
priority: u=1,i

GET
H2 200 9af63da692984f7884d89dad36906685_makeitsans-bold.woff
static.criteo.net/design/dt/ Frame D221 58 KB
58 KB 70ms
34ms Font
application/octet-stream 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/design/dt/9af63da692984f7884d89dad36906685_makeitsans-bold.woff

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

ebb2026eba76b777cd1cc6d694a4609324304eeb1129a9fe0fb5a616590cc3ee

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
Origin: https://ads.eu.criteo.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 03:34:34 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 05 Feb 2020 10:30:18 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e3a993a-e7e4"
content-type: text/plain; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sun, 03 Mar 2024 03:34:34 GMT

GET
H2 200 bb3faf863f1b470cb6abbfbf9cd4e6c1_makeitsans-regular.woff
static.criteo.net/design/dt/ Frame D221 56 KB
56 KB 53ms
17ms Font
application/octet-stream 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/design/dt/bb3faf863f1b470cb6abbfbf9cd4e6c1_makeitsans-regular.woff

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

09fe7be89711f0dc0ba47ab8a1a1865df7b660a1f1359d29c4c3445683d2f61f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
Origin: https://ads.eu.criteo.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 03:34:34 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 05 Feb 2020 10:30:18 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e3a993a-de74"
content-type: text/plain; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sun, 03 Mar 2024 03:34:34 GMT

GET
H2 200 animejs.js Show response
static.criteo.net/animejs/ Frame D221 12 KB
6 KB 17ms
14ms Script
text/javascript 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/animejs/animejs.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 03:34:34 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 26 Mar 2019 17:44:11 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5c9a64eb-3181"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sun, 03 Mar 2024 03:34:34 GMT

GET
DATA 200
OK truncated
/ Frame B135 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d0cd0fb5ba76ceec12c29f148a74a5368d07239189402bfd1e674e443647f2db

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 10000000_1600936633706790_4061514357092947234_n.mp4 Show response
video-lhr8-1.xx.fbcdn.net/v/t42.1790-29/ Frame A5C6 20 KB
20 KB 16ms
16ms Fetch
video/mp4 2a03:2880:f058:9:face:b00c:0:1823
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL: https://video-lhr8-1.xx.fbcdn.net/v/t42.1790-29/10000000_1600936633706790_4061514357092947234_n.mp4?_nc_cat=107&ccb=1-7&_nc_sid=5aebc0&efg=eyJ2ZW5jb2RlX3RhZyI6ImRhc2hfbGl2ZV9tZF9mcmFnXzJfYXVkaW8ifQ%3D%3D&_nc_ohc=_gwsUAA-o0cAX8Mrj0U&_nc_ht=video-lhr8-1.xx&edm=AGo2L-IEAAAA&oh=00_AfBVvE6hO-T_utdrlG6iFIsxCHhwUEy2YubId63VIktcPg&oe=64097A83&bytestart=68704&byteend=89295
Requested by: Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yS/r/E3aVjH1G1Nz.js?_nc_x=Ij3Wp8lg5Kz
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a03:2880:f058:9:face:b00c:0:1823 London, United Kingdom, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: cd976551ef2101a9e270f48396030c61d3a52d54afda29a39bb455e9d24aa5a3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 03:34:34 GMT
x-storage-error-category: dfs:none;sc_p:206:WSE_NOT_SET
last-modified: Thu, 09 Mar 2023 03:28:05 GMT
vary: Origin
content-type: video/mp4
access-control-allow-origin: https://www.facebook.com
cache-control: max-age=1209600, no-transform
cross-origin-resource-policy: cross-origin
x-upstream-checksum-algorithm: crc32
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=86400
content-length: 20592
priority: u=1,i

POST
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 8C5A 0
57 B 78ms
78ms Ping
image/gif 2a00:1450:400d:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=6985647847198&version=m202301230201

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:808::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://25f0b6c781c28f0ec66a58e178665f44.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 09 Mar 2023 03:34:34 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 8C5A 0
57 B 80ms
78ms Ping
image/gif 2a00:1450:400d:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=6985647847198&version=m202301230201&ct=76&x=1&cor=8818878692447593000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:808::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://25f0b6c781c28f0ec66a58e178665f44.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 09 Mar 2023 03:34:34 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 8C5A 84 KB
36 KB 76ms
75ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BKKgeMut_ZJi-Fhrl-cSaGu7QzpJrwFWTaNaz-iUP6ePZGrih4_dX6bTJTvZOCKD76JnEzHfk8nYSQQZ3iJlNZiWSjQg&cry=1&dbm_d=AKAmf-Cb5g3xSuv7_EaHUQuxzFutgr7t3e5ypBZfkklC8Shr48aYZzFo4SdWge5JiftN4ls37JnJbmDFsImTPOZwTz1GtW72YSTdJ1aI-7qb3L3o9BzZCvSFceuwdZOZQUM49_QozyWPwDbXPgLCeAX841Jd3mnG18gm1cfzGaNtFNUlqdCZZswps2j0l9D4Qs8LXIq0ZIFc00VSEKrNL3wUAngDAikv-xD-w4_BE2OOkhcLTjbDvgPBlfj57D55bS1Ow0lMgPhA7HXmGriYkHHlVWZaIV3JsJnJNt7p4tMXAZvWcTq3j4atkOvgg_56N6sAmpHNEXEzYk1SvjE_Trh93FPoLTFcfvUYPKT6TPA1asN_Z2KjYnKK5112_U0u-Vat1F-el3NT31pI84-jyIIGzHeiiJyk77xX344e9nTxQXioPM3uo6Cu7AkM6D_tBG1xrfvqCxYaKLMBFxuKwEWfz4cv_5d3UQN0pbdrHSdp6J83ySTnOsCk9bMpEI-NuZ4hD1Z8X-lva9SbPJwuuBvdodMJaLEsCUf69knP0dledRnfEMa-uMQFmt4dwBHFWbhPV9M9UAZSaBA6mkbiS8obIYu6VpxtzYHnjKGGOoMZ8wYHzrCVZlFfyhjLYvnha_l-puYcOrzBkqXRW9dzoRbA4A0v1PIkih_bCc3mKPd1SXDRKq9-eKFT--29s4GngQPGC05C9JtYSberKpXb2MSyMSf36jhAkE4Im-ozq9dm4P41OkHDCyPcDZVZ2VCdA1gey3W-F0L7-b5WViG-vxBO0HujHXSFyeQvFDFlxK6nWXuJmR7hD-Y5YyCn4l7TZVgfYbLDWzymBTU7inwIFACvKzUDSZw1ZulrVPPz1X3RNe5PfLHw748dALE7wKzLhFJfgdMh1apyhYGwtd0tJDmG92cIL-dPjT2IBmP662qtz05INWv41ugtmCB2_GvewjigqVeEYQ6zhWVLPBqaqewND8KLv73qOJt3S89VkMnoiRKcGhjmHV-CziFpCuVDKHOYzaoVbTp1jF6DOdGklhSlIf3DGFmab7yG01RUm9bRG8Ujx3ojE3faw8XdkzIYVtCdOgqnrfZIcqWNh8BNRF1SdxGANOPWOmAiuM7ZHvPgVHUQQ11R_yOuWMwhzs-xMkX_DsgBOziL6IOYjoijkNvXYGf3jHI0zbGTRXaPvq35KT59rTvswErLRUkIPNfUmduJUx84TuLWqZDVPoyLfljm0qq6h494JrPe-OECil0UlHq_vDCt-7wRXcd6O-wDkENDMHDoXjcnYs7ro_115omv9KYK0M0nhpO6TNG1IAgcTwZjVzipawsFp4qLs87IAJhcf-r3liuB_iqKr01b2W7QzS_cqA--xsCGJi0rmAABo7fxK2nQG1ZyZYl6H5muEh4dVNkoB98fdM1sROZ_mBpbruhy8LKSb75qlOX6hDHuPng84AgE-rd469QGnb37uR3nTTE0imDt43uUNjpZjdySe2khKMwCIC_pE6e5BnWls7Ch_Ng7lHPJekXuDBE5bFkTLw4uMK6KdK6I8RdbAbB_jEwm4uP8xKN6n-ABOSboxjmaX8Cg07G4dF0ackCe47F0IqCI3nKphCgcjAsqt7Qe38tBiel6VY3IPyNaqIvBRW-HY8K7OHHWUhtpeUWm1k09IrSLJWYbaTMTqofGh1juxcAInWhAbJ1-Rd2bK6qjpeqQekGaOx4lxBE8Ev7Zp3VEHaELbrwfmvF9rtZf3cynjDaYm1tknpVXg0vqp440bSuMGX9fgA_LXdRZUQR0hZ6p5_Lx0L5U-4yLppja30F_Vo1kEEbeojz8vcyRHrIVIjfhL0es1hgKmaaQj_EKV13UhpvuipImq8WcdcYAJXq2Pm5X1gKYfrtzWQMXh-KyNAdW_HNla3G0IsRtDDmXGTKnv4OHC6FKoXCIQaDw6oMuT4eS1fTZk3ENK6A_wk8GLOpKJE-1KTtb2ZZ1Lg9PY_lCd_2TyQh76ma9o0IrW6hJl8hHgTgPOKPW0c1l0cH2FsDDqUjoQsa9pY-Wo99EMVYrIicLJQxBxgMcUh4ctg_tS2YqtDcWZXXvOGYcnYAZueKIrgbwwZmSvPain4LveTfvy026T_jtndT6Bl2WkdfXokvtQhuOjBRC9Yov8OP0kd1w37cltKniKCMxTdblptgXcxaNRysLk6qDWdmSUn3D_axiz4nP121zs0rMgIqOw6cfc3LRkbscRvqgsqmOByIJq8K_PLYqYcR16CguOPuk2cnmkGrOCe9Ec6UGeZHyU6iP4tp25Ukl-lfYhChUHiixY1W8Lg-qqSQiid_4ukSgeaGbcQX7sUUG9vpwf85Wpa_uYR2x4TPmaEJGzB-cWXltAgNvStI7VadYWjotoLfkkpr3_BD7TDgdWkwAAzm1N9Aq7tfcXpWYzAzEGeKT381zTN-fKj4bh61UnBLnq5ly1jWX1JwfDErBueL30hLKfOmFABmd1pbx2snNKEEQzqIFzv8jVGojq9S8qyoAPMu_pdFGK2OR6q8yqcjXI72t5hfxpkRhYPW2jQMXLxTOchtcE7_Lu3p0iNTXaOOUaSg8v-_IgWPC9KWUOi2nj7Ys9UqQIg2LJiuDYHFb0723RwdRs8BNhlOpr7s46EYYtXwBi5OWRmbzr9GuqQBc92Iru_cXerm5QZ-HkkvhxU4STZm4epBYDEUvyK3Up5ov0d9vGzKxS8zlvp6otVRDhax5-CV-WCCROB2CqHqBSzQnTawccF7XLxxXtURT8oG8R509dqN_STIK88xWr8miw_6jkf050C1v5eyd6N0JR4bodrAVQzxj87i9GfYXvdzmTuHI0OhLkP8pEbzeSJcs-tZJJr8WeAmXMAUdpijyLCR4D-Wl5bnx-MNlecT9jUFM4fbjxudHsxwVAi6Iceb8GWkGfp2ZxT6AxHNkEl70UvpV0noNccWKCLhIEsKwB-LMfHJ79VLw-OWpc_gnZq4znr5iSZXItGOdcuTovF17NVWDg7qlbUsQW_uJAcn8qGkTP27CwyJgGYDnGnT9lax6wA_F3NfMTVh6PxCAB1fQBLfbJTvgpJSIXuU8dgJd_XNSZQ2GCLudnRH7QyK5silyfUGqP7Mph78l2sFpt0Cb76VcHyhs_39IaaiDfYgf30b-n9ucAeTTs6i7-54iqo9-jpWTmzEFgVvPMbsnKUOjGaJfNXA7UvuA9yrIN-6FkBx36PyahLD7Y-kk5OFQ4Ll3NS-rOdGWymQcxTQ_A7dD04dNaBqVTuun4pZS5el2p95Kx14QJckaVEY60HaUR92TduAu3stwBOeUWryicfvbCO35RPAlzYOoUXI-gGyjWgJmP5pSlkNJ101O5qqvK9c9znIGtYOp_DuVEDKosUoORIzJk-34mt3DnNkY0hV6bIBAEVxetQsxY0W1OkVFF37L850nyDX0OIVVTmWLH2ST5GDdXpCva6kD7fVGzI8g2_p5o1kmGX4ZEs1I5JbjSaBsw_HrjWwNqBQ1-2F7CpcI88kORbOAEiuYIrkWgezESo8-R5yeob63cVTEUTkoOP-BPdhHoiU84fc3d08KU64TCZ0wEw7Nf8Brg_3lFZHSB-8e2W3Z0vXieioTwddctobNZoUq7wq2Qwhv0H8&cid=CAQSSwDUE5ymgSwBz0_VRlBANJjo9I2ImuFTowaE6h8LHWs4UXd6rs_uIlSB0JzxFKR-9FcHXwaNxJH-v28_eBwcL2pXCXll8s9bInYVSxgB&dv3_ver=m202301230201&rfl=https%3A%2F%2Fwww.orientaldaily.com.my%2F&ds=l&xdt=1&iif=1&cor=8818878692447593000&adk=1964084972&idt=328&cac=0&dtd=8

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2a914877c4ee7a721055c627b80b01c903577b1481c3b3700c6548e119fb9a6a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://25f0b6c781c28f0ec66a58e178665f44.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 09 Mar 2023 03:34:34 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 36210
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame 7A12 374 KB
34 KB 98ms
97ms XHR
text/plain 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1935581137943849&correlator=1856588973526398&eid=31072879&output=ldjh&gdfp_req=1&vrg=2023030201&ptt=17&impl=fif&iu_parts=21927187246%2C609603_orientaldaily.com.my_1x1&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ifi=1&adks=2723660011&sfv=1-0-40&sc=1&cookie=ID%3D64973f328da939c8%3AT%3D1678332873%3AS%3DALNI_MbE14cq7dBe_WRFUOlwE5FB34ovXw&gpic=UID%3D00000bc2978e7b95%3AT%3D1678332873%3ART%3D1678332873%3AS%3DALNI_MacC6EY_hYLu4E-ip-_VDQHDPAqyA&abxe=1&dt=1678332874949&lmt=1678332874&dlt=1678332874013&idt=732&adxs=800&adys=0&biw=1600&bih=1200&isw=1&ish=1&scr_x=0&scr_y=0&btvi=0&ucis=w6lzcu16kusj&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&nhd=1&url=https%3A%2F%2Fwww.orientaldaily.com.my%2F&ref=https%3A%2F%2Fwww.orientaldaily.com.my%2F&top=https%3A%2F%2Fwww.orientaldaily.com.my%2F&frm=23&vis=1&psz=1x17&msz=1x0&fws=256&ohw=0&ea=0&ga_vid=638583148.1678332873&ga_sid=1678332875&ga_hid=1494849510&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023030201.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c3efdf8dd531ea12c03e5ffb6431974cea07578a033c4835f5afa99b76d13518

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.orientaldaily.com.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 03:34:35 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 34929
x-xss-protection: 0
google-lineitem-id: 5847594936
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138373691222
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.orientaldaily.com.my
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 7A12 15 KB
11 KB 176ms
80ms XHR
application/json 2a00:1450:400d:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2023030201&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023030201.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:808::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4721a9cd24b309bedf491d487733dbc62e2747904be99b12989c1cfc8f6962fe

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.orientaldaily.com.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 03:34:35 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11248
x-xss-protection: 0

GET
H2 200 container.html Show response
47ad345191e702c3a5b895d83c644918.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 1C0D 6 KB
3 KB 148ms
83ms Document
text/html 2a00:1450:400d:80c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://47ad345191e702c3a5b895d83c644918.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023030201.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80c::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.orientaldaily.com.my/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 09 Mar 2023 03:34:35 GMT
expires: Fri, 08 Mar 2024 03:34:35 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 j.ad Show response
s.tribalfusion.com/ Frame C515 6 KB
3 KB 290ms
289ms Script
application/x-javascript 2606:4700::6812:19ad
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s.tribalfusion.com/j.ad?flashVer=0&ver=1.29&th=7555152956&tagKey=3880046815&site=orientaldailycom&adSpace=desktop&center=1&env=display&addBlockingCategories=gambling,tobacco,violence,suggestive,religious&size=970x250,728x90&busted=1&url=https%3A%2F%2Fwww.orientaldaily.com.my%2F&f=1&p=12796109&tKey=aAmneMWUZbEVmv0PEvYQcvn3EJZcRUvB7F&a=1&adContainerId=richmedia_2&rnd=12800795
Requested by: Host: tags.expo9.exponential.com
URL: https://tags.expo9.exponential.com/tags/orientaldailycom/desktop/tags.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:19ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0fe290941ef198f193eb0c2d0b76b557a453cb16be083de097d990d6dc585dbf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.orientaldaily.com.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 09 Mar 2023 03:34:35 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
x-function: 101
server: cloudflare
x-reuse-index: 302
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: private, no-cache, no-store, proxy-revalidate
cf-ray: 7a5043548b1230ea-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 2546
expires: 0

General

Check archive.org

Show headers Download Go to

Full URL: https://video-lhr8-1.xx.fbcdn.net/v/t42.1790-29/10000000_1600936633706790_4061514357092947234_n.mp4?_nc_cat=107&ccb=1-7&_nc_sid=5aebc0&efg=eyJ2ZW5jb2RlX3RhZyI6ImRhc2hfbGl2ZV9tZF9mcmFnXzJfYXVkaW8ifQ%3D%3D&_nc_ohc=_gwsUAA-o0cAX8Mrj0U&_nc_ht=video-lhr8-1.xx&edm=AGo2L-IEAAAA&oh=00_AfBVvE6hO-T_utdrlG6iFIsxCHhwUEy2YubId63VIktcPg&oe=64097A83&bytestart=89296&byteend=109737
Requested by: Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yS/r/E3aVjH1G1Nz.js?_nc_x=Ij3Wp8lg5Kz
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a03:2880:f058:9:face:b00c:0:1823 London, United Kingdom, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: c33251f3e9f16e4ad5b2c7be8e7901ef2936564e58c0e5d4923df2cf878d7023

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 03:34:34 GMT
x-storage-error-category: dfs:none;sc_p:206:WSE_NOT_SET
last-modified: Thu, 09 Mar 2023 03:28:05 GMT
vary: Origin
content-type: video/mp4
access-control-allow-origin: https://www.facebook.com
cache-control: max-age=1209600, no-transform
cross-origin-resource-policy: cross-origin
x-upstream-checksum-algorithm: crc32
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=86400
content-length: 20442
priority: u=1,i

GET
H2 200 img
pix.eu.criteo.net/img/ Frame D221 47 KB
47 KB 338ms
44ms Image
image/webp 2a02:2638::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=2000&q=80&r=2&u=https%3A%2F%2Fprod.pictures.autoscout24.net%2Flisting-images%2F1f5a450b-729e-4796-adb6-2278238f4611_88f2cf92-3598-4812-8ad8-5efd8876365a.jpg%2F1280x960.jpg&v=3&w=400&s=DhReyUaF7GvA0jY0z4kU5NVl&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

612170aeb690659163763177c6a810499c507b66a06153fd69cf028d928e2ea5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 03:34:34 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=1141225
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 47746
expires: Wed, 22 Mar 2023 08:35:00 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame D221 20 KB
20 KB 319ms
25ms Image
image/webp 2a02:2638::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=2000&q=80&r=2&u=https%3A%2F%2Fprod.pictures.autoscout24.net%2Flisting-images%2Ff7959a9c-c93c-4bcf-8899-f47a15e33ac1_40a38eb3-c904-4894-bf06-02fbee50a4f4.jpg%2F1280x960.jpg&v=3&w=400&s=MAfMN_i8s8Xu3ziBeB23XakZ&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

4b140a78a7e35151ff4098c58348b4d7a506e1c29bafa6904f695d2b8bc20ed0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 03:34:34 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=1157658
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 20238
expires: Wed, 22 Mar 2023 13:08:53 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame D221 50 KB
50 KB 320ms
26ms Image
image/webp 2a02:2638::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=2000&q=80&r=2&u=https%3A%2F%2Fprod.pictures.autoscout24.net%2Flisting-images%2F9c698ae1-a8e3-4f59-bba7-c888f071590c_06960591-7b9b-4208-b246-6c272047e3c5.jpg%2F1280x960.jpg&v=3&w=400&s=CWoUdUX2TF_M2ulWWDJqyMqT&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

00b9fdbc4b1ebc9ffe2fb61afb7dbb78294009c11543b6a9d5649061ac338df7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 03:34:34 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=1142310
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 51380
expires: Wed, 22 Mar 2023 08:53:05 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame D221 25 KB
26 KB 352ms
59ms Image
image/webp 2a02:2638::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=2000&q=80&r=2&u=https%3A%2F%2Fprod.pictures.autoscout24.net%2Flisting-images%2F1aa0571e-24ad-4f78-9e84-a243c2d2690d_b6b0f6e8-7300-4ab3-b0d8-d5e99861e504.jpg%2F1280x960.jpg&v=3&w=400&s=f9kjtFotzli4u-2ZkOpyFCSC&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

4f5e6153ea2586a59a5bce88c469efd0c90b20d900d3f90baaf44cef5fc828f0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 03:34:34 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=1141308
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 25938
expires: Wed, 22 Mar 2023 08:36:23 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame D221 40 KB
41 KB 351ms
58ms Image
image/webp 2a02:2638::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=2000&q=80&r=2&u=https%3A%2F%2Fprod.pictures.autoscout24.net%2Flisting-images%2Fd6c74909-d8f6-4ba8-84a3-66f902311f5f_5bcc2c46-ddca-4358-8000-d32860244eb5.jpg%2F1280x960.jpg&v=3&w=400&s=c6NBKZRIQ_wO23j-_LeupcOG&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e931a4d8a491ab9ecd03ab06594b3f255ca057fa6695163cab4d8c2dfe58c63d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 03:34:35 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=1141282
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 41300
expires: Wed, 22 Mar 2023 08:35:57 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame D221 45 KB
45 KB 352ms
59ms Image
image/webp 2a02:2638::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=2000&q=80&r=2&u=https%3A%2F%2Fprod.pictures.autoscout24.net%2Flisting-images%2Fa1f4046e-f8a2-4bbc-9858-45ecb15d245b_0f0bca59-ac7d-46a9-9b56-d489631c3c3d.jpg%2F1280x960.jpg&v=3&w=400&s=p1n1aEDRuBe89UEbTqq0XkH2&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

66803d39ad6a5b8b8259327122b5deaf8561a961c3c9d5c83b2a880705bbd835

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 03:34:34 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=1141281
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 46074
expires: Wed, 22 Mar 2023 08:35:56 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame D221 26 KB
26 KB 29ms
27ms Image
image/webp 2a02:2638::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=2000&q=80&r=2&u=https%3A%2F%2Fprod.pictures.autoscout24.net%2Flisting-images%2F9bdebedc-1324-4caf-a1fb-b03f7d768d4b_d53ba830-7a88-414f-9f19-12500010ed8e.jpg%2F1280x960.jpg&v=3&w=400&s=_MOrGzbnH_QGxRjBr1AWCe2i&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

bcce350016351558ba10c39c15813b3f57d79bd01072dd7a064745175a208994

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 03:34:34 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=1141248
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 26714
expires: Wed, 22 Mar 2023 08:35:23 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame D221 18 KB
18 KB 36ms
34ms Image
image/webp 2a02:2638::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=2000&q=80&r=2&u=https%3A%2F%2Fprod.pictures.autoscout24.net%2Flisting-images%2Fb8ea8d30-140a-4b70-99f1-456b93fcdf92_1a117b35-ebb4-4aa4-bb99-570b46d6c55c.jpg%2F1280x960.jpg&v=3&w=400&s=QOisOdUyQ2noGoAHZ_J2-vRe&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

55ab64885e89d497a2e3e3ebb57779322518fe7af2e897888256a7a320ec60ae

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 03:34:34 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=1144019
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 18482
expires: Wed, 22 Mar 2023 09:21:34 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame D221 18 KB
18 KB 31ms
29ms Image
image/webp 2a02:2638::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=2000&q=80&r=2&u=https%3A%2F%2Fprod.pictures.autoscout24.net%2Flisting-images%2F7e20019d-5a0a-4aef-9037-f3098e4ef42a_6768f568-fd1f-4ab9-a7a2-9538c17c4417.jpg%2F1280x960.jpg&v=3&w=400&s=IJpBzJOMBWfLRRH5KJXWmiJf&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

15f0bc37447fa5c1b97c98f2651c1245ce6cbe59f6746cb7d35189ea63bc33c8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 03:34:35 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=1146090
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 18428
expires: Wed, 22 Mar 2023 09:56:05 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame D221 37 KB
37 KB 30ms
28ms Image
image/webp 2a02:2638::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=2000&q=80&r=2&u=https%3A%2F%2Fprod.pictures.autoscout24.net%2Flisting-images%2Fc93f0ae4-7a2f-4495-9a68-e41d0c671d0d_94870bf1-15b8-45f8-a8c8-5f62c785ab05.jpg%2F1280x960.jpg&v=3&w=400&s=AA_kG0zg1KLl9azLYYSJoMaK&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

750e067d58c1164a7aff6d3b9b6e2c29e13f100036f2ec4762d83f3ced39b84c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 03:34:34 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=1141254
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 37794
expires: Wed, 22 Mar 2023 08:35:30 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame D221 31 KB
31 KB 32ms
30ms Image
image/webp 2a02:2638::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=2000&q=80&r=2&u=https%3A%2F%2Fprod.pictures.autoscout24.net%2Flisting-images%2F792e05cd-aaa1-4739-a5b0-c8d29839b661_d10fe90c-b233-4900-8827-845e33629783.jpg%2F1280x960.jpg&v=3&w=400&s=mkOKvaUtwgpIlL8QfKCQmujV&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

67aa392d49016623c0a3097621b5855a7568d74cbd65c91b673229fb3b1a9e42

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 03:34:34 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=1141227
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 31378
expires: Wed, 22 Mar 2023 08:35:03 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame D221 39 KB
39 KB 39ms
37ms Image
image/webp 2a02:2638::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=2000&q=80&r=2&u=https%3A%2F%2Fprod.pictures.autoscout24.net%2Flisting-images%2F9413ca44-30f2-4780-a953-aad2ef6860d6_80530dfa-52c1-4323-a2b1-4b444f38ec65.jpg%2F1280x960.jpg&v=3&w=400&s=dFbm8nEYJnPtBLGAo59Q5BZH&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

230e13e44ae30c3442c531b857b2a817a85ca03f123b4a3c75720352bcb9bc8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 03:34:34 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=1145111
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 39836
expires: Wed, 22 Mar 2023 09:39:47 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame D221 23 KB
24 KB 36ms
35ms Image
image/webp 2a02:2638::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=2000&q=80&r=2&u=https%3A%2F%2Fprod.pictures.autoscout24.net%2Flisting-images%2Fd0092867-bf34-422b-bc7a-3e7fda02e22c_5514cde1-fc33-4bae-9b16-3c8c6b768041.jpg%2F1280x960.jpg&v=3&w=400&s=WAaD3CiEAu3OsnUcSNuAq7es&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

379c40020fb39d02aa888ad1a3f61d2de98486dce81d7aa5a620e8b90d8ff675

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 03:34:35 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=1141257
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 23858
expires: Wed, 22 Mar 2023 08:35:33 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame D221 35 KB
35 KB 44ms
42ms Image
image/webp 2a02:2638::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=2000&q=80&r=2&u=https%3A%2F%2Fprod.pictures.autoscout24.net%2Flisting-images%2F9250c3f8-3a95-463f-92b8-e118c6cf9ab5_7138b39e-0c5a-409c-b912-f2ce78b6b26e.jpg%2F1280x960.jpg&v=3&w=400&s=f9Gbhh5FOWnOoTYB2peQItGP&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

a97f4d7f57c413e347926504441cd395fbb4a7db1128e9f6c7d6f24e5de32484

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 03:34:34 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=1141234
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 35716
expires: Wed, 22 Mar 2023 08:35:09 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame D221 18 KB
18 KB 29ms
27ms Image
image/webp 2a02:2638::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=2000&q=80&r=2&u=https%3A%2F%2Fprod.pictures.autoscout24.net%2Flisting-images%2Ffd20abf5-ca40-4783-b572-776c5eaac4de_dc7624a0-7e35-4221-a518-ce78f377677b.jpg%2F1280x960.jpg&v=3&w=400&s=iClcHtVt99OTY1siczYsuBPD&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

d8dfd1d4aac6e97f980f9ff949059668f6fa9a36aa7acbc4f971b69fa1fe3049

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 03:34:35 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=1165184
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 18512
expires: Wed, 22 Mar 2023 15:14:20 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame D221 48 KB
48 KB 46ms
44ms Image
image/webp 2a02:2638::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=2000&q=80&r=2&u=https%3A%2F%2Fprod.pictures.autoscout24.net%2Flisting-images%2Fe64b7131-21cc-4746-b969-9e6c39579b11_c6f08be2-1487-4a3c-8be8-3340b335c1ab.jpg%2F1280x960.jpg&v=3&w=400&s=Id4xsu3KGcHiL-qVLR5IeZ5_&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

567f5bfaf65bc217c532596cba3773f47cb7e4e8cf338f93509348e494dbee7f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 03:34:34 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=1142578
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 49308
expires: Wed, 22 Mar 2023 08:57:34 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame D221 18 KB
18 KB 48ms
46ms Image
image/webp 2a02:2638::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=2000&q=80&r=2&u=https%3A%2F%2Fprod.pictures.autoscout24.net%2Flisting-images%2F1ef88ea1-1aa1-4c6e-b1bc-4d63cb2a4dcb_e0dafd16-1f4c-4540-9c85-68bc0d22bc4e.jpg%2F1280x960.jpg&v=3&w=400&s=RT2--5HXs2ORxfQVdUykS8Z3&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

189a29e5a4d065c56c099e301c5ab3c178105f315f0152d79df530ae4dd9f634

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 03:34:35 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=1141254
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 18078
expires: Wed, 22 Mar 2023 08:35:30 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame D221 31 KB
31 KB 36ms
34ms Image
image/webp 2a02:2638::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=2000&q=80&r=2&u=https%3A%2F%2Fprod.pictures.autoscout24.net%2Flisting-images%2F2e9231f3-00fd-44d6-a2ad-9706e7c2d2ab_f4d09a69-1930-47fc-a550-aa6c5542d391.jpg%2F1280x960.jpg&v=3&w=400&s=jTUV5W6J-LlqhyWILsvGVYls&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

f6138f7df90338d65b6fd126db1fc3809a86c13aebd4108c5789ba8220018629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 03:34:34 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=1147251
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 31456
expires: Wed, 22 Mar 2023 10:15:26 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame D221 23 KB
23 KB 48ms
46ms Image
image/webp 2a02:2638::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=2000&q=80&r=2&u=https%3A%2F%2Fprod.pictures.autoscout24.net%2Flisting-images%2F3f4f0156-2eb7-4b90-bd15-82b56f8cfcd0_cb70b743-087a-4cf7-9af3-52478626992a.jpg%2F1280x960.jpg&v=3&w=400&s=qkVY0Oim_1Zj_AsR-QOUalrS&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

df3b5cf704454d3c242d8f373e644954802cb04133efad2c351453b7003148bc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 03:34:34 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=1170313
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 23260
expires: Wed, 22 Mar 2023 16:39:48 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame D221 76 KB
76 KB 47ms
46ms Image
image/webp 2a02:2638::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=2000&q=80&r=2&u=https%3A%2F%2Fprod.pictures.autoscout24.net%2Flisting-images%2Ff4b70d99-fc32-4ad7-9f2d-de901c8fef4c_b6aea621-ce62-4f6d-8fea-fa2688bbd8d3.jpg%2F1280x960.jpg&v=3&w=400&s=GkdyZMhmDLx9TUK7VBGSiQgu&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

b157d4e973ecc16eeb9fbded5d9f881f1e9bfabfea991b05756ef7ad53aa26f3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 03:34:35 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=1141251
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 77932
expires: Wed, 22 Mar 2023 08:35:26 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame D221 34 KB
34 KB 48ms
47ms Image
image/webp 2a02:2638::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=2000&q=80&r=2&u=https%3A%2F%2Fprod.pictures.autoscout24.net%2Flisting-images%2F614a7b80-d880-4e90-be0e-3064ad0f2ef6_015c3d2a-802e-423e-8563-92cb7d816fd5.jpg%2F1280x960.jpg&v=3&w=400&s=ug1-KFpl3Aiq3Iuw3MaHpigK&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

2262a2d49bafb01a20482c799f7595535c0550bfac536211bd0dba05f3b4690e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 03:34:35 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=1141220
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 34956
expires: Wed, 22 Mar 2023 08:34:55 GMT

POST
H2 200 all
csm.eu.criteo.net/ Frame D221 0
128 B 64ms
15ms Ping
text/plain 2a02:2638::21
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://csm.eu.criteo.net/all?cppv=3&cpp=lG8G7mT-_0_ex_Fbhpd9S2ow9dOI1Qqrwi9CadioBTL5tACsSmbipyvyykobnefYm9IL2DbtlNZNSP7AqARfHjhUhgawS_wqkYE1m6f5MG-saS5EFV1UGmayo6QuySftbCbJs_hsffuo5XffH1m3qEtpMq7h6bqNd4hYQSlu-AkICV_wh03nPKt6raJotx05NzZE3yu8_jDf6o3kVggRozgTUaiABRzpxJPtsNYIM0S3NE96dxtp_Itr7FYVNkxF4LmEKA&sds=2&rev=85089&sendBeacon=true

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::21 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Thu, 09 Mar 2023 03:34:34 GMT
strict-transport-security: max-age=31536000; preload;
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0

GET
H2 200 criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame D221 2 KB
1 KB 16ms
14ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/criteo_logo_2021.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 03:34:35 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 27 May 2021 13:21:59 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"60af9cf7-891"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sun, 03 Mar 2024 03:34:35 GMT

GET
H2 200 privacy.svg
static.criteo.net/flash/icon/ Frame D221 2 KB
1 KB 17ms
15ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 03:34:35 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 19 Feb 2020 10:57:21 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e4d1491-646"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sun, 03 Mar 2024 03:34:35 GMT

POST
H3 200 / Show response
www.facebook.com/tr/ Frame 6B1C 0
15 B 8ms
7ms Document
text/plain 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Requested by

Host: www.orientaldaily.com.my
URL: https://www.orientaldaily.com.my/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Content-Type: application/x-www-form-urlencoded
Origin: https://www.orientaldaily.com.my
Referer: https://www.orientaldaily.com.my/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-origin: https://www.orientaldaily.com.my
alt-svc: h3=":443"; ma=86400
content-length: 0
content-type: text/plain
cross-origin-resource-policy: cross-origin
date: Thu, 09 Mar 2023 03:34:35 GMT
priority: u=0,i
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains

GET
H3 200 10000000_1176832589685551_7617901074642110564_n.mp4 Show response
video-lhr8-1.xx.fbcdn.net/v/t66.36281-29/ Frame A5C6 728 B
779 B 17ms
17ms Fetch
video/mp4 2a03:2880:f058:9:face:b00c:0:1823
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL: https://video-lhr8-1.xx.fbcdn.net/v/t66.36281-29/10000000_1176832589685551_7617901074642110564_n.mp4?_nc_cat=103&ccb=1-7&_nc_sid=5aebc0&efg=eyJ2ZW5jb2RlX3RhZyI6ImRhc2hfbGl2ZV9wc3RfZnJhZ18yX3ZpZGVvIn0%3D&_nc_ohc=ToaPEU2MgTcAX9q9Nx0&_nc_ht=video-lhr8-1.xx&edm=AGo2L-IEAAAA&oh=00_AfDUreijWpPAntDVEj9sGxuzjHMk1YWhxPAvpQ349Jdmcg&oe=640EF047&bytestart=0&byteend=727
Requested by: Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yS/r/E3aVjH1G1Nz.js?_nc_x=Ij3Wp8lg5Kz
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a03:2880:f058:9:face:b00c:0:1823 London, United Kingdom, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: b965728b47f66c6595e1c5cfcd6a2e3fd26ad21a19d76d5dc040ba1b7303508a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 03:34:35 GMT
x-storage-error-category: dfs:none;hs_p:206:HS_ERANGE_SUCCESS
last-modified: Thu, 09 Mar 2023 03:28:24 GMT
vary: Origin
content-type: video/mp4
access-control-allow-origin: https://www.facebook.com
cache-control: max-age=1209600, no-transform
cross-origin-resource-policy: cross-origin
x-upstream-checksum-algorithm: crc32
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=86400
content-length: 728
priority: u=1,i
proxy-status: http_response_ok; e_clientaddr="AcJKbJbqaTlZrtn7_BHoplHXSehGRXU9uqETj-fkB6WwyQu3D8iGYjdTgMPwnzGRI8_kmyr8Jlyjc5Ums7-gSW9NYK21LwWYjMZe2XNcIg"; e_fb_vipaddr="AcKWKNCqi1HyLxOvnHh2SSAffEafc8e9xctpr3V-wPqBglwKyjaMK7CSrQ3QgFqfS55qLqumuIk477PdNw5vjYRe82Hb_xSn25klqvnS"; e_fb_builduser="AcKGJIr5hq0vCy27dY05mXVky1MtvFabLmyfqhZdaejL6dYo6bmczwr_ogyJMd1DW8Q"; e_fb_binaryversion="AcKE0f4HlLVpDahPX7OOQaOD4FTD7lGuJHrIBil2hzDZ1s7pw9PSFD6SuSezYn96cmTx7azZsuqtxBdb0NXpU3q-Vn0YH53jnAA"; e_proxy="AcIl1pbY5YH60yQGeMxQKn401xRGKUIRMxrIeX1Qvb-wINCUQK8VI-z6uRiSRKPpdu_CKQ_fOVk_PtyfNuY"

GET
H3 200 10000000_1176832589685551_7617901074642110564_n.mp4 Show response
video-lhr8-1.xx.fbcdn.net/v/t66.36281-29/ Frame A5C6 1 MB
1 MB 17ms
16ms Fetch
video/mp4 2a03:2880:f058:9:face:b00c:0:1823
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL: https://video-lhr8-1.xx.fbcdn.net/v/t66.36281-29/10000000_1176832589685551_7617901074642110564_n.mp4?_nc_cat=103&ccb=1-7&_nc_sid=5aebc0&efg=eyJ2ZW5jb2RlX3RhZyI6ImRhc2hfbGl2ZV9wc3RfZnJhZ18yX3ZpZGVvIn0%3D&_nc_ohc=ToaPEU2MgTcAX9q9Nx0&_nc_ht=video-lhr8-1.xx&edm=AGo2L-IEAAAA&oh=00_AfDUreijWpPAntDVEj9sGxuzjHMk1YWhxPAvpQ349Jdmcg&oe=640EF047&bytestart=2813738&byteend=3923711
Requested by: Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yS/r/E3aVjH1G1Nz.js?_nc_x=Ij3Wp8lg5Kz
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a03:2880:f058:9:face:b00c:0:1823 London, United Kingdom, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: ff536649dc66f56558f0c2eba0b4bb12f5dc9c26aa3ea4ea0cef45d15b5df22a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 03:34:35 GMT
x-storage-error-category: dfs:none;hs_p:206:HS_ERANGE_SUCCESS
last-modified: Thu, 09 Mar 2023 03:28:24 GMT
vary: Origin
content-type: video/mp4
access-control-allow-origin: https://www.facebook.com
cache-control: max-age=1209600, no-transform
cross-origin-resource-policy: cross-origin
x-upstream-checksum-algorithm: crc32
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=86400
content-length: 1109974
priority: u=1,i
proxy-status: http_response_ok; e_clientaddr="AcJKbJbqaTlZrtn7_BHoplHXSehGRXU9uqETj-fkB6WwyQu3D8iGYjdTgMPwnzGRI8_kmyr8Jlyjc5Ums7-gSW9NYK21LwWYjMZe2XNcIg"; e_fb_vipaddr="AcKWKNCqi1HyLxOvnHh2SSAffEafc8e9xctpr3V-wPqBglwKyjaMK7CSrQ3QgFqfS55qLqumuIk477PdNw5vjYRe82Hb_xSn25klqvnS"; e_fb_builduser="AcKGJIr5hq0vCy27dY05mXVky1MtvFabLmyfqhZdaejL6dYo6bmczwr_ogyJMd1DW8Q"; e_fb_binaryversion="AcKE0f4HlLVpDahPX7OOQaOD4FTD7lGuJHrIBil2hzDZ1s7pw9PSFD6SuSezYn96cmTx7azZsuqtxBdb0NXpU3q-Vn0YH53jnAA"; e_proxy="AcIl1pbY5YH60yQGeMxQKn401xRGKUIRMxrIeX1Qvb-wINCUQK8VI-z6uRiSRKPpdu_CKQ_fOVk_PtyfNuY"

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 7B35 0
20 B 79ms
79ms Ping
image/gif 2a00:1450:400d:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=8233594021767&version=m202301230201

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:808::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://25f0b6c781c28f0ec66a58e178665f44.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 09 Mar 2023 03:34:35 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 7B35 0
20 B 79ms
79ms Ping
image/gif 2a00:1450:400d:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=8233594021767&version=m202301230201&ct=77&x=1&cor=5957868261546642000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:808::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://25f0b6c781c28f0ec66a58e178665f44.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 09 Mar 2023 03:34:35 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 7B35 15 KB
11 KB 69ms
68ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BK447B_QvAEZI1lVa0qbhbaeFD_5dlRsbyoFUEgkOycvr03iUEE406QOMenOC8Z7WIZc5Tbtvo7IAMFYJ4ajHx72O_ncePXQ93fuu3ZhzAZUgIiIbll7BinNR9lStSW5Z-aFnYvYg_wdpKSBmFbSmLG-6cqKBuqN3Q3pDK87CKEm5JGl4&cry=1&dbm_d=AKAmf-DDmvYfv2u6dKtYQTFTCuRs9rHLR1n_FpjeSpnlGMCtOqGcAdXntWa8kxCbFYyWq6zYUPJazG9BIqoXcYabbbdG1YnZSDr-NksFpzgm9veD7EI9oRWPhDJGuK0OVoVwSVw6jJLaYjashkBtMWh5kWUcFyQ983BjztbkRcjlvDKwZO3mNlD3u7fkzUqx38d3xaGm9BvFGSFfl0d_os4k6JUNKmqwx3oDB6R4l5Jub0_fObIEEDZkCHZ8X-aL5LmgXngMw_l-9ZNtuGpbvEjMYJd_Cn8c5PHfBqLleNC1zmB_bJy2CoAUNSNqPxpyxEe5R9py6CRBTjb4ykW4n8ew9POEbQ7_7owm2gv8XaMRYEF8AniUXh9Fn371V3J7R2d1zN00iP6kT0pg3svdsA2_VjtbG5_Oy2GgBOfcr39LJdYE1jeqVUK-WZqnbNvS70yMNzHBD-JEAH5OSqNLXknDZxy0CGpR9gJFG7WDF-8Tizdvu1lQVXg07opOXmoFqW5b8fvml9Fop-GtR-P12AVhgHzeqoMwsFWe3yT6i72jJBs_2lRsrMZD7rRkRNcZGEHgh3ZV6dT4fBoxQhQLr6SymBZHiSNDbfrE-Rv4a2r6rY5FyHmO7esJyObHPhTlJaIMSB5XtXqHZAG9s47OxQwITufA5i7DDD0XRilnQOlFLOOtu2yU-edsdcFbtBMc2B2hV0g9rGZF64gjITwv7xQL9scv1bKwKNDW6UpHJmx1QvOZfTzpOF10mTO2lH33lPuP1mZIT2eg2b1jKogPYmU5qBznQ-sdG87idKrd-t-7Okir48RFRtK8P5QsHeVBABG2BbP7n8u4qdb2SYjhS1MWZhcgkjodUOetzBBR97jG-k1uCAFASjjUKeellctaOJx2gWu8NcGEENKwWle4sWJP1A5X-kJcwq-JE0fjTtux7wMd67doBAtgD2Nv_DUkHw1HXQn_OewE2befjc1UaB-vEorCzshO760VNXfkMbMB60Rx31qmq-hR1RthPu3zRSUCTEdJjRT3WDqdlWmrCkn0eA1mGQAhU-C35889pNheHA7qqSSryCpzMGooqtW2hRyAC1uw1p-Ww7OmKa-6uh4qW_ZCEmzGM92au0IB8boM7OOPYTM2YjCQ60_IMquCbeWg5qsYe_iY82j6XTSLfcUxjDN0q310-rxn-BMw9bZHgoyq3JRPtcBAo28Qg1uDkATYA2RkcPbUZvbJgx16VtW_RBavWyV_rk9wJI9R4Huy-9JSaHvy-XAl7SGLRWTGGcUpjp1Y6PFOIPdWx_wVx7pL00CcpIWHuIV8Bb0LHpak0wGULEA_4r_N9TkxzCSWrf_BjA1Ylw0WC1dqQnNMdSF__xo7HTWPVtoQZu7BnYziynbOEXNHFqa2lkWh40LZrTNdFPw3JwBUcxzliMIqobK57oMCmtC1MupkrZYec_nbPdfn454UskLcV4fr5716ZyjEJAAV3ggZHCo-3Mk5QHL45yriC8S20JZbGocLwd1G55O-V-ILaSpr9IbTq5qm2MFmt5PPa56A9YsrxhUe7vCTTxfpVNJn863THgDtKmOV8_Su61hbmKUm6Fmxkl1o3c7c9P1nuPUPnk-ikZCw3lxMzLrfImqtljKVwnCg5bDz33Q0Pz9XQeDO60P3eIAiWJMEaoVeHbK8T_CdF40eN23xdqznkDvJXHT6LjmLIgRqHD9QBqq3hKN-5dqo7bKYc4nRG3oBsTTSk_ERejZWYwWaCKCxmsKny3rnN6LCHynZ4Nwtf3KL1m4I215F36qqnyfA0unOBfRHHpOOHQAkyqUf6LgTZHs4SPeE4Jni7umVWZrqamduzfSeE_C_FBXZZp7r3378Vm6Is6IpIpv2snWOvbUcg2tsEg3zgOsDKfV39cgtRfi-M9oOxILsswHDC2t7APzIy2sZq4LB5b3GkLe0NeIrQpUtCjArXEvngNP07Va_uYO2MUTxKbG1-Rbwo-JhG3Fxx5ZgVgZTK-3dQXJSKXYx15qyO2vb5jBOJpuFS0e4RicbojveMe7TrOCQsBdov0Lkovo3ETlo_EBZx277_p_aqgSakRkdaXemsrZGvlaSn1RtwQ9SQGKvvEqPBZ21X_M1qahY9VwaB66vec33WJQFo3QWiF5-J_VdZridM2dw4xnDON_6-looIbwu_ndrPvQ3AYB_bzRlUYbDbWuoh4-186se--8kpc-NtI8aepj4l88-Als-Y_33ztTUX4MlyqBbq_2um_03Iy4Mqs3UfwWiWRKbYvUwyeR-kM0R-fH6YroQLWApsUzpHT0iRZQAwmmTj3BLJBdbVFjRUS8tIUeMqnRfJv9yprltQWi1kqQJ44NNqleY_XTvi5s5u-k6CJ_yIAlQYEdCG7gDp46hv_h6ZWlfGdnrhrSHqF2S0yqPFo-YOZTAMC8dT2iG0pp5Zk54aEgn4WyUiSncDoJKA3RHkYUhHDP8sce9IqSXVD5N9aN8NwDNRKXHCm0Kkx1xnnto0pv5n4hQaCp5Ycqvd_LM5zkFOv7B_qEz5Qmxl6TsGYcY1h1ioV6nfII3ARAF3njDwPWl9p3RoBV9ol5F5-Z_NavgvzSMe5vXZCVMLfioFzX7O9VIqE9Z9cnLDW-oRxG5rNVwjCNt4Fej63a-uQxNAms0p6bDvbB4QvbRlQKXSYqG4R5pywklWe1vrkZfOkO-yx1AriBicwz9JT7D59GPXA6I2Rb_89u9RDqGBOFqNVsg5JqDfl1oGbevGfd9xxkqoflWFcs0CR467m4XtSIyAWcmmYrxMMRR9w0YyiCimi-Vy1k2K1f14qwElTyjuhBfumJgILQotc4LEUZNwXvfkqEOOV3cYWHkkgRgizIT5-s9tyk5vmsvLsQscQDzCF53OplzqxHIaOc2Pox3VYAFrdchrIqXhi1fLhznElOdpuE4VGtpHj2Aa3kaWrHPJV8SiUak6QuRkyPN7A_FHGbgrFkTwsOA6e-Y0_fiw3anUR43shTLm82YoXEAtA3mQE2Md31Xs-CsQEGvk0RT4c60lo1ioHgPKNbfM27CmiNUbV3RSYPK_sSY-QLVauNEJAv3qWVkK936SF1qsFuX9fR70f1dfBSraMWhCXLEw0gMzcAYAQSrIpTr6DsAU2dJRLgol3cYkmMMT4GkZcZMqSil9_JQrl5d3s08V7c-27xjeI5WOE5OnByCFGw4to6UJHGJa112mbgtuIcs9STuA7y-erEEtTi_oYMd8fOBJ8Pl7fzl6RpTDJE_h4_Hqvj06WEzSOM7bFlFEVwTKSfievrqeekkAh4qClq-ccmvc5OGAZ0VLJLikMgi3Ih9aR0CTWzFWklKDv0WajjIZzekuGA7OODL9To1g2wACZyrMhiHizkUtl7P9fAci-cGQLs_9yl1Bvnby4bZd1vaomI9BFmBbvWahaHIKYqN--KAAB12QzaNzG-kWB6SzeEPsM-cGUrUqGHo0v3w4_DWyywwoWGRE7UleDnlrmOj1baQT8rR497_8dgvnnJUl9MnCgeU8FR9JQ2FRTB6mHnajFoSGI9lJmcPCSs1n2EUB5aKg1EiyxS0R-gIkrnNXHCaOLz_0M7BM6FnNYZpj0UbEb1hVCDwgx-LDg-JaBMu18zdayu5qPk8-l9oeeKSQLim3ayDpgVr7FbXccQ6a0xh8pv6VF69uUkQhjJ13YOCFxK1B4mzyeU_h0MB8KbuEWcqqAZKt4l21k5PpwjihKLF8DfkwP3EQPdPXw&cid=CAQSSwDUE5ymgSwBz0_VRlBANJjo9I2ImuFTowaE6h8LHWs4UXd6rs_uIlSB0JzxFKR-9FcHXwaNxJH-v28_eBwcL2pXCXll8s9bInYVSxgB&dv3_ver=m202301230201&rfl=https%3A%2F%2Fwww.orientaldaily.com.my%2F&ds=l&xdt=1&iif=1&cor=5957868261546642000&adk=3047537735&idt=367&cac=0&dtd=5

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ec4ad710fc96159948afdf41e02f9bd304882d70c755955c89c5d5d6daf2000a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://25f0b6c781c28f0ec66a58e178665f44.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 09 Mar 2023 03:34:35 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11281
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 0E74 0
20 B 91ms
90ms Ping
image/gif 2a00:1450:400d:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=8436652003180&version=m202301230201

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:808::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://25f0b6c781c28f0ec66a58e178665f44.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 09 Mar 2023 03:34:35 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 0E74 0
20 B 89ms
88ms Ping
image/gif 2a00:1450:400d:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=8436652003180&version=m202301230201&ct=77&x=1&cor=3020198889107654000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:808::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://25f0b6c781c28f0ec66a58e178665f44.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 09 Mar 2023 03:34:35 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 0E74 15 KB
11 KB 88ms
86ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-ASgTvRkMnWmkOJEQbSX5L8lj6zrUxp1G48vE7iwFS3vpOy4oyRFoqD8ouEA7ADR_TTmXpOlyz6WaR4tOuPcAToSyrXSrOErXNRXyuNx0CsF251rIUIVB93qQUeT4BCp20hY90SByeZ1plZbFEzZIjWGuMfAOBkgMnQEDt3WGOc-MGIXgY&cry=1&dbm_d=AKAmf-Cuo3ZfsgiL84VUoS405sGWJdsRwTHjZkPh-o5xjQzhd7kZ_YhN7GllROX-HsGEmIvDnjTsjo_qibGBM4OId--FocsKrsuVdYVVUOSwDqE1egGssEAmvtvpxgESRVOLrF08fLFsiywzJvUqm0g1_a7CeNDwYmqXKM61w3KpSXU7hWID0kKWbji6a8uaV7e4yg8Vq2Tcl9KLlWE_dqLJ6JEX9P57lGIeSvTKz9oDOCYCpb4r7hoN7JLP6gkKJZFCDbJxTDlMjieS60B7sAJfl7EfWPcauxKRuhu8fzCwzw5oO8sY_jFuiWGavizQ45OvIzC5EblYVt50QbTF2-CGRH-GpS6x3MA3M0PPM2drjeq50zRzncdF13layTqiFyziXTnDuI9PpdqGEuboDmOI25Tlqb9DIHHdZVqydzQ0tn9j0ENWs3U8pn-_RZZ7zdk45U_8XEKwB-aPa1T4-MtPyBTdLzmv6OihRaQSN5KT9eQRq_EqpYJqeoLvWZ3sxvhpWaJu0HGBMVYgZowmn08vGcRQYKA5rEq8pwHdMHy_cdajiz_WKm118XYfEX2wxvAewMIi1bR8iGi-fQ8heq0rq7Li3y5yiX7-a7yFnJj3oNasbUCmgx6hvWbbXUHtNys6raAhz1f_qAYthcLyscltZtjIJQmOZfhg5FxGJCh8EIIhvNGm9pEFU6MmC12i_q2WUnMUxnsq3MccfMT7eq1thBOJpAdT4VD8OcEXsFj404OMW_GzSR7UUICrAVw6s4AJoEsuYtoq8DPYiop_fE9Fh2aGlD5P-EGZ41Hm5L7ax9GrhpYIs1lvMWKnitpElVvj_fktHf4zqhV04RbyL8_4fFHFCiyCmumghBHId16tBKaTN2EpIwbXpPvPZHjSgp1zg-ietrsYTD6Ab8ICCDR3yRyeznc9Mq5VPkwLBSeLZsyQm9f--W-4qBEF5oCRAftRAH3POw5m1xkNCPJ9nIDhqMrpl9ybryFQtV_hp19Wpx5DK8oHUx65Ly4wDm-yUW_wy3yZFbuaeUajKB0g_b29I4kckW0dzFNe3P8lzaIYIzhUJXvUv1Pi45Ny1MMq7Xgwolo4HC3LEl5XAkyk-QmWEq4WYoAXZKqDJG4C7U7oTsivh5bUGcP4k3lggvb5oAiLn8Gz1znESiKxK-ivJIuxOxSBvvPPM7phnyQxpq-HcgxvLB8ipx9yRVMoo7T7TLTdqUzZZvhmpHu2XyqMncQWBISI8tQuwdEsoKE4xzSbBNSpR3JEkZU44kDiXR0yHkVJJtGC82Rx1g0035vc9oVOQunEB2rCj4RJs4bjs7yeaVCdMRa7oVublD_WxtBTVQ6mRmc8vGmwdMWT_sXmronSuxLFSDvH5-jf0dLAiu0h3qLTGwT-1ONXhtbVMsQwdmhpMA7m6hTWiFk7T3hWLsutifZjd26kj26KbYBbwX6ULx5SFxwrTe00p74ySCBr4b_T5W4LMk-jCrwlmbx4AAaIWfRKZmDAS70ubf_IsP65vURM9ywYCk8Ml_icMcSGGQG4K7IhjIZ4tZOUesOUD0qNopWwA6IOBI6Z68Y_GQe4g-gm43fSghOdRJcPfYcaAZ74Sqxd3abuP9ud5_CK-hyG5ukRqQ6MbIvzGQ_KN7b2muI39zf0sFf49k_COjIOHbwHqMYionrc--CKBmhBDpxFJcbtSXOE6Pl9YCmU86blt4sx96JR_NgRbKPemn-Ih8nhFPJ7Mc_lcljOApIOAiMH-cxVdjYag9BERrzAesBFMfPQmPeEAE89CdmjEHNOuFhbZsn4-RJqWiq-miNNfbrp1ouKmDmfuGYRH18nCCWENL5LgVTs1TILjHzd6zcDOHMFFw4UCDuqaAMVkwpapiGfVM42XUHqqfbI-b0L3HKQkb-2kh3jpXFJ5FK49jeFgLtv5H1R2cnPybA00aMkG7jyXSEdAgVruD6444_hCQzBAq9lFVVdIjeFhZBhdAd8efbELOOf_p_9yMBp7ufcfm_jln0x_8HC8oypiV0vxPtAO6XfgJhA9snjovIv2D9upGnOOXpAfn8Krl82DPqZrxFxzWreSgnM6RJLvrdSlBjLhtKruYqx38q4k04nsFVmGV-w-I3E1e1l-W3r8PpjXtxTaqdqIJpOZc9-LE2hTJfWMT0oi2OXiHawRgFKP36bLqf02XqFvMxAlXNIVGzi_x82Isq-tP4SkcdQ4G25NCR5W3vpGqAcXIDMsjsIGMh43ma0gTUqXyDchTCAG_huajnlWhiHBt10JHdYWcADMugzyxlBPSdEK_YkrEO3LkTEXprMyUJ5DCEpKSZgeiB2EPvQ6_6U022MA4ENyFAshZ8rqU01qVXiOTQf_ATsNUFUvkloDrraHtujAvCve1nlEjoy0kiVoOyxTFMDH8MYJJHzrAsmaFOIvlpDARAvzSIQGOeU8mJFoySwLioo9Yn7GP0j9VxeN8ppHB82AUYzC1yZ1w1JNJvyPsl9MXIfS7eeTLWnLMhcIEYyztFLnb5HcpYB9iDGogPuxEx4zkSFqPy2IRysHRAXf6P_4CHNEtPTM3jY2IXAICoXXKRYxL9xSmU-41AdaerFxdL3FTEuyV8EDnsuxlfpnnsYLeWMn6ZFqAZ2xBVpIU45RE1LfsO-aGTENE0zhYBsMm1gm7Qf0t4tVHdgw_zQ5vCAWJEOVEeP9XAQlq-i46tkZ7NomUyQgbzXw9utOnZOKEMrMIhrCoKWwXSTdqevL6HHYR-_tE1CTMcbokuIre5B3WpUGZ6_xwBANPtUt3BttlgaC27Liw4Sm1juveXSz1wBDGD24TB9Pcz9haiNX6EITN6p_yxpm1LgjmBeyvEC7FHDVelfk5e-G3ufsD8Cgelt4EwXRLChJFZ8BhGuITF5_7eXHwn_qPgSb-znZqYVw3YAGmW3KFCY7E6knVNfndJCVhe0EY1gDZhPuXv4h6-Iow5eTHuhLMwB_VfvAmKsA0ZUm2gJlUQ2jepMbSc0fqHw6jX3oIEKdU0m267sXeJcqiJahb72Dlwdve01BKdqYt8h3saJNe1j-Y2qSI35AurLc0PqLJgsraxxtv8R5bD5thM1SJ7Jy8uRwRJo65edUPZS0cV2a69SD3Az3kr1bpD_Ek82tUVbVeanVGdTVCv8LhozgUL1bFEO682fRD5-f3F05YCLENQL0cfb6D4XKPYkoK6ZtASwu2uGGEd0p5SrwLXU0rH2TIheM5d3V-zcRWWXkS9iqALWj1JY8H_q5n0U8_4Ii4fcqE6bmUoyBGJ1FICfLNjlR_tQsebuCDC8BEJsQLPonaekOK1QrZxBMhixAhZbXaI_CsvScUBpLLBAihEuVfEKvAvnDpW32YgIORyaAdxGbFr-wQxfdS8X5TZLVjv29mnPhVCnnXssI37MF5TB-U7AjIBCOU3YsOUvzzUh3Wbtgv_ZUIJkknXxv8lmCSFyCdO_erunIyljDyFPiQn3ZPUwnTtldDDgTp_2QRGEZWx9VlGRgNdZBjEBAhE9Dp41mMe0g3v2AfbpYop-PLiko3wqK-SNi5MsBSEz411FsMObF2NXq2n09NJBzr0gzUmuyWapbmxVF_WXAJ_tKk7s_kElF1CtOUXpPu4cf4ianC-0jJmXXKRdf2rVdABBQdIzmWu1CQ9b_aSTNW7dv_3bLjNw54CoxLrBgcrhRecc5PSfYYjT-R-DX9lWN4uuXj4ZIzZkFMl81-cMjCeOznXeDdL4l8SVIspHTL3CSA&cid=CAQSSwDUE5ymgSwBz0_VRlBANJjo9I2ImuFTowaE6h8LHWs4UXd6rs_uIlSB0JzxFKR-9FcHXwaNxJH-v28_eBwcL2pXCXll8s9bInYVSxgB&dv3_ver=m202301230201&rfl=https%3A%2F%2Fwww.orientaldaily.com.my%2F&ds=l&xdt=1&iif=1&cor=3020198889107654000&adk=2228999115&idt=378&cac=0&dtd=3

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

607c067c93be6c66b4de32a17a445e355db31be2adb526a7c014c54227a1e60e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://25f0b6c781c28f0ec66a58e178665f44.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 09 Mar 2023 03:34:35 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11218
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 10000000_2771555772978778_5619920907914227032_n.mp4 Show response
video-lhr8-2.xx.fbcdn.net/v/t42.1790-29/ Frame C842 265 KB
265 KB 18ms
17ms Fetch
video/mp4 2a03:2880:f058:113:face:b00c:0:1823
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL: https://video-lhr8-2.xx.fbcdn.net/v/t42.1790-29/10000000_2771555772978778_5619920907914227032_n.mp4?_nc_cat=105&ccb=1-7&_nc_sid=5aebc0&efg=eyJ2ZW5jb2RlX3RhZyI6ImRhc2hfbGl2ZV9tZF9mcmFnXzJfdmlkZW8ifQ%3D%3D&_nc_ohc=JZ8prLWYxXMAX9zqyq8&_nc_ht=video-lhr8-2.xx&edm=AGo2L-IEAAAA&oh=00_AfBhPeBKGPJ980W5KDKTYFPk5g_9z5lnoDD5RK-esPQNNA&oe=6409772D&bytestart=976253&byteend=1247236
Requested by: Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yS/r/E3aVjH1G1Nz.js?_nc_x=Ij3Wp8lg5Kz
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a03:2880:f058:113:face:b00c:0:1823 London, United Kingdom, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: 5a72219aca47c37593217bf6ea839db7045e8501ea96ad9f7266c5991195e91b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 03:34:35 GMT
x-storage-error-category: dfs:none;sc_p:206:WSE_NOT_SET
last-modified: Thu, 09 Mar 2023 03:28:07 GMT
vary: Origin
content-type: video/mp4
access-control-allow-origin: https://www.facebook.com
cache-control: max-age=1209600, no-transform
cross-origin-resource-policy: cross-origin
x-upstream-checksum-algorithm: crc32
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=86400
content-length: 270984
priority: u=1,i

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 5842 0
0 84ms
76ms Fetch
image/gif 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstQyt1IBvyYxWf1vSBmmUHsPA2x1vKvCTE6PH26TRXS9cyE_yl3Rf3dMwq6mkmnA-XX31n3aTw_OuXlG8nQHdgiNTkjbPPgYHw0IhZBeQfnxddunLjlUblaFPHciU-vALWmmMxquR8LQmJ_aq8i5D5FZtTkgsGcGuCpSgM0xoVZVndgwQV3ZkkSfWgBO1SrNEqScEBqXAA2APufYuL94DeeweuChXcV_EG7w84cst-HDuJgVJkzrl4uim6yKkoY3cbOvfPPyDYhpetPP7TB2HJbKcB1NolxG9vLR5wFbFJD6bQFVs8B9fmCWweNz10KAdf6V9Crs5Eevn__IrhLR2vvhMyS8NFz71YDhmtB_ybZ6Tg&sai=AMfl-YR-R-VxcZmhze7cNt2OOfcUGmCuDnFrbL8-DvdmVz2cRPDt1z-UORIHukgvR-NNe83f5FNnzmuYm5muq297ASTA9Qu_ivwf44cta9gBwkQ0cTmZjoZYunUpMhz6nw&sig=Cg0ArKJSzJgwMdO5YOvPEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: www.orientaldaily.com.my
URL: https://www.orientaldaily.com.my/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.orientaldaily.com.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 03:34:35 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/3.3.1/ Frame 5842 85 KB
86 KB 133ms
39ms Script
text/javascript 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/3.3.1/jquery.min.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023030201.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.orientaldaily.com.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Tue, 07 Mar 2023 07:39:03 GMT
x-content-type-options: nosniff
age: 158132
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 86927
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 06 Mar 2024 07:39:03 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 5842 158 KB
49 KB 125ms
117ms Script
text/javascript 2a00:1450:400d:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023030201.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80d::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4126ffde4b9e571b1c3e55b45a7e9596e139ad2de1bdbfe851a2e2b2c7da7f38

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.orientaldaily.com.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 03:34:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49657
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1678278820084806"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 09 Mar 2023 03:34:35 GMT

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 7A12 17 KB
7 KB 107ms
105ms Script
text/javascript 2a00:1450:400d:807::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023030201.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:807::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.orientaldaily.com.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 03:34:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 09 Mar 2023 03:34:35 GMT

GET
H2 200 express_html_inpage_rendering_lib_200_276.js Show response
s0.2mdn.net/879366/ Frame 8C5A 106 KB
37 KB 217ms
48ms Script
text/javascript 2a00:1450:400d:803::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js

Requested by

Host: www.orientaldaily.com.my
URL: https://www.orientaldaily.com.my/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:803::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://25f0b6c781c28f0ec66a58e178665f44.safeframe.googlesyndication.com/
Origin: https://25f0b6c781c28f0ec66a58e178665f44.safeframe.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 08 Mar 2023 17:06:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 37685
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 37872
x-xss-protection: 0
last-modified: Wed, 02 Mar 2022 23:07:26 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 09 Mar 2023 17:06:30 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20230306/r20110914/elements/html/ Frame 8C5A 8 KB
3 KB 48ms
47ms Script
text/javascript 2a00:1450:400d:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20230306/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BKKgeMut_ZJi-Fhrl-cSaGu7QzpJrwFWTaNaz-iUP6ePZGrih4_dX6bTJTvZOCKD76JnEzHfk8nYSQQZ3iJlNZiWSjQg&cry=1&dbm_d=AKAmf-Cb5g3xSuv7_EaHUQuxzFutgr7t3e5ypBZfkklC8Shr48aYZzFo4SdWge5JiftN4ls37JnJbmDFsImTPOZwTz1GtW72YSTdJ1aI-7qb3L3o9BzZCvSFceuwdZOZQUM49_QozyWPwDbXPgLCeAX841Jd3mnG18gm1cfzGaNtFNUlqdCZZswps2j0l9D4Qs8LXIq0ZIFc00VSEKrNL3wUAngDAikv-xD-w4_BE2OOkhcLTjbDvgPBlfj57D55bS1Ow0lMgPhA7HXmGriYkHHlVWZaIV3JsJnJNt7p4tMXAZvWcTq3j4atkOvgg_56N6sAmpHNEXEzYk1SvjE_Trh93FPoLTFcfvUYPKT6TPA1asN_Z2KjYnKK5112_U0u-Vat1F-el3NT31pI84-jyIIGzHeiiJyk77xX344e9nTxQXioPM3uo6Cu7AkM6D_tBG1xrfvqCxYaKLMBFxuKwEWfz4cv_5d3UQN0pbdrHSdp6J83ySTnOsCk9bMpEI-NuZ4hD1Z8X-lva9SbPJwuuBvdodMJaLEsCUf69knP0dledRnfEMa-uMQFmt4dwBHFWbhPV9M9UAZSaBA6mkbiS8obIYu6VpxtzYHnjKGGOoMZ8wYHzrCVZlFfyhjLYvnha_l-puYcOrzBkqXRW9dzoRbA4A0v1PIkih_bCc3mKPd1SXDRKq9-eKFT--29s4GngQPGC05C9JtYSberKpXb2MSyMSf36jhAkE4Im-ozq9dm4P41OkHDCyPcDZVZ2VCdA1gey3W-F0L7-b5WViG-vxBO0HujHXSFyeQvFDFlxK6nWXuJmR7hD-Y5YyCn4l7TZVgfYbLDWzymBTU7inwIFACvKzUDSZw1ZulrVPPz1X3RNe5PfLHw748dALE7wKzLhFJfgdMh1apyhYGwtd0tJDmG92cIL-dPjT2IBmP662qtz05INWv41ugtmCB2_GvewjigqVeEYQ6zhWVLPBqaqewND8KLv73qOJt3S89VkMnoiRKcGhjmHV-CziFpCuVDKHOYzaoVbTp1jF6DOdGklhSlIf3DGFmab7yG01RUm9bRG8Ujx3ojE3faw8XdkzIYVtCdOgqnrfZIcqWNh8BNRF1SdxGANOPWOmAiuM7ZHvPgVHUQQ11R_yOuWMwhzs-xMkX_DsgBOziL6IOYjoijkNvXYGf3jHI0zbGTRXaPvq35KT59rTvswErLRUkIPNfUmduJUx84TuLWqZDVPoyLfljm0qq6h494JrPe-OECil0UlHq_vDCt-7wRXcd6O-wDkENDMHDoXjcnYs7ro_115omv9KYK0M0nhpO6TNG1IAgcTwZjVzipawsFp4qLs87IAJhcf-r3liuB_iqKr01b2W7QzS_cqA--xsCGJi0rmAABo7fxK2nQG1ZyZYl6H5muEh4dVNkoB98fdM1sROZ_mBpbruhy8LKSb75qlOX6hDHuPng84AgE-rd469QGnb37uR3nTTE0imDt43uUNjpZjdySe2khKMwCIC_pE6e5BnWls7Ch_Ng7lHPJekXuDBE5bFkTLw4uMK6KdK6I8RdbAbB_jEwm4uP8xKN6n-ABOSboxjmaX8Cg07G4dF0ackCe47F0IqCI3nKphCgcjAsqt7Qe38tBiel6VY3IPyNaqIvBRW-HY8K7OHHWUhtpeUWm1k09IrSLJWYbaTMTqofGh1juxcAInWhAbJ1-Rd2bK6qjpeqQekGaOx4lxBE8Ev7Zp3VEHaELbrwfmvF9rtZf3cynjDaYm1tknpVXg0vqp440bSuMGX9fgA_LXdRZUQR0hZ6p5_Lx0L5U-4yLppja30F_Vo1kEEbeojz8vcyRHrIVIjfhL0es1hgKmaaQj_EKV13UhpvuipImq8WcdcYAJXq2Pm5X1gKYfrtzWQMXh-KyNAdW_HNla3G0IsRtDDmXGTKnv4OHC6FKoXCIQaDw6oMuT4eS1fTZk3ENK6A_wk8GLOpKJE-1KTtb2ZZ1Lg9PY_lCd_2TyQh76ma9o0IrW6hJl8hHgTgPOKPW0c1l0cH2FsDDqUjoQsa9pY-Wo99EMVYrIicLJQxBxgMcUh4ctg_tS2YqtDcWZXXvOGYcnYAZueKIrgbwwZmSvPain4LveTfvy026T_jtndT6Bl2WkdfXokvtQhuOjBRC9Yov8OP0kd1w37cltKniKCMxTdblptgXcxaNRysLk6qDWdmSUn3D_axiz4nP121zs0rMgIqOw6cfc3LRkbscRvqgsqmOByIJq8K_PLYqYcR16CguOPuk2cnmkGrOCe9Ec6UGeZHyU6iP4tp25Ukl-lfYhChUHiixY1W8Lg-qqSQiid_4ukSgeaGbcQX7sUUG9vpwf85Wpa_uYR2x4TPmaEJGzB-cWXltAgNvStI7VadYWjotoLfkkpr3_BD7TDgdWkwAAzm1N9Aq7tfcXpWYzAzEGeKT381zTN-fKj4bh61UnBLnq5ly1jWX1JwfDErBueL30hLKfOmFABmd1pbx2snNKEEQzqIFzv8jVGojq9S8qyoAPMu_pdFGK2OR6q8yqcjXI72t5hfxpkRhYPW2jQMXLxTOchtcE7_Lu3p0iNTXaOOUaSg8v-_IgWPC9KWUOi2nj7Ys9UqQIg2LJiuDYHFb0723RwdRs8BNhlOpr7s46EYYtXwBi5OWRmbzr9GuqQBc92Iru_cXerm5QZ-HkkvhxU4STZm4epBYDEUvyK3Up5ov0d9vGzKxS8zlvp6otVRDhax5-CV-WCCROB2CqHqBSzQnTawccF7XLxxXtURT8oG8R509dqN_STIK88xWr8miw_6jkf050C1v5eyd6N0JR4bodrAVQzxj87i9GfYXvdzmTuHI0OhLkP8pEbzeSJcs-tZJJr8WeAmXMAUdpijyLCR4D-Wl5bnx-MNlecT9jUFM4fbjxudHsxwVAi6Iceb8GWkGfp2ZxT6AxHNkEl70UvpV0noNccWKCLhIEsKwB-LMfHJ79VLw-OWpc_gnZq4znr5iSZXItGOdcuTovF17NVWDg7qlbUsQW_uJAcn8qGkTP27CwyJgGYDnGnT9lax6wA_F3NfMTVh6PxCAB1fQBLfbJTvgpJSIXuU8dgJd_XNSZQ2GCLudnRH7QyK5silyfUGqP7Mph78l2sFpt0Cb76VcHyhs_39IaaiDfYgf30b-n9ucAeTTs6i7-54iqo9-jpWTmzEFgVvPMbsnKUOjGaJfNXA7UvuA9yrIN-6FkBx36PyahLD7Y-kk5OFQ4Ll3NS-rOdGWymQcxTQ_A7dD04dNaBqVTuun4pZS5el2p95Kx14QJckaVEY60HaUR92TduAu3stwBOeUWryicfvbCO35RPAlzYOoUXI-gGyjWgJmP5pSlkNJ101O5qqvK9c9znIGtYOp_DuVEDKosUoORIzJk-34mt3DnNkY0hV6bIBAEVxetQsxY0W1OkVFF37L850nyDX0OIVVTmWLH2ST5GDdXpCva6kD7fVGzI8g2_p5o1kmGX4ZEs1I5JbjSaBsw_HrjWwNqBQ1-2F7CpcI88kORbOAEiuYIrkWgezESo8-R5yeob63cVTEUTkoOP-BPdhHoiU84fc3d08KU64TCZ0wEw7Nf8Brg_3lFZHSB-8e2W3Z0vXieioTwddctobNZoUq7wq2Qwhv0H8&cid=CAQSSwDUE5ymgSwBz0_VRlBANJjo9I2ImuFTowaE6h8LHWs4UXd6rs_uIlSB0JzxFKR-9FcHXwaNxJH-v28_eBwcL2pXCXll8s9bInYVSxgB&dv3_ver=m202301230201&rfl=https%3A%2F%2Fwww.orientaldaily.com.my%2F&ds=l&xdt=1&iif=1&cor=8818878692447593000&adk=1964084972&idt=328&cac=0&dtd=8

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:808::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

855e15fcdc7a729b06238328936629eac46e2251d9d3d71a5d65510451f4e7c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://25f0b6c781c28f0ec66a58e178665f44.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 08 Mar 2023 18:17:25 GMT
content-encoding: br
x-content-type-options: nosniff
age: 33430
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3023
x-xss-protection: 0
server: cafe
etag: 4221495933888618527
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 22 Mar 2023 18:17:25 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20230306/r20110914/ Frame 8C5A 28 KB
11 KB 47ms
47ms Script
text/javascript 2a00:1450:400d:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20230306/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:808::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9b4a6ebe3e504b894684b8e94e18e39c512908b42313776600c3cde2452f04df

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://25f0b6c781c28f0ec66a58e178665f44.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 01:46:46 GMT
content-encoding: br
x-content-type-options: nosniff
age: 6469
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10962
x-xss-protection: 0
server: cafe
etag: 11760670070698444384
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 23 Mar 2023 01:46:46 GMT

GET
H3 200 10000000_1600936633706790_4061514357092947234_n.mp4 Show response
video-lhr8-1.xx.fbcdn.net/v/t42.1790-29/ Frame A5C6 20 KB
20 KB 17ms
16ms Fetch
video/mp4 2a03:2880:f058:9:face:b00c:0:1823
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL: https://video-lhr8-1.xx.fbcdn.net/v/t42.1790-29/10000000_1600936633706790_4061514357092947234_n.mp4?_nc_cat=107&ccb=1-7&_nc_sid=5aebc0&efg=eyJ2ZW5jb2RlX3RhZyI6ImRhc2hfbGl2ZV9tZF9mcmFnXzJfYXVkaW8ifQ%3D%3D&_nc_ohc=_gwsUAA-o0cAX8Mrj0U&_nc_ht=video-lhr8-1.xx&edm=AGo2L-IEAAAA&oh=00_AfBVvE6hO-T_utdrlG6iFIsxCHhwUEy2YubId63VIktcPg&oe=64097A83&bytestart=89296&byteend=109737
Requested by: Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yS/r/E3aVjH1G1Nz.js?_nc_x=Ij3Wp8lg5Kz
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a03:2880:f058:9:face:b00c:0:1823 London, United Kingdom, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: c33251f3e9f16e4ad5b2c7be8e7901ef2936564e58c0e5d4923df2cf878d7023

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 03:34:35 GMT
x-storage-error-category: dfs:none;sc_p:206:WSE_NOT_SET
last-modified: Thu, 09 Mar 2023 03:28:05 GMT
vary: Origin
content-type: video/mp4
access-control-allow-origin: https://www.facebook.com
cache-control: max-age=1209600, no-transform
cross-origin-resource-policy: cross-origin
x-upstream-checksum-algorithm: crc32
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=86400
content-length: 20442
priority: u=1,i

POST
H3 200 / Show response
www.facebook.com/tr/ Frame 63D3 0
15 B 11ms
9ms Document
text/plain 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Requested by

Host: www.orientaldaily.com.my
URL: https://www.orientaldaily.com.my/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Content-Type: application/x-www-form-urlencoded
Origin: https://www.orientaldaily.com.my
Referer: https://www.orientaldaily.com.my/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-origin: https://www.orientaldaily.com.my
alt-svc: h3=":443"; ma=86400
content-length: 0
content-type: text/plain
cross-origin-resource-policy: cross-origin
date: Thu, 09 Mar 2023 03:34:35 GMT
priority: u=0,i
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 7B35 41 KB
15 KB 48ms
48ms Script
text/javascript 2a00:1450:400d:807::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BK447B_QvAEZI1lVa0qbhbaeFD_5dlRsbyoFUEgkOycvr03iUEE406QOMenOC8Z7WIZc5Tbtvo7IAMFYJ4ajHx72O_ncePXQ93fuu3ZhzAZUgIiIbll7BinNR9lStSW5Z-aFnYvYg_wdpKSBmFbSmLG-6cqKBuqN3Q3pDK87CKEm5JGl4&cry=1&dbm_d=AKAmf-DDmvYfv2u6dKtYQTFTCuRs9rHLR1n_FpjeSpnlGMCtOqGcAdXntWa8kxCbFYyWq6zYUPJazG9BIqoXcYabbbdG1YnZSDr-NksFpzgm9veD7EI9oRWPhDJGuK0OVoVwSVw6jJLaYjashkBtMWh5kWUcFyQ983BjztbkRcjlvDKwZO3mNlD3u7fkzUqx38d3xaGm9BvFGSFfl0d_os4k6JUNKmqwx3oDB6R4l5Jub0_fObIEEDZkCHZ8X-aL5LmgXngMw_l-9ZNtuGpbvEjMYJd_Cn8c5PHfBqLleNC1zmB_bJy2CoAUNSNqPxpyxEe5R9py6CRBTjb4ykW4n8ew9POEbQ7_7owm2gv8XaMRYEF8AniUXh9Fn371V3J7R2d1zN00iP6kT0pg3svdsA2_VjtbG5_Oy2GgBOfcr39LJdYE1jeqVUK-WZqnbNvS70yMNzHBD-JEAH5OSqNLXknDZxy0CGpR9gJFG7WDF-8Tizdvu1lQVXg07opOXmoFqW5b8fvml9Fop-GtR-P12AVhgHzeqoMwsFWe3yT6i72jJBs_2lRsrMZD7rRkRNcZGEHgh3ZV6dT4fBoxQhQLr6SymBZHiSNDbfrE-Rv4a2r6rY5FyHmO7esJyObHPhTlJaIMSB5XtXqHZAG9s47OxQwITufA5i7DDD0XRilnQOlFLOOtu2yU-edsdcFbtBMc2B2hV0g9rGZF64gjITwv7xQL9scv1bKwKNDW6UpHJmx1QvOZfTzpOF10mTO2lH33lPuP1mZIT2eg2b1jKogPYmU5qBznQ-sdG87idKrd-t-7Okir48RFRtK8P5QsHeVBABG2BbP7n8u4qdb2SYjhS1MWZhcgkjodUOetzBBR97jG-k1uCAFASjjUKeellctaOJx2gWu8NcGEENKwWle4sWJP1A5X-kJcwq-JE0fjTtux7wMd67doBAtgD2Nv_DUkHw1HXQn_OewE2befjc1UaB-vEorCzshO760VNXfkMbMB60Rx31qmq-hR1RthPu3zRSUCTEdJjRT3WDqdlWmrCkn0eA1mGQAhU-C35889pNheHA7qqSSryCpzMGooqtW2hRyAC1uw1p-Ww7OmKa-6uh4qW_ZCEmzGM92au0IB8boM7OOPYTM2YjCQ60_IMquCbeWg5qsYe_iY82j6XTSLfcUxjDN0q310-rxn-BMw9bZHgoyq3JRPtcBAo28Qg1uDkATYA2RkcPbUZvbJgx16VtW_RBavWyV_rk9wJI9R4Huy-9JSaHvy-XAl7SGLRWTGGcUpjp1Y6PFOIPdWx_wVx7pL00CcpIWHuIV8Bb0LHpak0wGULEA_4r_N9TkxzCSWrf_BjA1Ylw0WC1dqQnNMdSF__xo7HTWPVtoQZu7BnYziynbOEXNHFqa2lkWh40LZrTNdFPw3JwBUcxzliMIqobK57oMCmtC1MupkrZYec_nbPdfn454UskLcV4fr5716ZyjEJAAV3ggZHCo-3Mk5QHL45yriC8S20JZbGocLwd1G55O-V-ILaSpr9IbTq5qm2MFmt5PPa56A9YsrxhUe7vCTTxfpVNJn863THgDtKmOV8_Su61hbmKUm6Fmxkl1o3c7c9P1nuPUPnk-ikZCw3lxMzLrfImqtljKVwnCg5bDz33Q0Pz9XQeDO60P3eIAiWJMEaoVeHbK8T_CdF40eN23xdqznkDvJXHT6LjmLIgRqHD9QBqq3hKN-5dqo7bKYc4nRG3oBsTTSk_ERejZWYwWaCKCxmsKny3rnN6LCHynZ4Nwtf3KL1m4I215F36qqnyfA0unOBfRHHpOOHQAkyqUf6LgTZHs4SPeE4Jni7umVWZrqamduzfSeE_C_FBXZZp7r3378Vm6Is6IpIpv2snWOvbUcg2tsEg3zgOsDKfV39cgtRfi-M9oOxILsswHDC2t7APzIy2sZq4LB5b3GkLe0NeIrQpUtCjArXEvngNP07Va_uYO2MUTxKbG1-Rbwo-JhG3Fxx5ZgVgZTK-3dQXJSKXYx15qyO2vb5jBOJpuFS0e4RicbojveMe7TrOCQsBdov0Lkovo3ETlo_EBZx277_p_aqgSakRkdaXemsrZGvlaSn1RtwQ9SQGKvvEqPBZ21X_M1qahY9VwaB66vec33WJQFo3QWiF5-J_VdZridM2dw4xnDON_6-looIbwu_ndrPvQ3AYB_bzRlUYbDbWuoh4-186se--8kpc-NtI8aepj4l88-Als-Y_33ztTUX4MlyqBbq_2um_03Iy4Mqs3UfwWiWRKbYvUwyeR-kM0R-fH6YroQLWApsUzpHT0iRZQAwmmTj3BLJBdbVFjRUS8tIUeMqnRfJv9yprltQWi1kqQJ44NNqleY_XTvi5s5u-k6CJ_yIAlQYEdCG7gDp46hv_h6ZWlfGdnrhrSHqF2S0yqPFo-YOZTAMC8dT2iG0pp5Zk54aEgn4WyUiSncDoJKA3RHkYUhHDP8sce9IqSXVD5N9aN8NwDNRKXHCm0Kkx1xnnto0pv5n4hQaCp5Ycqvd_LM5zkFOv7B_qEz5Qmxl6TsGYcY1h1ioV6nfII3ARAF3njDwPWl9p3RoBV9ol5F5-Z_NavgvzSMe5vXZCVMLfioFzX7O9VIqE9Z9cnLDW-oRxG5rNVwjCNt4Fej63a-uQxNAms0p6bDvbB4QvbRlQKXSYqG4R5pywklWe1vrkZfOkO-yx1AriBicwz9JT7D59GPXA6I2Rb_89u9RDqGBOFqNVsg5JqDfl1oGbevGfd9xxkqoflWFcs0CR467m4XtSIyAWcmmYrxMMRR9w0YyiCimi-Vy1k2K1f14qwElTyjuhBfumJgILQotc4LEUZNwXvfkqEOOV3cYWHkkgRgizIT5-s9tyk5vmsvLsQscQDzCF53OplzqxHIaOc2Pox3VYAFrdchrIqXhi1fLhznElOdpuE4VGtpHj2Aa3kaWrHPJV8SiUak6QuRkyPN7A_FHGbgrFkTwsOA6e-Y0_fiw3anUR43shTLm82YoXEAtA3mQE2Md31Xs-CsQEGvk0RT4c60lo1ioHgPKNbfM27CmiNUbV3RSYPK_sSY-QLVauNEJAv3qWVkK936SF1qsFuX9fR70f1dfBSraMWhCXLEw0gMzcAYAQSrIpTr6DsAU2dJRLgol3cYkmMMT4GkZcZMqSil9_JQrl5d3s08V7c-27xjeI5WOE5OnByCFGw4to6UJHGJa112mbgtuIcs9STuA7y-erEEtTi_oYMd8fOBJ8Pl7fzl6RpTDJE_h4_Hqvj06WEzSOM7bFlFEVwTKSfievrqeekkAh4qClq-ccmvc5OGAZ0VLJLikMgi3Ih9aR0CTWzFWklKDv0WajjIZzekuGA7OODL9To1g2wACZyrMhiHizkUtl7P9fAci-cGQLs_9yl1Bvnby4bZd1vaomI9BFmBbvWahaHIKYqN--KAAB12QzaNzG-kWB6SzeEPsM-cGUrUqGHo0v3w4_DWyywwoWGRE7UleDnlrmOj1baQT8rR497_8dgvnnJUl9MnCgeU8FR9JQ2FRTB6mHnajFoSGI9lJmcPCSs1n2EUB5aKg1EiyxS0R-gIkrnNXHCaOLz_0M7BM6FnNYZpj0UbEb1hVCDwgx-LDg-JaBMu18zdayu5qPk8-l9oeeKSQLim3ayDpgVr7FbXccQ6a0xh8pv6VF69uUkQhjJ13YOCFxK1B4mzyeU_h0MB8KbuEWcqqAZKt4l21k5PpwjihKLF8DfkwP3EQPdPXw&cid=CAQSSwDUE5ymgSwBz0_VRlBANJjo9I2ImuFTowaE6h8LHWs4UXd6rs_uIlSB0JzxFKR-9FcHXwaNxJH-v28_eBwcL2pXCXll8s9bInYVSxgB&dv3_ver=m202301230201&rfl=https%3A%2F%2Fwww.orientaldaily.com.my%2F&ds=l&xdt=1&iif=1&cor=5957868261546642000&adk=3047537735&idt=367&cac=0&dtd=5

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://25f0b6c781c28f0ec66a58e178665f44.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 08 Mar 2023 18:18:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 33365
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 07 Mar 2024 18:18:30 GMT

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 0E74 41 KB
15 KB 49ms
48ms Script
text/javascript 2a00:1450:400d:807::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-ASgTvRkMnWmkOJEQbSX5L8lj6zrUxp1G48vE7iwFS3vpOy4oyRFoqD8ouEA7ADR_TTmXpOlyz6WaR4tOuPcAToSyrXSrOErXNRXyuNx0CsF251rIUIVB93qQUeT4BCp20hY90SByeZ1plZbFEzZIjWGuMfAOBkgMnQEDt3WGOc-MGIXgY&cry=1&dbm_d=AKAmf-Cuo3ZfsgiL84VUoS405sGWJdsRwTHjZkPh-o5xjQzhd7kZ_YhN7GllROX-HsGEmIvDnjTsjo_qibGBM4OId--FocsKrsuVdYVVUOSwDqE1egGssEAmvtvpxgESRVOLrF08fLFsiywzJvUqm0g1_a7CeNDwYmqXKM61w3KpSXU7hWID0kKWbji6a8uaV7e4yg8Vq2Tcl9KLlWE_dqLJ6JEX9P57lGIeSvTKz9oDOCYCpb4r7hoN7JLP6gkKJZFCDbJxTDlMjieS60B7sAJfl7EfWPcauxKRuhu8fzCwzw5oO8sY_jFuiWGavizQ45OvIzC5EblYVt50QbTF2-CGRH-GpS6x3MA3M0PPM2drjeq50zRzncdF13layTqiFyziXTnDuI9PpdqGEuboDmOI25Tlqb9DIHHdZVqydzQ0tn9j0ENWs3U8pn-_RZZ7zdk45U_8XEKwB-aPa1T4-MtPyBTdLzmv6OihRaQSN5KT9eQRq_EqpYJqeoLvWZ3sxvhpWaJu0HGBMVYgZowmn08vGcRQYKA5rEq8pwHdMHy_cdajiz_WKm118XYfEX2wxvAewMIi1bR8iGi-fQ8heq0rq7Li3y5yiX7-a7yFnJj3oNasbUCmgx6hvWbbXUHtNys6raAhz1f_qAYthcLyscltZtjIJQmOZfhg5FxGJCh8EIIhvNGm9pEFU6MmC12i_q2WUnMUxnsq3MccfMT7eq1thBOJpAdT4VD8OcEXsFj404OMW_GzSR7UUICrAVw6s4AJoEsuYtoq8DPYiop_fE9Fh2aGlD5P-EGZ41Hm5L7ax9GrhpYIs1lvMWKnitpElVvj_fktHf4zqhV04RbyL8_4fFHFCiyCmumghBHId16tBKaTN2EpIwbXpPvPZHjSgp1zg-ietrsYTD6Ab8ICCDR3yRyeznc9Mq5VPkwLBSeLZsyQm9f--W-4qBEF5oCRAftRAH3POw5m1xkNCPJ9nIDhqMrpl9ybryFQtV_hp19Wpx5DK8oHUx65Ly4wDm-yUW_wy3yZFbuaeUajKB0g_b29I4kckW0dzFNe3P8lzaIYIzhUJXvUv1Pi45Ny1MMq7Xgwolo4HC3LEl5XAkyk-QmWEq4WYoAXZKqDJG4C7U7oTsivh5bUGcP4k3lggvb5oAiLn8Gz1znESiKxK-ivJIuxOxSBvvPPM7phnyQxpq-HcgxvLB8ipx9yRVMoo7T7TLTdqUzZZvhmpHu2XyqMncQWBISI8tQuwdEsoKE4xzSbBNSpR3JEkZU44kDiXR0yHkVJJtGC82Rx1g0035vc9oVOQunEB2rCj4RJs4bjs7yeaVCdMRa7oVublD_WxtBTVQ6mRmc8vGmwdMWT_sXmronSuxLFSDvH5-jf0dLAiu0h3qLTGwT-1ONXhtbVMsQwdmhpMA7m6hTWiFk7T3hWLsutifZjd26kj26KbYBbwX6ULx5SFxwrTe00p74ySCBr4b_T5W4LMk-jCrwlmbx4AAaIWfRKZmDAS70ubf_IsP65vURM9ywYCk8Ml_icMcSGGQG4K7IhjIZ4tZOUesOUD0qNopWwA6IOBI6Z68Y_GQe4g-gm43fSghOdRJcPfYcaAZ74Sqxd3abuP9ud5_CK-hyG5ukRqQ6MbIvzGQ_KN7b2muI39zf0sFf49k_COjIOHbwHqMYionrc--CKBmhBDpxFJcbtSXOE6Pl9YCmU86blt4sx96JR_NgRbKPemn-Ih8nhFPJ7Mc_lcljOApIOAiMH-cxVdjYag9BERrzAesBFMfPQmPeEAE89CdmjEHNOuFhbZsn4-RJqWiq-miNNfbrp1ouKmDmfuGYRH18nCCWENL5LgVTs1TILjHzd6zcDOHMFFw4UCDuqaAMVkwpapiGfVM42XUHqqfbI-b0L3HKQkb-2kh3jpXFJ5FK49jeFgLtv5H1R2cnPybA00aMkG7jyXSEdAgVruD6444_hCQzBAq9lFVVdIjeFhZBhdAd8efbELOOf_p_9yMBp7ufcfm_jln0x_8HC8oypiV0vxPtAO6XfgJhA9snjovIv2D9upGnOOXpAfn8Krl82DPqZrxFxzWreSgnM6RJLvrdSlBjLhtKruYqx38q4k04nsFVmGV-w-I3E1e1l-W3r8PpjXtxTaqdqIJpOZc9-LE2hTJfWMT0oi2OXiHawRgFKP36bLqf02XqFvMxAlXNIVGzi_x82Isq-tP4SkcdQ4G25NCR5W3vpGqAcXIDMsjsIGMh43ma0gTUqXyDchTCAG_huajnlWhiHBt10JHdYWcADMugzyxlBPSdEK_YkrEO3LkTEXprMyUJ5DCEpKSZgeiB2EPvQ6_6U022MA4ENyFAshZ8rqU01qVXiOTQf_ATsNUFUvkloDrraHtujAvCve1nlEjoy0kiVoOyxTFMDH8MYJJHzrAsmaFOIvlpDARAvzSIQGOeU8mJFoySwLioo9Yn7GP0j9VxeN8ppHB82AUYzC1yZ1w1JNJvyPsl9MXIfS7eeTLWnLMhcIEYyztFLnb5HcpYB9iDGogPuxEx4zkSFqPy2IRysHRAXf6P_4CHNEtPTM3jY2IXAICoXXKRYxL9xSmU-41AdaerFxdL3FTEuyV8EDnsuxlfpnnsYLeWMn6ZFqAZ2xBVpIU45RE1LfsO-aGTENE0zhYBsMm1gm7Qf0t4tVHdgw_zQ5vCAWJEOVEeP9XAQlq-i46tkZ7NomUyQgbzXw9utOnZOKEMrMIhrCoKWwXSTdqevL6HHYR-_tE1CTMcbokuIre5B3WpUGZ6_xwBANPtUt3BttlgaC27Liw4Sm1juveXSz1wBDGD24TB9Pcz9haiNX6EITN6p_yxpm1LgjmBeyvEC7FHDVelfk5e-G3ufsD8Cgelt4EwXRLChJFZ8BhGuITF5_7eXHwn_qPgSb-znZqYVw3YAGmW3KFCY7E6knVNfndJCVhe0EY1gDZhPuXv4h6-Iow5eTHuhLMwB_VfvAmKsA0ZUm2gJlUQ2jepMbSc0fqHw6jX3oIEKdU0m267sXeJcqiJahb72Dlwdve01BKdqYt8h3saJNe1j-Y2qSI35AurLc0PqLJgsraxxtv8R5bD5thM1SJ7Jy8uRwRJo65edUPZS0cV2a69SD3Az3kr1bpD_Ek82tUVbVeanVGdTVCv8LhozgUL1bFEO682fRD5-f3F05YCLENQL0cfb6D4XKPYkoK6ZtASwu2uGGEd0p5SrwLXU0rH2TIheM5d3V-zcRWWXkS9iqALWj1JY8H_q5n0U8_4Ii4fcqE6bmUoyBGJ1FICfLNjlR_tQsebuCDC8BEJsQLPonaekOK1QrZxBMhixAhZbXaI_CsvScUBpLLBAihEuVfEKvAvnDpW32YgIORyaAdxGbFr-wQxfdS8X5TZLVjv29mnPhVCnnXssI37MF5TB-U7AjIBCOU3YsOUvzzUh3Wbtgv_ZUIJkknXxv8lmCSFyCdO_erunIyljDyFPiQn3ZPUwnTtldDDgTp_2QRGEZWx9VlGRgNdZBjEBAhE9Dp41mMe0g3v2AfbpYop-PLiko3wqK-SNi5MsBSEz411FsMObF2NXq2n09NJBzr0gzUmuyWapbmxVF_WXAJ_tKk7s_kElF1CtOUXpPu4cf4ianC-0jJmXXKRdf2rVdABBQdIzmWu1CQ9b_aSTNW7dv_3bLjNw54CoxLrBgcrhRecc5PSfYYjT-R-DX9lWN4uuXj4ZIzZkFMl81-cMjCeOznXeDdL4l8SVIspHTL3CSA&cid=CAQSSwDUE5ymgSwBz0_VRlBANJjo9I2ImuFTowaE6h8LHWs4UXd6rs_uIlSB0JzxFKR-9FcHXwaNxJH-v28_eBwcL2pXCXll8s9bInYVSxgB&dv3_ver=m202301230201&rfl=https%3A%2F%2Fwww.orientaldaily.com.my%2F&ds=l&xdt=1&iif=1&cor=3020198889107654000&adk=2228999115&idt=378&cac=0&dtd=3

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://25f0b6c781c28f0ec66a58e178665f44.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 08 Mar 2023 18:18:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 33365
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 07 Mar 2024 18:18:30 GMT

GET
H3 200 dcmads.js Show response
www.googletagservices.com/dcm/ Frame C515 16 KB
7 KB 47ms
47ms Script
text/javascript 2a00:1450:400d:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/dcm/dcmads.js

Requested by

Host: s.tribalfusion.com
URL: https://s.tribalfusion.com/j.ad?flashVer=0&ver=1.29&th=7555152956&tagKey=3880046815&site=orientaldailycom&adSpace=desktop&center=1&env=display&addBlockingCategories=gambling,tobacco,violence,suggestive,religious&size=970x250,728x90&busted=1&url=https%3A%2F%2Fwww.orientaldaily.com.my%2F&f=1&p=12796109&tKey=aAmneMWUZbEVmv0PEvYQcvn3EJZcRUvB7F&a=1&adContainerId=richmedia_2&rnd=12800795

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80d::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7bc0c4519150a490750c0f9f77857d5af952bca0bad56e3db6d24bd79f18b4e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.orientaldaily.com.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 03:16:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1059
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6883
x-xss-protection: 0
last-modified: Wed, 15 Feb 2023 19:52:36 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-dcm-tag"
vary: Accept-Encoding
report-to: {"group":"ads-dcm-tag","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-dcm-tag"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
expires: Thu, 09 Mar 2023 04:16:56 GMT

GET
H/1.1 200
OK wmoiqux43uzw Show response
hal9000.redintelligence.net/zone/ Frame 7B35 11 KB
4 KB 108ms
20ms Script
text/html 78.46.23.46
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal9000.redintelligence.net/zone/wmoiqux43uzw?subid=&gdpr=-1&gdpr_consent=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCipNIyVMJZO3dH-SSjuwPn4ScgAim5b2gab2TnKfJD_AuEAEg3uW3Q2CV4pCCoAfIAQmpAtM_RZHLsrE-qAMBqgSkAk_QOVGOzf9Pfkj_uID8cKosHBdEG3y5XQfp3xxBEguTcn-e6xEazhohnVZmmU08hD9zi79u-hfJx7ChpsKqZoYJOGXUZc6V9KoyR7ranf5J9uvPV9eIG_WxfqWUtWclyj5kAI0HhzzBXE_vZoGaCoTLSa-toj12imYZsRwlRrOjcFGioBJAfj5m96bjfmCSqxt0NNx_rkszsiE6Nf6qGMhDto5guzkLXfWq4T9tsukm1pNQ8N4V6c0rLx-vH-IiISPJbclgZ-ax9j8IOHRUv5CUntE6aE40I-wGODsscEmUWzkjXne0Uqy1GB-TXJ4cE2ZGs08iEz5f5AexaM-hmNAEhlhlSKwz3B2O5Fs8W944OgoT2oXW3uHU_orFI4RIyK-7UGTABOuP_I73A-AEA5AGAaAGTYAHrK31nwOoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggRCIDhgBAQARgdMgKqAjoCgECACgOYCwHICwGADAGwE4-10Q7QEwDYEwPYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSSwDUE5ymgSwBz0_VRlBANJjo9I2ImuFTowaE6h8LHWs4UXd6rs_uIlSB0JzxFKR-9FcHXwaNxJH-v28_eBwcL2pXCXll8s9bInYVSxgB%26sig%3DAOD64_3yQDRW2_m-e_7R9wROQvLo1pKGPQ%26client%3Dca-pub-3430561196928589%26dbm_c%3DAKAmf-DPnXsOkO81u1c9tQV5kA8slnQZqUqwRBfBgoRH5zt6L1YoC5Uupt1_asqDxoqvS96bXCArHk3yMu17E4SfbQe9fPm2_4dnM5xat1dHKpInWrBueagePcEAXHWQazsXV2cyAtNiXSvykyxhp8HWXNVesJekhrgfI3ARA-sJA9KF4FgKyhc%26cry%3D1%26dbm_d%3DAKAmf-CsfhtM91hhsWj6S9xe9JUAwuWq_gN1H4RwQbVAInS-hv1kXHi1VSvF-3j8dYqJobarFmEzuqJ0ibcV4kLKJq7VgouuGbBSp-gWRFJauVgOb1RuOFNcF2Pbmzk_xZDo5tYUuXScsig_6i7HdPhaLpaqi9abAVRff36So6Man5rwoTqAjfft_n7K_SBGoFd71AKvDKKyge955Yjqwxkc1puoaLidAB-E96c_lX7ZJo6QHtv_LRR0DXjV4CeahbrtdTqbMrbVlpeZRudrkOcXUE7Zm6HyejkzQ4fOvC_uuitj4Wriz3kQMrsBMDNubanmap5NpMrSv8o3vPXObAnsU92Bj9LHT_MZzCEsc1Wg2iUk_qOwjuoDmBoo8M7ZipxCMpKSBK4wxAz0dBsjBNLsm4Hp6LzCjCx_ial3k07DuSSY2UA2-Or9pUPc6R1aIjENnlO86TE3CBivQUZPNxUREmlGto-dmHvuEtWWXws--3Dfr-lDUXSUGUDo5VPDQGo3SAqrYd3VUiINjEEGBUJgSF5NYoyMXTYqNeCqfTCA9uiP1BDb9yo%26adurl%3D
Requested by: Host: 25f0b6c781c28f0ec66a58e178665f44.safeframe.googlesyndication.com
URL: https://25f0b6c781c28f0ec66a58e178665f44.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 78.46.23.46 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.46.23.46.78.clients.your-server.de
Software: Apache /
Resource Hash: 6cc212483920f1b4636c0ce41e2b06269af93b63fb0afa46f1e1c5319d601081

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://25f0b6c781c28f0ec66a58e178665f44.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date: Thu, 09 Mar 2023 03:34:35 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 4151
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8

GET
H/1.1 200
OK wmoiqux43uzw Show response
hal9000.redintelligence.net/zone/ Frame 0E74 11 KB
4 KB 104ms
19ms Script
text/html 78.46.23.46
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal9000.redintelligence.net/zone/wmoiqux43uzw?subid=&gdpr=-1&gdpr_consent=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC-QkNyVMJZOzdH-SSjuwPn4ScgAim5b2gab2TnKfJD_AuEAEg3uW3Q2CV4pCCoAfIAQmpAtM_RZHLsrE-qAMBqgSkAk_QTqfG7BxtZeBFqtc-VCpu2mvR8Cu7cGXjQKrfBgTN4C6Mpjuyxr9AW6eOWOUejb5BunCTmgEMWbdemhK1y0BXTmhCunKRVZI07Si9Kcrr8b7OgUkPqNrFtlholesYLPscvWercvPnw19wfqcZFrCqVzNsC4diuEe055G-lge0xn10cRjLWKQW23q1sRB27O3LHEVE3R2loCTowbXON4bkOcTvro9QG_GKFiLASgSMZ2xeXyEhRSKoCEs-dGBl4OBlwIAr4yRJEzpnskwWCn9mK1y79SLePVxCoug7qXkxDZlEIJhDLwztB1RYk-4cNB3nYdyVvMRbyxhtgYWL2VDNk9J1Z7lMtBc2FaCtd1oTVf5Q1evct2PgxSdH9MCSh1M6GYPABOuP_I73A-AEA5AGAaAGTYAHrK31nwOoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggRCIDhgBAQARgdMgKqAjoCgECACgOYCwHICwGADAGwE4-10Q7QEwDYEwPYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSSwDUE5ymgSwBz0_VRlBANJjo9I2ImuFTowaE6h8LHWs4UXd6rs_uIlSB0JzxFKR-9FcHXwaNxJH-v28_eBwcL2pXCXll8s9bInYVSxgB%26sig%3DAOD64_3HkMtQGcLHRSonSRwCkIXBOf6Myw%26client%3Dca-pub-3430561196928589%26dbm_c%3DAKAmf-BbUdQI5pqadkF8e6pR2EhK2Mrm6hGGbi3nXvRd0idCYlXh_xxqcsJf0iUsN0EF1zkroCXvCJFwXy9k1WBxGO0bsMhsR46KHsfbH1qrIYCotE5RkGpiX1MhnRtOVNrT3b3WTO5Dy4ZoLvSJz76Jdjt_HJa0u2n1RJlvN9iZoKUwmwQrIrM%26cry%3D1%26dbm_d%3DAKAmf-BKXWDNlXAy86sb5txPU7ctfahMLQC_KthokAxheA3yMQoNHEeWkHj8Rbb0U_9rOXSbI8xsydS4q_10TJcqQloX0uizboZHxslq7JTix8VP2Dc4LqO_b1uYvaGErnHF4zviV-rT1fyaxpiEgDvs0HS4cG12Q8A4nUDemfNz8aMr3K4kVT69dnbNbU9GdZ9D6g5fht3nRjNVY21hCt1ujzIc5cWfGvJcLe4_WPHKOkPvxJgZx9ojUtX5bv9WhvjH3TcVBc2eUdaKDPK4MVA7g4VHVaeWFTiC9jbYgTGw36i0WRGzf4y0TxY5Xyg-NXfJfEmKg0lr-vDWJp_HTZkVkwbtFGGwvb6UmsCg-GQltRiNXEaV6qk7BdD1i75D9atFA37aQT-YDxG8olMGXmMmNDb1Q77UhQHrJiL9f23yl7ZL9doFkfc74CikeFNsTXtcXG9iR7SDXFKGHFjUeffzJRP7PFsWEZ-bujfwa6jHZRXNjHxFp6r25-NPQRJX5jMY03Dm75LuwdlHOnNxxmAyDMB4Fs7pud6Ttv54rlKVVbn8n_s7rF0%26adurl%3D
Requested by: Host: 25f0b6c781c28f0ec66a58e178665f44.safeframe.googlesyndication.com
URL: https://25f0b6c781c28f0ec66a58e178665f44.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 78.46.23.46 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.46.23.46.78.clients.your-server.de
Software: Apache /
Resource Hash: 49be80dcdb36905015b91cb053bf0d0d63f8a00ddb142fe8e32c9255774f3e4a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://25f0b6c781c28f0ec66a58e178665f44.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date: Thu, 09 Mar 2023 03:34:35 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 4152
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8

GET
H3 200 10000000_1176832589685551_7617901074642110564_n.mp4 Show response
video-lhr8-1.xx.fbcdn.net/v/t66.36281-29/ Frame A5C6 1 MB
1 MB 17ms
17ms Fetch
video/mp4 2a03:2880:f058:9:face:b00c:0:1823
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL: https://video-lhr8-1.xx.fbcdn.net/v/t66.36281-29/10000000_1176832589685551_7617901074642110564_n.mp4?_nc_cat=103&ccb=1-7&_nc_sid=5aebc0&efg=eyJ2ZW5jb2RlX3RhZyI6ImRhc2hfbGl2ZV9wc3RfZnJhZ18yX3ZpZGVvIn0%3D&_nc_ohc=ToaPEU2MgTcAX9q9Nx0&_nc_ht=video-lhr8-1.xx&edm=AGo2L-IEAAAA&oh=00_AfDUreijWpPAntDVEj9sGxuzjHMk1YWhxPAvpQ349Jdmcg&oe=640EF047&bytestart=3923712&byteend=5021415
Requested by: Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yS/r/E3aVjH1G1Nz.js?_nc_x=Ij3Wp8lg5Kz
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a03:2880:f058:9:face:b00c:0:1823 London, United Kingdom, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: cd4d096aef0f12e67d254fade866062c784f4bf156fc34f1692d51e3cd69f28b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 03:34:35 GMT
x-storage-error-category: dfs:none;hs_p:206:HS_ERANGE_SUCCESS
last-modified: Thu, 09 Mar 2023 03:28:24 GMT
vary: Origin
content-type: video/mp4
access-control-allow-origin: https://www.facebook.com
cache-control: max-age=1209600, no-transform
cross-origin-resource-policy: cross-origin
x-upstream-checksum-algorithm: crc32
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=86400
content-length: 1097704
priority: u=1,i
proxy-status: http_response_ok; e_clientaddr="AcJKbJbqaTlZrtn7_BHoplHXSehGRXU9uqETj-fkB6WwyQu3D8iGYjdTgMPwnzGRI8_kmyr8Jlyjc5Ums7-gSW9NYK21LwWYjMZe2XNcIg"; e_fb_vipaddr="AcKWKNCqi1HyLxOvnHh2SSAffEafc8e9xctpr3V-wPqBglwKyjaMK7CSrQ3QgFqfS55qLqumuIk477PdNw5vjYRe82Hb_xSn25klqvnS"; e_fb_builduser="AcKGJIr5hq0vCy27dY05mXVky1MtvFabLmyfqhZdaejL6dYo6bmczwr_ogyJMd1DW8Q"; e_fb_binaryversion="AcKE0f4HlLVpDahPX7OOQaOD4FTD7lGuJHrIBil2hzDZ1s7pw9PSFD6SuSezYn96cmTx7azZsuqtxBdb0NXpU3q-Vn0YH53jnAA"; e_proxy="AcIl1pbY5YH60yQGeMxQKn401xRGKUIRMxrIeX1Qvb-wINCUQK8VI-z6uRiSRKPpdu_CKQ_fOVk_PtyfNuY"

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 5842 0
0 77ms
76ms Fetch
image/gif 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsv6lQ1pZa_r5op9fWb_jQxwPma8vhokjQRBpLmFU5stPxh6QtBktLnneVqUNducx9UzhrC9YLWsvBA0gejpjERGxl_1CpIkHv2YSzmfeO3umpAmLYYaj0ZuXXNoreCT1qDeOoSdn8VzKbVl2T_srmiYYpIt7X6H21AlXYKerxg00IHCEaWjJSUS_KOZA9gtQQRJGHfO681Do8opPixHR_i-J2VTctiaKBPtXfPmyp3GSieZRduaRA97AaEssXAKbo4JQQH1_RC4UFF6zjdjClby0j7E1B1UfTvxU72rtnWm6lA4A_V-rTCQfzD82BU1IXRc3YBp0byo10Y3kI7eFdDuZ0spH9ToDp9NvMftIapjiXC5LA&sai=AMfl-YTMEpAQEwRI_n6nLc9wYl14l_-eRSmuIjliw6B_HuKnqZh4VaP-4-SH806AOxp3cknrJ9DCt_B7BxrsgGWiUzIyaB6bpwE2kyGw7WTofE1LHpjPXL-OQCORpmoXiA&sig=Cg0ArKJSzLfbMXI7YCFrEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.orientaldaily.com.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 03:34:35 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Thu, 09 Mar 2023 03:34:35 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 664D 13 KB
5 KB 53ms
47ms Document
text/html 2a00:1450:400d:807::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.orientaldaily.com.my/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 36996
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 08 Mar 2023 17:17:59 GMT
expires: Thu, 07 Mar 2024 17:17:59 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 1F70 783 B
973 B 77ms
72ms Document
text/html 2a00:1450:400d:80d::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80d::2004 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

465e6c29f9565d86eb14d05b1d1a1229c4370d4869d70346191eb7297a38022a

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-3Vj4S79qEHqtFRKManv0Xw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.orientaldaily.com.my/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 514
content-security-policy: script-src 'report-sample' 'nonce-3Vj4S79qEHqtFRKManv0Xw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Thu, 09 Mar 2023 03:34:35 GMT
expires: Thu, 09 Mar 2023 03:34:35 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 impl_v95.js Show response
www.googletagservices.com/dcm/ Frame C515 60 KB
23 KB 47ms
47ms Script
text/javascript 2a00:1450:400d:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/dcm/impl_v95.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/dcmads.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80d::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

83a818561b7f93e0f7664504ef5993250ab3f2e6420b5d73cf708fba0f5665e4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.orientaldaily.com.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 08 Mar 2023 18:16:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 33459
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23368
x-xss-protection: 0
last-modified: Mon, 13 Feb 2023 18:47:20 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-dcm-tag"
vary: Accept-Encoding
report-to: {"group":"ads-dcm-tag","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-dcm-tag"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 07 Mar 2024 18:16:56 GMT

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 8C5A 41 KB
15 KB 47ms
47ms Script
text/javascript 2a00:1450:400d:807::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: 25f0b6c781c28f0ec66a58e178665f44.safeframe.googlesyndication.com
URL: https://25f0b6c781c28f0ec66a58e178665f44.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://25f0b6c781c28f0ec66a58e178665f44.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 08 Mar 2023 18:18:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 33365
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 07 Mar 2024 18:18:30 GMT

GET
DATA 200
OK truncated
/ Frame 8C5A 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0e7639f0277ff746d9f6524f5106da22e4ce678df509b99bd293201bc858cab6

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame C207 22 KB
8 KB 48ms
47ms Document
text/html 2a00:1450:400d:807::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://25f0b6c781c28f0ec66a58e178665f44.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 33459
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 08 Mar 2023 18:16:56 GMT
expires: Thu, 07 Mar 2024 18:16:56 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame E521 22 KB
8 KB 51ms
51ms Document
text/html 2a00:1450:400d:807::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://25f0b6c781c28f0ec66a58e178665f44.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 33459
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 08 Mar 2023 18:16:56 GMT
expires: Thu, 07 Mar 2024 18:16:56 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1

200
OK

request.php Show response
hal900027.redintelligence.net/ Frame 0E74
Redirect Chain

https://hal900027.redintelligence.net/request.php?zone=wmoiqux43uzw&nw=20&renderingType=javascript&namespace=c6fd1df368&subid=&uid=8ed510983c2fae01&screenSize=1600x1200&screenSizeAvail=1600x1200&cl...
https://hal900027.redintelligence.net/request.php?zone=wmoiqux43uzw&nw=20&renderingType=javascript&namespace=c6fd1df368&subid=&uid=8ed510983c2fae01&screenSize=1600x1200&screenSizeAvail=1600x1200&cl...

4 KB
2 KB

102ms
79ms

Script
application/x-javascript

78.46.111.106
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal900027.redintelligence.net/request.php?zone=wmoiqux43uzw&nw=20&renderingType=javascript&namespace=c6fd1df368&subid=&uid=8ed510983c2fae01&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=336x280&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC-QkNyVMJZOzdH-SSjuwPn4ScgAim5b2gab2TnKfJD_AuEAEg3uW3Q2CV4pCCoAfIAQmpAtM_RZHLsrE-qAMBqgSkAk_QTqfG7BxtZeBFqtc-VCpu2mvR8Cu7cGXjQKrfBgTN4C6Mpjuyxr9AW6eOWOUejb5BunCTmgEMWbdemhK1y0BXTmhCunKRVZI07Si9Kcrr8b7OgUkPqNrFtlholesYLPscvWercvPnw19wfqcZFrCqVzNsC4diuEe055G-lge0xn10cRjLWKQW23q1sRB27O3LHEVE3R2loCTowbXON4bkOcTvro9QG_GKFiLASgSMZ2xeXyEhRSKoCEs-dGBl4OBlwIAr4yRJEzpnskwWCn9mK1y79SLePVxCoug7qXkxDZlEIJhDLwztB1RYk-4cNB3nYdyVvMRbyxhtgYWL2VDNk9J1Z7lMtBc2FaCtd1oTVf5Q1evct2PgxSdH9MCSh1M6GYPABOuP_I73A-AEA5AGAaAGTYAHrK31nwOoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggRCIDhgBAQARgdMgKqAjoCgECACgOYCwHICwGADAGwE4-10Q7QEwDYEwPYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSSwDUE5ymgSwBz0_VRlBANJjo9I2ImuFTowaE6h8LHWs4UXd6rs_uIlSB0JzxFKR-9FcHXwaNxJH-v28_eBwcL2pXCXll8s9bInYVSxgB%26sig%3DAOD64_3HkMtQGcLHRSonSRwCkIXBOf6Myw%26client%3Dca-pub-3430561196928589%26dbm_c%3DAKAmf-BbUdQI5pqadkF8e6pR2EhK2Mrm6hGGbi3nXvRd0idCYlXh_xxqcsJf0iUsN0EF1zkroCXvCJFwXy9k1WBxGO0bsMhsR46KHsfbH1qrIYCotE5RkGpiX1MhnRtOVNrT3b3WTO5Dy4ZoLvSJz76Jdjt_HJa0u2n1RJlvN9iZoKUwmwQrIrM%26cry%3D1%26dbm_d%3DAKAmf-BKXWDNlXAy86sb5txPU7ctfahMLQC_KthokAxheA3yMQoNHEeWkHj8Rbb0U_9rOXSbI8xsydS4q_10TJcqQloX0uizboZHxslq7JTix8VP2Dc4LqO_b1uYvaGErnHF4zviV-rT1fyaxpiEgDvs0HS4cG12Q8A4nUDemfNz8aMr3K4kVT69dnbNbU9GdZ9D6g5fht3nRjNVY21hCt1ujzIc5cWfGvJcLe4_WPHKOkPvxJgZx9ojUtX5bv9WhvjH3TcVBc2eUdaKDPK4MVA7g4VHVaeWFTiC9jbYgTGw36i0WRGzf4y0TxY5Xyg-NXfJfEmKg0lr-vDWJp_HTZkVkwbtFGGwvb6UmsCg-GQltRiNXEaV6qk7BdD1i75D9atFA37aQT-YDxG8olMGXmMmNDb1Q77UhQHrJiL9f23yl7ZL9doFkfc74CikeFNsTXtcXG9iR7SDXFKGHFjUeffzJRP7PFsWEZ-bujfwa6jHZRXNjHxFp6r25-NPQRJX5jMY03Dm75LuwdlHOnNxxmAyDMB4Fs7pud6Ttv54rlKVVbn8n_s7rF0%26adurl%3D&documentReferer=https%3A%2F%2Fwww.orientaldaily.com.my%2F&ancestorOrigins=https%3A%2F%2Fwww.orientaldaily.com.my&random=7949243606522&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Requested by: Host: 25f0b6c781c28f0ec66a58e178665f44.safeframe.googlesyndication.com
URL: https://25f0b6c781c28f0ec66a58e178665f44.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: HTTP/1.1
Server: 78.46.111.106 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.106.111.46.78.clients.your-server.de
Software: Apache /
Resource Hash: cbfbd34d07dfd04579439393e95a0d3654512bc0bacb668c4e4cd8f4150a9835

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://25f0b6c781c28f0ec66a58e178665f44.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 09 Mar 2023 03:34:35 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Content-Type: application/x-javascript; charset=utf-8
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
X-NEORY-SubId: 12257200011230704444994012258027
Connection: close
Content-Length: 1353
Expires: Thu, 09 Mar 2023 03:34:35 +0100

Redirect headers

Pragma: no-cache
Date: Thu, 09 Mar 2023 03:34:35 GMT
Server: Apache
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Location: request.php?zone=wmoiqux43uzw&nw=20&renderingType=javascript&namespace=c6fd1df368&subid=&uid=8ed510983c2fae01&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=336x280&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC-QkNyVMJZOzdH-SSjuwPn4ScgAim5b2gab2TnKfJD_AuEAEg3uW3Q2CV4pCCoAfIAQmpAtM_RZHLsrE-qAMBqgSkAk_QTqfG7BxtZeBFqtc-VCpu2mvR8Cu7cGXjQKrfBgTN4C6Mpjuyxr9AW6eOWOUejb5BunCTmgEMWbdemhK1y0BXTmhCunKRVZI07Si9Kcrr8b7OgUkPqNrFtlholesYLPscvWercvPnw19wfqcZFrCqVzNsC4diuEe055G-lge0xn10cRjLWKQW23q1sRB27O3LHEVE3R2loCTowbXON4bkOcTvro9QG_GKFiLASgSMZ2xeXyEhRSKoCEs-dGBl4OBlwIAr4yRJEzpnskwWCn9mK1y79SLePVxCoug7qXkxDZlEIJhDLwztB1RYk-4cNB3nYdyVvMRbyxhtgYWL2VDNk9J1Z7lMtBc2FaCtd1oTVf5Q1evct2PgxSdH9MCSh1M6GYPABOuP_I73A-AEA5AGAaAGTYAHrK31nwOoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggRCIDhgBAQARgdMgKqAjoCgECACgOYCwHICwGADAGwE4-10Q7QEwDYEwPYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSSwDUE5ymgSwBz0_VRlBANJjo9I2ImuFTowaE6h8LHWs4UXd6rs_uIlSB0JzxFKR-9FcHXwaNxJH-v28_eBwcL2pXCXll8s9bInYVSxgB%26sig%3DAOD64_3HkMtQGcLHRSonSRwCkIXBOf6Myw%26client%3Dca-pub-3430561196928589%26dbm_c%3DAKAmf-BbUdQI5pqadkF8e6pR2EhK2Mrm6hGGbi3nXvRd0idCYlXh_xxqcsJf0iUsN0EF1zkroCXvCJFwXy9k1WBxGO0bsMhsR46KHsfbH1qrIYCotE5RkGpiX1MhnRtOVNrT3b3WTO5Dy4ZoLvSJz76Jdjt_HJa0u2n1RJlvN9iZoKUwmwQrIrM%26cry%3D1%26dbm_d%3DAKAmf-BKXWDNlXAy86sb5txPU7ctfahMLQC_KthokAxheA3yMQoNHEeWkHj8Rbb0U_9rOXSbI8xsydS4q_10TJcqQloX0uizboZHxslq7JTix8VP2Dc4LqO_b1uYvaGErnHF4zviV-rT1fyaxpiEgDvs0HS4cG12Q8A4nUDemfNz8aMr3K4kVT69dnbNbU9GdZ9D6g5fht3nRjNVY21hCt1ujzIc5cWfGvJcLe4_WPHKOkPvxJgZx9ojUtX5bv9WhvjH3TcVBc2eUdaKDPK4MVA7g4VHVaeWFTiC9jbYgTGw36i0WRGzf4y0TxY5Xyg-NXfJfEmKg0lr-vDWJp_HTZkVkwbtFGGwvb6UmsCg-GQltRiNXEaV6qk7BdD1i75D9atFA37aQT-YDxG8olMGXmMmNDb1Q77UhQHrJiL9f23yl7ZL9doFkfc74CikeFNsTXtcXG9iR7SDXFKGHFjUeffzJRP7PFsWEZ-bujfwa6jHZRXNjHxFp6r25-NPQRJX5jMY03Dm75LuwdlHOnNxxmAyDMB4Fs7pud6Ttv54rlKVVbn8n_s7rF0%26adurl%3D&documentReferer=https%3A%2F%2Fwww.orientaldaily.com.my%2F&ancestorOrigins=https%3A%2F%2Fwww.orientaldaily.com.my&random=7949243606522&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Content-Type: text/html; charset=UTF-8
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Connection: close
Content-Length: 0
Expires: Thu, 09 Mar 2023 03:34:35 +0100

GET
H/1.1

200
OK

request.php Show response
hal900017.redintelligence.net/ Frame 7B35
Redirect Chain

https://hal900017.redintelligence.net/request.php?zone=wmoiqux43uzw&nw=20&renderingType=javascript&namespace=82dc8be063&subid=&uid=2f63b6c680c532a2&screenSize=1600x1200&screenSizeAvail=1600x1200&cl...
https://hal900017.redintelligence.net/request.php?zone=wmoiqux43uzw&nw=20&renderingType=javascript&namespace=82dc8be063&subid=&uid=2f63b6c680c532a2&screenSize=1600x1200&screenSizeAvail=1600x1200&cl...

4 KB
2 KB

98ms
74ms

Script
application/x-javascript

159.69.70.9
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal900017.redintelligence.net/request.php?zone=wmoiqux43uzw&nw=20&renderingType=javascript&namespace=82dc8be063&subid=&uid=2f63b6c680c532a2&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=336x280&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCipNIyVMJZO3dH-SSjuwPn4ScgAim5b2gab2TnKfJD_AuEAEg3uW3Q2CV4pCCoAfIAQmpAtM_RZHLsrE-qAMBqgSkAk_QOVGOzf9Pfkj_uID8cKosHBdEG3y5XQfp3xxBEguTcn-e6xEazhohnVZmmU08hD9zi79u-hfJx7ChpsKqZoYJOGXUZc6V9KoyR7ranf5J9uvPV9eIG_WxfqWUtWclyj5kAI0HhzzBXE_vZoGaCoTLSa-toj12imYZsRwlRrOjcFGioBJAfj5m96bjfmCSqxt0NNx_rkszsiE6Nf6qGMhDto5guzkLXfWq4T9tsukm1pNQ8N4V6c0rLx-vH-IiISPJbclgZ-ax9j8IOHRUv5CUntE6aE40I-wGODsscEmUWzkjXne0Uqy1GB-TXJ4cE2ZGs08iEz5f5AexaM-hmNAEhlhlSKwz3B2O5Fs8W944OgoT2oXW3uHU_orFI4RIyK-7UGTABOuP_I73A-AEA5AGAaAGTYAHrK31nwOoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggRCIDhgBAQARgdMgKqAjoCgECACgOYCwHICwGADAGwE4-10Q7QEwDYEwPYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSSwDUE5ymgSwBz0_VRlBANJjo9I2ImuFTowaE6h8LHWs4UXd6rs_uIlSB0JzxFKR-9FcHXwaNxJH-v28_eBwcL2pXCXll8s9bInYVSxgB%26sig%3DAOD64_3yQDRW2_m-e_7R9wROQvLo1pKGPQ%26client%3Dca-pub-3430561196928589%26dbm_c%3DAKAmf-DPnXsOkO81u1c9tQV5kA8slnQZqUqwRBfBgoRH5zt6L1YoC5Uupt1_asqDxoqvS96bXCArHk3yMu17E4SfbQe9fPm2_4dnM5xat1dHKpInWrBueagePcEAXHWQazsXV2cyAtNiXSvykyxhp8HWXNVesJekhrgfI3ARA-sJA9KF4FgKyhc%26cry%3D1%26dbm_d%3DAKAmf-CsfhtM91hhsWj6S9xe9JUAwuWq_gN1H4RwQbVAInS-hv1kXHi1VSvF-3j8dYqJobarFmEzuqJ0ibcV4kLKJq7VgouuGbBSp-gWRFJauVgOb1RuOFNcF2Pbmzk_xZDo5tYUuXScsig_6i7HdPhaLpaqi9abAVRff36So6Man5rwoTqAjfft_n7K_SBGoFd71AKvDKKyge955Yjqwxkc1puoaLidAB-E96c_lX7ZJo6QHtv_LRR0DXjV4CeahbrtdTqbMrbVlpeZRudrkOcXUE7Zm6HyejkzQ4fOvC_uuitj4Wriz3kQMrsBMDNubanmap5NpMrSv8o3vPXObAnsU92Bj9LHT_MZzCEsc1Wg2iUk_qOwjuoDmBoo8M7ZipxCMpKSBK4wxAz0dBsjBNLsm4Hp6LzCjCx_ial3k07DuSSY2UA2-Or9pUPc6R1aIjENnlO86TE3CBivQUZPNxUREmlGto-dmHvuEtWWXws--3Dfr-lDUXSUGUDo5VPDQGo3SAqrYd3VUiINjEEGBUJgSF5NYoyMXTYqNeCqfTCA9uiP1BDb9yo%26adurl%3D&documentReferer=https%3A%2F%2Fwww.orientaldaily.com.my%2F&ancestorOrigins=https%3A%2F%2Fwww.orientaldaily.com.my&random=7503321541877&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Requested by: Host: 25f0b6c781c28f0ec66a58e178665f44.safeframe.googlesyndication.com
URL: https://25f0b6c781c28f0ec66a58e178665f44.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: HTTP/1.1
Server: 159.69.70.9 Nuremberg, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.9.70.69.159.clients.your-server.de
Software: Apache /
Resource Hash: 405ca04bea3878adcf9a21edcf63c792c1ddb7f51a4e0fd001d3e80a4fd29ffa

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://25f0b6c781c28f0ec66a58e178665f44.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 09 Mar 2023 03:34:35 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Content-Type: application/x-javascript; charset=utf-8
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
X-NEORY-SubId: 99314000011033004444994012258017
Connection: close
Content-Length: 1350
Expires: Thu, 09 Mar 2023 03:34:35 +0100

Redirect headers

Pragma: no-cache
Date: Thu, 09 Mar 2023 03:34:35 GMT
Server: Apache
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Location: request.php?zone=wmoiqux43uzw&nw=20&renderingType=javascript&namespace=82dc8be063&subid=&uid=2f63b6c680c532a2&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=336x280&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCipNIyVMJZO3dH-SSjuwPn4ScgAim5b2gab2TnKfJD_AuEAEg3uW3Q2CV4pCCoAfIAQmpAtM_RZHLsrE-qAMBqgSkAk_QOVGOzf9Pfkj_uID8cKosHBdEG3y5XQfp3xxBEguTcn-e6xEazhohnVZmmU08hD9zi79u-hfJx7ChpsKqZoYJOGXUZc6V9KoyR7ranf5J9uvPV9eIG_WxfqWUtWclyj5kAI0HhzzBXE_vZoGaCoTLSa-toj12imYZsRwlRrOjcFGioBJAfj5m96bjfmCSqxt0NNx_rkszsiE6Nf6qGMhDto5guzkLXfWq4T9tsukm1pNQ8N4V6c0rLx-vH-IiISPJbclgZ-ax9j8IOHRUv5CUntE6aE40I-wGODsscEmUWzkjXne0Uqy1GB-TXJ4cE2ZGs08iEz5f5AexaM-hmNAEhlhlSKwz3B2O5Fs8W944OgoT2oXW3uHU_orFI4RIyK-7UGTABOuP_I73A-AEA5AGAaAGTYAHrK31nwOoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggRCIDhgBAQARgdMgKqAjoCgECACgOYCwHICwGADAGwE4-10Q7QEwDYEwPYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSSwDUE5ymgSwBz0_VRlBANJjo9I2ImuFTowaE6h8LHWs4UXd6rs_uIlSB0JzxFKR-9FcHXwaNxJH-v28_eBwcL2pXCXll8s9bInYVSxgB%26sig%3DAOD64_3yQDRW2_m-e_7R9wROQvLo1pKGPQ%26client%3Dca-pub-3430561196928589%26dbm_c%3DAKAmf-DPnXsOkO81u1c9tQV5kA8slnQZqUqwRBfBgoRH5zt6L1YoC5Uupt1_asqDxoqvS96bXCArHk3yMu17E4SfbQe9fPm2_4dnM5xat1dHKpInWrBueagePcEAXHWQazsXV2cyAtNiXSvykyxhp8HWXNVesJekhrgfI3ARA-sJA9KF4FgKyhc%26cry%3D1%26dbm_d%3DAKAmf-CsfhtM91hhsWj6S9xe9JUAwuWq_gN1H4RwQbVAInS-hv1kXHi1VSvF-3j8dYqJobarFmEzuqJ0ibcV4kLKJq7VgouuGbBSp-gWRFJauVgOb1RuOFNcF2Pbmzk_xZDo5tYUuXScsig_6i7HdPhaLpaqi9abAVRff36So6Man5rwoTqAjfft_n7K_SBGoFd71AKvDKKyge955Yjqwxkc1puoaLidAB-E96c_lX7ZJo6QHtv_LRR0DXjV4CeahbrtdTqbMrbVlpeZRudrkOcXUE7Zm6HyejkzQ4fOvC_uuitj4Wriz3kQMrsBMDNubanmap5NpMrSv8o3vPXObAnsU92Bj9LHT_MZzCEsc1Wg2iUk_qOwjuoDmBoo8M7ZipxCMpKSBK4wxAz0dBsjBNLsm4Hp6LzCjCx_ial3k07DuSSY2UA2-Or9pUPc6R1aIjENnlO86TE3CBivQUZPNxUREmlGto-dmHvuEtWWXws--3Dfr-lDUXSUGUDo5VPDQGo3SAqrYd3VUiINjEEGBUJgSF5NYoyMXTYqNeCqfTCA9uiP1BDb9yo%26adurl%3D&documentReferer=https%3A%2F%2Fwww.orientaldaily.com.my%2F&ancestorOrigins=https%3A%2F%2Fwww.orientaldaily.com.my&random=7503321541877&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Content-Type: text/html; charset=UTF-8
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Connection: close
Content-Length: 0
Expires: Thu, 09 Mar 2023 03:34:35 +0100

GET
H2 200 visit Show response
r-log.dable.io/s/orientaldaily.com.my/u/00000000.0000000000000/ 54 B
200 B 904ms
276ms Script
text/javascript 3.38.85.21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://r-log.dable.io/s/orientaldaily.com.my/u/00000000.0000000000000/visit?url=https%3A%2F%2Fwww.orientaldaily.com.my%2F&ref=&lang=en-US&cid=00000000.0000000000000&gdpr=1&z=940621&callback=dbljson2

Requested by

Host: static.dable.io
URL: https://static.dable.io/dist/plugin.min.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

3.38.85.21 Incheon, Korea, Republic Of, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-38-85-21.ap-northeast-2.compute.amazonaws.com

Software

nginx/1.20.0 /

Resource Hash

ee4cfb80dd25cc2c164efef4ebc1b0ba0e31627dcb02eca8a726bb49347ceeb3

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.orientaldaily.com.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

access-control-allow-origin: *
date: Thu, 09 Mar 2023 03:34:36 GMT
x-content-type-options: nosniff
server: nginx/1.20.0
content-length: 54
content-type: text/javascript; charset=utf-8

GET
H2

200

match2
act.ds.kakao.com/
Redirect Chain

https://analytics.ad.daum.net/match?d=111&uid=00000000.0000000000000
https://act.ds.kakao.com/match2?DSPR=%7B%22v%22:1,%22dr%22:%7B%22t%22:%2220230309%22,%22u%22:%2200000000.0000000000000%22%7D%7D

0
493 B

556ms
268ms

Image
text/plain

121.53.104.194
KAKAO-AS-KR Kakao...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://act.ds.kakao.com/match2?DSPR=%7B%22v%22:1,%22dr%22:%7B%22t%22:%2220230309%22,%22u%22:%2200000000.0000000000000%22%7D%7D

Requested by

Host: www.orientaldaily.com.my
URL: https://www.orientaldaily.com.my/

Protocol

Server

121.53.104.194 , Korea, Republic Of, ASN38099 (KAKAO-AS-KR Kakao Corp, KR),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.orientaldaily.com.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 09 Mar 2023 03:34:37 GMT
strict-transport-security: max-age=15724800; includeSubDomains
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-type: text/plain;charset=UTF-8
p3p: CP="ALL CURa ADMa DEVa TAIa OUR BUS IND PHY ONL UNI PUR FIN COM NAV INT DEM CNT STA POL HEA PRE LOC OTC"
cache-control: no-cache, no-store, must-revalidate
content-length: 0
expires: 0

Redirect headers

pragma: no-cache
date: Thu, 09 Mar 2023 03:34:37 GMT
strict-transport-security: max-age=15724800; includeSubDomains
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
p3p: CP="ALL CURa ADMa DEVa TAIa OUR BUS IND PHY ONL UNI PUR FIN COM NAV INT DEM CNT STA POL HEA PRE LOC OTC"
location: https://act.ds.kakao.com/match2?DSPR=%7B%22v%22:1,%22dr%22:%7B%22t%22:%2220230309%22,%22u%22:%2200000000.0000000000000%22%7D%7D
cache-control: no-cache, no-store, must-revalidate
content-length: 0
expires: 0

GET
H3 200 pixel
cm.g.doubleclick.net/ 170 B
188 B 60ms
59ms Image
image/png 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=dable&google_cm

Requested by

Host: www.orientaldaily.com.my
URL: https://www.orientaldaily.com.my/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.orientaldaily.com.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 09 Mar 2023 03:34:35 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 204
No Content pixel
cm-exchange.toast.com/ 0
607 B 864ms
268ms Image
text/plain 103.243.202.190
NHN-AS-KR NHN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm-exchange.toast.com/pixel?cm_mid=1440080439&cm_muid=00000000.0000000000000&toast_push
Requested by: Host: www.orientaldaily.com.my
URL: https://www.orientaldaily.com.my/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 103.243.202.190 , Korea, Republic Of, ASN45974 (NHN-AS-KR NHN, KR),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.orientaldaily.com.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date: Thu, 09 Mar 2023 03:34:36 GMT
Server: nginx
Connection: close
P3P: CP="NON DSP LAW CURa ADMa DEVa OUR BUS IND COM NAV INT"

GET
H2 403 cs
cs.gssprt.jp/yie/ld/ 82 B
82 B 938ms
263ms Image
application/octet-stream 222.230.178.130
VECTANT ARTERIA N...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.gssprt.jp/yie/ld/cs?dspid=dable&uid=00000000.0000000000000
Requested by: Host: www.orientaldaily.com.my
URL: https://www.orientaldaily.com.my/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 222.230.178.130 Bannaguro, Japan, ASN2519 (VECTANT ARTERIA Networks Corporation, JP),
Reverse DNS
Software: nginx /
Resource Hash: f9dc427bd933b43f00a6b153402c80c6edf36640e4b9f40495e1b00eb82bcaa2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.orientaldaily.com.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 03:34:36 GMT
cross-origin-resource-policy: cross-origin
server: nginx
content-length: 82
content-type: application/octet-stream

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/2556680232103163365/ Frame BA58 7 KB
2 KB 152ms
47ms Document
text/html 2a00:1450:400d:803::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/2556680232103163365/index.html

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:803::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f97b10a726f3dee8838075065cbb5830bdc589f2c364e3582e1822c7b4f69286

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://25f0b6c781c28f0ec66a58e178665f44.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 245044
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 2422
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Mon, 06 Mar 2023 07:30:31 GMT
expires: Tue, 05 Mar 2024 07:30:31 GMT
last-modified: Tue, 14 Feb 2023 09:32:54 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 8C5A 0
0 222ms
91ms Fetch
image/gif 142.251.208.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuFr01K1gsDAJRSiM5_lDw57gZfDGV_cCoipWTGJYvJB3pGTOe9kZpK2HiG1Kvvu9V7XSMsF3UDwMM4bOyO-0PQM4br8sl7dknUSAM7JzM136y3CO51zVZrvxzkR-Y6uoR0bwYeIKiy7Gd6UTklerBMMnM6qAiwYHKnw7-G0_g5gMJyeq9F8dQAdEsI1igxfgsS5OJmU75lGk59IiLkfmfPpKczeGQbQZiqTfstB-d2FAIIkB0_INFGW-rVT0Gb-6G3t5PVJ7RaVCOp_vxNLECRv4zx1kiW5wJOG3zlAicdJB31lDyRGCmgQ6QRiUhxtSQ5WcQZIFpcY7HRPBprgPrtx9pSx28MmwIBwm97YVI_aCxasEulPMHnED60hSnDiwI_Oz5QGuCrWJAEzJ0qeXz_KP-tW6tMxq-NNA9qkGxfX36rRkP7eQ9zc8Y7m8G0yAdYukPn04yrDOgMQOXzPaMD87zLsuXSXZOsR0TW3Kmu8Au9hzf5A7En7sBo5SUg77YKn0sAOm6NV55GogU5O6C5elRffQwf0KawSUNNa2RcDn96NxxDuVYPhdpuvW14-ON4lRb-6pnOqkrPkziznnlpGnvDpZ20C5qjwmbKFoTnzJudkeVhsimM1Ep_OpOB4SDime0yyyV4bapAsjMGnHvPTCW1Ddlc_B7UhVaRhYwmltA_nmd1LRsBhdLOoPVsBcPpdOICCBgZOg7ONqTZ023m6nIbNGJBJIYl87KBaJQhY9vhIVj7JWV8DAKhwsEGMCLwH9MRFSM-4zmPmLbupTORX05gulhmfmXZ3It_c1gaT5K0kGn8add98u5MufRXVEaoHeWh5Gdm5YXMUyJXhvYm8seaUgLURe5S8H79dgNdhhVWtHLUE4pwlMct3nKBmG2ynVf2aAGNRrW4UjM894ySph_uoFG_jz9tTYnti2nssM5Jwp8GZralJP-JXzNRCShwO8L3DPfB0rofqcW-klPrU36_mqW2xZ4u_sYe6fR8gas-Wb5YkXEIKjesXz_W0e2yw5-dv4M4MIj0Tq5CTc0iyDaJqDLMd6ovGyxZCgSgnV2o97Y70woDrYetPuz1H2THKFVMO8FWDN9KTDbP03kMX2leRHq4idsx5Tnsj3Is723WWHSc4lsHBEEJUi6raJKIOlmmV-tgn22a6V-rMfXwL7qq5XX6cTgq4p6-EolumiKKPvCyrZHyqlT_iMi-HMS1ibFRBItvKoV8q1YZtTg8tUVX3kbpuOIcUc8asVHV8nrNnkiBRH3oC8-CjdLCjlIzFr0Erf7zgnPNInfFeaC_h6mBx4SriilRSHUrDChVK0SpV7gedd6mgw&sai=AMfl-YSltlIg1hBIMH3NuiMEEs4ZGm6H_yPJvj1wC35MghGsVEYI4_kp0qX_EjiPshmBopV2QMxCkEra0w-YCuM5P5-yanfFCw79uKhKRnZiqC4CL-PjDVSSIXNkfsgE8CgsgW2u-qqsMot2vHqW96qZmHOOUN7bXrZK7fqvefkDjKzrGawVgKEYVNEa8dNuleuplqw3zYNestq7F08tuZeDCdWKs0DTI_GeUdhqbO6c7d9ljh4hBTGptg8e17GL9ZQYJX5uBjfJ-1JwE7v7dj8WYTDI6iBfhb_V&sig=Cg0ArKJSzBDVh2HORZkxEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=401&cbvp=1&cstd=397&cisv=r20230306.31352&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&arae=0&ftch=1&adurl=

Requested by

Host: www.orientaldaily.com.my
URL: https://www.orientaldaily.com.my/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.208.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s43-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://25f0b6c781c28f0ec66a58e178665f44.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Thu, 09 Mar 2023 03:34:35 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Thu, 09 Mar 2023 03:34:35 GMT

GET
H2 200 hit.gif
visitanalytics.userreport.com/ Frame 8C5A 43 B
516 B 91ms
7ms Image
image/gif 108.138.7.127
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://visitanalytics.userreport.com/hit.gif?t=DCO2fa74be3&gdpr_consent=&gdpr=
Requested by: Host: 25f0b6c781c28f0ec66a58e178665f44.safeframe.googlesyndication.com
URL: https://25f0b6c781c28f0ec66a58e178665f44.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.7.127 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-7-127.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://25f0b6c781c28f0ec66a58e178665f44.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

x-amz-version-id: fZAqbzuxSGtIKd7g0Oj0VzvG4UrkztnT
date: Wed, 08 Mar 2023 05:08:19 GMT
via: 1.1 0e37105a96e87c22ff4981659a6dc176.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P6
age: 80777
x-amz-meta-cb-modifiedtime: Tue, 14 Apr 2015 11:43:27 GMT
x-cache: Hit from cloudfront
content-length: 43
last-modified: Thu, 15 Oct 2015 11:22:45 GMT
server: AmazonS3
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3"
vary: Accept-Encoding
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
accept-ranges: bytes
x-amz-cf-id: oMrr92NqYH91d_3NRn-bVqLm_U92euT3Acusc8XfQiqhvpIC5AYr7A==
expires: 0

GET
H2 200 B28402876.344985312;dc_ver=95.280;dc_eid=40004000;sz=728x90;u_sd=1;dc_adk=1094543181;ord=gm0i7l;click=https%3A%2F%2Fs.tribalfusion.com%2Fh.click%2Fa7mYLO0GnS1c3Y1cbynE7W5U3VVUjBWAY0REM3SsnnQHUO0Hfw... Show response
ad.doubleclick.net/ddm/adi/N1820114.1141592EXPONENTIAL.COM/ Frame 8E64 58 KB
28 KB 199ms
75ms Document
text/html 142.250.184.198
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/ddm/adi/N1820114.1141592EXPONENTIAL.COM/B28402876.344985312;dc_ver=95.280;dc_eid=40004000;sz=728x90;u_sd=1;dc_adk=1094543181;ord=gm0i7l;click=https%3A%2F%2Fs.tribalfusion.com%2Fh.click%2Fa7mYLO0GnS1c3Y1cbynE7W5U3VVUjBWAY0REM3SsnnQHUO0HfwVAnv4sQ5YFMLTP6o2PB9PP7A2WZby0d3LntZao5mQW5Gn8UVY9UVM6S6FMWd3VUFM05b6rVabqWqrlQTYZcRc7ZaRFurPt3cWGU54UqumtqsXaXy3HbESGJD4PYLoHXrUd760r361bB91a6NPbBGWUYSVHJ3mUQnPFfoYqUs4qUk4T72nabHYbj7UtjPn6YBpG7wmHfBM7mwv9bnMQ2v39m10crOYVFVM9ANPQXWxUFdsSFwZdQ%2F;uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd;dc_rfl=1,https%3A%2F%2Fwww.orientaldaily.com.my%2F$0;xdt=0;crlt=X1PfKiz4jp;stc=1;chaa=1;sttr=147;prcl=s

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/impl_v95.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.198 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f6.1e100.net

Software

cafe /

Resource Hash

a8e2fe9eb9d7ec99595e10f796903c645b0937190a09456d55831f52faf3d996

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.orientaldaily.com.my/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-encoding: br
content-length: 28391
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 09 Mar 2023 03:34:35 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 p.media Show response
s.tribalfusion.com/ Frame 6DE9 213 B
451 B 169ms
166ms Document
text/html 2606:4700::6812:19ad
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s.tribalfusion.com/p.media?clickID=a8mUCk0bnd1UBe1EysRb3EWUr2Tdn5nFfxPFFyXqrt3TZbh4af1mqbIXrfdTd7Pm6fIpVfmoWvJ3aF93des3A7ZcmbvZdXGURXsZbVXVFnmavS2FFVTF7ZaVAr0PaYQQVZbsStZbyYH7uVAMO3GrUXbZbZaUAuo5PYePABG2dFo1HZbKpdEo5mBS3sngUGJ6WcBkRAUOWd3VWrF53r6oVaMoVTY8PTBFQVQCRra2Rt7imp2POABoVdqEYF1lkZd&mediaDataID=6347136&mediaName=frame.html
Requested by: Host: www.orientaldaily.com.my
URL: https://www.orientaldaily.com.my/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6812:19ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3aed2f459406393f83c6931be7ab701a9d83d9e24128499ac7d06f1b3baa6084

Request headers

Referer: https://www.orientaldaily.com.my/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: private, no-cache, no-store, proxy-revalidate
cf-cache-status: DYNAMIC
cf-ray: 7a504359ecb13675-FRA
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Thu, 09 Mar 2023 03:34:35 GMT
expires: 0
p3p: CP="NOI DEVo TAIa OUR BUS"
pragma: no-cache
server: cloudflare
vary: Accept-Encoding
x-function: 102
x-reuse-index: 83

GET
H3 200 p.media Show response
s.tribalfusion.com/ Frame 056B 447 B
588 B 171ms
164ms Document
text/html 2606:4700::6812:19ad
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s.tribalfusion.com/p.media?clickID=aamUCk1c35XG7xnEZbW2rvUTFFZbV6r1Qq3QQsMOPHbNYt7tV6jw2VYUYUnZbUPmo4PZb7RmrA2H3O0tJCntEw36YQ4cn7TcrbVG78PAvoTWFPTbM05b6pVaUtVqrlQaBZcQVJLRF6vRdv6VcQ54r6qnW6tYqyp2HYDQsMB56FZbmdAyTHQ70brkXrYk1aiOSbrAWUYXTtnXmbjnQFbrYEUn4TUa2a7RoT7jYFUfo8EWQFIIWG7BXhlJIU&mediaDataID=6719746&mediaName=frame.html
Requested by: Host: www.orientaldaily.com.my
URL: https://www.orientaldaily.com.my/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6812:19ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d0edf121a8928289dca62f5a114e0b5edb3f0ede42c8d01cc6de600b207ddf39

Request headers

Referer: https://www.orientaldaily.com.my/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: private, no-cache, no-store, proxy-revalidate
cf-cache-status: DYNAMIC
cf-ray: 7a504359fcb43675-FRA
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Thu, 09 Mar 2023 03:34:35 GMT
expires: 0
p3p: CP="NOI DEVo TAIa OUR BUS"
pragma: no-cache
server: cloudflare
vary: Accept-Encoding
x-function: 102
x-reuse-index: 252

GET
H3 200 p.media Show response
s.tribalfusion.com/ Frame 417B 324 B
570 B 165ms
159ms Document
text/html 2606:4700::6812:19ad
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s.tribalfusion.com/p.media?clickID=abmUCk1UBgXairRbnATFZb0Ttn0mbBoQFZbNYTrN4abl2av3mTrBYUZbfTHBVn6rJnc7pmW7D3T373Wuy5P7ZcprMZaYVrQYcv41c7npEF42bFQWUnEUAnXPaQ1QsnMQHUNYt7nTPMp2VYYYbvDTAir56Y6Q6fK2tnp0dJZbmtPu36YY5cj6VcUjVGMiS6UOTWQPWrb15batWaQpWEYaQTQIRVQCRruvPHMJWcb5v6YqQ8UsNqeI18I3oU&mediaDataID=5436426&mediaName=frame.html
Requested by: Host: www.orientaldaily.com.my
URL: https://www.orientaldaily.com.my/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6812:19ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d7ea61fc8ce99623bd4c9929b3d6a24425a1e90fdc000768cc58cb6552432da4

Request headers

Referer: https://www.orientaldaily.com.my/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: private, no-cache, no-store, proxy-revalidate
cf-cache-status: DYNAMIC
cf-ray: 7a504359fcb53675-FRA
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Thu, 09 Mar 2023 03:34:35 GMT
expires: 0
p3p: CP="NOI DEVo TAIa OUR BUS"
pragma: no-cache
server: cloudflare
vary: Accept-Encoding
x-function: 102
x-reuse-index: 874

GET
H3 200 p.media Show response
s.tribalfusion.com/ Frame 4BDA 309 B
526 B 167ms
162ms Document
text/html 2606:4700::6812:19ad
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s.tribalfusion.com/p.media?clickID=acmUCkUcbhPP3xWtUQUbJY5bPoVTQpWanlQEnHRc7JRr6sRHfbWsM55F2rnHetXqew4tjFQVbZa4PBFotAqVWJ9YrrbYUbh1E6MPrrZbTbB4WdJ3orjpPbJnYavy5aUl2av1oabIYUZbbTtJXmmfZcmsropHMJ3anj3Hup4PrZaprMEXVfP1cYV1cvonaf22FnQTFfFUAY1PTY1Ps3sQtFu0tvuT6bp4s3mXbZbDpUUrOUi7s6MnXcZdkYR&mediaDataID=8039566&mediaName=frame.html
Requested by: Host: www.orientaldaily.com.my
URL: https://www.orientaldaily.com.my/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6812:19ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0570eb4e5eb88f4bfa92f3e983084fa1aa84c26e1d48d6c8da3b904a107a915a

Request headers

Referer: https://www.orientaldaily.com.my/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: private, no-cache, no-store, proxy-revalidate
cf-cache-status: DYNAMIC
cf-ray: 7a504359fcb73675-FRA
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Thu, 09 Mar 2023 03:34:35 GMT
expires: 0
p3p: CP="NOI DEVo TAIa OUR BUS"
pragma: no-cache
server: cloudflare
vary: Accept-Encoding
x-function: 102
x-reuse-index: 84

GET
H3 200 p.media Show response
s.tribalfusion.com/ Frame 6C68 264 B
492 B 163ms
162ms Document
text/html 2606:4700::6812:19ad
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s.tribalfusion.com/p.media?clickID=admWwJXG7upT7Q3bJWWUBHUAYXQqf0PsrMQdbt0HJpT6My2sJ2XrUDUmPq5mQ6PAMD4HFr0HQAnHTm5mYQ3sr8UsUcWcBgSmUoWtv3TFM32r2oUqMrWTrcQTMFSs3ZcRFIxPt76WVrQ5FPxmt6yXaew2tUAPcrH2mrIoHImTtQ8YUYb1FjjXTiMRrJHWUYSVHJ0orfrQUvsXqny5EJa5q3XnabGYrJ7UHJToAfBpG7wosZbC5EZaEu9ZbouEicpsvOGZdkCnW&mediaDataID=5578346&mediaName=frame.html
Requested by: Host: www.orientaldaily.com.my
URL: https://www.orientaldaily.com.my/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6812:19ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c95e96e12cae7cab7d5142a95068eff2bf41ac46b17ad0a1f83d182869ca044d

Request headers

Referer: https://www.orientaldaily.com.my/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: private, no-cache, no-store, proxy-revalidate
cf-cache-status: DYNAMIC
cf-ray: 7a504359fcbb3675-FRA
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Thu, 09 Mar 2023 03:34:35 GMT
expires: 0
p3p: CP="NOI DEVo TAIa OUR BUS"
pragma: no-cache
server: cloudflare
vary: Accept-Encoding
x-function: 102
x-reuse-index: 311

GET
H3 200 p.media Show response
s.tribalfusion.com/ Frame 46DA 275 B
500 B 190ms
189ms Document
text/html 2606:4700::6812:19ad
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s.tribalfusion.com/p.media?clickID=aemUCkXaiqPbQGWFY0VtY4orbsQUBqXEMy5Ebc5TQYoTbHYr36UdbXnAUZdmcMooHfA5TFh3d6N56nEnbMZa0GnRXsY30GFvmqF45Fv2WrnDVP74REY0QsYoPtfr1HvpT6Mw4GYUXrUZdUAXw46ZbdQPfC3WYO0tMZanWTO4mZbS3srgTsJdUc78SmFOTtUVWbj35bEpUqUsVErbPEQZcSVBZdQruvPH7iUVvw4r6xWCZbmvnJwwdbqYDlKr5&mediaDataID=6530936&mediaName=frame.html
Requested by: Host: www.orientaldaily.com.my
URL: https://www.orientaldaily.com.my/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6812:19ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 85413426e41d3c18edd918e80bc5f2704c03185880393fffab2415930cbee1f5

Request headers

Referer: https://www.orientaldaily.com.my/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: private, no-cache, no-store, proxy-revalidate
cf-cache-status: DYNAMIC
cf-ray: 7a50435a0cbd3675-FRA
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Thu, 09 Mar 2023 03:34:36 GMT
expires: 0
p3p: CP="NOI DEVo TAIa OUR BUS"
pragma: no-cache
server: cloudflare
vary: Accept-Encoding
x-function: 102
x-reuse-index: 183

GET
H3 200 p.media Show response
s.tribalfusion.com/ Frame 9E39 381 B
556 B 164ms
163ms Document
text/html 2606:4700::6812:19ad
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s.tribalfusion.com/p.media?clickID=afmUCkPP3xWd3VWbf25rPnUqYqTEQ8PTvFSG7AQFIoPHv9WVjV4buxndInYTqx2dbGSVMG46YHoHPNTHJ90bncXFFe0aIrSFnZbWFMSWHJ0nbQnRUJrYTMn3Efa4T7YoTbB1FZbfUdbTnm3Bns7rptMB2EY73WZao5mnLmbfZc0Gn0YsF2XGbnmqvS2FvQWUvDUAv5RE34QsntPdFN1tfrW6bp4sBU0UQcTAiwvrqdnb2DwWZbE0pDEuo&mediaDataID=6546596&mediaName=frame.html
Requested by: Host: www.orientaldaily.com.my
URL: https://www.orientaldaily.com.my/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6812:19ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 96cf30af4edde24bb654cbc9d5904364465c570cf15fb44ab0b92e2673ec08e8

Request headers

Referer: https://www.orientaldaily.com.my/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: private, no-cache, no-store, proxy-revalidate
cf-cache-status: DYNAMIC
cf-ray: 7a50435a0cbe3675-FRA
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Thu, 09 Mar 2023 03:34:35 GMT
expires: 0
p3p: CP="NOI DEVo TAIa OUR BUS"
pragma: no-cache
server: cloudflare
vary: Accept-Encoding
x-function: 102
x-reuse-index: 83

GET
H3 200 p.media Show response
s.tribalfusion.com/ Frame 3CB7 302 B
519 B 165ms
165ms Document
text/html 2606:4700::6812:19ad
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s.tribalfusion.com/p.media?clickID=agmUCkpT7W5U3VVbFFVAY3REQSPVFsQdjr1dJwWPUu4sY0XUFKTPqw5PncQA7C2tZbsXHJKntZao5AJ15cr8VcQbVs7fRPvwTHn3WbBP2U2rVajpTTraPTQIRcjCPFuoPHvbUcM54butnWAOXEey3WnHPG7Za4PrLoWPnUH370bnkYFYfXaeMSFJAWb35WHM0orJmRUZbnYTvs4EFl4an5nTMI1rUfWH7MmmfBV9XrSCIAxEZb0XZafCqf&mediaDataID=6807466&mediaName=frame.html
Requested by: Host: www.orientaldaily.com.my
URL: https://www.orientaldaily.com.my/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6812:19ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 83d54fa4c15bdc778dd41cced4ed53183e71c8cb4afb03c4c28693f4f54c0418

Request headers

Referer: https://www.orientaldaily.com.my/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: private, no-cache, no-store, proxy-revalidate
cf-cache-status: DYNAMIC
cf-ray: 7a50435a0cc33675-FRA
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Thu, 09 Mar 2023 03:34:36 GMT
expires: 0
p3p: CP="NOI DEVo TAIa OUR BUS"
pragma: no-cache
server: cloudflare
vary: Accept-Encoding
x-function: 102
x-reuse-index: 83

GET
H3 200 p.media Show response
s.tribalfusion.com/ Frame 0E6F 242 B
459 B 161ms
161ms Document
text/html 2606:4700::6812:19ad
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s.tribalfusion.com/p.media?clickID=ahmUCkPbQEWUYXVtQToFboRUJsYarN4Tja4qQPnaZbD1rZbcUHrQm6nBmG3qpdrB3aZbe5duq5PfGnUjGXVnR1c341VbwnTFV2rr2TUZbZcVm7YQTb1Sc3qPd3O0WFuVPbu4sY20bUDTPqs56vePPMF3dYt1WUAnH6N5PJT4c76VcQjWsMePPYoTHFRUFF33bTrUqroTTn6QEMZdRGBJPreqSH7iUVb52Fy4mWqOOQQyM8EGtGrtYTvJds&mediaDataID=4056396&mediaName=frame.html
Requested by: Host: www.orientaldaily.com.my
URL: https://www.orientaldaily.com.my/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6812:19ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3bbac86cad483ae69ed2a87afd300c7b9d74b3403fbff02f18bd7d81a185d3eb

Request headers

Referer: https://www.orientaldaily.com.my/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: private, no-cache, no-store, proxy-revalidate
cf-cache-status: DYNAMIC
cf-ray: 7a50435a0cc73675-FRA
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Thu, 09 Mar 2023 03:34:36 GMT
expires: 0
p3p: CP="NOI DEVo TAIa OUR BUS"
pragma: no-cache
server: cloudflare
vary: Accept-Encoding
x-function: 102
x-reuse-index: 84

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame C515 0
0 85ms
76ms Fetch
image/gif 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstNjsC-D_iP-hEWAw6Y51Oem7HG3yt0UIvpnaTEbM9ew0l5-lt7D1GA0lpEXKuSMWh3QeEu88RFS19tAyjEhUeSETois0xWHm3_FD57eDg5NUugfb32qJfhtPxp9d6NFqVNEQsQPdM2Y5g57CepAK8igvykqJQ9P7cHd-c9-waLwudBKPVB1xrdM3VTZGw6tTjh__c-uRGZg1_pTGjjseeJnDLq6I4nPNPgJNwMC1hpvgsfwXvqCuecjT-bQbUvBdCPCvIXlVI3ThgbvNns3WB8nr2n4GCGq-o7PK7pAI3dhuhzyFbCXrMwWDeNcPLErSM8nuBzgYktH2nVdpaTOzg&sai=AMfl-YTDW2DCFbP9ihe0ezfhdqDlXwLkl29fSbGwf4aNbut41AjxMRWN3Tvp5hH7mlfguMob3adTICExjg7clopoBdc1wNdeLslEZrWF5EsOia8CkakA31-pdSzfVWPoc55MRVDlCPs5WnFRGGllzhk&sig=Cg0ArKJSzGNRfUHBi1-WEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.orientaldaily.com.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 03:34:35 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Thu, 09 Mar 2023 03:34:35 GMT

GET
DATA 200
OK truncated
/ Frame C515 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ad0155722e67f102ec64858e450e444537ff065101728a8b4849082d23fc5dd1

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame D9F4 22 KB
8 KB 51ms
51ms Document
text/html 2a00:1450:400d:807::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://25f0b6c781c28f0ec66a58e178665f44.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 33459
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 08 Mar 2023 18:16:56 GMT
expires: Thu, 07 Mar 2024 18:16:56 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 gsap_3.5.1_min.js Show response
s0.2mdn.net/ads/studio/cached_libs/ Frame BA58 60 KB
24 KB 82ms
82ms Script
text/javascript 2a00:1450:400d:803::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/studio/cached_libs/gsap_3.5.1_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/2556680232103163365/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:803::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

341e0d761251ee538d0cad6322c66abdbf78dc7d6f3ca62f3459fab822a2103f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/2556680232103163365/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 03:34:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24155
x-xss-protection: 0
last-modified: Mon, 31 Aug 2020 21:23:17 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=0
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 09 Mar 2023 03:34:35 GMT

GET
H3 200 cssruleplugin_3.5.1_min.js Show response
s0.2mdn.net/ads/studio/cached_libs/ Frame BA58 2 KB
1013 B 99ms
98ms Script
text/javascript 2a00:1450:400d:803::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/studio/cached_libs/cssruleplugin_3.5.1_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/2556680232103163365/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:803::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9d9095c25f5663901783868e1cd2994842dcbb4967ff5d0f0d3b9409b67675c9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/2556680232103163365/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 03:34:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 985
x-xss-protection: 0
last-modified: Mon, 31 Aug 2020 21:22:06 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=0
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 09 Mar 2023 03:34:35 GMT

GET
H3 200 main.js Show response
s0.2mdn.net/sadbundle/2556680232103163365/ Frame BA58 6 KB
3 KB 47ms
47ms Script
application/x-javascript 2a00:1450:400d:803::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/2556680232103163365/main.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/2556680232103163365/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:803::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5630be2fb652392f0890e37ade94df9e4d32cd2f69ee8f55b8a44d93b973f179

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/2556680232103163365/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 06 Mar 2023 07:30:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 245043
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2584
x-xss-protection: 0
last-modified: Tue, 14 Feb 2023 09:32:54 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 05 Mar 2024 07:30:32 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 1F70 0
0 91ms
90ms Image
text/html 2a00:1450:400d:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2023030201&jk=1935581137943849&rc=
Requested by: Host: www.orientaldaily.com.my
URL: https://www.orientaldaily.com.my/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:400d:808::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame B135 42 B
64 B 80ms
79ms Fetch
image/gif 2a00:1450:400d:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvEOpMu-WYU1o_bCQNn9hraCT0w7ZE6d4yVlD83m7ADK1JcyBOL-u_ZrKWRxTDWyZvqxqspxUV0moYG4NQvArQ1ui0&sig=Cg0ArKJSzETQxYuGhwopEAE&id=lidar2&mcvt=1009&p=831,246,921,974&mtos=1009,1009,1009,1009,1009&tos=1009,0,0,0,0&v=20230308&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1529660064&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1678332873997&rpt=895&isd=0&lsd=0&met=ie&wmsd=0&pbe=0&vae=0&spb=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:808::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://25f0b6c781c28f0ec66a58e178665f44.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 09 Mar 2023 03:34:35 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 hTGw0iTttGPYNj9jnBVYIcaXVb8tbW1IYYT-gsExgL0.js Show response
pagead2.googlesyndication.com/bg/ Frame C207 36 KB
14 KB 48ms
47ms Script
text/javascript 2a00:1450:400d:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/hTGw0iTttGPYNj9jnBVYIcaXVb8tbW1IYYT-gsExgL0.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:808::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8531b0d224edb463d8363f639c155821c69755bf2d6d6d486184fe82c13180bd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 08 Mar 2023 05:20:56 GMT
content-encoding: br
x-content-type-options: nosniff
age: 80019
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14408
x-xss-protection: 0
last-modified: Tue, 28 Feb 2023 11:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 07 Mar 2024 05:20:56 GMT

GET
H3 200 hTGw0iTttGPYNj9jnBVYIcaXVb8tbW1IYYT-gsExgL0.js Show response
pagead2.googlesyndication.com/bg/ Frame E521 36 KB
14 KB 50ms
50ms Script
text/javascript 2a00:1450:400d:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/hTGw0iTttGPYNj9jnBVYIcaXVb8tbW1IYYT-gsExgL0.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:808::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8531b0d224edb463d8363f639c155821c69755bf2d6d6d486184fe82c13180bd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 08 Mar 2023 05:20:56 GMT
content-encoding: br
x-content-type-options: nosniff
age: 80019
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14408
x-xss-protection: 0
last-modified: Tue, 28 Feb 2023 11:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 07 Mar 2024 05:20:56 GMT

GET
H3 200 hTGw0iTttGPYNj9jnBVYIcaXVb8tbW1IYYT-gsExgL0.js
pagead2.googlesyndication.com/bg/ Frame 664D 36 KB
0 64ms
63ms Script
text/javascript 2a00:1450:400d:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/hTGw0iTttGPYNj9jnBVYIcaXVb8tbW1IYYT-gsExgL0.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:808::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 08 Mar 2023 05:20:56 GMT
content-encoding: br
x-content-type-options: nosniff
age: 80019
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14408
x-xss-protection: 0
last-modified: Tue, 28 Feb 2023 11:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 07 Mar 2024 05:20:56 GMT

GET
H3 200 hTGw0iTttGPYNj9jnBVYIcaXVb8tbW1IYYT-gsExgL0.js Show response
pagead2.googlesyndication.com/bg/ Frame D9F4 36 KB
14 KB 50ms
50ms Script
text/javascript 2a00:1450:400d:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/hTGw0iTttGPYNj9jnBVYIcaXVb8tbW1IYYT-gsExgL0.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:808::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8531b0d224edb463d8363f639c155821c69755bf2d6d6d486184fe82c13180bd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 08 Mar 2023 05:20:56 GMT
content-encoding: br
x-content-type-options: nosniff
age: 80020
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14408
x-xss-protection: 0
last-modified: Tue, 28 Feb 2023 11:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 07 Mar 2024 05:20:56 GMT

GET
H/1.1

204
No Content

tap.php
pixel.rubiconproject.com/ Frame 417B
Redirect Chain

https://a.tribalfusion.com/i.match?p=b10&u=18072662266092918314&redirect=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D111756%26nid%3D3856%26put%3D%24TF_USER_ID_ENC%24%26expires%3D180
https://pixel.rubiconproject.com/tap.php?v=111756&nid=3856&put=18072662266092918314&expires=180

0
239 B

70ms
10ms

Image
image/gif

69.173.144.138
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=111756&nid=3856&put=18072662266092918314&expires=180
Requested by: Host: s.tribalfusion.com
URL: https://s.tribalfusion.com/p.media?clickID=abmUCk1UBgXairRbnATFZb0Ttn0mbBoQFZbNYTrN4abl2av3mTrBYUZbfTHBVn6rJnc7pmW7D3T373Wuy5P7ZcprMZaYVrQYcv41c7npEF42bFQWUnEUAnXPaQ1QsnMQHUNYt7nTPMp2VYYYbvDTAir56Y6Q6fK2tnp0dJZbmtPu36YY5cj6VcUjVGMiS6UOTWQPWrb15batWaQpWEYaQTQIRVQCRruvPHMJWcb5v6YqQ8UsNqeI18I3oU&mediaDataID=5436426&mediaName=frame.html
Protocol: HTTP/1.1
Server: 69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s.tribalfusion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
X-RPHost: 5b959e9b7aef6dd90a6fa539ca64ac62
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma: no-cache
date: Thu, 09 Mar 2023 03:34:36 GMT
cf-cache-status: DYNAMIC
x-function: 209
server: cloudflare
x-reuse-index: 296
content-type: text/html
location: https://pixel.rubiconproject.com/tap.php?v=111756&nid=3856&put=18072662266092918314&expires=180
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
cf-ray: 7a50435b58a030ea-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3

200

i.match
a.tribalfusion.com/ Frame 6DE9
Redirect Chain

https://ups.analytics.yahoo.com/ups/57628/sync?uid=18072662266092918314&_origin=1&redir=true
https://ups.analytics.yahoo.com/ups/57628/sync?uid=18072662266092918314&_origin=1&redir=true&verify=true
https://a.tribalfusion.com/i.match?p=b17&u=y-sxAjGhRE2ujCZn4_j8B1g6twkIXvBkM-~A

43 B
622 B

174ms
172ms

Image
image/gif

2606:4700::6812:19ad
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.tribalfusion.com/i.match?p=b17&u=y-sxAjGhRE2ujCZn4_j8B1g6twkIXvBkM-~A
Requested by: Host: s.tribalfusion.com
URL: https://s.tribalfusion.com/p.media?clickID=a8mUCk0bnd1UBe1EysRb3EWUr2Tdn5nFfxPFFyXqrt3TZbh4af1mqbIXrfdTd7Pm6fIpVfmoWvJ3aF93des3A7ZcmbvZdXGURXsZbVXVFnmavS2FFVTF7ZaVAr0PaYQQVZbsStZbyYH7uVAMO3GrUXbZbZaUAuo5PYePABG2dFo1HZbKpdEo5mBS3sngUGJ6WcBkRAUOWd3VWrF53r6oVaMoVTY8PTBFQVQCRra2Rt7imp2POABoVdqEYF1lkZd&mediaDataID=6347136&mediaName=frame.html
Protocol: H3
Server: 2606:4700::6812:19ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s.tribalfusion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 09 Mar 2023 03:34:36 GMT
cf-cache-status: DYNAMIC
x-function: 302
server: cloudflare
content-type: image/gif; charset=utf-8
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
cf-ray: 7a50435d4ebf3675-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location: https://a.tribalfusion.com/i.match?p=b17&u=y-sxAjGhRE2ujCZn4_j8B1g6twkIXvBkM-~A
date: Thu, 09 Mar 2023 03:34:36 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.25
age: 0
content-length: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2

200

dspreply
public-prod-dspcookiematching.dmxleo.com/ Frame 4BDA
Redirect Chain

https://a.tribalfusion.com/i.match?p=b24&u=18072662266092918314&redirect=https%3A%2F%2Fpublic-prod-dspcookiematching.dmxleo.com%2Fdspreply%3FdspId%3D15%26dspUserId%3D%24TF_USER_ID_ENC%24
https://public-prod-dspcookiematching.dmxleo.com/dspreply?dspId=15&dspUserId=18072662266092918314

0
123 B

189ms
16ms

Image
text/plain

188.65.124.66
DAILYMOTION For p...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://public-prod-dspcookiematching.dmxleo.com/dspreply?dspId=15&dspUserId=18072662266092918314

Requested by

Host: s.tribalfusion.com
URL: https://s.tribalfusion.com/p.media?clickID=acmUCkUcbhPP3xWtUQUbJY5bPoVTQpWanlQEnHRc7JRr6sRHfbWsM55F2rnHetXqew4tjFQVbZa4PBFotAqVWJ9YrrbYUbh1E6MPrrZbTbB4WdJ3orjpPbJnYavy5aUl2av1oabIYUZbbTtJXmmfZcmsropHMJ3anj3Hup4PrZaprMEXVfP1cYV1cvonaf22FnQTFfFUAY1PTY1Ps3sQtFu0tvuT6bp4s3mXbZbDpUUrOUi7s6MnXcZdkYR&mediaDataID=8039566&mediaName=frame.html

Protocol

Server

188.65.124.66 Paris, France, ASN41690 (DAILYMOTION For peering related business, please mail peering@dailymotion.com, FR),

Reverse DNS

ingress-03-pub-prod-ix7.vip.dailymotion.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s.tribalfusion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

x-dm-lb-name: ingress-nginx-nginx-in-cluster-zqg4s
date: Thu, 09 Mar 2023 03:34:36 GMT
strict-transport-security: max-age=15724800; includeSubDomains
content-length: 0

Redirect headers

pragma: no-cache
date: Thu, 09 Mar 2023 03:34:36 GMT
cf-cache-status: DYNAMIC
x-function: 209
server: cloudflare
x-reuse-index: 141
content-type: text/html
location: https://public-prod-dspcookiematching.dmxleo.com/dspreply?dspId=15&dspUserId=18072662266092918314
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
cf-ray: 7a50435b58a330ea-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20230306/r20110914/elements/html/ Frame 8E64 8 KB
3 KB 50ms
49ms Script
text/javascript 2a00:1450:400d:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20230306/r20110914/elements/html/omrhp.js

Requested by

Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adi/N1820114.1141592EXPONENTIAL.COM/B28402876.344985312;dc_ver=95.280;dc_eid=40004000;sz=728x90;u_sd=1;dc_adk=1094543181;ord=gm0i7l;click=https%3A%2F%2Fs.tribalfusion.com%2Fh.click%2Fa7mYLO0GnS1c3Y1cbynE7W5U3VVUjBWAY0REM3SsnnQHUO0HfwVAnv4sQ5YFMLTP6o2PB9PP7A2WZby0d3LntZao5mQW5Gn8UVY9UVM6S6FMWd3VUFM05b6rVabqWqrlQTYZcRc7ZaRFurPt3cWGU54UqumtqsXaXy3HbESGJD4PYLoHXrUd760r361bB91a6NPbBGWUYSVHJ3mUQnPFfoYqUs4qUk4T72nabHYbj7UtjPn6YBpG7wmHfBM7mwv9bnMQ2v39m10crOYVFVM9ANPQXWxUFdsSFwZdQ%2F;uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd;dc_rfl=1,https%3A%2F%2Fwww.orientaldaily.com.my%2F$0;xdt=0;crlt=X1PfKiz4jp;stc=1;chaa=1;sttr=147;prcl=s

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:808::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

855e15fcdc7a729b06238328936629eac46e2251d9d3d71a5d65510451f4e7c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ad.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 08 Mar 2023 18:17:25 GMT
content-encoding: br
x-content-type-options: nosniff
age: 33431
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3023
x-xss-protection: 0
server: cafe
etag: 4221495933888618527
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 22 Mar 2023 18:17:25 GMT

GET
H3

200

i.match
a.tribalfusion.com/ Frame 056B
Redirect Chain

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%253A//simage2.pubmatic.com/AdServer/Pug%253Fvcode%253Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%2526piggybackCookie%253D180726622660...
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%253A//simage2.pubmatic.com/AdServer/Pug%253Fvcode%253Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%2526piggybackCookie%253D180726622660...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw&piggybackCookie=18072662266092918314&r=https%3A//a.tribalfusion.com/i.match%3Fp%3Db11%26u%3D%24%7BPUBMATIC_U...
https://a.tribalfusion.com/i.match?p=b11&u=389B1C7D-66D3-46E8-82A6-7EF23C70ED44

43 B
651 B

167ms
166ms

Image
image/gif

2606:4700::6812:19ad
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.tribalfusion.com/i.match?p=b11&u=389B1C7D-66D3-46E8-82A6-7EF23C70ED44
Requested by: Host: s.tribalfusion.com
URL: https://s.tribalfusion.com/p.media?clickID=aamUCk1c35XG7xnEZbW2rvUTFFZbV6r1Qq3QQsMOPHbNYt7tV6jw2VYUYUnZbUPmo4PZb7RmrA2H3O0tJCntEw36YQ4cn7TcrbVG78PAvoTWFPTbM05b6pVaUtVqrlQaBZcQVJLRF6vRdv6VcQ54r6qnW6tYqyp2HYDQsMB56FZbmdAyTHQ70brkXrYk1aiOSbrAWUYXTtnXmbjnQFbrYEUn4TUa2a7RoT7jYFUfo8EWQFIIWG7BXhlJIU&mediaDataID=6719746&mediaName=frame.html
Protocol: H3
Server: 2606:4700::6812:19ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s.tribalfusion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 09 Mar 2023 03:34:36 GMT
cf-cache-status: DYNAMIC
x-function: 302
server: cloudflare
content-type: image/gif; charset=utf-8
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
cf-ray: 7a50435f485a3675-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location: https://a.tribalfusion.com/i.match?p=b11&u=389B1C7D-66D3-46E8-82A6-7EF23C70ED44
date: Thu, 09 Mar 2023 03:34:35 GMT
cache-control: no-store, no-cache, private
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H3

200

i.match
a.tribalfusion.com/ Frame 6C68
Redirect Chain

https://dpm.demdex.net/ibs:dpid=22054&dpuuid=18072662266092918314&redir=https%3A//a.tribalfusion.com/i.match%3Fp%3Db13%26u%3D%24%7BDD_UUID%7D
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=22054&dpuuid=18072662266092918314&redir=https%3A//a.tribalfusion.com/i.match%3Fp%3Db13%26u%3D%24%7BDD_UUID%7D
https://a.tribalfusion.com/i.match?p=b13&u=63587191003890494922291085960355266704

43 B
632 B

216ms
159ms

Image
image/gif

2606:4700::6812:19ad
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.tribalfusion.com/i.match?p=b13&u=63587191003890494922291085960355266704
Requested by: Host: s.tribalfusion.com
URL: https://s.tribalfusion.com/p.media?clickID=admWwJXG7upT7Q3bJWWUBHUAYXQqf0PsrMQdbt0HJpT6My2sJ2XrUDUmPq5mQ6PAMD4HFr0HQAnHTm5mYQ3sr8UsUcWcBgSmUoWtv3TFM32r2oUqMrWTrcQTMFSs3ZcRFIxPt76WVrQ5FPxmt6yXaew2tUAPcrH2mrIoHImTtQ8YUYb1FjjXTiMRrJHWUYSVHJ0orfrQUvsXqny5EJa5q3XnabGYrJ7UHJToAfBpG7wosZbC5EZaEu9ZbouEicpsvOGZdkCnW&mediaDataID=5578346&mediaName=frame.html
Protocol: H3
Server: 2606:4700::6812:19ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s.tribalfusion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 09 Mar 2023 03:34:36 GMT
cf-cache-status: DYNAMIC
x-function: 302
server: cloudflare
content-type: image/gif; charset=utf-8
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
cf-ray: 7a50435e3f803675-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

DCS: dcs-prod-irl1-1-v046-0b284ccfd.edge-irl1.demdex.com 2 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: jIh7uOUDSKw=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location: https://a.tribalfusion.com/i.match?p=b13&u=63587191003890494922291085960355266704
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H2 200 cm
us-u.openx.net/w/1.0/ Frame 9E39 43 B
132 B 34ms
21ms Image
image/gif 35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/cm?id=b9f5c7de-85f6-48cc-ba86-351b90373b6b&r=https%3A%2F%2Fa.tribalfusion.com%2Fi.match%3Fp%3Db12%26redirect%3Dhttps%253A%252F%252Fus-u.openx.net%252Fw%252F1.0%252Fsd%253Fid%253D537141727%2526val%253D%2524TF_USER_ID_ENC%2524%26u%3D
Requested by: Host: s.tribalfusion.com
URL: https://s.tribalfusion.com/p.media?clickID=afmUCkPP3xWd3VWbf25rPnUqYqTEQ8PTvFSG7AQFIoPHv9WVjV4buxndInYTqx2dbGSVMG46YHoHPNTHJ90bncXFFe0aIrSFnZbWFMSWHJ0nbQnRUJrYTMn3Efa4T7YoTbB1FZbfUdbTnm3Bns7rptMB2EY73WZao5mnLmbfZc0Gn0YsF2XGbnmqvS2FvQWUvDUAv5RE34QsntPdFN1tfrW6bp4sBU0UQcTAiwvrqdnb2DwWZbE0pDEuo&mediaDataID=6546596&mediaName=frame.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s.tribalfusion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 09 Mar 2023 03:34:36 GMT
content-encoding: gzip
via: 1.1 google
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 56
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H3

200

i.match
a.tribalfusion.com/ Frame 0E6F
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=exp&google_cm&google_sc&google_ula=2786954&google_hm=18072662266092918314
https://a.tribalfusion.com/i.match?p=b6&u=adx&google_gid=CAESEHa_9Gy4quwQIYn_uASwycM&google_cver=1&google_ula=2786954,0

43 B
625 B

173ms
171ms

Image
image/gif

2606:4700::6812:19ad
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.tribalfusion.com/i.match?p=b6&u=adx&google_gid=CAESEHa_9Gy4quwQIYn_uASwycM&google_cver=1&google_ula=2786954,0
Requested by: Host: s.tribalfusion.com
URL: https://s.tribalfusion.com/p.media?clickID=ahmUCkPbQEWUYXVtQToFboRUJsYarN4Tja4qQPnaZbD1rZbcUHrQm6nBmG3qpdrB3aZbe5duq5PfGnUjGXVnR1c341VbwnTFV2rr2TUZbZcVm7YQTb1Sc3qPd3O0WFuVPbu4sY20bUDTPqs56vePPMF3dYt1WUAnH6N5PJT4c76VcQjWsMePPYoTHFRUFF33bTrUqroTTn6QEMZdRGBJPreqSH7iUVb52Fy4mWqOOQQyM8EGtGrtYTvJds&mediaDataID=4056396&mediaName=frame.html
Protocol: H3
Server: 2606:4700::6812:19ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s.tribalfusion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 09 Mar 2023 03:34:36 GMT
cf-cache-status: DYNAMIC
x-function: 302
server: cloudflare
content-type: image/gif; charset=utf-8
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
cf-ray: 7a50435d4ec23675-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 09 Mar 2023 03:34:36 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://a.tribalfusion.com/i.match?p=b6&u=adx&google_gid=CAESEHa_9Gy4quwQIYn_uASwycM&google_cver=1&google_ula=2786954,0
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 332
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET activeview
pagead2.googlesyndication.com/pcs/ Frame 5842 0
0

GET
H2 200 apstag.js Show response
c.amazon-adsystem.com/aax2/ 222 KB
55 KB 128ms
25ms Script
application/javascript 18.66.23.213
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/aax2/apstag.js
Requested by: Host: www.orientaldaily.com.my
URL: https://www.orientaldaily.com.my/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.23.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-23-213.vie50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e58798939afd607aa76e8be948216df69422fb6cb44d15aa7775e56c51ec4bad

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.orientaldaily.com.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 02:37:49 GMT
content-encoding: gzip
via: 1.1 36cd2d0f34e25c2dc5099656a60bedac.cloudfront.net (CloudFront), 1.1 b159f39ee34c14548a9d9dc3e730676a.cloudfront.net (CloudFront)
last-modified: Wed, 08 Mar 2023 21:18:34 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P1, VIE50-P1
age: 3408
x-amz-server-side-encryption: AES256
etag: W/"674325314aec17fac6c83c44b2e5566d"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: public, max-age=3600
x-amz-cf-id: iNw_aY5630B5iMel3IDKrIpop4U946z_N2HGmbA4bMBnEUq5cC7hPA==

GET
H2

204

usermatch.gif
beacon.krxd.net/ Frame 3CB7
Redirect Chain

https://a.tribalfusion.com/i.match?p=b22&u=18072662266092918314&redirect=https%3A%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner%3Dexponential%26partner_uid%3D%24TF_USER_ID_ENC%24
https://beacon.krxd.net/usermatch.gif?partner=exponential&partner_uid=18072662266092918314

0
339 B

194ms
22ms

Image
text/plain

52.208.205.244
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beacon.krxd.net/usermatch.gif?partner=exponential&partner_uid=18072662266092918314
Requested by: Host: s.tribalfusion.com
URL: https://s.tribalfusion.com/p.media?clickID=agmUCkpT7W5U3VVbFFVAY3REQSPVFsQdjr1dJwWPUu4sY0XUFKTPqw5PncQA7C2tZbsXHJKntZao5AJ15cr8VcQbVs7fRPvwTHn3WbBP2U2rVajpTTraPTQIRcjCPFuoPHvbUcM54butnWAOXEey3WnHPG7Za4PrLoWPnUH370bnkYFYfXaeMSFJAWb35WHM0orJmRUZbnYTvs4EFl4an5nTMI1rUfWH7MmmfBV9XrSCIAxEZb0XZafCqf&mediaDataID=6807466&mediaName=frame.html
Protocol: H2
Server: 52.208.205.244 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-208-205-244.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s.tribalfusion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

x-served-by: beacon-n022-dub-prod.krxd.net
date: Thu, 09 Mar 2023 03:34:36 GMT
cache-control: private, no-cache, no-store
x-request-time: D=67 t=1678332876
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

pragma: no-cache
date: Thu, 09 Mar 2023 03:34:36 GMT
cf-cache-status: DYNAMIC
x-function: 209
server: cloudflare
x-reuse-index: 300
content-type: text/html
location: https://beacon.krxd.net/usermatch.gif?partner=exponential&partner_uid=18072662266092918314
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
cf-ray: 7a50435bc8ef30ea-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2

200

view.aspx Show response
pb.media01.eu/ Frame DE42
Redirect Chain

https://pv.medialead.de/trck/epv/e99aace94e6e5873881d3400993e1e7e?subid=99314000011033004444994012258017&t=htlp
https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=99314000011033004444994012258017&actionid=981741&produktid=&dt_url=

0
631 B

121ms
20ms

Document
text/html

88.198.250.30
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=99314000011033004444994012258017&actionid=981741&produktid=&dt_url=

Requested by

Host: hal900017.redintelligence.net
URL: https://hal900017.redintelligence.net/request.php?zone=wmoiqux43uzw&nw=20&renderingType=javascript&namespace=82dc8be063&subid=&uid=2f63b6c680c532a2&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=336x280&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCipNIyVMJZO3dH-SSjuwPn4ScgAim5b2gab2TnKfJD_AuEAEg3uW3Q2CV4pCCoAfIAQmpAtM_RZHLsrE-qAMBqgSkAk_QOVGOzf9Pfkj_uID8cKosHBdEG3y5XQfp3xxBEguTcn-e6xEazhohnVZmmU08hD9zi79u-hfJx7ChpsKqZoYJOGXUZc6V9KoyR7ranf5J9uvPV9eIG_WxfqWUtWclyj5kAI0HhzzBXE_vZoGaCoTLSa-toj12imYZsRwlRrOjcFGioBJAfj5m96bjfmCSqxt0NNx_rkszsiE6Nf6qGMhDto5guzkLXfWq4T9tsukm1pNQ8N4V6c0rLx-vH-IiISPJbclgZ-ax9j8IOHRUv5CUntE6aE40I-wGODsscEmUWzkjXne0Uqy1GB-TXJ4cE2ZGs08iEz5f5AexaM-hmNAEhlhlSKwz3B2O5Fs8W944OgoT2oXW3uHU_orFI4RIyK-7UGTABOuP_I73A-AEA5AGAaAGTYAHrK31nwOoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggRCIDhgBAQARgdMgKqAjoCgECACgOYCwHICwGADAGwE4-10Q7QEwDYEwPYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSSwDUE5ymgSwBz0_VRlBANJjo9I2ImuFTowaE6h8LHWs4UXd6rs_uIlSB0JzxFKR-9FcHXwaNxJH-v28_eBwcL2pXCXll8s9bInYVSxgB%26sig%3DAOD64_3yQDRW2_m-e_7R9wROQvLo1pKGPQ%26client%3Dca-pub-3430561196928589%26dbm_c%3DAKAmf-DPnXsOkO81u1c9tQV5kA8slnQZqUqwRBfBgoRH5zt6L1YoC5Uupt1_asqDxoqvS96bXCArHk3yMu17E4SfbQe9fPm2_4dnM5xat1dHKpInWrBueagePcEAXHWQazsXV2cyAtNiXSvykyxhp8HWXNVesJekhrgfI3ARA-sJA9KF4FgKyhc%26cry%3D1%26dbm_d%3DAKAmf-CsfhtM91hhsWj6S9xe9JUAwuWq_gN1H4RwQbVAInS-hv1kXHi1VSvF-3j8dYqJobarFmEzuqJ0ibcV4kLKJq7VgouuGbBSp-gWRFJauVgOb1RuOFNcF2Pbmzk_xZDo5tYUuXScsig_6i7HdPhaLpaqi9abAVRff36So6Man5rwoTqAjfft_n7K_SBGoFd71AKvDKKyge955Yjqwxkc1puoaLidAB-E96c_lX7ZJo6QHtv_LRR0DXjV4CeahbrtdTqbMrbVlpeZRudrkOcXUE7Zm6HyejkzQ4fOvC_uuitj4Wriz3kQMrsBMDNubanmap5NpMrSv8o3vPXObAnsU92Bj9LHT_MZzCEsc1Wg2iUk_qOwjuoDmBoo8M7ZipxCMpKSBK4wxAz0dBsjBNLsm4Hp6LzCjCx_ial3k07DuSSY2UA2-Or9pUPc6R1aIjENnlO86TE3CBivQUZPNxUREmlGto-dmHvuEtWWXws--3Dfr-lDUXSUGUDo5VPDQGo3SAqrYd3VUiINjEEGBUJgSF5NYoyMXTYqNeCqfTCA9uiP1BDb9yo%26adurl%3D&documentReferer=https%3A%2F%2Fwww.orientaldaily.com.my%2F&ancestorOrigins=https%3A%2F%2Fwww.orientaldaily.com.my&random=7503321541877&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

88.198.250.30 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.88-198-250-30.clients.your-server.de

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Referer: https://25f0b6c781c28f0ec66a58e178665f44.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Content-Range, Content-Disposition, Content-Description, X-XSRF-TOKEN, X-Location
access-control-allow-methods: GET,POST
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
date: Thu, 09 Mar 2023 03:34:35 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
last-modified: Thu, 09 Mar 2023 04:34:35 GMT
p3p: policyref="https://pb.media01.eu/pb.media01.eu/p3p.xml", CP="NOI NID PSA OUR BUS NAV STA"
pragma: no-cache
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
x-xss-protection: 1; mode=block

Redirect headers

Content-Length: 0
Content-Type: application/javascript
Date: Thu, 09 Mar 2023 03:34:36 GMT
Host: pv.medialead.de
Keep-Alive: timeout=20
Location: https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=99314000011033004444994012258017&actionid=981741&produktid=&dt_url=
Proxy-Host: pv.medialead.de
Server: nginx/1.17.5
Strict-Transport-Security: max-age=15768000
X-IPLB-Instance: 40028
X-IPLB-Request-ID: B9D59BB5:84C0_91EFC182:01BB_640953CC_AF663A9:C02A

GET
H2 200 / Show response
adv.office-partner.de/ Frame 8284 930 B
933 B 313ms
18ms Document
text/html 2a0b:4d07:401::1
PROINITY PROINITY

General

Check archive.org

Show headers Download Go to

Full URL: https://adv.office-partner.de/?utm_source=webgains&utm_campaign=webgains
Requested by: Host: hal900017.redintelligence.net
URL: https://hal900017.redintelligence.net/request.php?zone=wmoiqux43uzw&nw=20&renderingType=javascript&namespace=82dc8be063&subid=&uid=2f63b6c680c532a2&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=336x280&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCipNIyVMJZO3dH-SSjuwPn4ScgAim5b2gab2TnKfJD_AuEAEg3uW3Q2CV4pCCoAfIAQmpAtM_RZHLsrE-qAMBqgSkAk_QOVGOzf9Pfkj_uID8cKosHBdEG3y5XQfp3xxBEguTcn-e6xEazhohnVZmmU08hD9zi79u-hfJx7ChpsKqZoYJOGXUZc6V9KoyR7ranf5J9uvPV9eIG_WxfqWUtWclyj5kAI0HhzzBXE_vZoGaCoTLSa-toj12imYZsRwlRrOjcFGioBJAfj5m96bjfmCSqxt0NNx_rkszsiE6Nf6qGMhDto5guzkLXfWq4T9tsukm1pNQ8N4V6c0rLx-vH-IiISPJbclgZ-ax9j8IOHRUv5CUntE6aE40I-wGODsscEmUWzkjXne0Uqy1GB-TXJ4cE2ZGs08iEz5f5AexaM-hmNAEhlhlSKwz3B2O5Fs8W944OgoT2oXW3uHU_orFI4RIyK-7UGTABOuP_I73A-AEA5AGAaAGTYAHrK31nwOoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggRCIDhgBAQARgdMgKqAjoCgECACgOYCwHICwGADAGwE4-10Q7QEwDYEwPYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSSwDUE5ymgSwBz0_VRlBANJjo9I2ImuFTowaE6h8LHWs4UXd6rs_uIlSB0JzxFKR-9FcHXwaNxJH-v28_eBwcL2pXCXll8s9bInYVSxgB%26sig%3DAOD64_3yQDRW2_m-e_7R9wROQvLo1pKGPQ%26client%3Dca-pub-3430561196928589%26dbm_c%3DAKAmf-DPnXsOkO81u1c9tQV5kA8slnQZqUqwRBfBgoRH5zt6L1YoC5Uupt1_asqDxoqvS96bXCArHk3yMu17E4SfbQe9fPm2_4dnM5xat1dHKpInWrBueagePcEAXHWQazsXV2cyAtNiXSvykyxhp8HWXNVesJekhrgfI3ARA-sJA9KF4FgKyhc%26cry%3D1%26dbm_d%3DAKAmf-CsfhtM91hhsWj6S9xe9JUAwuWq_gN1H4RwQbVAInS-hv1kXHi1VSvF-3j8dYqJobarFmEzuqJ0ibcV4kLKJq7VgouuGbBSp-gWRFJauVgOb1RuOFNcF2Pbmzk_xZDo5tYUuXScsig_6i7HdPhaLpaqi9abAVRff36So6Man5rwoTqAjfft_n7K_SBGoFd71AKvDKKyge955Yjqwxkc1puoaLidAB-E96c_lX7ZJo6QHtv_LRR0DXjV4CeahbrtdTqbMrbVlpeZRudrkOcXUE7Zm6HyejkzQ4fOvC_uuitj4Wriz3kQMrsBMDNubanmap5NpMrSv8o3vPXObAnsU92Bj9LHT_MZzCEsc1Wg2iUk_qOwjuoDmBoo8M7ZipxCMpKSBK4wxAz0dBsjBNLsm4Hp6LzCjCx_ial3k07DuSSY2UA2-Or9pUPc6R1aIjENnlO86TE3CBivQUZPNxUREmlGto-dmHvuEtWWXws--3Dfr-lDUXSUGUDo5VPDQGo3SAqrYd3VUiINjEEGBUJgSF5NYoyMXTYqNeCqfTCA9uiP1BDb9yo%26adurl%3D&documentReferer=https%3A%2F%2Fwww.orientaldaily.com.my%2F&ancestorOrigins=https%3A%2F%2Fwww.orientaldaily.com.my&random=7503321541877&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a0b:4d07:401::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software: keycdn-engine /
Resource Hash: 384179ee8fb1fd393558e28ea811532ea776e8cd69f9e94f379ddefb78948bd7

Request headers

Referer: https://25f0b6c781c28f0ec66a58e178665f44.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
cache-control: max-age=604800
content-encoding: gzip
content-length: 552
content-type: text/html
date: Thu, 09 Mar 2023 03:34:36 GMT
etag: "3a2-5c1ab16b3be00-gzip"
expires: Thu, 16 Mar 2023 03:34:36 GMT
last-modified: Thu, 06 May 2021 15:37:28 GMT
link: <https://adv-srv.office-partner.de/?utm_source=webgains&utm_campaign=webgains>; rel="canonical"
server: keycdn-engine
vary: Accept-Encoding
x-accel-version: 0.01
x-cache: HIT
x-edge-location: atvi

GET
H2 200 link.html Show response
track.webgains.com/ Frame 7B35 2 KB
2 KB 144ms
60ms Script
text/html 18.130.199.108
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://track.webgains.com/link.html?wglinkid=2513145&wgcampaignid=99582&js=1&viewref=99314000011033004444994012258017&nw=1
Requested by: Host: www.orientaldaily.com.my
URL: https://www.orientaldaily.com.my/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.130.199.108 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-130-199-108.eu-west-2.compute.amazonaws.com
Software: nginx / PHP/7.4.26
Resource Hash: 49c8eb126b6cd8b764edf78962490c8a37787fdbc6310b5b3848b7bc33910320

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://25f0b6c781c28f0ec66a58e178665f44.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 03:34:36 GMT
last-modified: Thu, 09 Mar 2023 03:34:36 GMT
server: nginx
x-powered-by: PHP/7.4.26
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=60
access-control-allow-headers: Authorization
expires: Thu, 09 Mar 2023 03:35:36 GMT

GET
H2

200

activityi;dc_pre=CM3BqJf1zf0CFVTE1QodOdMKDw;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=8093927841993.369 Show response
5994599.fls.doubleclick.net/ Frame A3CE
Redirect Chain

https://5994599.fls.doubleclick.net/activityi;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=8093927841993.369?
https://5994599.fls.doubleclick.net/activityi;dc_pre=CM3BqJf1zf0CFVTE1QodOdMKDw;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=8093927841993.369?

391 B
328 B

137ms
77ms

Document
text/html

142.250.201.198
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://5994599.fls.doubleclick.net/activityi;dc_pre=CM3BqJf1zf0CFVTE1QodOdMKDw;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=8093927841993.369?

Requested by

Host: www.orientaldaily.com.my
URL: https://www.orientaldaily.com.my/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.201.198 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s35-in-f6.1e100.net

Software

cafe /

Resource Hash

b29cdbf9832e9c172b547526ae97ad854f2271701d5f87d9e4df33a01b488ca8

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://25f0b6c781c28f0ec66a58e178665f44.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=0
content-encoding: br
content-length: 217
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 09 Mar 2023 03:34:36 GMT
expires: Thu, 09 Mar 2023 03:34:36 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 09 Mar 2023 03:34:36 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown: 1
location: https://5994599.fls.doubleclick.net/activityi;dc_pre=CM3BqJf1zf0CFVTE1QodOdMKDw;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=8093927841993.369?
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1 200
OK request_content.php Show response
hal900017.redintelligence.net/ Frame 5804 7 KB
2 KB 44ms
12ms Document
text/html 159.69.70.9
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal900017.redintelligence.net/request_content.php?s=99314000011033004444994012258017&a=1cff852c
Requested by: Host: hal900017.redintelligence.net
URL: https://hal900017.redintelligence.net/request.php?zone=wmoiqux43uzw&nw=20&renderingType=javascript&namespace=82dc8be063&subid=&uid=2f63b6c680c532a2&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=336x280&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCipNIyVMJZO3dH-SSjuwPn4ScgAim5b2gab2TnKfJD_AuEAEg3uW3Q2CV4pCCoAfIAQmpAtM_RZHLsrE-qAMBqgSkAk_QOVGOzf9Pfkj_uID8cKosHBdEG3y5XQfp3xxBEguTcn-e6xEazhohnVZmmU08hD9zi79u-hfJx7ChpsKqZoYJOGXUZc6V9KoyR7ranf5J9uvPV9eIG_WxfqWUtWclyj5kAI0HhzzBXE_vZoGaCoTLSa-toj12imYZsRwlRrOjcFGioBJAfj5m96bjfmCSqxt0NNx_rkszsiE6Nf6qGMhDto5guzkLXfWq4T9tsukm1pNQ8N4V6c0rLx-vH-IiISPJbclgZ-ax9j8IOHRUv5CUntE6aE40I-wGODsscEmUWzkjXne0Uqy1GB-TXJ4cE2ZGs08iEz5f5AexaM-hmNAEhlhlSKwz3B2O5Fs8W944OgoT2oXW3uHU_orFI4RIyK-7UGTABOuP_I73A-AEA5AGAaAGTYAHrK31nwOoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggRCIDhgBAQARgdMgKqAjoCgECACgOYCwHICwGADAGwE4-10Q7QEwDYEwPYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSSwDUE5ymgSwBz0_VRlBANJjo9I2ImuFTowaE6h8LHWs4UXd6rs_uIlSB0JzxFKR-9FcHXwaNxJH-v28_eBwcL2pXCXll8s9bInYVSxgB%26sig%3DAOD64_3yQDRW2_m-e_7R9wROQvLo1pKGPQ%26client%3Dca-pub-3430561196928589%26dbm_c%3DAKAmf-DPnXsOkO81u1c9tQV5kA8slnQZqUqwRBfBgoRH5zt6L1YoC5Uupt1_asqDxoqvS96bXCArHk3yMu17E4SfbQe9fPm2_4dnM5xat1dHKpInWrBueagePcEAXHWQazsXV2cyAtNiXSvykyxhp8HWXNVesJekhrgfI3ARA-sJA9KF4FgKyhc%26cry%3D1%26dbm_d%3DAKAmf-CsfhtM91hhsWj6S9xe9JUAwuWq_gN1H4RwQbVAInS-hv1kXHi1VSvF-3j8dYqJobarFmEzuqJ0ibcV4kLKJq7VgouuGbBSp-gWRFJauVgOb1RuOFNcF2Pbmzk_xZDo5tYUuXScsig_6i7HdPhaLpaqi9abAVRff36So6Man5rwoTqAjfft_n7K_SBGoFd71AKvDKKyge955Yjqwxkc1puoaLidAB-E96c_lX7ZJo6QHtv_LRR0DXjV4CeahbrtdTqbMrbVlpeZRudrkOcXUE7Zm6HyejkzQ4fOvC_uuitj4Wriz3kQMrsBMDNubanmap5NpMrSv8o3vPXObAnsU92Bj9LHT_MZzCEsc1Wg2iUk_qOwjuoDmBoo8M7ZipxCMpKSBK4wxAz0dBsjBNLsm4Hp6LzCjCx_ial3k07DuSSY2UA2-Or9pUPc6R1aIjENnlO86TE3CBivQUZPNxUREmlGto-dmHvuEtWWXws--3Dfr-lDUXSUGUDo5VPDQGo3SAqrYd3VUiINjEEGBUJgSF5NYoyMXTYqNeCqfTCA9uiP1BDb9yo%26adurl%3D&documentReferer=https%3A%2F%2Fwww.orientaldaily.com.my%2F&ancestorOrigins=https%3A%2F%2Fwww.orientaldaily.com.my&random=7503321541877&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 159.69.70.9 Nuremberg, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.9.70.69.159.clients.your-server.de
Software: Apache /
Resource Hash: 2436d93e911870ccad15e7656c85af8dc07bbf25bdaf6327d7db5ea41bc69c14

Request headers

Referer: https://25f0b6c781c28f0ec66a58e178665f44.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Connection: close
Content-Encoding: gzip
Content-Length: 2107
Content-Type: text/html; charset=utf-8
Date: Thu, 09 Mar 2023 03:34:36 GMT
Expires: Thu, 09 Mar 2023 03:34:36 +0100
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Pragma: no-cache
Server: Apache
Vary: Accept-Encoding

GET
H/1.1

200
OK

native.png
ad-server.eu/wm/pb/ Frame 7B35
Redirect Chain

https://medialead.de/trck/eview/e99aace94e6e5873881d3400993e1e7e?subid=99314000011033004444994012258017
https://pv.medialead.de/trck/eview/e99aace94e6e5873881d3400993e1e7e?subid=99314000011033004444994012258017
https://ad-server.eu/wm/pb/native.png

68 B
312 B

198ms
29ms

Image
image/png

54.76.176.197
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad-server.eu/wm/pb/native.png
Requested by: Host: 25f0b6c781c28f0ec66a58e178665f44.safeframe.googlesyndication.com
URL: https://25f0b6c781c28f0ec66a58e178665f44.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: HTTP/1.1
Server: 54.76.176.197 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-76-176-197.eu-west-1.compute.amazonaws.com
Software: nginx/1.4.6 (Ubuntu) /
Resource Hash: 93ae7d494fad0fb30cbf3ae746a39c4bc7a0f8bbf87fbb587a3f3c01f3c5ce20

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://25f0b6c781c28f0ec66a58e178665f44.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date: Thu, 09 Mar 2023 03:37:12 GMT
Last-Modified: Sat, 21 Dec 2019 23:06:59 GMT
Server: nginx/1.4.6 (Ubuntu)
ETag: "5dfea593-44"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 68

Redirect headers

Date: Thu, 09 Mar 2023 03:34:36 GMT
Strict-Transport-Security: max-age=15768000
Server: nginx/1.17.5
Host: pv.medialead.de
X-IPLB-Request-ID: B9D59BB5:84C2_91EFC182:01BB_640953CC_AF663AC:C02A
X-IPLB-Instance: 40028
Content-Type: application/go
Location: https://ad-server.eu/wm/pb/native.png
Keep-Alive: timeout=20
Content-Length: 0
Proxy-Host: pv.medialead.de

GET
H/1.1

200
OK

inv.gif
img.tradedoubler.com/images/ Frame 7B35
Redirect Chain

https://impfr.tradedoubler.com/imp?type(inv)g(24495172)a(1565155)epi(99314000011033004444994012258017)838425910
https://img.tradedoubler.com/images/inv.gif

43 B
693 B

148ms
18ms

Image
image/gif

13.32.110.54
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.tradedoubler.com/images/inv.gif

Requested by

Host: 25f0b6c781c28f0ec66a58e178665f44.safeframe.googlesyndication.com
URL: https://25f0b6c781c28f0ec66a58e178665f44.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

HTTP/1.1

Server

13.32.110.54 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-110-54.vie50.r.cloudfront.net

Software

Apache /

Resource Hash

b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://25f0b6c781c28f0ec66a58e178665f44.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Strict-Transport-Security: max-age=15552000; includeSubDomains
Date: Tue, 07 Mar 2023 23:32:29 GMT
Via: 1.1 5d650f4d20204610aaf075ff8f6494c6.cloudfront.net (CloudFront)
X-Content-Type-Options: nosniff
X-Amz-Cf-Pop: VIE50-C2
Age: 100927
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 43
X-XSS-Protection: 1; mode=block
Referrer-Policy: strict-origin-when-cross-origin
Last-Modified: Fri, 19 Nov 2004 15:35:04 GMT
Server: Apache
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
Content-Type: image/gif
Accept-Ranges: bytes
X-Amz-Cf-Id: S54cW3w7xg6-BVrNp1laKzRxk8YwegafTvOBfH6U4LcHennqbnAGCA==

Redirect headers

pragma: no-cache
date: Thu, 09 Mar 2023 03:34:35 GMT
via: 1.1 google
referrer-policy: origin
server: TXServerHttp
p3p: policyref="http://tracker.tradedoubler.com/w3c/p3p.xml",CP="NOI DSP COR NID CUR OUR NOR"
location: https://img.tradedoubler.com/images/inv.gif
access-control-allow-origin: *
content-type: text/html; charset=ISO-8859-1
cache-control: private, max-age=0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 248

GET
H2 200 express_html_inpage_rendering_lib_200_276.js Show response
s0.2mdn.net/879366/ Frame 8E64 106 KB
37 KB 47ms
47ms Script
text/javascript 2a00:1450:400d:803::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:803::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ad.doubleclick.net/
Origin: https://ad.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 08 Mar 2023 17:06:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 37686
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 37872
x-xss-protection: 0
last-modified: Wed, 02 Mar 2022 23:07:26 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 09 Mar 2023 17:06:30 GMT

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 8E64 41 KB
15 KB 48ms
48ms Script
text/javascript 2a00:1450:400d:807::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ad.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 08 Mar 2023 18:18:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 33366
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 07 Mar 2024 18:18:30 GMT

GET
H2

200

view.aspx Show response
pb.media01.eu/ Frame 5CE1
Redirect Chain

https://pv.medialead.de/trck/epv/e99aace94e6e5873881d3400993e1e7e?subid=12257200011230704444994012258027&t=htlp
https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=12257200011230704444994012258027&actionid=981741&produktid=&dt_url=

0
202 B

72ms
21ms

Document
text/html

88.198.250.30
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=12257200011230704444994012258027&actionid=981741&produktid=&dt_url=

Requested by

Host: hal900027.redintelligence.net
URL: https://hal900027.redintelligence.net/request.php?zone=wmoiqux43uzw&nw=20&renderingType=javascript&namespace=c6fd1df368&subid=&uid=8ed510983c2fae01&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=336x280&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC-QkNyVMJZOzdH-SSjuwPn4ScgAim5b2gab2TnKfJD_AuEAEg3uW3Q2CV4pCCoAfIAQmpAtM_RZHLsrE-qAMBqgSkAk_QTqfG7BxtZeBFqtc-VCpu2mvR8Cu7cGXjQKrfBgTN4C6Mpjuyxr9AW6eOWOUejb5BunCTmgEMWbdemhK1y0BXTmhCunKRVZI07Si9Kcrr8b7OgUkPqNrFtlholesYLPscvWercvPnw19wfqcZFrCqVzNsC4diuEe055G-lge0xn10cRjLWKQW23q1sRB27O3LHEVE3R2loCTowbXON4bkOcTvro9QG_GKFiLASgSMZ2xeXyEhRSKoCEs-dGBl4OBlwIAr4yRJEzpnskwWCn9mK1y79SLePVxCoug7qXkxDZlEIJhDLwztB1RYk-4cNB3nYdyVvMRbyxhtgYWL2VDNk9J1Z7lMtBc2FaCtd1oTVf5Q1evct2PgxSdH9MCSh1M6GYPABOuP_I73A-AEA5AGAaAGTYAHrK31nwOoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggRCIDhgBAQARgdMgKqAjoCgECACgOYCwHICwGADAGwE4-10Q7QEwDYEwPYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSSwDUE5ymgSwBz0_VRlBANJjo9I2ImuFTowaE6h8LHWs4UXd6rs_uIlSB0JzxFKR-9FcHXwaNxJH-v28_eBwcL2pXCXll8s9bInYVSxgB%26sig%3DAOD64_3HkMtQGcLHRSonSRwCkIXBOf6Myw%26client%3Dca-pub-3430561196928589%26dbm_c%3DAKAmf-BbUdQI5pqadkF8e6pR2EhK2Mrm6hGGbi3nXvRd0idCYlXh_xxqcsJf0iUsN0EF1zkroCXvCJFwXy9k1WBxGO0bsMhsR46KHsfbH1qrIYCotE5RkGpiX1MhnRtOVNrT3b3WTO5Dy4ZoLvSJz76Jdjt_HJa0u2n1RJlvN9iZoKUwmwQrIrM%26cry%3D1%26dbm_d%3DAKAmf-BKXWDNlXAy86sb5txPU7ctfahMLQC_KthokAxheA3yMQoNHEeWkHj8Rbb0U_9rOXSbI8xsydS4q_10TJcqQloX0uizboZHxslq7JTix8VP2Dc4LqO_b1uYvaGErnHF4zviV-rT1fyaxpiEgDvs0HS4cG12Q8A4nUDemfNz8aMr3K4kVT69dnbNbU9GdZ9D6g5fht3nRjNVY21hCt1ujzIc5cWfGvJcLe4_WPHKOkPvxJgZx9ojUtX5bv9WhvjH3TcVBc2eUdaKDPK4MVA7g4VHVaeWFTiC9jbYgTGw36i0WRGzf4y0TxY5Xyg-NXfJfEmKg0lr-vDWJp_HTZkVkwbtFGGwvb6UmsCg-GQltRiNXEaV6qk7BdD1i75D9atFA37aQT-YDxG8olMGXmMmNDb1Q77UhQHrJiL9f23yl7ZL9doFkfc74CikeFNsTXtcXG9iR7SDXFKGHFjUeffzJRP7PFsWEZ-bujfwa6jHZRXNjHxFp6r25-NPQRJX5jMY03Dm75LuwdlHOnNxxmAyDMB4Fs7pud6Ttv54rlKVVbn8n_s7rF0%26adurl%3D&documentReferer=https%3A%2F%2Fwww.orientaldaily.com.my%2F&ancestorOrigins=https%3A%2F%2Fwww.orientaldaily.com.my&random=7949243606522&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

88.198.250.30 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.88-198-250-30.clients.your-server.de

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Referer: https://25f0b6c781c28f0ec66a58e178665f44.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Content-Range, Content-Disposition, Content-Description, X-XSRF-TOKEN, X-Location
access-control-allow-methods: GET,POST
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
date: Thu, 09 Mar 2023 03:34:35 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
last-modified: Thu, 09 Mar 2023 04:34:35 GMT
p3p: policyref="https://pb.media01.eu/pb.media01.eu/p3p.xml", CP="NOI NID PSA OUR BUS NAV STA"
pragma: no-cache
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
x-xss-protection: 1; mode=block

Redirect headers

Content-Length: 0
Content-Type: application/javascript
Date: Thu, 09 Mar 2023 03:34:36 GMT
Host: pv.medialead.de
Keep-Alive: timeout=20
Location: https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=12257200011230704444994012258027&actionid=981741&produktid=&dt_url=
Proxy-Host: pv.medialead.de
Server: nginx/1.17.5
Strict-Transport-Security: max-age=15768000
X-IPLB-Instance: 40028
X-IPLB-Request-ID: B9D59BB5:84C2_91EFC182:01BB_640953CC_AF663AA:C02A

GET
H2 200 / Show response
adv.office-partner.de/ Frame 0EB7 930 B
932 B 286ms
20ms Document
text/html 2a0b:4d07:401::1
PROINITY PROINITY

General

Check archive.org

Show headers Download Go to

Full URL: https://adv.office-partner.de/?utm_source=webgains&utm_campaign=webgains
Requested by: Host: hal900027.redintelligence.net
URL: https://hal900027.redintelligence.net/request.php?zone=wmoiqux43uzw&nw=20&renderingType=javascript&namespace=c6fd1df368&subid=&uid=8ed510983c2fae01&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=336x280&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC-QkNyVMJZOzdH-SSjuwPn4ScgAim5b2gab2TnKfJD_AuEAEg3uW3Q2CV4pCCoAfIAQmpAtM_RZHLsrE-qAMBqgSkAk_QTqfG7BxtZeBFqtc-VCpu2mvR8Cu7cGXjQKrfBgTN4C6Mpjuyxr9AW6eOWOUejb5BunCTmgEMWbdemhK1y0BXTmhCunKRVZI07Si9Kcrr8b7OgUkPqNrFtlholesYLPscvWercvPnw19wfqcZFrCqVzNsC4diuEe055G-lge0xn10cRjLWKQW23q1sRB27O3LHEVE3R2loCTowbXON4bkOcTvro9QG_GKFiLASgSMZ2xeXyEhRSKoCEs-dGBl4OBlwIAr4yRJEzpnskwWCn9mK1y79SLePVxCoug7qXkxDZlEIJhDLwztB1RYk-4cNB3nYdyVvMRbyxhtgYWL2VDNk9J1Z7lMtBc2FaCtd1oTVf5Q1evct2PgxSdH9MCSh1M6GYPABOuP_I73A-AEA5AGAaAGTYAHrK31nwOoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggRCIDhgBAQARgdMgKqAjoCgECACgOYCwHICwGADAGwE4-10Q7QEwDYEwPYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSSwDUE5ymgSwBz0_VRlBANJjo9I2ImuFTowaE6h8LHWs4UXd6rs_uIlSB0JzxFKR-9FcHXwaNxJH-v28_eBwcL2pXCXll8s9bInYVSxgB%26sig%3DAOD64_3HkMtQGcLHRSonSRwCkIXBOf6Myw%26client%3Dca-pub-3430561196928589%26dbm_c%3DAKAmf-BbUdQI5pqadkF8e6pR2EhK2Mrm6hGGbi3nXvRd0idCYlXh_xxqcsJf0iUsN0EF1zkroCXvCJFwXy9k1WBxGO0bsMhsR46KHsfbH1qrIYCotE5RkGpiX1MhnRtOVNrT3b3WTO5Dy4ZoLvSJz76Jdjt_HJa0u2n1RJlvN9iZoKUwmwQrIrM%26cry%3D1%26dbm_d%3DAKAmf-BKXWDNlXAy86sb5txPU7ctfahMLQC_KthokAxheA3yMQoNHEeWkHj8Rbb0U_9rOXSbI8xsydS4q_10TJcqQloX0uizboZHxslq7JTix8VP2Dc4LqO_b1uYvaGErnHF4zviV-rT1fyaxpiEgDvs0HS4cG12Q8A4nUDemfNz8aMr3K4kVT69dnbNbU9GdZ9D6g5fht3nRjNVY21hCt1ujzIc5cWfGvJcLe4_WPHKOkPvxJgZx9ojUtX5bv9WhvjH3TcVBc2eUdaKDPK4MVA7g4VHVaeWFTiC9jbYgTGw36i0WRGzf4y0TxY5Xyg-NXfJfEmKg0lr-vDWJp_HTZkVkwbtFGGwvb6UmsCg-GQltRiNXEaV6qk7BdD1i75D9atFA37aQT-YDxG8olMGXmMmNDb1Q77UhQHrJiL9f23yl7ZL9doFkfc74CikeFNsTXtcXG9iR7SDXFKGHFjUeffzJRP7PFsWEZ-bujfwa6jHZRXNjHxFp6r25-NPQRJX5jMY03Dm75LuwdlHOnNxxmAyDMB4Fs7pud6Ttv54rlKVVbn8n_s7rF0%26adurl%3D&documentReferer=https%3A%2F%2Fwww.orientaldaily.com.my%2F&ancestorOrigins=https%3A%2F%2Fwww.orientaldaily.com.my&random=7949243606522&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a0b:4d07:401::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software: keycdn-engine /
Resource Hash: 384179ee8fb1fd393558e28ea811532ea776e8cd69f9e94f379ddefb78948bd7

Request headers

Referer: https://25f0b6c781c28f0ec66a58e178665f44.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
cache-control: max-age=604800
content-encoding: gzip
content-length: 552
content-type: text/html
date: Thu, 09 Mar 2023 03:34:36 GMT
etag: "3a2-5c1ab16b3be00-gzip"
expires: Thu, 16 Mar 2023 03:34:36 GMT
last-modified: Thu, 06 May 2021 15:37:28 GMT
link: <https://adv-srv.office-partner.de/?utm_source=webgains&utm_campaign=webgains>; rel="canonical"
server: keycdn-engine
vary: Accept-Encoding
x-accel-version: 0.01
x-cache: HIT
x-edge-location: atvi

GET
H2 200 link.html Show response
track.webgains.com/ Frame 0E74 2 KB
2 KB 119ms
65ms Script
text/html 18.130.199.108
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://track.webgains.com/link.html?wglinkid=2513145&wgcampaignid=99582&js=1&viewref=12257200011230704444994012258027&nw=1
Requested by: Host: www.orientaldaily.com.my
URL: https://www.orientaldaily.com.my/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.130.199.108 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-130-199-108.eu-west-2.compute.amazonaws.com
Software: nginx / PHP/7.4.26
Resource Hash: 04d9b9174743260b17176d8c27b77d412487cca6cc412f8bdd7319e33dca16e4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://25f0b6c781c28f0ec66a58e178665f44.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 03:34:36 GMT
last-modified: Thu, 09 Mar 2023 03:34:36 GMT
server: nginx
x-powered-by: PHP/7.4.26
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=60
access-control-allow-headers: Authorization
expires: Thu, 09 Mar 2023 03:35:36 GMT

GET
H2

200

activityi;dc_pre=CIzLqJf1zf0CFVW51QodEJoJrg;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=4391494676798.8594 Show response
5994599.fls.doubleclick.net/ Frame 7D17
Redirect Chain

https://5994599.fls.doubleclick.net/activityi;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=4391494676798.8594?
https://5994599.fls.doubleclick.net/activityi;dc_pre=CIzLqJf1zf0CFVW51QodEJoJrg;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=4391494676798.8594?

392 B
288 B

269ms
211ms

Document
text/html

142.250.201.198
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://5994599.fls.doubleclick.net/activityi;dc_pre=CIzLqJf1zf0CFVW51QodEJoJrg;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=4391494676798.8594?

Requested by

Host: www.orientaldaily.com.my
URL: https://www.orientaldaily.com.my/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.201.198 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s35-in-f6.1e100.net

Software

cafe /

Resource Hash

9d1ba51454d2b663b14aab11a1d3ffb9f72064b28c60ce37e1b6a3d88794283b

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://25f0b6c781c28f0ec66a58e178665f44.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=0
content-encoding: br
content-length: 218
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 09 Mar 2023 03:34:36 GMT
expires: Thu, 09 Mar 2023 03:34:36 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 09 Mar 2023 03:34:36 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown: 1
location: https://5994599.fls.doubleclick.net/activityi;dc_pre=CIzLqJf1zf0CFVW51QodEJoJrg;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=4391494676798.8594?
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1 200
OK request_content.php Show response
hal900027.redintelligence.net/ Frame B838 7 KB
2 KB 44ms
13ms Document
text/html 78.46.111.106
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal900027.redintelligence.net/request_content.php?s=12257200011230704444994012258027&a=185ef2ab
Requested by: Host: hal900027.redintelligence.net
URL: https://hal900027.redintelligence.net/request.php?zone=wmoiqux43uzw&nw=20&renderingType=javascript&namespace=c6fd1df368&subid=&uid=8ed510983c2fae01&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=336x280&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC-QkNyVMJZOzdH-SSjuwPn4ScgAim5b2gab2TnKfJD_AuEAEg3uW3Q2CV4pCCoAfIAQmpAtM_RZHLsrE-qAMBqgSkAk_QTqfG7BxtZeBFqtc-VCpu2mvR8Cu7cGXjQKrfBgTN4C6Mpjuyxr9AW6eOWOUejb5BunCTmgEMWbdemhK1y0BXTmhCunKRVZI07Si9Kcrr8b7OgUkPqNrFtlholesYLPscvWercvPnw19wfqcZFrCqVzNsC4diuEe055G-lge0xn10cRjLWKQW23q1sRB27O3LHEVE3R2loCTowbXON4bkOcTvro9QG_GKFiLASgSMZ2xeXyEhRSKoCEs-dGBl4OBlwIAr4yRJEzpnskwWCn9mK1y79SLePVxCoug7qXkxDZlEIJhDLwztB1RYk-4cNB3nYdyVvMRbyxhtgYWL2VDNk9J1Z7lMtBc2FaCtd1oTVf5Q1evct2PgxSdH9MCSh1M6GYPABOuP_I73A-AEA5AGAaAGTYAHrK31nwOoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggRCIDhgBAQARgdMgKqAjoCgECACgOYCwHICwGADAGwE4-10Q7QEwDYEwPYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSSwDUE5ymgSwBz0_VRlBANJjo9I2ImuFTowaE6h8LHWs4UXd6rs_uIlSB0JzxFKR-9FcHXwaNxJH-v28_eBwcL2pXCXll8s9bInYVSxgB%26sig%3DAOD64_3HkMtQGcLHRSonSRwCkIXBOf6Myw%26client%3Dca-pub-3430561196928589%26dbm_c%3DAKAmf-BbUdQI5pqadkF8e6pR2EhK2Mrm6hGGbi3nXvRd0idCYlXh_xxqcsJf0iUsN0EF1zkroCXvCJFwXy9k1WBxGO0bsMhsR46KHsfbH1qrIYCotE5RkGpiX1MhnRtOVNrT3b3WTO5Dy4ZoLvSJz76Jdjt_HJa0u2n1RJlvN9iZoKUwmwQrIrM%26cry%3D1%26dbm_d%3DAKAmf-BKXWDNlXAy86sb5txPU7ctfahMLQC_KthokAxheA3yMQoNHEeWkHj8Rbb0U_9rOXSbI8xsydS4q_10TJcqQloX0uizboZHxslq7JTix8VP2Dc4LqO_b1uYvaGErnHF4zviV-rT1fyaxpiEgDvs0HS4cG12Q8A4nUDemfNz8aMr3K4kVT69dnbNbU9GdZ9D6g5fht3nRjNVY21hCt1ujzIc5cWfGvJcLe4_WPHKOkPvxJgZx9ojUtX5bv9WhvjH3TcVBc2eUdaKDPK4MVA7g4VHVaeWFTiC9jbYgTGw36i0WRGzf4y0TxY5Xyg-NXfJfEmKg0lr-vDWJp_HTZkVkwbtFGGwvb6UmsCg-GQltRiNXEaV6qk7BdD1i75D9atFA37aQT-YDxG8olMGXmMmNDb1Q77UhQHrJiL9f23yl7ZL9doFkfc74CikeFNsTXtcXG9iR7SDXFKGHFjUeffzJRP7PFsWEZ-bujfwa6jHZRXNjHxFp6r25-NPQRJX5jMY03Dm75LuwdlHOnNxxmAyDMB4Fs7pud6Ttv54rlKVVbn8n_s7rF0%26adurl%3D&documentReferer=https%3A%2F%2Fwww.orientaldaily.com.my%2F&ancestorOrigins=https%3A%2F%2Fwww.orientaldaily.com.my&random=7949243606522&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 78.46.111.106 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.106.111.46.78.clients.your-server.de
Software: Apache /
Resource Hash: 001f718378e98773141ec1cf103fc1fb512c2025b5396ec76593c2c028d90696

Request headers

Referer: https://25f0b6c781c28f0ec66a58e178665f44.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Connection: close
Content-Encoding: gzip
Content-Length: 2096
Content-Type: text/html; charset=utf-8
Date: Thu, 09 Mar 2023 03:34:36 GMT
Expires: Thu, 09 Mar 2023 03:34:36 +0100
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Pragma: no-cache
Server: Apache
Vary: Accept-Encoding

GET
H/1.1

200
OK

native.png
ad-server.eu/wm/pb/ Frame 0E74
Redirect Chain

https://medialead.de/trck/eview/e99aace94e6e5873881d3400993e1e7e?subid=12257200011230704444994012258027
https://pv.medialead.de/trck/eview/e99aace94e6e5873881d3400993e1e7e?subid=12257200011230704444994012258027
https://ad-server.eu/wm/pb/native.png

68 B
312 B

235ms
27ms

Image
image/png

54.76.176.197
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad-server.eu/wm/pb/native.png
Requested by: Host: 25f0b6c781c28f0ec66a58e178665f44.safeframe.googlesyndication.com
URL: https://25f0b6c781c28f0ec66a58e178665f44.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: HTTP/1.1
Server: 54.76.176.197 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-76-176-197.eu-west-1.compute.amazonaws.com
Software: nginx/1.4.6 (Ubuntu) /
Resource Hash: 93ae7d494fad0fb30cbf3ae746a39c4bc7a0f8bbf87fbb587a3f3c01f3c5ce20

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://25f0b6c781c28f0ec66a58e178665f44.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date: Thu, 09 Mar 2023 03:37:12 GMT
Last-Modified: Sat, 21 Dec 2019 23:06:59 GMT
Server: nginx/1.4.6 (Ubuntu)
ETag: "5dfea593-44"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 68

Redirect headers

Date: Thu, 09 Mar 2023 03:34:36 GMT
Strict-Transport-Security: max-age=15768000
Server: nginx/1.17.5
Host: pv.medialead.de
X-IPLB-Request-ID: B9D59BB5:84C0_91EFC182:01BB_640953CC_AF663AD:C02A
X-IPLB-Instance: 40028
Content-Type: application/go
Location: https://ad-server.eu/wm/pb/native.png
Keep-Alive: timeout=20
Content-Length: 0
Proxy-Host: pv.medialead.de

GET
H/1.1

200
OK

inv.gif
img.tradedoubler.com/images/ Frame 0E74
Redirect Chain

https://impfr.tradedoubler.com/imp?type(inv)g(24495172)a(1565155)epi(12257200011230704444994012258027)948053646
https://img.tradedoubler.com/images/inv.gif

43 B
693 B

147ms
17ms

Image
image/gif

13.32.110.54
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.tradedoubler.com/images/inv.gif

Requested by

Host: 25f0b6c781c28f0ec66a58e178665f44.safeframe.googlesyndication.com
URL: https://25f0b6c781c28f0ec66a58e178665f44.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

HTTP/1.1

Server

13.32.110.54 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-110-54.vie50.r.cloudfront.net

Software

Apache /

Resource Hash

b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://25f0b6c781c28f0ec66a58e178665f44.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Strict-Transport-Security: max-age=15552000; includeSubDomains
Date: Tue, 07 Mar 2023 23:32:29 GMT
Via: 1.1 07ba06e632a891feeba3436a80d00ee4.cloudfront.net (CloudFront)
X-Content-Type-Options: nosniff
X-Amz-Cf-Pop: VIE50-C2
Age: 100927
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 43
X-XSS-Protection: 1; mode=block
Referrer-Policy: strict-origin-when-cross-origin
Last-Modified: Fri, 19 Nov 2004 15:35:04 GMT
Server: Apache
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
Content-Type: image/gif
Accept-Ranges: bytes
X-Amz-Cf-Id: UkJ6TAGAeQ0Dhioff6Oki46dKVf1JaP3oHVqXFrtJ2eq0u33KPyzOg==

Redirect headers

pragma: no-cache
date: Thu, 09 Mar 2023 03:34:35 GMT
via: 1.1 google
referrer-policy: origin
server: TXServerHttp
p3p: policyref="http://tracker.tradedoubler.com/w3c/p3p.xml",CP="NOI DSP COR NID CUR OUR NOR"
location: https://img.tradedoubler.com/images/inv.gif
access-control-allow-origin: *
content-type: text/html; charset=ISO-8859-1
cache-control: private, max-age=0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 248

GET
H3

200

i.match
a.tribalfusion.com/ Frame 46DA
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?cm_dsp_id=131&external_user_id=18072662266092918314&cb=https%3A%2F%2Fa.tribalfusion.com%2Fi.match%3Fp%3Db20%26u%3D
https://a.tribalfusion.com/i.match?p=b20&u=ZAlTyvjUpeZJG3e3wedcfAAA

43 B
633 B

191ms
190ms

Image
image/gif

2606:4700::6812:19ad
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.tribalfusion.com/i.match?p=b20&u=ZAlTyvjUpeZJG3e3wedcfAAA
Requested by: Host: s.tribalfusion.com
URL: https://s.tribalfusion.com/p.media?clickID=aemUCkXaiqPbQGWFY0VtY4orbsQUBqXEMy5Ebc5TQYoTbHYr36UdbXnAUZdmcMooHfA5TFh3d6N56nEnbMZa0GnRXsY30GFvmqF45Fv2WrnDVP74REY0QsYoPtfr1HvpT6Mw4GYUXrUZdUAXw46ZbdQPfC3WYO0tMZanWTO4mZbS3srgTsJdUc78SmFOTtUVWbj35bEpUqUsVErbPEQZcSVBZdQruvPH7iUVvw4r6xWCZbmvnJwwdbqYDlKr5&mediaDataID=6530936&mediaName=frame.html
Protocol: H3
Server: 2606:4700::6812:19ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s.tribalfusion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 09 Mar 2023 03:34:36 GMT
cf-cache-status: DYNAMIC
x-function: 302
server: cloudflare
content-type: image/gif; charset=utf-8
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
cf-ray: 7a50435d1e9f3675-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Thu, 09 Mar 2023 03:34:36 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: https://a.tribalfusion.com/i.match?p=b20&u=ZAlTyvjUpeZJG3e3wedcfAAA
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=500
Content-Length: 0
Expires: 0

GET
DATA 200
OK truncated
/ Frame 7B35 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 48af8ec046b453cff06b924d37cfab7c9b3136fec9428f99856b2b91346e0284

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 css
fonts.googleapis.com/ Frame 5804 4 KB
749 B 73ms
71ms Stylesheet
text/css 2a00:1450:400d:80e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600

Requested by

Host: hal900017.redintelligence.net
URL: https://hal900017.redintelligence.net/request_content.php?s=99314000011033004444994012258017&a=1cff852c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80e::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

dfa1ecdb69b9ee93e87159bfcd4ad2b1248a7de0d6346fd42e0b600723ae7b6b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal900017.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 09 Mar 2023 03:34:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 09 Mar 2023 02:53:07 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 09 Mar 2023 03:34:36 GMT

GET
H/1.1 200
OK /
hal9000.redintelligence.net/scale/ Frame 5804 16 KB
16 KB 40ms
16ms Image
image/png 78.46.23.46
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=120&height=60&url=https://cdn.contentspread.net/24i/advertiser/6383/creativesup/postbank_pool_privatkredit_1200x627.jpg
Requested by: Host: hal900017.redintelligence.net
URL: https://hal900017.redintelligence.net/request_content.php?s=99314000011033004444994012258017&a=1cff852c
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 78.46.23.46 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.46.23.46.78.clients.your-server.de
Software: Apache /
Resource Hash: 55a9a512c5bbbb8642ea7639285eb3e9a606cf858be603c4eb95cea7632bc49f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal900017.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date: Thu, 09 Mar 2023 03:34:36 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 16269
Vary: Accept-Encoding
Content-Type: image/png

GET
H/1.1 200
OK /
hal9000.redintelligence.net/scale/ Frame 5804 14 KB
14 KB 55ms
16ms Image
image/png 78.46.23.46
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=120&height=60&url=https://cdn.contentspread.net/24i/advertiser/23333/creativesup/WW-Native-1200x627.jpeg
Requested by: Host: hal900017.redintelligence.net
URL: https://hal900017.redintelligence.net/request_content.php?s=99314000011033004444994012258017&a=1cff852c
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 78.46.23.46 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.46.23.46.78.clients.your-server.de
Software: Apache /
Resource Hash: 78a0fc9ad097afc1c62b8e35b933f8a3f0d8334a84a6d8bdc19ef0fbaffdbe8a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal900017.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date: Thu, 09 Mar 2023 03:34:36 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 14288
Vary: Accept-Encoding
Content-Type: image/png

GET
H/1.1 200
OK /
hal9000.redintelligence.net/scale/ Frame 5804 16 KB
16 KB 59ms
17ms Image
image/png 78.46.23.46
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=120&height=60&url=https://cdn.contentspread.net/24i/advertiser/30229/creativesup/1200x627_Office-Partner.jpg
Requested by: Host: hal900017.redintelligence.net
URL: https://hal900017.redintelligence.net/request_content.php?s=99314000011033004444994012258017&a=1cff852c
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 78.46.23.46 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.46.23.46.78.clients.your-server.de
Software: Apache /
Resource Hash: 92d3db8695c64cc909cb7cb3463371e4417ee03ea8d465d28b290de6f09d5f2f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal900017.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date: Thu, 09 Mar 2023 03:34:36 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 16551
Vary: Accept-Encoding
Content-Type: image/png

GET
H2 200 css
fonts.googleapis.com/ Frame B838 4 KB
725 B 74ms
72ms Stylesheet
text/css 2a00:1450:400d:80e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600

Requested by

Host: hal900027.redintelligence.net
URL: https://hal900027.redintelligence.net/request_content.php?s=12257200011230704444994012258027&a=185ef2ab

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80e::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

dfa1ecdb69b9ee93e87159bfcd4ad2b1248a7de0d6346fd42e0b600723ae7b6b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal900027.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 09 Mar 2023 03:34:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 09 Mar 2023 02:59:43 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 09 Mar 2023 03:34:36 GMT

GET
H/1.1 200
OK /
hal9000.redintelligence.net/scale/ Frame B838 16 KB
16 KB 42ms
15ms Image
image/png 78.46.23.46
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=120&height=60&url=https://cdn.contentspread.net/24i/advertiser/6383/creativesup/postbank_pool_privatkredit_1200x627.jpg
Requested by: Host: hal900027.redintelligence.net
URL: https://hal900027.redintelligence.net/request_content.php?s=12257200011230704444994012258027&a=185ef2ab
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 78.46.23.46 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.46.23.46.78.clients.your-server.de
Software: Apache /
Resource Hash: 55a9a512c5bbbb8642ea7639285eb3e9a606cf858be603c4eb95cea7632bc49f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal900027.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date: Thu, 09 Mar 2023 03:34:36 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 16269
Vary: Accept-Encoding
Content-Type: image/png

GET
H/1.1 200
OK /
hal9000.redintelligence.net/scale/ Frame B838 18 KB
18 KB 61ms
23ms Image
image/png 78.46.23.46
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=120&height=60&url=https://cdn.contentspread.net/24i/advertiser/23333/creativesup/1200x627_Matthias.jpg
Requested by: Host: hal900027.redintelligence.net
URL: https://hal900027.redintelligence.net/request_content.php?s=12257200011230704444994012258027&a=185ef2ab
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 78.46.23.46 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.46.23.46.78.clients.your-server.de
Software: Apache /
Resource Hash: 8b5ebd69e3f4bb9f3fe150fdb6b72f339f7fced406fcfa59534ac491d1818ef4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal900027.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date: Thu, 09 Mar 2023 03:34:36 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 18622
Vary: Accept-Encoding
Content-Type: image/png

GET
H/1.1 200
OK /
hal9000.redintelligence.net/scale/ Frame B838 16 KB
16 KB 62ms
24ms Image
image/png 78.46.23.46
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=120&height=60&url=https://cdn.contentspread.net/24i/advertiser/30229/creativesup/1200x627_Office-Partner.jpg
Requested by: Host: hal900027.redintelligence.net
URL: https://hal900027.redintelligence.net/request_content.php?s=12257200011230704444994012258027&a=185ef2ab
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 78.46.23.46 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.46.23.46.78.clients.your-server.de
Software: Apache /
Resource Hash: 92d3db8695c64cc909cb7cb3463371e4417ee03ea8d465d28b290de6f09d5f2f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal900027.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date: Thu, 09 Mar 2023 03:34:36 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 16551
Vary: Accept-Encoding
Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 0E74 219 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ece3489cbebe54aa2f573df7955271f0b28c0267baf858076ed519f645663011

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Content-Type: image/png

POST
H2 200 all
csm.eu.criteo.net/ Frame D221 0
127 B 17ms
17ms Ping
text/plain 2a02:2638::21
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::21 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Thu, 09 Mar 2023 03:34:35 GMT
strict-transport-security: max-age=31536000; preload;
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0

GET
H3 200 comdirect_berater_300x600_v2_js.png
s0.2mdn.net/sadbundle/2556680232103163365/ Frame BA58 126 KB
126 KB 60ms
54ms Image
image/png 2a00:1450:400d:803::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/2556680232103163365/comdirect_berater_300x600_v2_js.png

Requested by

Host: 25f0b6c781c28f0ec66a58e178665f44.safeframe.googlesyndication.com
URL: https://25f0b6c781c28f0ec66a58e178665f44.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:803::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b7dc21177638969e38c2874920fb1e25188464ae4c6dfb2e63ab40450fd021c8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/2556680232103163365/index.html
Origin: https://s0.2mdn.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 06 Mar 2023 07:30:32 GMT
x-content-type-options: nosniff
age: 245044
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 129427
x-xss-protection: 0
last-modified: Tue, 14 Feb 2023 09:32:54 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 05 Mar 2024 07:30:32 GMT

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 8C5A 0
0 96ms
91ms Fetch
image/gif 142.251.208.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuFr01K1gsDAJRSiM5_lDw57gZfDGV_cCoipWTGJYvJB3pGTOe9kZpK2HiG1Kvvu9V7XSMsF3UDwMM4bOyO-0PQM4br8sl7dknUSAM7JzM136y3CO51zVZrvxzkR-Y6uoR0bwYeIKiy7Gd6UTklerBMMnM6qAiwYHKnw7-G0_g5gMJyeq9F8dQAdEsI1igxfgsS5OJmU75lGk59IiLkfmfPpKczeGQbQZiqTfstB-d2FAIIkB0_INFGW-rVT0Gb-6G3t5PVJ7RaVCOp_vxNLECRv4zx1kiW5wJOG3zlAicdJB31lDyRGCmgQ6QRiUhxtSQ5WcQZIFpcY7HRPBprgPrtx9pSx28MmwIBwm97YVI_aCxasEulPMHnED60hSnDiwI_Oz5QGuCrWJAEzJ0qeXz_KP-tW6tMxq-NNA9qkGxfX36rRkP7eQ9zc8Y7m8G0yAdYukPn04yrDOgMQOXzPaMD87zLsuXSXZOsR0TW3Kmu8Au9hzf5A7En7sBo5SUg77YKn0sAOm6NV55GogU5O6C5elRffQwf0KawSUNNa2RcDn96NxxDuVYPhdpuvW14-ON4lRb-6pnOqkrPkziznnlpGnvDpZ20C5qjwmbKFoTnzJudkeVhsimM1Ep_OpOB4SDime0yyyV4bapAsjMGnHvPTCW1Ddlc_B7UhVaRhYwmltA_nmd1LRsBhdLOoPVsBcPpdOICCBgZOg7ONqTZ023m6nIbNGJBJIYl87KBaJQhY9vhIVj7JWV8DAKhwsEGMCLwH9MRFSM-4zmPmLbupTORX05gulhmfmXZ3It_c1gaT5K0kGn8add98u5MufRXVEaoHeWh5Gdm5YXMUyJXhvYm8seaUgLURe5S8H79dgNdhhVWtHLUE4pwlMct3nKBmG2ynVf2aAGNRrW4UjM894ySph_uoFG_jz9tTYnti2nssM5Jwp8GZralJP-JXzNRCShwO8L3DPfB0rofqcW-klPrU36_mqW2xZ4u_sYe6fR8gas-Wb5YkXEIKjesXz_W0e2yw5-dv4M4MIj0Tq5CTc0iyDaJqDLMd6ovGyxZCgSgnV2o97Y70woDrYetPuz1H2THKFVMO8FWDN9KTDbP03kMX2leRHq4idsx5Tnsj3Is723WWHSc4lsHBEEJUi6raJKIOlmmV-tgn22a6V-rMfXwL7qq5XX6cTgq4p6-EolumiKKPvCyrZHyqlT_iMi-HMS1ibFRBItvKoV8q1YZtTg8tUVX3kbpuOIcUc8asVHV8nrNnkiBRH3oC8-CjdLCjlIzFr0Erf7zgnPNInfFeaC_h6mBx4SriilRSHUrDChVK0SpV7gedd6mgw&sai=AMfl-YSltlIg1hBIMH3NuiMEEs4ZGm6H_yPJvj1wC35MghGsVEYI4_kp0qX_EjiPshmBopV2QMxCkEra0w-YCuM5P5-yanfFCw79uKhKRnZiqC4CL-PjDVSSIXNkfsgE8CgsgW2u-qqsMot2vHqW96qZmHOOUN7bXrZK7fqvefkDjKzrGawVgKEYVNEa8dNuleuplqw3zYNestq7F08tuZeDCdWKs0DTI_GeUdhqbO6c7d9ljh4hBTGptg8e17GL9ZQYJX5uBjfJ-1JwE7v7dj8WYTDI6iBfhb_V&sig=Cg0ArKJSzBDVh2HORZkxEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=990&vt=11&dtpt=589&dett=3&cstd=397&cisv=r20230306.31352&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&arae=0&ftch=1&adurl=

Requested by

Host: www.orientaldaily.com.my
URL: https://www.orientaldaily.com.my/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.208.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s43-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://25f0b6c781c28f0ec66a58e178665f44.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 03:34:36 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Thu, 09 Mar 2023 03:34:36 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 8E64 158 KB
49 KB 126ms
121ms Script
text/javascript 2a00:1450:400d:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80d::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4126ffde4b9e571b1c3e55b45a7e9596e139ad2de1bdbfe851a2e2b2c7da7f38

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ad.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 03:34:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49657
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1678278820084806"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 09 Mar 2023 03:34:36 GMT

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/15792676767965068564/ Frame 1051 6 KB
2 KB 93ms
88ms Document
text/html 2a00:1450:400d:803::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/15792676767965068564/index.html

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:803::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9031fe7b76b0fbcb11763998cfe0aaaa978dce93e520ca22eff04307193b5a16

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ad.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 482243
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 2316
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Fri, 03 Mar 2023 13:37:13 GMT
expires: Sat, 02 Mar 2024 13:37:13 GMT
last-modified: Wed, 21 Dec 2022 03:04:29 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 8E64 0
0 88ms
83ms Fetch
image/gif 142.251.208.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsspU-i1n9XBa71vt3MX7yBjh6H7nPOtZb0fpQ3eiS97uMaBpFU6X6TSyqLCTa0B04F2pyHCTl1c_CG_IG4hrfwcfyzVfwqdIGbYZOm6zH2B17K1DAHQs_kriSu5DEKV-omYE0G-ZrK9oIh6LzCqbuy_-UquB6GO7kfdrauxt63MeFo&sai=AMfl-YS5a-xSZPlIwk_wfN_3J5MaS-iklu9F0APDkgZTNKvBhPbme5iT64qACNiCXpEkHo8kJMe98Ynyrghhs5CyKYzlyYnwVFkIULTbxw&sig=Cg0ArKJSzMCM7xm90WzXEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=281&cbvp=1&cstd=278&cisv=r20230306.74957&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&arae=0&ftch=1&adurl=

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.208.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s43-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ad.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 03:34:36 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Thu, 09 Mar 2023 03:34:36 GMT

GET
H2 200 pvClk.min.js Show response
analytics.webgains.io/ Frame 0E74 85 KB
31 KB 160ms
18ms Script
application/javascript 52.222.139.62
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.webgains.io/pvClk.min.js
Requested by: Host: track.webgains.com
URL: https://track.webgains.com/link.html?wglinkid=2513145&wgcampaignid=99582&js=1&viewref=12257200011230704444994012258027&nw=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.139.62 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-139-62.ams50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f031d0330fa0902ad02a7158a8b4aa01cefacc0f4743ab7b78f4ed517723d130

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://25f0b6c781c28f0ec66a58e178665f44.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 08 Mar 2023 12:12:42 GMT
content-encoding: gzip
via: 1.1 042b48eeaf8a253b1b396e09e8bdea20.cloudfront.net (CloudFront)
last-modified: Fri, 09 Dec 2022 10:53:01 GMT
server: AmazonS3
x-amz-cf-pop: AMS50-C1
age: 55315
etag: W/"0d5045593d14c9612a5d5576928a5209"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: 7DdPCWxl2pYtrn37-HX4I3bk_t6A2QH904IIvggfogLImxV00S0Pqw==

GET
H2 200 1x1_0.png
cdn.track.production.webgains.team/7121/ Frame 0E74 3 KB
3 KB 752ms
226ms Image
image/png 13.35.166.41
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.track.production.webgains.team/7121/1x1_0.png?Expires=1678333176&Signature=Wcgx9FKoR7qYYNhQU7CRP1N~u36avUPWaAGGotxoZBFTbhx4q5uwVdsdsoZOeMDNtzWh3gTiRYtTUXpbkqiGp3QMi5MzhOk2CfEb8TFZhP6y-Bz6Ie1K~f2PHPGcZ2aCNsYY5OF3JkGwWnLbj-wS2B-yclkYTsvw6A01XkGaBNdNrxhwFlfBMCerOKyyAuSaZrJ4FCuS7bh1DBNi6HubaBySV9xtQc5xUQ2lxkvrqK7zLNaFC7TP~X~aniS4Y3SA-BODcOVXF~R~l3-dt3jliiGRw~CNYbBiiqIfsuY79yMgjnKTDZNc2HavX4SdIxvc58q9LP4muG4E3vh3CmtMTg__&Key-Pair-Id=K28VXAGA7VWE0O
Requested by: Host: 25f0b6c781c28f0ec66a58e178665f44.safeframe.googlesyndication.com
URL: https://25f0b6c781c28f0ec66a58e178665f44.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.35.166.41 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-35-166-41.tpe50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 232d3fbf590a584138bb563319747dbef0c9e41db91f19ff45d41e785a5f4f98

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://25f0b6c781c28f0ec66a58e178665f44.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 08 Mar 2023 14:19:02 GMT
x-amz-version-id: null
via: 1.1 1d8813dd0a050f0a8e045f20546ceb5e.cloudfront.net (CloudFront)
last-modified: Fri, 06 May 2022 11:40:06 GMT
server: AmazonS3
x-amz-cf-pop: TPE50-C1
age: 47736
etag: "4e57de0506fbdb487ffcd53b450caee1"
x-cache: Hit from cloudfront
content-type: image/png
accept-ranges: bytes
content-length: 2808
x-amz-cf-id: 0xNQJQLHjn9xTZdL7k0bH4WsPhuC4tQ6lq_0vHVXjHWOsFqCVRMYhQ==

GET
H2 200 pvClk.min.js Show response
analytics.webgains.io/ Frame 7B35 85 KB
31 KB 165ms
30ms Script
application/javascript 52.222.139.62
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.webgains.io/pvClk.min.js
Requested by: Host: track.webgains.com
URL: https://track.webgains.com/link.html?wglinkid=2513145&wgcampaignid=99582&js=1&viewref=99314000011033004444994012258017&nw=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.139.62 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-139-62.ams50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f031d0330fa0902ad02a7158a8b4aa01cefacc0f4743ab7b78f4ed517723d130

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://25f0b6c781c28f0ec66a58e178665f44.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 08 Mar 2023 12:12:42 GMT
content-encoding: gzip
via: 1.1 042b48eeaf8a253b1b396e09e8bdea20.cloudfront.net (CloudFront)
last-modified: Fri, 09 Dec 2022 10:53:01 GMT
server: AmazonS3
x-amz-cf-pop: AMS50-C1
age: 55315
etag: W/"0d5045593d14c9612a5d5576928a5209"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: EP6egA-g3z60UhxHCgGb0U4j6wbqi9sYpb5R9tSp37wf2aIpgZTAOA==

GET
H2 200 1x1_0.png
cdn.track.production.webgains.team/7121/ Frame 7B35 3 KB
3 KB 753ms
233ms Image
image/png 13.35.166.41
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.track.production.webgains.team/7121/1x1_0.png?Expires=1678333176&Signature=Wcgx9FKoR7qYYNhQU7CRP1N~u36avUPWaAGGotxoZBFTbhx4q5uwVdsdsoZOeMDNtzWh3gTiRYtTUXpbkqiGp3QMi5MzhOk2CfEb8TFZhP6y-Bz6Ie1K~f2PHPGcZ2aCNsYY5OF3JkGwWnLbj-wS2B-yclkYTsvw6A01XkGaBNdNrxhwFlfBMCerOKyyAuSaZrJ4FCuS7bh1DBNi6HubaBySV9xtQc5xUQ2lxkvrqK7zLNaFC7TP~X~aniS4Y3SA-BODcOVXF~R~l3-dt3jliiGRw~CNYbBiiqIfsuY79yMgjnKTDZNc2HavX4SdIxvc58q9LP4muG4E3vh3CmtMTg__&Key-Pair-Id=K28VXAGA7VWE0O
Requested by: Host: track.webgains.com
URL: https://track.webgains.com/link.html?wglinkid=2513145&wgcampaignid=99582&js=1&viewref=99314000011033004444994012258017&nw=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.35.166.41 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-35-166-41.tpe50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 232d3fbf590a584138bb563319747dbef0c9e41db91f19ff45d41e785a5f4f98

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://25f0b6c781c28f0ec66a58e178665f44.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 08 Mar 2023 14:19:02 GMT
x-amz-version-id: null
via: 1.1 1d8813dd0a050f0a8e045f20546ceb5e.cloudfront.net (CloudFront)
last-modified: Fri, 06 May 2022 11:40:06 GMT
server: AmazonS3
x-amz-cf-pop: TPE50-C1
age: 47736
etag: "4e57de0506fbdb487ffcd53b450caee1"
x-cache: Hit from cloudfront
content-type: image/png
accept-ranges: bytes
content-length: 2808
x-amz-cf-id: sOryrSnBFUl13F7WEqZ7ljd_FICmM7dYHXqDDHPmFez_RRHk5K-xSA==

GET
H2 200 config Show response
c.amazon-adsystem.com/cdn/prod/ 469 B
835 B 91ms
27ms XHR
application/json 18.66.23.213
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fwww.orientaldaily.com.my&pubid=cd6cddc5-4dca-4d77-9a65-8b894400e772
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.23.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-23-213.vie50.r.cloudfront.net
Software: Server /
Resource Hash: c84f5c94fec8629693e4bbb5d8c6810bdeee0f88ae60703782c583d3dbcf6469

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.orientaldaily.com.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 00:02:38 GMT
via: 1.1 b159f39ee34c14548a9d9dc3e730676a.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: VIE50-P1
age: 12718
x-cache: Hit from cloudfront
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://www.orientaldaily.com.my
cache-control: max-age=21550, s-maxage=21600
access-control-allow-credentials: true
content-length: 469
x-amz-cf-id: jxhIkmlXNkmZhA9qNeq-LvUhL9NnotzmTUOOkbSq9Q6e9EIuaUbcQA==

GET
H2 200 aps_csm.js Show response
c.amazon-adsystem.com/bao-csm/aps-comm/ 6 KB
3 KB 118ms
32ms XHR
application/javascript 18.66.23.213
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.23.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-23-213.vie50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.orientaldaily.com.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

x-amz-version-id: XEGmc9MeWOPeqjC.bMBvPzs7I4WH7xPz
content-encoding: gzip
via: 1.1 2037bc3d80050c91043b9acac67831a2.cloudfront.net (CloudFront)
date: Thu, 09 Mar 2023 03:34:36 GMT
x-amz-cf-pop: VIE50-P1
age: 1848
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Fri, 03 Mar 2023 23:20:46 GMT
server: AmazonS3
etag: W/"a4d296427fc806b21335359e398c025c"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
vary: Accept-Encoding,Origin
x-amz-cf-id: QgGWDiY_Ow4K2w_6dD42MdLu6hIfD9WPo75VINJAM_e_kwVFvNf0Yw==

GET
H/1.1 200
OK viewability Show response
hal900017.redintelligence.net/ Frame 5804 0
150 B 69ms
16ms Script
text/html 159.69.70.9
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal900017.redintelligence.net/viewability?s=99314000011033004444994012258017&a=edbdbbe9&vb=m
Requested by: Host: hal900017.redintelligence.net
URL: https://hal900017.redintelligence.net/request_content.php?s=99314000011033004444994012258017&a=1cff852c
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 159.69.70.9 Nuremberg, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.9.70.69.159.clients.your-server.de
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal900017.redintelligence.net/request_content.php?s=99314000011033004444994012258017&a=1cff852c
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date: Thu, 09 Mar 2023 03:34:36 GMT
Server: Apache
Connection: close
Content-Length: 0
Content-Type: text/html; charset=UTF-8

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 2D8E 22 KB
8 KB 66ms
50ms Document
text/html 2a00:1450:400d:807::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ad.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 33460
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 08 Mar 2023 18:16:56 GMT
expires: Thu, 07 Mar 2024 18:16:56 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1 200
OK viewability Show response
hal900027.redintelligence.net/ Frame B838 0
150 B 59ms
17ms Script
text/html 78.46.111.106
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal900027.redintelligence.net/viewability?s=12257200011230704444994012258027&a=3cfc562b&vb=m
Requested by: Host: hal900027.redintelligence.net
URL: https://hal900027.redintelligence.net/request_content.php?s=12257200011230704444994012258027&a=185ef2ab
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 78.46.111.106 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.106.111.46.78.clients.your-server.de
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal900027.redintelligence.net/request_content.php?s=12257200011230704444994012258027&a=185ef2ab
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date: Thu, 09 Mar 2023 03:34:36 GMT
Server: Apache
Connection: close
Content-Length: 0
Content-Type: text/html; charset=UTF-8

GET
H3 200 gtm.js Show response
www.googletagmanager.com/ Frame 8284 105 KB
40 KB 64ms
52ms Script
application/javascript 2a00:1450:4001:82f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-TBMT2SF

Requested by

Host: adv.office-partner.de
URL: https://adv.office-partner.de/?utm_source=webgains&utm_campaign=webgains

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

79945e1dd6dea7162868c12091a18fe961654b79d61092f0c3cebdf8f6c6faa6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://adv.office-partner.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 03:34:36 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 41426
x-xss-protection: 0
last-modified: Thu, 09 Mar 2023 03:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 09 Mar 2023 03:34:36 GMT

GET
H3 200 gtm.js Show response
www.googletagmanager.com/ Frame 0EB7 105 KB
40 KB 79ms
67ms Script
application/javascript 2a00:1450:4001:82f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-TBMT2SF

Requested by

Host: adv.office-partner.de
URL: https://adv.office-partner.de/?utm_source=webgains&utm_campaign=webgains

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

2f10fe6dd506810bc1d4d3e28a8746cf807180d0364a88be0b0d5783eb9f1cd1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://adv.office-partner.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 03:34:36 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 41425
x-xss-protection: 0
last-modified: Thu, 09 Mar 2023 03:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 09 Mar 2023 03:34:36 GMT

GET
H2 200 createjs.min.js Show response
code.createjs.com/1.0.0/ Frame 1051 236 KB
63 KB 147ms
27ms Script
text/javascript 2a02:26f0:11a::6867:4830
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://code.createjs.com/1.0.0/createjs.min.js
Requested by: Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/15792676767965068564/index.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:26f0:11a::6867:4830 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Apache /
Resource Hash: e439bebf8de2df0582273906d2c1dceff2387c661efb2152ef1c28420ce4e7e5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 03:34:36 GMT
content-encoding: gzip
server: Apache
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=900
x-n: S
accept-ranges: bytes
expires: Thu, 09 Mar 2023 03:49:36 GMT

GET
H3 200 728x90.js Show response
s0.2mdn.net/sadbundle/15792676767965068564/ Frame 1051 74 KB
13 KB 50ms
49ms Script
application/x-javascript 2a00:1450:400d:803::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/15792676767965068564/728x90.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/15792676767965068564/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:803::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1da231be3ec7fb61bfbd27e2f5b575476a27f7663a2615158cb1ea864df5f053

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/15792676767965068564/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 03 Mar 2023 13:37:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 482243
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13314
x-xss-protection: 0
last-modified: Wed, 21 Dec 2022 03:04:29 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 02 Mar 2024 13:37:13 GMT

GET
H2 200 6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2
fonts.gstatic.com/s/sourcesanspro/v21/ Frame 5804 13 KB
13 KB 166ms
47ms Font
font/woff2 2a00:1450:400d:80c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v21/6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80c::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bc9a16cd945457ad9463cdaed95129b01c589466978dfee3d019d9c604b2171a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://hal900017.redintelligence.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 08 Mar 2023 09:03:55 GMT
x-content-type-options: nosniff
age: 66641
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13052
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:09:03 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 07 Mar 2024 09:03:55 GMT

GET
H2 200 6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
fonts.gstatic.com/s/sourcesanspro/v21/ Frame 5804 13 KB
13 KB 175ms
56ms Font
font/woff2 2a00:1450:400d:80c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v21/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80c::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c124c88ca4fcb4336e97617647ef0d32441329371120c8eabaea0fea226560b0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://hal900017.redintelligence.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Tue, 07 Mar 2023 00:02:13 GMT
x-content-type-options: nosniff
age: 185543
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13036
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:04:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 06 Mar 2024 00:02:13 GMT

GET
DATA 200
OK truncated
/ Frame BA58 46 KB
0 Image
image/jpeg

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 146b33f2cfea9748c1bf444a4f9257da23cd544b9d1a54f0739c547154140e35

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Content-Type: image/jpeg

GET
DATA 200
OK truncated
/ Frame BA58 17 KB
0 Image
image/jpeg

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8d31e71cab9f649f2163699a4a7d6b7bafe49b0713ddaeaee3788c98e3452394

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Content-Type: image/jpeg

GET
DATA 200
OK truncated
/ Frame BA58 35 KB
0 Image
image/jpeg

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9c12e5b369a88f54a6f2fc0118b3225203b1f84d860965b5bba06c6abd2458d0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Content-Type: image/jpeg

GET
H2 200 6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2
fonts.gstatic.com/s/sourcesanspro/v21/ Frame B838 13 KB
13 KB 132ms
95ms Font
font/woff2 2a00:1450:400d:80c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v21/6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80c::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bc9a16cd945457ad9463cdaed95129b01c589466978dfee3d019d9c604b2171a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://hal900027.redintelligence.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 08 Mar 2023 09:03:55 GMT
x-content-type-options: nosniff
age: 66641
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13052
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:09:03 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 07 Mar 2024 09:03:55 GMT

GET
H2 200 6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
fonts.gstatic.com/s/sourcesanspro/v21/ Frame B838 13 KB
13 KB 147ms
110ms Font
font/woff2 2a00:1450:400d:80c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v21/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80c::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c124c88ca4fcb4336e97617647ef0d32441329371120c8eabaea0fea226560b0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://hal900027.redintelligence.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Tue, 07 Mar 2023 00:02:13 GMT
x-content-type-options: nosniff
age: 185543
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13036
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:04:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 06 Mar 2024 00:02:13 GMT

GET
H2 200 id5-api.js Show response
cdn.id5-sync.com/api/1.0/ 58 KB
17 KB 63ms
18ms Script
text/javascript 2606:4700:10::6816:3556
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.id5-sync.com/api/1.0/id5-api.js

Requested by

Host: www.orientaldaily.com.my
URL: https://www.orientaldaily.com.my/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:3556 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

05e77dab19940dd457e00282837faecc886434cc8cc5f631575a5e6c386de774

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.orientaldaily.com.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 03:34:36 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-encoding: gzip
cf-cache-status: HIT
last-modified: Mon, 13 Feb 2023 11:21:55 GMT
server: cloudflare
x-amz-request-id: Q2H1WAE3CQCXWVMF
age: 419
etag: W/"7586740695219e27c1483ac351f18884"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: text/javascript;charset=utf-8
cache-control: public, max-age=3600
cf-ray: 7a50435f8ecb927a-FRA
x-amz-id-2: M3jo6ffy66hQJvRTS0FuKxdiNJpur1Qi70KCst5hCoofxFMVNXWhGWFS84E2oVDjiHkxyYsGrbb9Hcn3cnIFuQ==

POST
H2 200 recordVendorsLoaded Show response
prod.us-east-1.cxm-bcn.publisher-services.amazon.dev/v1/ 0
453 B 106ms
106ms XHR
text/plain 44.197.91.112
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://prod.us-east-1.cxm-bcn.publisher-services.amazon.dev/v1/recordVendorsLoaded
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.197.91.112 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-197-91-112.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.orientaldaily.com.my/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: *
date: Thu, 09 Mar 2023 03:34:37 GMT
content-length: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers

OPTIONS
H2 200 recordVendorsLoaded
prod.us-east-1.cxm-bcn.publisher-services.amazon.dev/v1/ Frame 0
0 350ms
106ms Preflight 44.197.91.112
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://prod.us-east-1.cxm-bcn.publisher-services.amazon.dev/v1/recordVendorsLoaded
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.197.91.112 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-197-91-112.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.orientaldaily.com.my
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

access-control-allow-headers: content-type
access-control-allow-methods: POST
access-control-allow-origin: *
access-control-max-age: 1800
allow: GET, HEAD, POST, PUT, DELETE, OPTIONS, PATCH
content-length: 0
date: Thu, 09 Mar 2023 03:34:36 GMT
vary: Origin Access-Control-Request-Method Access-Control-Request-Headers

GET
H3 200 dc_pre=CM3BqJf1zf0CFVTE1QodOdMKDw;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=8093927841993.369
adservice.google.com/ddm/fls/z/ Frame A3CE 42 B
63 B 83ms
81ms Image
image/gif 2a00:1450:400d:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.com/ddm/fls/z/dc_pre=CM3BqJf1zf0CFVTE1QodOdMKDw;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=8093927841993.369

Requested by

Host: 5994599.fls.doubleclick.net
URL: https://5994599.fls.doubleclick.net/activityi;dc_pre=CM3BqJf1zf0CFVTE1QodOdMKDw;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=8093927841993.369?

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:806::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5994599.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 09 Mar 2023 03:34:36 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 query Show response
global.cloud.netacuity.com/webservice/ 579 B
721 B 462ms
28ms XHR
application/json 52.31.80.193
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://global.cloud.netacuity.com/webservice/query?u=04842bc1-ecc8-4db1-aeec-6a7708559ff2&json=true
Requested by: Host: www.orientaldaily.com.my
URL: https://www.orientaldaily.com.my/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.31.80.193 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-31-80-193.eu-west-1.compute.amazonaws.com
Software: Apache/2.4.51 () OpenSSL/1.0.2k-fips /
Resource Hash: 647805fef89e44e4e3942e92c192434d983722a531ff9315767c1e4196677ac0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.orientaldaily.com.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

access-control-allow-origin: *
date: Thu, 09 Mar 2023 03:34:37 GMT
server: Apache/2.4.51 () OpenSSL/1.0.2k-fips
content-length: 579
content-type: application/json;charset=UTF-8

GET
H3 200 dc_pre=CIzLqJf1zf0CFVW51QodEJoJrg;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=4391494676798.8594
adservice.google.com/ddm/fls/z/ Frame 7D17 42 B
63 B 83ms
82ms Image
image/gif 2a00:1450:400d:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.com/ddm/fls/z/dc_pre=CIzLqJf1zf0CFVW51QodEJoJrg;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=4391494676798.8594

Requested by

Host: 5994599.fls.doubleclick.net
URL: https://5994599.fls.doubleclick.net/activityi;dc_pre=CIzLqJf1zf0CFVW51QodEJoJrg;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=4391494676798.8594?

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:806::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5994599.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 09 Mar 2023 03:34:36 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame C515 42 B
64 B 80ms
79ms Fetch
image/gif 2a00:1450:400d:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuvA6eiq8W0Zpn8nzJoB-kikeDMmPeLcZojEoWCoy8RzduoVTIjM4lo0dxzltJ7eRHgPMs2u7gRWHkpNNa6PES0EFMAAuBRRyq8X_fLCF9xw-hZlMX-&sig=Cg0ArKJSzIli8IUx85uyEAE&id=lidar2&mcvt=1118&p=95,315,189,1285&mtos=1118,1118,1118,1118,1118&tos=1118,0,0,0,0&v=20230308&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=19&adk=573015177&rs=4&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1678332874022&rpt=1851&isd=0&lsd=0&met=mue&wmsd=0&pbe=0&vae=0&spb=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:808::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.orientaldaily.com.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 09 Mar 2023 03:34:37 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 QgTZnvWYncyBbJYBpDMbCbR8MV8sYHPEFXGodYZ8fLU.js Show response
pagead2.googlesyndication.com/bg/ Frame 2D8E 36 KB
14 KB 48ms
48ms Script
text/javascript 2a00:1450:400d:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/QgTZnvWYncyBbJYBpDMbCbR8MV8sYHPEFXGodYZ8fLU.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:808::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4204d99ef5989dcc816c9601a4331b09b47c315f2c6073c41571a875867c7cb5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Tue, 07 Mar 2023 13:42:03 GMT
content-encoding: br
x-content-type-options: nosniff
age: 136354
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14167
x-xss-protection: 0
last-modified: Tue, 28 Feb 2023 11:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 06 Mar 2024 13:42:03 GMT

GET
H3 200 bg.jpg
s0.2mdn.net/sadbundle/15792676767965068564/ Frame 1051 6 KB
6 KB 47ms
47ms Image
image/jpeg 2a00:1450:400d:803::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/15792676767965068564/bg.jpg

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:803::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cefa58f52b65e3f29785afc5d00b22dd8a509582c5b504e289fe676a4999d198

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/15792676767965068564/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 03 Mar 2023 13:37:14 GMT
x-content-type-options: nosniff
age: 482243
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6391
x-xss-protection: 0
last-modified: Wed, 21 Dec 2022 03:04:29 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 02 Mar 2024 13:37:14 GMT

GET
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame 8E64 0
0 83ms
82ms Fetch
image/gif 142.251.208.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsspU-i1n9XBa71vt3MX7yBjh6H7nPOtZb0fpQ3eiS97uMaBpFU6X6TSyqLCTa0B04F2pyHCTl1c_CG_IG4hrfwcfyzVfwqdIGbYZOm6zH2B17K1DAHQs_kriSu5DEKV-omYE0G-ZrK9oIh6LzCqbuy_-UquB6GO7kfdrauxt63MeFo&sai=AMfl-YS5a-xSZPlIwk_wfN_3J5MaS-iklu9F0APDkgZTNKvBhPbme5iT64qACNiCXpEkHo8kJMe98Ynyrghhs5CyKYzlyYnwVFkIULTbxw&sig=Cg0ArKJSzMCM7xm90WzXEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1011&vt=11&dtpt=730&dett=3&cstd=278&cisv=r20230306.74957&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&arae=0&ftch=1&adurl=

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.208.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s43-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ad.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 03:34:37 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Thu, 09 Mar 2023 03:34:37 GMT

GET
H/1.1 200 v1 Show response
lb.eu-1-id5-sync.com/lb/ 33 B
411 B 53ms
9ms XHR
application/json 162.19.138.82
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://lb.eu-1-id5-sync.com/lb/v1

Requested by

Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.82 , France, ASN16276 (OVH, FR),

Reverse DNS

ns31532337.ip-162-19-138.eu

Software

Resource Hash

2531ea591ba94a4a4dc429acc2d5b5f8381379516757f14b193fb9ac1c0ce3a3

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://www.orientaldaily.com.my/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.orientaldaily.com.my
date: Thu, 09 Mar 2023 03:34:36 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding: chunked
content-type: application/json;charset=UTF-8

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame E521 0
20 B 86ms
84ms Image
image/gif 2a00:1450:400d:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BaBK7y1MJZO-iCOXZ7_UP7q2euAIAAAAAOAHgBAI&bg=!MDOlM2fNAAbv3-2Ez987ADkAdvg8WoEq_gwegQi49DiwuVaxzCiD8bVRncIKwL8K_78pVArGcK4qM-pdI_16Lp23Vp6SVEn_8zwCAAADsFIAAAADaAEHmQL3JpLMhqM2S_B7-2CjC3wydlxPI5H1OemWwLplCz7xjX9Cp9FcBepRUVx_SsPxECxSR0Zq9ciZffcrGXGiJicJdXX-_6UfKCOptiIqNtWpJw5VQkKmUH4OxPSSSi9EucXBY4nzkcbWIn5ETiELf0sRnZZuegbQRigL1Wac1ZQCpfwa4b5U8K2NStgGaCwg-gGT01klDEr2hMFk-WRrxr6QYMiLFy-piimBuQPWJL8aQEv-Elne3beSyXOTmImIW2xCP94Pwa7TQrryLkixvZNohhkeRbKhIvCdwOLpiWq8pXBQyUOlLxO5xSSxQxJCtj9zRYltftO_DTrq-Hbrzi6dbunQoDo3mUYemvc8mp67JN8Qu-Rj5pCNvuBF4V40Pmeg1TLz1YGFLImtIl3-lAUeFZMlx6u4QXLEFaZ9XvXaHmrwQTodC6D6pH7NdGhEv7MBc3_BEkgjd90T7Vtf2b_xZLNO926rrytoRzsch__5b5nCvkarmPKR1W_OhNVKwEnNXsafhT7nR5tk_0oUfuk1hNG4Iqy_tq_cjZA9_HXZlLafyGdwIFKatfkUD24Gbme_o65XXXmG9E0qlYwJnVrQKH03AsoVjWIMslvtiJspQgDUCX5OO21SiHJGuklYbQrIEosYGVrzkD5-KClugx592_zIO-xFCqpnxgT3iUPWo10dk2d_7n0pImOmW6KX10ocLmU3CALS8kLIQN6DTkfAQZKO3MN9HeAIQwiFCJFgjmV5OxfEARFV8Nx3xk2psBUGCt6OvRd4nVqSzp3liKlM6Y7F8AGIFfm91BtYG0df9Hs9tqlYK3X5yJ4M1iyQ-K8Nc7MM8jWFP5CNJp1pWqihhjxX4b5bsgWE1mNVFemGZCv8AkxBnSzajDnmFj__Lj68-iwqrhMe_iYa7eIOuIR_xCX2rHJAISi6mUo1qzn5BW4QWsfoS1XLh_iDlkfM-T-cN6y_xJpxGtnlnfhYTvxHJY1uStJePqjicI7BU96lqR1B3ZxW7Zcl

Requested by

Host: 25f0b6c781c28f0ec66a58e178665f44.safeframe.googlesyndication.com
URL: https://25f0b6c781c28f0ec66a58e178665f44.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:808::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 09 Mar 2023 03:34:37 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame D9F4 0
20 B 84ms
82ms Image
image/gif 2a00:1450:400d:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BYCG5ylMJZJ3KOoHVx_APyfq-kAoAAAAAOAHgBAI&bg=!-vml-a3NAAbv3-2Ez987ADkAdvg8WvenqO88JJiCIdbsfsg7jkusEIcw2WywqbQH3xFR_PY70WWAfD_ziIUteDtn8m33clyKp-ECAAADalIAAAADaAEHCgBdaMbU8sYhm51-kdP21PzTvL9VfIGqjjAGsuy-8U8m2S33Yd88ctIHfdZnkjfij1xHrChNAsfZbcpYuqFWrNzSel2c08XUgygLS9H2LLgDQlgFud-JXKCi58oHJSY5mQLq7NNgh1jE8wtynS7KhCYgfp9kPUcQBEpt2Jt5YPAPjwXpVsQK-8yr74dEcdRPPXK0lI_GiQa9-LZEjvlw7lFvZj3QMrr4MX_6FwmPRKR_PE8xW2taaKC-zOH_6uZ6FEWuGH4PAoedn2yW7VEOcMWlNbSlnczn0NZSFf-adjuzj_5iTOlKhRyDRaFhx3Kig8rlFJdxjWrWwCVgkzzIjq87VsseTH_L2peqy02zfPYWiDaBWQEKJzANdbEHKRzcpht4bfEAYQncZRhJ4KNKMmNEb4XKANyaDJP_ojglJ44XFJbdCvK4YCFVN_7KqZ7iNMwQf1Z4EIbrkHoG6rNISzfjgdZWpyRo1OA_JMU_hpddzOmE7bIBahT_V9i584RIihiedxraKS78YzQyCfdfXIhDTAxZ2JaFK3lqTqU5EoQC5fpG_WXgrBGmey7SwNIgD5_h1K8meF2tBWu7nsGOltLyQTz3_VHHpWE8FKnEETQMVaKmFMTIaJI67WSmp4tBu5lS0-WHs7UOdWhTCXMIaFKiF878Eql5_ioDK_gq3XVkjvQKBmTL0MczEYrXm78fhf3nV6dkBhN02EDXB_gM56x8n7IttEV9ywSjab9S63ztnk2KTD0ZYtfjXyqr-gj3sJ1sH43JcRqY7u13xze-x85ajR2ycQiHDopDh3wAmMc6y2Jw1s2WS62o7TYJ5n8jOQaqs4YmpF8Fulcpon8JVOvo6xWazQOXmn-w4bYKkEbK-6whFiWqGB8id_XYoXVHNcvxD5efm4ou0jTgOtuac7bQeCy4sOFFgsK24SPSfiQoEZVZzfcO0qCaJDnJDt2qUt3KJNrM74oIWnaeNDS3cGPt3fCl4mSfMR98UjyenSAVF8koiTuyli5TbH1qpXtFRNVHj2Hs2P5E-lUdAta05J9tcyYSCr8u2OTeSUeZPTl2hwUB0OujIRJapmJaNUr9qklNVxe6aJWu4cFcy7SFu9aciu1DClZ42KY4h0c

Requested by

Host: www.orientaldaily.com.my
URL: https://www.orientaldaily.com.my/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:808::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 09 Mar 2023 03:34:37 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 imageA2.jpg
s0.2mdn.net/sadbundle/15792676767965068564/ Frame 1051 36 KB
36 KB 47ms
47ms Image
image/jpeg 2a00:1450:400d:803::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/15792676767965068564/imageA2.jpg

Requested by

Host: www.orientaldaily.com.my
URL: https://www.orientaldaily.com.my/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:803::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5b69b2a0aa4b961ac545008abb1e472f316b4ddba78f5a861baec9f28a5a1882

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/15792676767965068564/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 03 Mar 2023 13:37:14 GMT
x-content-type-options: nosniff
age: 482243
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 36354
x-xss-protection: 0
last-modified: Wed, 21 Dec 2022 03:04:29 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 02 Mar 2024 13:37:14 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame C207 0
20 B 83ms
82ms Image
image/gif 2a00:1450:400d:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BFZtvy1MJZLPiB82d9u8Pl423qAgAAAAAOAHgBAI&bg=!z8ylzJjNAAbv3-2Ez987ADkAdvg8Wi-fnKrBvDYpNN3AtxDVbD5ZZwXecAhSioI4-nFMfuX9Ng4ftmnDzmQqo9MKBrcTuJTNYBECAAAD6lIAAAADaAEHmQL2wXU6VBBdR5Iuziim5xSJhKMZfrnt7MwBDVYMENrFXQ6NXUnBnDEvjGNc9ArENexp4IH9jDR4lqJnRVtSQhlMbIYnXJWldegh55Qzg39DdIUmHGS_2vfiCCPVHjX4VP__zYCpFt2rNDYJb7TickSsRmiLyNiXIguCbBEs_oqVUPDThaDS5ILoj3Kk53CU4O4mMQLrpm6nSvc8E8I4ZjSDevdb2wUHFVdJYm3q8KBSKtfPi4dv1S_ct_h-R-kfhoAXlJ63WeaW8v8C_xwr5xzZV2YZRvA6AK6Kl6cyJTT2FIWOxqbvAiJz0R3EcAwEpb7qCfxP6ZfwrHrFqxykNKokq3rH4R9NkU8NxN-4U3JTXztaDslLjKuj4Li8-dxRukB_I1UXDBKpxmzIWxjg4K-AzxbVL-RZB7_rdu8tDBSgnX0vFAzSD9taBvOt7PTgWTD1IOx2Xj7NTyYxufgpAB_qX1LCpcJg_ntelZUL4tqK_bZLQGHqYexQskwdz7iDugdEfqGlQXHvFUm-WJyOO8z8G8_B9mMeIPquh1NHg6l9xkWhCO2yedSW4hvd823TvyBSLHUOSKjFGGCKoXUk0D7XngryY-aVxCLdVL-xyRvnDAdQXjVcTnBgphKgQC2StklYMNra2aabW4BYj_NTq6dp-QZM2A3v8cEePB0c4J4pUZuVP3-Hp5VCm755rR4i6R64OpZ19SMp6uDSsyJoUAgLXhvNUQGjLDiSSs40rscYFt_MLPkBnGtMQf8P3aHVMQHHF5QskzOBijwyesglPhXJgx59-0AjPh6iM40E4-yWuPKf1vjRJF1oYXuHsrHcsZKZcWLs87LDqNIQL5L4Ba8VNGdbnjYerIN5pVBG-NFADj1mK9gfT743DGZcHUP3qS3skwJCvgKh8w5N5rP-7NSEjQ1MECkfK39IGBMkaPmYBqDCdY2jGy_7K8XWFIebpgDfaCZlSUVuTxndEewEgd8nosTFuYtYk0_17L1ZIQUs-dhY1i6zXU4

Requested by

Host: 25f0b6c781c28f0ec66a58e178665f44.safeframe.googlesyndication.com
URL: https://25f0b6c781c28f0ec66a58e178665f44.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:808::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 09 Mar 2023 03:34:37 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H/1.1 200 984.json Show response
id5-sync.com/g/v2/ 216 B
634 B 45ms
8ms XHR
application/json 141.95.33.111
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/g/v2/984.json

Requested by

Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

141.95.33.111 , Germany, ASN16276 (OVH, FR),

Reverse DNS

ns3203177.ip-141-95-33.eu

Software

Resource Hash

234605c2f314bbf7e04fe8d579098fab8c705623e37bebc913b9dfe68a7bd7d2

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://www.orientaldaily.com.my/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.orientaldaily.com.my
date: Thu, 09 Mar 2023 03:34:36 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding: chunked
content-type: application/json;charset=UTF-8

GET
H2 200 widgetv3.html Show response
cdn.izooto.com/newshub/ 84 KB
21 KB 58ms
28ms XHR
text/html 2606:4700::6812:d841
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.izooto.com/newshub/widgetv3.html?v=1

Requested by

Host: cdn.izooto.com
URL: https://cdn.izooto.com/scripts/sdk/izooto.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:d841 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4eec123c863a660bb8005747d8f070346c1446531320c11a3bdf2cda930f7c60

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.orientaldaily.com.my/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Thu, 09 Mar 2023 03:34:37 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 24 Feb 2023 08:40:42 GMT
server: cloudflare
age: 1104685
vary: Accept-Encoding
content-type: text/html
access-control-allow-origin: *
cache-control: public, max-age=2678400
cf-ray: 7a5043633a2037f2-FRA
x-xss-protection: 1; mode=block
expires: Sun, 09 Apr 2023 03:34:37 GMT

GET
H3 200 imageA3.jpg
s0.2mdn.net/sadbundle/15792676767965068564/ Frame 1051 38 KB
38 KB 48ms
47ms Image
image/jpeg 2a00:1450:400d:803::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/15792676767965068564/imageA3.jpg

Requested by

Host: www.orientaldaily.com.my
URL: https://www.orientaldaily.com.my/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:803::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b886abbc4c85766e18560ab1b77b2991742bcee344ee31d68a540df850dcad25

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/15792676767965068564/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 03 Mar 2023 13:37:14 GMT
x-content-type-options: nosniff
age: 482243
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 39388
x-xss-protection: 0
last-modified: Wed, 21 Dec 2022 03:04:29 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 02 Mar 2024 13:37:14 GMT

GET
H2 200 a.js Show response
p.adlooxtracking.com/gpt/ 8 KB
8 KB 79ms
15ms Script
text/javascript 34.107.231.31
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://p.adlooxtracking.com/gpt/a.js

Requested by

Host: www.orientaldaily.com.my
URL: https://www.orientaldaily.com.my/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.107.231.31 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

31.231.107.34.bc.googleusercontent.com

Software

nginx /

Resource Hash

7ca7a1e30027e42d510cd253b29f1b9f505c04b9af48c9ed20804d9d8006faff

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.orientaldaily.com.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 02:55:32 GMT
via: 1.1 google
x-content-type-options: nosniff
last-modified: Tue, 22 Nov 2022 17:41:01 GMT
server: nginx
age: 2345
etag: "81c857a6c52da1ca7444f198bd33b2ea"
content-type: text/javascript
cache-control: public,max-age=3600
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8327

GET
H/1.1 200
OK prebid-regular.js Show response
rtbpass-us.andbeyond.media/ 578 KB
176 KB 431ms
16ms Script
text/javascript 69.16.175.42
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://rtbpass-us.andbeyond.media/prebid-regular.js
Requested by: Host: www.orientaldaily.com.my
URL: https://www.orientaldaily.com.my/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 69.16.175.42 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: tlb.hwcdn.net
Software: AmazonS3 /
Resource Hash: 3692cf8467560f1e5020e3315d0d7aaf944786ad2179caf249f0122bb859aa85

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.orientaldaily.com.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date: Thu, 09 Mar 2023 03:34:37 GMT
Content-Encoding: gzip
Last-Modified: Mon, 12 Sep 2022 05:05:05 GMT
Server: AmazonS3
x-amz-request-id: Q4JD3G3BQ0DYGKBT
ETag: "9e98845ef53f6519923594be8049b373"
X-HW: 1678332877.dop009.am5.t,1678332877.cds151.am5.shn,1678332877.dop009.am5.t,1678332877.cds312.am5.c
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=16162243
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 180082
x-amz-id-2: ERwx8cqlqPvTh204guQm2A4xtK/XgQCIhlcsyJweTZnNF3S5gxqeOQIpWgXKFZf6iT601LMwB68=

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 8C5A 0
20 B 81ms
79ms Ping
image/gif 2a00:1450:400d:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=6985647847198&version=m202301230201&ct=76&x=1&cor=8818878692447593000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:808::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://25f0b6c781c28f0ec66a58e178665f44.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 09 Mar 2023 03:34:37 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 2D8E 0
20 B 82ms
81ms Image
image/gif 2a00:1450:400d:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BvalLy1MJZIbiOrL_7_UPntGFwAwAAAAAOAHgBAI&bg=!ZGelZzPNAAbv3-2Ez987ADkAdvg8WpUgfoNtSl5K1QochZLfrXTjS-OKwzHJ2N-mtFpKAEcushYayaCOILW_m2e43-8Reb5HUlYCAAAA6FIAAAAGaAEHmQLyLNpsCY3LQY16KhHPD3NbanI_fIO_xnriSvg3FI5Dyq4UlC7DODwNrvlL-17YDVbZR8oAaAfvX7LarKiJ5Bt_i5JnLiaVhkbvOyVUBj7Z-ZNHTM1S3ObFQvuA3XyTFSlGCL8K5BafBYSCsQ6IHsIQVtJGEg2y3joFW6JRzUP3d7HoZcUK7PrDnvsCUlN7pqIpeIkJl9TfnmMFfV3D-IaN7MD2TMSeKsVXFIHwkmBnppgZHTZPF-9beseIdz33fzrHKbLC-HiLzfOGmfqe6i7tiylnsA6xXWrtRxGVNshOxd95uQoGfvcC_pvVr8xZs08HglQx_M8z6LUUJIuTdsXUBdCiONrtPUGYuzAWQM8bXMlyI0k7cCdV5o2yJrAYAoflV4_waDSldCJFdEJBHiGyBULWgcNlCYbJuy6KfnzX7YWJkYNeb6GMpli-GWQmX3MMV11Y0rzoFeUwTMMS9WSiiPUaH5gyy7T1cgFR8CTvMHc3N1G0NeIZJkl9wvwv0VuiPtuIUt6dxHI1RX-8HfDxI3P0bvor43PLP7B1Cu0WTXc_Ubuk5v6hD798ikPLCAxTZriAi3x6zxWI0X8MrI1N15ngOl857-W5-LzqeWHOLQh7s-2KZYHYearZHjTdYRzGliaAKYCnXUE77UtCmouEUScjJ_SQoEu8K9ii9w25qFNabMU092S0B0IMDX3Ai9ABuE6PzzPLtg2BZFs17BH1rpbpyGBu86RkhFMm5wRGdRjYtgdf5lobfTcAAosScm-hhh0DD5QjF2ONNxewy1SUJzJv5VUylXT0M2AB5Z0Idsep6Tjo5dQD8NThaLwloTh3r8Nu10Jw8evOXAKYUbQomng1ZKFchdZ7n3LRAK_iMQB0GyHkyqUtUXXyBPsZP6YoK7x2p5WN9i_SSEPoxbDJAvrsIeVvuoUsL9tJzI7Ryia9MQa5xxLHNFcVZn-pZd_kiNMd6p7QNnTE-XT6vJmqeSyP1QUYoT10nopOTZSbp6sCOg

Requested by

Host: www.orientaldaily.com.my
URL: https://www.orientaldaily.com.my/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:808::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 09 Mar 2023 03:34:37 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 latest.json Show response
nh.iz.do/nh/ecdfcc1811f34e74c3bab718dd85239c1f9d5a9f/ 2 KB
1 KB 664ms
590ms XHR
application/json 2606:4700::6811:3663
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://nh.iz.do/nh/ecdfcc1811f34e74c3bab718dd85239c1f9d5a9f/latest.json

Requested by

Host: cdn.izooto.com
URL: https://cdn.izooto.com/scripts/sdk/izooto.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:3663 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

623de39974775464bec1a38f4046f1cd71247ad1f79465628f026f75299a3531

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.orientaldaily.com.my/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Thu, 09 Mar 2023 03:34:38 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Thu, 09 Mar 2023 03:30:25 GMT
server: cloudflare
etag: W/"640952d1-844"
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
cache-control: public, max-age=1200
cf-ray: 7a504366fc5c8fe8-FRA
x-xss-protection: 1; mode=block
expires: Thu, 09 Mar 2023 03:54:38 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 8E64 42 B
64 B 82ms
82ms Fetch
image/gif 2a00:1450:400d:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssnQL8oeLgFkajRL_tIt_xy7chnKFdt2C6hKASol8l5w4AeBESy2kDahwK0h_QMMh7oNig6vPWswuesbbxV9auIuFMND1DF&sig=Cg0ArKJSzEWXlJgi3HbjEAE&id=lidar2&mcvt=1167&p=0,0,90,728&mtos=1167,1167,1167,1167,1167&tos=1167,0,0,0,0&v=20230308&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=34&adk=1094543181&rs=6&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1678332875819&rpt=1098&met=mue&wmsd=0&pbe=0&vae=0&spb=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:808::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ad.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 09 Mar 2023 03:34:38 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 wrapper.html Show response
wrappers.geoedge.be/ 3 KB
3 KB 151ms
15ms XHR
text/html 2600:9000:2204:fe00:2:d490:4d80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://wrappers.geoedge.be/wrapper.html
Requested by: Host: rtbpass-us.andbeyond.media
URL: https://rtbpass-us.andbeyond.media/prebid-regular.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2204:fe00:2:d490:4d80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 8265c5aec9ae3882691303cec1b6993e75b12e8071fe6710826f7fc6b5cbccdb

Request headers

Referer: https://www.orientaldaily.com.my/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type: text/plain

Response headers

x-amz-version-id: gVDFxbxIIKkKTV40SMjG._OTMed_.wGK
date: Wed, 08 Mar 2023 14:55:36 GMT
via: 1.1 182732bb63f7d4f88e7cac0874b0cfee.cloudfront.net (CloudFront)
last-modified: Mon, 12 Apr 2021 12:46:04 GMT
server: AmazonS3
x-amz-cf-pop: AMS50-C1
age: 45543
etag: "4a6c546fe449447f2a620613c0655458"
access-control-allow-methods: GET
content-type: text/html
access-control-allow-origin: *
x-cache: Hit from cloudfront
accept-ranges: bytes
content-length: 3121
x-amz-cf-id: pfXmtqwdnEHSHKQkSpsRtWoGAJ0jIS4TvY0jGiLoHY9-WZ1Y7f0XoA==

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 15 KB
11 KB 88ms
88ms XHR
application/json 2a00:1450:400d:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2023030701&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023030701.js?cb=31072917

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:808::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ec0ee7d1a62004da57303a02a2a562731be57bbb52b63f0cebbcebe071f58907

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.orientaldaily.com.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 03:34:38 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11405
x-xss-protection: 0

POST
H2 200 tracking-event Show response
api.webgains.io/ Frame 7B35 16 B
233 B 67ms
65ms Fetch
application/json 13.40.90.84
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.webgains.io/tracking-event

Requested by

Host: analytics.webgains.io
URL: https://analytics.webgains.io/pvClk.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

13.40.90.84 London, United Kingdom, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-13-40-90-84.eu-west-2.compute.amazonaws.com

Software

nginx / PHP/8.1.14

Resource Hash

c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://25f0b6c781c28f0ec66a58e178665f44.safeframe.googlesyndication.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type: application/json

Response headers

date: Thu, 09 Mar 2023 03:34:38 GMT
x-content-type-options: nosniff
server: nginx
x-powered-by: PHP/8.1.14
x-frame-options: SAMEORIGIN
content-type: application/json
access-control-allow-origin: *
cache-control: no-cache, private
x-xss-protection: 1; mode=block

OPTIONS
H2 204 tracking-event
api.webgains.io/ Frame 0
0 296ms
19ms Preflight 13.40.90.84
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.webgains.io/tracking-event
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.40.90.84 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-13-40-90-84.eu-west-2.compute.amazonaws.com
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://25f0b6c781c28f0ec66a58e178665f44.safeframe.googlesyndication.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

access-control-allow-headers: Authorization, Content-Type
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin: *
date: Thu, 09 Mar 2023 03:34:38 GMT
server: nginx

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 0E74 0
20 B 80ms
79ms Ping
image/gif 2a00:1450:400d:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=8436652003180&version=m202301230201&ct=77&x=1&cor=3020198889107654000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:808::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://25f0b6c781c28f0ec66a58e178665f44.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 09 Mar 2023 03:34:38 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 7B35 0
20 B 79ms
79ms Ping
image/gif 2a00:1450:400d:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=8233594021767&version=m202301230201&ct=77&x=1&cor=5957868261546642000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:808::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://25f0b6c781c28f0ec66a58e178665f44.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 09 Mar 2023 03:34:38 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 115ms
114ms Script
text/javascript 2a00:1450:400d:807::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023030701.js?cb=31072917

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.orientaldaily.com.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 03:34:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 09 Mar 2023 03:34:38 GMT

POST
H2 200 tracking-event Show response
api.webgains.io/ Frame 0E74 16 B
233 B 63ms
61ms Fetch
application/json 13.40.90.84
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.webgains.io/tracking-event

Requested by

Host: analytics.webgains.io
URL: https://analytics.webgains.io/pvClk.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

13.40.90.84 London, United Kingdom, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-13-40-90-84.eu-west-2.compute.amazonaws.com

Software

nginx / PHP/8.1.14

Resource Hash

c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://25f0b6c781c28f0ec66a58e178665f44.safeframe.googlesyndication.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type: application/json

Response headers

date: Thu, 09 Mar 2023 03:34:38 GMT
x-content-type-options: nosniff
server: nginx
x-powered-by: PHP/8.1.14
x-frame-options: SAMEORIGIN
content-type: application/json
access-control-allow-origin: *
cache-control: no-cache, private
x-xss-protection: 1; mode=block

OPTIONS
H2 204 tracking-event
api.webgains.io/ Frame 0
0 220ms
19ms Preflight 13.40.90.84
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.webgains.io/tracking-event
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.40.90.84 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-13-40-90-84.eu-west-2.compute.amazonaws.com
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://25f0b6c781c28f0ec66a58e178665f44.safeframe.googlesyndication.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

access-control-allow-headers: Authorization, Content-Type
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin: *
date: Thu, 09 Mar 2023 03:34:38 GMT
server: nginx

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 49DE 13 KB
5 KB 53ms
48ms Document
text/html 2a00:1450:400d:807::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.orientaldaily.com.my/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 36999
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 08 Mar 2023 17:17:59 GMT
expires: Thu, 07 Mar 2024 17:17:59 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 7553 783 B
535 B 73ms
71ms Document
text/html 2a00:1450:400d:80d::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80d::2004 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

1d67273facb32941b533545ce57640c505ecd8725a50994be1a26630a1c86ded

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-dZk2YPJq_Yqv5lCg5b4oKw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.orientaldaily.com.my/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 513
content-security-policy: script-src 'report-sample' 'nonce-dZk2YPJq_Yqv5lCg5b4oKw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Thu, 09 Mar 2023 03:34:38 GMT
expires: Thu, 09 Mar 2023 03:34:38 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 hTGw0iTttGPYNj9jnBVYIcaXVb8tbW1IYYT-gsExgL0.js Show response
pagead2.googlesyndication.com/bg/ Frame 49DE 36 KB
14 KB 48ms
47ms Script
text/javascript 2a00:1450:400d:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/hTGw0iTttGPYNj9jnBVYIcaXVb8tbW1IYYT-gsExgL0.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:808::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8531b0d224edb463d8363f639c155821c69755bf2d6d6d486184fe82c13180bd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 08 Mar 2023 05:20:56 GMT
content-encoding: br
x-content-type-options: nosniff
age: 80022
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14408
x-xss-protection: 0
last-modified: Tue, 28 Feb 2023 11:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 07 Mar 2024 05:20:56 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 7553 0
0 79ms
79ms Image
text/html 2a00:1450:400d:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2023030701&jk=1676360787140896&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:400d:808::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 49DE 0
10 B 47ms
46ms Image
text/plain 2a00:1450:400d:807::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?fIimGQ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:400d:807::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 03:34:38 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2

200

sid Show response
mug.criteo.com/
Redirect Chain

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.orientaldaily.com.my%2F&domain=www.orientaldaily.com.my&cw=1&lsw=1
https://mug.criteo.com/sid?cpp=zIHhqXxMNXJmYjA2QklXVlhHaFB4dDVaSXdFK3pSNkNVSHJOMVdwRlVRdmJuTDBnc2RsbW1UdnZ2RVh2ZkJRaWVyL1JWMkZ0c3dWWUZFM3dpWWR5N3d3S3EwWlJ5N0t4czc1Tk9wUXFrYUdlRTRROUN2UmZmRC9NSkN1U2...

388 B
687 B

59ms
18ms

XHR
application/json

178.250.0.157
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=zIHhqXxMNXJmYjA2QklXVlhHaFB4dDVaSXdFK3pSNkNVSHJOMVdwRlVRdmJuTDBnc2RsbW1UdnZ2RVh2ZkJRaWVyL1JWMkZ0c3dWWUZFM3dpWWR5N3d3S3EwWlJ5N0t4czc1Tk9wUXFrYUdlRTRROUN2UmZmRC9NSkN1U2twTWhaalNoZmwrd3YxbHpYSWwyRGFZSndiNC9JY0p5cXFpVWo3NEJBbUZONjI0a0hnSGhjeGNmSTljMEhwcTVhNWNmWDVuWjZaTEFDZjlnOWxlRzNPcUdHYldpb0VaV0ZkVmdwL3laREFESFc2SUN5czQ1TFJZeHZlbkJvc29FRHZEZUpvM0JufA&cppv=2

Protocol

Server

178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

0c824753211199697732408f5f548c8283ab099303cb368b7560336d096c2c4e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.orientaldaily.com.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 09 Mar 2023 03:34:38 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: null
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 1572178
expires: 0

Redirect headers

pragma: no-cache
date: Thu, 09 Mar 2023 03:34:38 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
access-control-allow-methods: GET
location: https://mug.criteo.com/sid?cpp=zIHhqXxMNXJmYjA2QklXVlhHaFB4dDVaSXdFK3pSNkNVSHJOMVdwRlVRdmJuTDBnc2RsbW1UdnZ2RVh2ZkJRaWVyL1JWMkZ0c3dWWUZFM3dpWWR5N3d3S3EwWlJ5N0t4czc1Tk9wUXFrYUdlRTRROUN2UmZmRC9NSkN1U2twTWhaalNoZmwrd3YxbHpYSWwyRGFZSndiNC9JY0p5cXFpVWo3NEJBbUZONjI0a0hnSGhjeGNmSTljMEhwcTVhNWNmWDVuWjZaTEFDZjlnOWxlRzNPcUdHYldpb0VaV0ZkVmdwL3laREFESFc2SUN5czQ1TFJZeHZlbkJvc29FRHZEZUpvM0JufA&cppv=2
access-control-allow-origin: https://www.orientaldaily.com.my
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 556032
content-length: 0
expires: 0

OPTIONS
H2 200 json
gum.criteo.com/sid/ Frame 0
0 48ms
15ms Preflight
application/json 2a02:2638::1c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.orientaldaily.com.my%2F&domain=www.orientaldaily.com.my&cw=1&lsw=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://www.orientaldaily.com.my
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET
access-control-allow-origin: https://www.orientaldaily.com.my
cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
content-type: application/json; charset=utf-8
date: Thu, 09 Mar 2023 03:34:39 GMT
expires: 0
pragma: no-cache
server: Kestrel
server-processing-duration-in-ticks: 503403
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H/1.1 200
OK usync.html Show response
eus.rubiconproject.com/ Frame F35A 281 B
554 B 120ms
20ms Document
text/html 23.64.52.128
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html
Requested by: Host: anymind360.com
URL: https://anymind360.com/js/1972/prebid_2023_2_24_4_58_12.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.64.52.128 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-64-52-128.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://www.orientaldaily.com.my/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Thu, 09 Mar 2023 03:34:39 GMT
ETag: "403b9-119-5ec73a0a33d00"
Last-Modified: Wed, 02 Nov 2022 02:30:44 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

GET
H2 200 sync Show response
eb2.3lift.com/ Frame AC1A 37 B
141 B 106ms
7ms Document
image/gif 76.223.111.18
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://eb2.3lift.com/sync?
Requested by: Host: anymind360.com
URL: https://anymind360.com/js/1972/prebid_2023_2_24_4_58_12.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer: https://www.orientaldaily.com.my/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-cache, no-store, must-revalidate
content-length: 37
content-type: image/gif
date: Thu, 09 Mar 2023 03:34:39 GMT

GET
H2 200 pd Show response
u.openx.net/w/1.0/ Frame 37A3 0
92 B 67ms
18ms Document
text/html 35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://u.openx.net/w/1.0/pd
Requested by: Host: anymind360.com
URL: https://anymind360.com/js/1972/prebid_2023_2_24_4_58_12.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.orientaldaily.com.my/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: gzip
content-length: 20
content-type: text/html
date: Thu, 09 Mar 2023 03:34:39 GMT
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
via: 1.1 google

GET
H2 200 checksync.php Show response
contextual.media.net/ Frame 1C42 23 KB
8 KB 153ms
38ms Document
text/html 92.123.38.97
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU3VM41V&prvid=2034%2C2033%2C2031%2C2030%2C233%2C2028%2C2027%2C159%2C236%2C2025%2C237%2C117%2C359%2C97%2C55%2C99%2C3012%2C3010%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C446%2C326%2C9%2C208%2C2055%2C3020%2C173%2C251%2C175%2C450%2C178%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C459%2C70%2C77%2C2022%2C182%2C141%2C262%2C461%2C222%2C345%2C10000%2C228%2C80%2C108%2C229%2C109%2C307&itype=PREBID&purpose1=1&gdprconsent=0&gdpr=1&coppa=0&usp_status=0&usp_consent=1

Requested by

Host: anymind360.com
URL: https://anymind360.com/js/1972/prebid_2023_2_24_4_58_12.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

92.123.38.97 Vienna, Austria, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a92-123-38-97.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

214053741e4a584ebf4535d0ac7c98c0d592192505b07f7b37d9d0d4b01a015e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.orientaldaily.com.my/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: max-age=172800
content-encoding: gzip
content-length: 8265
content-type: text/html; charset=UTF-8
date: Thu, 09 Mar 2023 03:34:39 GMT
expires: Sat, 11 Mar 2023 03:34:39 GMT
server: Apache
strict-transport-security: max-age=31536000
vary: Accept-Encoding
x-mnet-hl2: E

GET
H2 200 ixmatch.html Show response
js-sec.indexww.com/um/ Frame 7050 3 KB
2 KB 106ms
12ms Document
text/html 104.18.11.47
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js-sec.indexww.com/um/ixmatch.html
Requested by: Host: anymind360.com
URL: https://anymind360.com/js/1972/prebid_2023_2_24_4_58_12.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.11.47 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb

Request headers

Referer: https://www.orientaldaily.com.my/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 481
cache-control: public, max-age=14400
cf-cache-status: HIT
cf-ray: 7a50436fb93637fc-FRA
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Thu, 09 Mar 2023 03:34:39 GMT
expires: Thu, 09 Mar 2023 07:34:39 GMT
last-modified: Mon, 25 Jul 2022 19:18:30 GMT
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
server: cloudflare
vary: Accept-Encoding

GET
H2 200 user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame 7786 16 KB
6 KB 18ms
17ms Document
text/html 2.18.36.193
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158497
Requested by: Host: anymind360.com
URL: https://anymind360.com/js/1972/prebid_2023_2_24_4_58_12.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.36.193 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-36-193.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48

Request headers

Referer: https://www.orientaldaily.com.my/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=59225
content-encoding: gzip
content-length: 5554
content-type: text/html
date: Thu, 09 Mar 2023 03:34:39 GMT
expires: Thu, 09 Mar 2023 20:01:44 GMT
last-modified: Fri, 16 Dec 2022 06:36:49 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: Apache
vary: Accept-Encoding

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 83ms
82ms Image
text/html 2a00:1450:400d:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2023030701&jk=1676360787140896&bg=!v7ylvOjNAAbv3-2Ez987ADkAdvg8Wi13r903opYa4SQay7xGn3G6ycObQcNfFNbFckixFXwcP9h07q075UV4Op2YUfSHaCLbP30CAAAAlFIAAAAEaAEHmQKkuQ9A9lqZMHsMr-Vu_DhK1nnYzsf7Ag4zx-d9XGKn5SqakJ6euKNJPusZ-puro7YmiF0QjIGh5Gz0hppoT2bCtTPh_lhyH1a1tQucgz7ld38eB01MNPv6SonRgLptTybN4EbFrZ0oC2c-pBB3TDLE0x5-mqmPergBJQiR7LYqnPf60Rvd7gSt45V70pFyU8RG2esPKEQRLG4VFi5Q-1rcW_JELzyRw9eojoSADGbC_hWd6fkM3Qei4lpQEJ0_1AfN4MeGEVBvhfQUcGxMF-bPGoj1T5072jv-_RjMaUA_EZARTIGZfrWfOc-Q-aBjsqfXZgrEFXdkeM0xfHm5YiyouaU2fIpApv4EhjqCOtFxDxWYaTT3VjnzDHh91PYm_U3GBZ4aeDytWUzDNlm6gY_w_ZtBAmKHre3xk0un0VgDnuilkSWLHMk2PRBZgb5k4o5oPsaNVZN1N5LUuWiWF0rSDkrNHHmqLdxdsp1XXPEBL9xUCP_tRpLMgAeXkqwKYzF-HXmMCIOOS_AxEumrEqFWFTgd8JbUtw6p7ETY7wgINzAY81iFQPZOwFoJF6KDzp7XCkO3qD6-7emyqTjauMICNJL_c_RhkRMRMWsNvRJGagECJJ0HS8Qa225BQGsNv5ZxNpJsVl52uJmQ7F_G5phx2PEWR3NWz7fA8uyLdg1fxjomoyDFSeFO_vYZDhR7rPtqcQYNxx-4Jgj3xkXgAQCOELJRHRGxBvaclnKcc9S-d19BEdp95m_QeEcN8KSzeHe8y3_29thunU7DUYzRuaEe8D1WrrOypKKrCKoWK30OZfBDUNf1aVSQsHunM_5DzSEY4OuaREWnPSAawDWqjn6lv6-poJmyv0tHLYqMCK9j1PJL7OqgTt7wNoH_NnYBNfzzwMV8DQ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:400d:808::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.orientaldaily.com.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

GET
H2 200 PugMaster Show response
image6.pubmatic.com/AdServer/ Frame 7786 3 KB
3 KB 15ms
14ms Script
text/html 198.47.127.19
GTT-BACKBONE GTT

General

Check archive.org

Show headers Download Go to

Full URL: https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=67071726&p=158497&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158497
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 198.47.127.19 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software: /
Resource Hash: 9851ceb4047cce27caede83d31192be447561dbaac0caa65e870575d22d4e0a0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

content-type: text/html; charset=UTF-8
date: Thu, 09 Mar 2023 03:34:39 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H2

200

Pug Show response
simage2.pubmatic.com/AdServer/ Frame 9863
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:9dde6409-53d0-4f00-bb19-51a018b3ce92&gdpr=0&gdpr_consent=

42 B
406 B

19ms
18ms

Document
image/gif

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:9dde6409-53d0-4f00-bb19-51a018b3ce92&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158497
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-length: 42
content-type: image/gif; charset=utf-8
date: Thu, 09 Mar 2023 03:34:39 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

Redirect headers

Access-Control-Allow-Origin: *
Cache-Control: no-cache
Connection: keep-alive
Content-Length: 0
Content-Type: image/gif
Date: Thu, 09 Mar 2023 03:34:40 GMT
Expires: Thu, 09 Mar 2023 03:34:39 GMT
Keep-Alive: timeout=360
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Server: MT3 569 46451a0 master zrh-pixel-x27 config:1.0.0
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:9dde6409-53d0-4f00-bb19-51a018b3ce92&gdpr=0&gdpr_consent=

GET
H2

200

Pug Show response
image2.pubmatic.com/AdServer/ Frame 6C99
Redirect Chain

https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=2582284890286784696

42 B
196 B

96ms
19ms

Document
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=2582284890286784696
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158497
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-length: 42
content-type: image/gif; charset=utf-8
date: Thu, 09 Mar 2023 03:34:39 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

Redirect headers

content-length: 0
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=2582284890286784696
p3p: CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV

GET
H2 200 usersync.aspx Show response
dis.criteo.com/dis/ Frame BFD5 43 B
363 B 135ms
15ms Document
image/gif 178.250.0.163
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158497

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.163 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-cache
content-type: image/gif
cross-origin-resource-policy: cross-origin
date: Thu, 09 Mar 2023 03:34:38 GMT
expires: Thu, 09 Mar 2023 00:00:00 GMT
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
pragma: no-cache
server: Kestrel
server-processing-duration-in-ticks: 452520
strict-transport-security: max-age=31536000; preload;
x-errorlevel: 0

GET
H2

200

Pug Show response
image2.pubmatic.com/AdServer/ Frame DA2A
Redirect Chain

https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=ZT2gp2Y68_h-P6OnZW29qjJs86d-PfavNW3KjcOG

42 B
570 B

124ms
17ms

Document
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=ZT2gp2Y68_h-P6OnZW29qjJs86d-PfavNW3KjcOG
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158497
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-length: 42
content-type: image/gif; charset=utf-8
date: Thu, 09 Mar 2023 03:34:39 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

Redirect headers

access-control-allow-credentials: true
access-control-allow-origin: *
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 0
date: Thu, 09 Mar 2023 03:34:39 GMT
expires: Fri, 04 Aug 1978 12:00:00 GMT
location: https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=ZT2gp2Y68_h-P6OnZW29qjJs86d-PfavNW3KjcOG
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
pragma: no-cache
strict-transport-security: max-age=86400

GET
H/1.1

200
OK

dcm Show response
aax-eu.amazon-adsystem.com/s/ Frame 2218
Redirect Chain

https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=389B1C7D-66D3-46E8-82A6-7EF23C70ED44&redir=true&gdpr=0&gdpr_consent=
https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=389B1C7D-66D3-46E8-82A6-7EF23C70ED44&redir=true&gdpr=0&gdpr_consent=&dcc=t

43 B
855 B

194ms
189ms

Document
image/gif

67.220.226.238
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=389B1C7D-66D3-46E8-82A6-7EF23C70ED44&redir=true&gdpr=0&gdpr_consent=&dcc=t

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158497

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

67.220.226.238 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif
Date: Thu, 09 Mar 2023 03:34:39 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Pragma: no-cache
Server: Server
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Vary: Content-Type,Accept-Encoding,User-Agent
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid: 8P30ZDHNCGPRQRSC5ZA7

Redirect headers

Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 0
Date: Thu, 09 Mar 2023 03:34:39 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Location: https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=389B1C7D-66D3-46E8-82A6-7EF23C70ED44&redir=true&gdpr=0&gdpr_consent=&dcc=t
Pragma: no-cache
Server: Server
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Vary: Content-Type,Accept-Encoding,User-Agent
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid: GEY1YD31X7868XPQ4K8X

GET
H2

200

Pug Show response
simage2.pubmatic.com/AdServer/ Frame D5DB
Redirect Chain

https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=7313373080911371245&gdpr=0&gdpr_consent=

42 B
317 B

16ms
15ms

Document
image/gif

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=7313373080911371245&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158497
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-length: 42
content-type: image/gif; charset=utf-8
date: Thu, 09 Mar 2023 03:34:38 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

Redirect headers

AN-X-Request-Uuid: 43e03f4b-7161-4782-af93-27251fcbbf5c
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Length: 0
Content-Type: text/html; charset=utf-8
Date: Thu, 09 Mar 2023 03:34:39 GMT
Expires: Sat, 15 Nov 2008 16:00:00 GMT
Location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=7313373080911371245&gdpr=0&gdpr_consent=
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Pragma: no-cache
Server: nginx/1.21.3
X-Proxy-Origin: 185.213.155.181; 185.213.155.181; 1002.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
X-XSS-Protection: 0

GET
H2

200

Pug Show response
simage2.pubmatic.com/AdServer/ Frame 5DCF
Redirect Chain

https://dsp.adfarm1.adition.com/cookie/?ssp=9&gdpr=0&gdpr_consent=
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7208384827111962768&gdpr=0&gdpr_consent=

42 B
244 B

16ms
16ms

Document
image/gif

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7208384827111962768&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158497
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-length: 42
content-type: image/gif; charset=utf-8
date: Thu, 09 Mar 2023 03:34:38 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

Redirect headers

Connection: keep-alive
Date: Thu, 09 Mar 2023 03:34:39 GMT
Location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7208384827111962768&gdpr=0&gdpr_consent=
Server: nginx
Transfer-Encoding: chunked
p3p: policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"

GET
H2

200

user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 7786
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=OJscfWbTRuiCpn7yPHDtRA%3D%3D&gdpr=0&gdpr_consent=
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=

16 KB
16 KB

20ms
17ms

Image
text/html

2.18.36.193
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158497
Protocol: H2
Server: 2.18.36.193 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-36-193.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 03:34:39 GMT
content-encoding: gzip
last-modified: Fri, 16 Dec 2022 06:36:49 GMT
server: Apache
vary: Accept-Encoding
content-type: text/html
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: max-age=59225
accept-ranges: bytes
content-length: 5554
expires: Thu, 09 Mar 2023 20:01:44 GMT

Redirect headers

pragma: no-cache
date: Thu, 09 Mar 2023 03:34:39 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 301
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 404 qmap
sync.crwdcntrl.net/ Frame 7786 49 B
266 B 141ms
29ms Image
image/gif 54.171.214.88
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=389B1C7D-66D3-46E8-82A6-7EF23C70ED44&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158497
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.171.214.88 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-171-214-88.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 09 Mar 2023 03:34:39 GMT
server: Jetty(9.4.38.v20210224)
content-type: image/gif
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: *
cache-control: no-cache
x-server: 10.45.23.75
content-length: 49
expires: 0

GET
H2

204

ids
idsync.frontend.weborama.fr/ Frame 7786
Redirect Chain

https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=
https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=&bounce=1&random=2777297529
https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fidsync.frontend.weborama.fr%2Fids%3Fkey%3Dpubmatic%26value%3D%23PM_USER_ID&gdpr=0
https://idsync.frontend.weborama.fr/ids?key=pubmatic&value=389B1C7D-66D3-46E8-82A6-7EF23C70ED44

0
286 B

114ms
21ms

Image
text/plain

34.111.131.239
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.frontend.weborama.fr/ids?key=pubmatic&value=389B1C7D-66D3-46E8-82A6-7EF23C70ED44
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158497
Protocol: H2
Server: 34.111.131.239 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 239.131.111.34.bc.googleusercontent.com
Software: Weborama Collect Frontend /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 09 Mar 2023 03:34:39 GMT
via: 1.1 google
last-modified: Thu, 09 Mar 2023 03:34:39 GMT
server: Weborama Collect Frontend
vary: Origin
p3p: CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 03 Jul 2001 06:00:00 GMT

Redirect headers

location: https://idsync.frontend.weborama.fr/ids?key=pubmatic&value=389B1C7D-66D3-46E8-82A6-7EF23C70ED44
date: Thu, 09 Mar 2023 03:34:37 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 0
content-type: text/html; charset=UTF-8

GET
H/1.1

200

p
a.audrte.com/ Frame 7786
Redirect Chain

https://a.audrte.com/match?gdpr=0&gdpr_consent=&p=M1717054901&uid=389B1C7D-66D3-46E8-82A6-7EF23C70ED44
https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_hm=Mmw2VHp3bHktNU1RQmF5M0ItSURSQThoQQ==&google_redir=https%3A%2F%2Fa.audrte.com%2Fddp%3Fred%3DeyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL...
https://a.audrte.com/ddp?red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbeyJuYW1lIjoiYWRmb3JtIn1dfQ%3D%3D&gdpr=0&gdpr_consent=
https://dmp.adform.net/serving/cookie/match/?party=1003&r=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&gdpr=0&gdpr_consent=
https://a.audrte.com/a?adform_uid=176919369591299655&r=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D
https://a.audrte.com/p

68 B
424 B

113ms
106ms

Image
image/png

52.0.191.77
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.audrte.com/p
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158497
Protocol: HTTP/1.1
Server: 52.0.191.77 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-0-191-77.compute-1.amazonaws.com
Software: nginx/1.18.0 /
Resource Hash: 2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date: Thu, 09 Mar 2023 03:34:40 GMT
Server: nginx/1.18.0
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods: POST, GET, OPTIONS
Content-Type: image/png
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 68

Redirect headers

Date: Thu, 09 Mar 2023 03:34:40 GMT
Server: nginx/1.18.0
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods: POST, GET, OPTIONS
Access-Control-Allow-Origin: *
Location: https://a.audrte.com:443/p
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0

GET
H2

200

Pug
image2.pubmatic.com/AdServer/ Frame 7786
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=Mzg5QjFDN0QtNjZEMy00NkU4LTgyQTYtN0VGMjNDNzBFRDQ0&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=

42 B
96 B

153ms
18ms

Image
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158497
Protocol: H2
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

content-type: image/gif; charset=utf-8
date: Thu, 09 Mar 2023 03:34:39 GMT
cache-control: no-store, no-cache, private
server: nginx
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Thu, 09 Mar 2023 03:34:39 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

Pug
image2.pubmatic.com/AdServer/ Frame 7786
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEC4be2Wkl2awLY_SvPYbEMU&google_cver=1

42 B
300 B

145ms
20ms

Image
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEC4be2Wkl2awLY_SvPYbEMU&google_cver=1
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158497
Protocol: H2
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

content-type: image/gif; charset=utf-8
date: Thu, 09 Mar 2023 03:34:39 GMT
cache-control: no-store, no-cache, private
server: nginx
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Thu, 09 Mar 2023 03:34:39 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEC4be2Wkl2awLY_SvPYbEMU&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 379
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pubmatic
um.simpli.fi/ Frame 7786 43 B
613 B 113ms
17ms Image
image/gif 35.204.158.49
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158497

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

35.204.158.49 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

49.158.204.35.bc.googleusercontent.com

Software

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 03:34:39 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 43
expires: Wed, 08 Mar 2023 03:34:39 GMT

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame 7786
Redirect Chain

https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=176919369591299655

42 B
219 B

15ms
14ms

Image
image/gif

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=176919369591299655
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158497
Protocol: H2
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

content-type: image/gif; charset=utf-8
date: Thu, 09 Mar 2023 03:34:38 GMT
cache-control: no-store, no-cache, private
server: nginx
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Thu, 09 Mar 2023 03:34:39 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=176919369591299655
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H2 200 generic
match.adsrvr.org/track/cmf/ Frame 7786 70 B
266 B 155ms
35ms Image
image/gif 3.33.220.150
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158497
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.33.220.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Thu, 09 Mar 2023 03:34:39 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H2 200 389B1C7D-66D3-46E8-82A6-7EF23C70ED44
pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame 7786 43 B
605 B 200ms
34ms Image
image/gif 2a05:d018:d29:3602:c4cb:4322:c3f3:dc8d
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pr-bh.ybp.yahoo.com/sync/pubmatic/389B1C7D-66D3-46E8-82A6-7EF23C70ED44?gdpr=0&gdpr_consent=

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158497

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a05:d018:d29:3602:c4cb:4322:c3f3:dc8d Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

ATS /

Resource Hash

48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Security Headers

Name	Value
Content-Security-Policy	sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 03:34:39 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
content-type: image/gif
content-length: 43

GET
H2

200

SPug
image4.pubmatic.com/AdServer/ Frame 7786
Redirect Chain

https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=389B1C7D-66D3-46E8-82A6-7EF23C70ED44&redir=true&gdpr=0&gdpr_consent=
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-2R7VCM5E2uUXg9ySHTdQzXwbbHbU_KY-~A&gdpr=0

0
261 B

370ms
134ms

Image
text/plain

185.64.190.81
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-2R7VCM5E2uUXg9ySHTdQzXwbbHbU_KY-~A&gdpr=0
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158497
Protocol: H2
Server: 185.64.190.81 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 03:34:39 GMT
cache-control: no-store, no-cache, private
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location: https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-2R7VCM5E2uUXg9ySHTdQzXwbbHbU_KY-~A&gdpr=0
date: Thu, 09 Mar 2023 03:34:39 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.25
age: 0
content-length: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame 7786
Redirect Chain

https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
https://x.bidswitch.net/ul_cb/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
https://r.scoota.co/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic
https://r.scoota.co/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic
https://x.bidswitch.net/sync?dsp_id=29&expires=30&user_id=734537a3-8ca9-4b0b-a4a9-92da98b7fb75&ssp=pubmatic
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=002591d0-be1d-4fea-ac54-d8ebee6e0e4e&gdpr=&gdpr_consent=&gdpr_pd=

1 B
185 B

35ms
33ms

Image
text/html

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=002591d0-be1d-4fea-ac54-d8ebee6e0e4e&gdpr=&gdpr_consent=&gdpr_pd=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158497
Protocol: H2
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

content-type: text/html; charset=utf-8
date: Thu, 09 Mar 2023 03:34:39 GMT
cache-control: no-store, no-cache, private
server: nginx
content-length: 1
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location: //simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=002591d0-be1d-4fea-ac54-d8ebee6e0e4e&gdpr=&gdpr_consent=&gdpr_pd=
date: Thu, 09 Mar 2023 03:34:40 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

OPTIONS
H2 200 sid
mug.criteo.com/ Frame 0
0 223ms
16ms Preflight
application/json 178.250.0.157
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: null
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET
access-control-allow-origin: null
cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
content-type: application/json; charset=utf-8
date: Thu, 09 Mar 2023 03:34:39 GMT
expires: 0
pragma: no-cache
server: Kestrel
server-processing-duration-in-ticks: 459555
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame F35A 33 KB
10 KB 23ms
22ms Script
text/html 23.64.52.128
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.64.52.128 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-64-52-128.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: 41f18ae2ab5bcfbe209bf3c0da4925685c189a2889a1a4721f1c2cba3e8084b6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/usync.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date: Thu, 09 Mar 2023 03:34:39 GMT
Content-Encoding: gzip
Last-Modified: Thu, 09 Mar 2023 02:05:56 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=81094
Connection: keep-alive
Content-Length: 9996
Expires: Fri, 10 Mar 2023 02:06:13 GMT

GET
H/1.1 200
OK usermatch Show response
ssum-sec.casalemedia.com/ Frame 67D1 2 KB
2 KB 175ms
11ms Document
text/html 185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to

Full URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.orientaldaily.com.my%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Requested by: Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: 051242bce1b79bb1cc7b900a769d9f80ed3e63a7b292c6caf6847b5d2bd7bb7f

Request headers

Referer: https://js-sec.indexww.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: no-cache
Connection: Keep-Alive
Content-Length: 1641
Content-Type: text/html
Date: Thu, 09 Mar 2023 03:34:39 GMT
Expires: 0
Keep-Alive: timeout=1, max=500
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Pragma: no-cache
Server: Apache

GET
H/1.1

204
No Content

tap.php
pixel.rubiconproject.com/ Frame F35A
Redirect Chain

https://token.rubiconproject.com/token?pid=2974&pt=n&a=1
https://pr-bh.ybp.yahoo.com/sync/rubicon/3zgesRSdC0ZqPShI6G8t0sn5EUdSAgOZEtemQ7w0kco?csrc=
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-ePawAX1E2oLmB3UV4B4heGfFSGj0w8vBRz9Ceg--~A

0
239 B

7ms
7ms

Image
image/gif

69.173.144.138
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-ePawAX1E2oLmB3UV4B4heGfFSGj0w8vBRz9Ceg--~A
Protocol: HTTP/1.1
Server: 69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
X-RPHost: 5b959e9b7aef6dd90a6fa539ca64ac62
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

date: Thu, 09 Mar 2023 03:34:39 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
location: https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-ePawAX1E2oLmB3UV4B4heGfFSGj0w8vBRz9Ceg--~A
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame F35A
Redirect Chain

https://token.rubiconproject.com/token?pid=25470
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEYwSzI0UEMtMVgtNEo4Vw==

170 B
188 B

58ms
51ms

Image
image/png

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEYwSzI0UEMtMVgtNEo4Vw==

Protocol

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 09 Mar 2023 03:34:39 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEYwSzI0UEMtMVgtNEo4Vw==
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 704c1e4d3fcc922a3031d436b584678b
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2 200 rubicon
match.adsrvr.org/track/cmf/ Frame F35A 70 B
265 B 42ms
34ms Image
image/gif 3.33.220.150
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/rubicon
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.33.220.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Thu, 09 Mar 2023 03:34:39 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H2

200

setuid
px.ads.linkedin.com/ Frame F35A
Redirect Chain

https://token.rubiconproject.com/token?pid=36584
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LF0K24PC-1X-4J8W

0
648 B

341ms
181ms

Image
text/plain

2620:1ec:21::14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LF0K24PC-1X-4J8W
Protocol: H2
Server: 2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 03:34:39 GMT
x-li-pop: afd-prod-lor1-x
x-msedge-ref: Ref A: 566835DF1969447AB3903FDF75F30186 Ref B: FRAEDGE1510 Ref C: 2023-03-09T03:34:39Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-lor1
x-li-proto: http/2
content-length: 0
x-li-uuid: AAX2b1Meqrucgy2E22eEKg==

Redirect headers

Location: https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LF0K24PC-1X-4J8W
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: e06182bf224d96e6550f4595601cdb0b
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1

200
OK

ecm3
aax-eu.amazon-adsystem.com/s/ Frame F35A
Redirect Chain

https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=
https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=WLG185t8Q8uva6Q2RSyukA&rk=usync-other
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=WLG185t8Q8uva6Q2RSyukA

43 B
479 B

34ms
33ms

Image
image/gif

67.220.226.238
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=WLG185t8Q8uva6Q2RSyukA

Protocol

HTTP/1.1

Server

67.220.226.238 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 09 Mar 2023 03:34:39 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: S75C1NKNQ4XXSPE0B3AB
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location: https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=WLG185t8Q8uva6Q2RSyukA
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 5b959e9b7aef6dd90a6fa539ca64ac62
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1 200
OK dcm
s.amazon-adsystem.com/ Frame F35A 43 B
855 B 499ms
131ms Image
image/gif 52.46.143.56
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.46.143.56 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 09 Mar 2023 03:34:40 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: EGBGB02Y0GSREX9M7XCC
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1

204
No Content

tap.php
pixel.rubiconproject.com/ Frame F35A
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEIcASqJnCRaaGFSVkKTWz_U&google_cver=1

0
239 B

10ms
9ms

Image
image/gif

69.173.144.138
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEIcASqJnCRaaGFSVkKTWz_U&google_cver=1
Protocol: HTTP/1.1
Server: 69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
X-RPHost: 5b959e9b7aef6dd90a6fa539ca64ac62
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma: no-cache
date: Thu, 09 Mar 2023 03:34:39 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEIcASqJnCRaaGFSVkKTWz_U&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 326
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame F35A
Redirect Chain

https://token.rubiconproject.com/token?pid=2249&pt=n
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=OTdiYzUzODJmYTY2NWVjNjA5NzIyMzhlMTdkNDg2ZTM2MDIxYzdhNQ

170 B
188 B

52ms
47ms

Image
image/png

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=OTdiYzUzODJmYTY2NWVjNjA5NzIyMzhlMTdkNDg2ZTM2MDIxYzdhNQ

Protocol

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 09 Mar 2023 03:34:39 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=OTdiYzUzODJmYTY2NWVjNjA5NzIyMzhlMTdkNDg2ZTM2MDIxYzdhNQ
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: de8527bfa1ccfd6c1590da0d3b6cff52
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1 200
OK dcm
s.amazon-adsystem.com/ Frame 67D1 43 B
855 B 492ms
132ms Image
image/gif 52.46.143.56
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZAlTyvjUpeZJG3e3wedcfAAADJ4AAAAB&gpp=&gpp_sid=

Requested by

Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.orientaldaily.com.my%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.46.143.56 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 09 Mar 2023 03:34:40 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: FTVH6VRSVKYK6MT2J6F1
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 casale
match.adsrvr.org/track/cmf/ Frame 67D1 70 B
265 B 37ms
35ms Image
image/gif 3.33.220.150
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/casale
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.orientaldaily.com.my%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.33.220.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Thu, 09 Mar 2023 03:34:39 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H/1.1

200
OK

usermatchredir
ssum-sec.casalemedia.com/ Frame 67D1
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZAlTyvjUpeZJG3e3wedcfAAADJ4AAAAB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEB9ryqJqwEpEV7cSxFWl9uY&google_cver=1

43 B
632 B

11ms
10ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEB9ryqJqwEpEV7cSxFWl9uY&google_cver=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.orientaldaily.com.my%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 09 Mar 2023 03:34:39 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=499
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Thu, 09 Mar 2023 03:34:39 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEB9ryqJqwEpEV7cSxFWl9uY&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 364
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ZAlTyvjUpeZJG3e3wedcfAAADJ4AAAAB
pr-bh.ybp.yahoo.com/sync/casale/ Frame 67D1 43 B
604 B 45ms
32ms Image
image/gif 2a05:d018:d29:3602:c4cb:4322:c3f3:dc8d
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pr-bh.ybp.yahoo.com/sync/casale/ZAlTyvjUpeZJG3e3wedcfAAADJ4AAAAB?gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=

Requested by

Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.orientaldaily.com.my%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a05:d018:d29:3602:c4cb:4322:c3f3:dc8d Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

ATS /

Resource Hash

48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Security Headers

Name	Value
Content-Security-Policy	sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 03:34:39 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
content-type: image/gif
content-length: 43

GET
H/1.1 200
OK user-registering
ads.stickyadstv.com/ Frame 67D1 43 B
694 B 879ms
53ms Image
image/gif 2.18.79.139
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.stickyadstv.com/user-registering?dataProviderId=1025&userId=ZAlTyvjUpeZJG3e3wedcfAAA%263230&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.orientaldaily.com.my%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.79.139 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-18-79-139.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 09 Mar 2023 03:34:40 GMT
Server: nginx
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 43
x-sticky-vk: 1678332880011052-503
Expires: Thu, 09 Mar 2023 03:34:40 GMT

GET
H/1.1

200
OK

crum
dsum-sec.casalemedia.com/ Frame 67D1
Redirect Chain

https://gu.dyntrk.com/adx/ie/us.php?dynk=1nd3xx6ch1
https://gu.dyntrk.com/adx/ie/us.php?dynk=1nd3xx6ch1&prevuid=&knw=0
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=

43 B
632 B

9ms
8ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.orientaldaily.com.my%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 09 Mar 2023 03:34:39 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=499
Content-Length: 43
Expires: 0

Redirect headers

date: Thu, 09 Mar 2023 03:34:39 GMT
server: nginx
transfer-encoding: chunked
access-control-allow-methods: POST, GET, OPTIONS
p3p: CP="NOI DEV OUR BUS UNI"
access-control-allow-origin: *
location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=
content-type: text/html; charset=UTF-8
cache-control: no-cache
keep-alive: timeout=10
access-control-allow-headers: Origin

GET
H/1.1

200
OK

crum
dsum-sec.casalemedia.com/ Frame 67D1
Redirect Chain

https://match.prod.bidr.io/cookie-sync/ie
https://match.prod.bidr.io/cookie-sync/ie?_bee_ppp=1
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AAFrcE7IEqgAAB-HxJVZfA&expiration=1679542479

43 B
632 B

8ms
7ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AAFrcE7IEqgAAB-HxJVZfA&expiration=1679542479
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.orientaldaily.com.my%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 09 Mar 2023 03:34:39 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=498
Content-Length: 43
Expires: 0

Redirect headers

location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AAFrcE7IEqgAAB-HxJVZfA&expiration=1679542479
Date: Thu, 09 Mar 2023 03:34:39 GMT
strict-transport-security: max-age=2592000; includeSubDomains
Server: gunicorn
Connection: keep-alive
Content-Length: 0

GET
H/1.1

200
OK

crum
dsum-sec.casalemedia.com/ Frame 67D1
Redirect Chain

https://c1.adform.net/serving/cookie/match?party=29
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=111&external_user_id=176919369591299655&expiration=1679542479

43 B
632 B

27ms
8ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=111&external_user_id=176919369591299655&expiration=1679542479
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.orientaldaily.com.my%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 09 Mar 2023 03:34:39 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=500
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Thu, 09 Mar 2023 03:34:39 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=111&external_user_id=176919369591299655&expiration=1679542479
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H2 200 htw-pixel.gif
cdn.indexww.com/ht/ Frame 67D1 43 B
352 B 429ms
21ms Image
image/gif 104.18.11.47
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.indexww.com/ht/htw-pixel.gif?ZAlTyvjUpeZJG3e3wedcfAAA%263230
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.orientaldaily.com.my%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.11.47 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 03:34:40 GMT
cf-cache-status: HIT
last-modified: Tue, 24 Jan 2017 19:36:04 GMT
server: cloudflare
age: 595
etag: "761e21-2b-546dc3a097100"
vary: Accept-Encoding
content-type: image/gif
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
edge-control: cache-maxage=1h
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 7a5043740aba2bcf-FRA
content-length: 43
expires: Fri, 10 Mar 2023 03:34:40 GMT

GET
H2 200 SPug Show response
simage4.pubmatic.com/AdServer/ Frame 7786 0
261 B 64ms
15ms Script
text/plain 198.47.127.20
GTT-BACKBONE GTT

General

Check archive.org

Show headers Download Go to

Full URL: https://simage4.pubmatic.com/AdServer/SPug?partnerID=158497&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158497
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 198.47.127.20 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 03:34:39 GMT
cache-control: no-store, no-cache, private
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

POST
H2 200 nhwimp Show response
nhwimp.izooto.com/ 0
67 B 208ms
163ms XHR
text/plain 2606:4700::6812:d841
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://nhwimp.izooto.com/nhwimp
Requested by: Host: cdn.izooto.com
URL: https://cdn.izooto.com/scripts/sdk/izooto.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:d841 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.orientaldaily.com.my/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

access-control-allow-origin: *
date: Thu, 09 Mar 2023 03:34:43 GMT
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 7a504386192637f2-FRA
content-length: 0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssml29QN-lnL8uG3FujmmvTjtzNvpIW20OnfGUneVV9TnyxaxS9jRD-EX6Lf4aKjSZfX9Rzleefil5NfBKDI7JpUXe-0Lsa3W1VuFm7IIoxghBacJod&sig=Cg0ArKJSzLyriBtHsOq-EAE&id=lidartos&mcvt=0&p=0,0,0,0&mtos=0,0,0,0,0&tos=0,0,0,0,0&v=20230308&bin=7&avms=nio&bs=1600,1200&mc=0&vu=1&app=0&itpl=19&adk=2723660011&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=3&r=b&rst=1678332875187&rpt=453&isd=0&lsd=0&ec=1&met=ce&wmsd=0&pbe=0&vae=0&spb=0

Verdicts & Comments Add Verdict or Comment

325 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

88 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.orientaldaily.com.my/	1970-01-20 10:55:24	Name: _pbjs_userid_consent_data Value: 3524755945110770
.rubiconproject.com/	1970-01-20 18:57:48	Name: khaos Value: LF0K24PC-1X-4J8W
.rubiconproject.com/	1970-01-20 18:57:48	Name: audit Value: 1\|hLZGFuTafB0kZ+i0FmX3GT5APvdogVCbaTd6KyMQnaub55ZO9yeic/+U4h6pAAWAhc5mWTl0hg3EuDOhE/cB3QSc5GZBEYrS4HEYI5ehIrWk31dy+44429zpQ7vzkXQ/
.orientaldaily.com.my/	1970-01-20 19:48:12	Name: am_FPID Value: de7fde16-cac5-489a-9b49-684cddc62c8b
.orientaldaily.com.my/	1970-01-20 19:48:12	Name: _ga_9ZN17BGY3K Value: GS1.1.1678332873.1.0.1678332873.0.0.0
.orientaldaily.com.my/	1970-01-20 19:48:12	Name: _ga Value: GA1.3.638583148.1678332873
.orientaldaily.com.my/	1970-01-20 10:13:39	Name: _gid Value: GA1.3.1819105100.1678332874
.orientaldaily.com.my/	1970-01-20 10:12:12	Name: _gat_UA-21383972-1 Value: 1
.orientaldaily.com.my/	1970-01-20 19:33:48	Name: __gads Value: ID=64973f328da939c8:T=1678332873:S=ALNI_MbE14cq7dBe_WRFUOlwE5FB34ovXw
.orientaldaily.com.my/	1970-01-20 19:33:48	Name: __gpi Value: UID=00000bc2978e7b95:T=1678332873:RT=1678332873:S=ALNI_MacC6EY_hYLu4E-ip-_VDQHDPAqyA
.doubleclick.net/	1970-01-20 19:33:48	Name: IDE Value: AHWqTUm6_UpoJte1LmBIacD8rNmn_p5dBcQCOaL-NFK8Q8G2ZCk4jDgzUeCCfTCunJE
.orientaldaily.com.my/	1970-01-20 12:21:48	Name: _fbp Value: fb.2.1678332874232.1651155222
.izooto.com/	1970-01-20 19:48:12	Name: IZCID Value: a0fcff3b-1852-4cc8-828d-87d51443630f
.casalemedia.com/	1970-01-20 18:57:48	Name: CMID Value: ZAlTyvjUpeZJG3e3wedcfAAA
.casalemedia.com/	1970-01-20 12:21:48	Name: CMPS Value: 3230
.casalemedia.com/	1970-01-20 12:21:48	Name: CMPRO Value: 3230
.adnxs.com/	1970-01-20 12:21:48	Name: uuid2 Value: 7313373080911371245
.adnxs.com/	1970-01-20 12:21:48	Name: anj Value: dTM7k!M41.D>6NRF']wIg2C%ww5Fha!]tbPl1M>e)ZlrFUfJ+tGXxoec:lrx=4Iw(B'622Sl2s)a=oS5YZRpo=/Jl*3If)y3KL9D3I?+715H4P
.dable.io/	1970-01-20 10:30:43	Name: _gg_ck_match Value: 1
.dable.io/	1970-01-20 10:30:43	Name: _nas_ck_match Value: 1
.dable.io/	1970-01-20 10:30:43	Name: _nh_ck_match Value: 1
.dable.io/	1970-01-20 10:30:43	Name: _gn_ck_match Value: 1
.dable.io/	1970-01-20 10:30:43	Name: _kko_ck_match Value: 1
.www.orientaldaily.com.my/	1970-01-20 19:48:12	Name: dable_uid Value: 00000000.0000000000000
.redintelligence.net/	1970-01-20 12:21:48	Name: 8lcfmzhxc8d6_uid Value: f9e4637f5986e146
.yahoo.com/	1970-01-20 18:58:10	Name: A3 Value: d=AQABBMxTCWQCENcxRz-bjVqUN-YiPyhYJyAFEgEBAQGlCmQTZAAAAAAA_eMAAA&S=AQAAArHMMKGlnnyhqv4RJIReYFE
.demdex.net/	1970-01-20 14:31:24	Name: demdex Value: 63587191003890494922291085960355266704
.pubmatic.com/	1970-01-20 18:57:48	Name: KADUSERCOOKIE Value: 389B1C7D-66D3-46E8-82A6-7EF23C70ED44
.tradedoubler.com/	1970-01-20 18:57:48	Name: UI Value: 1z11zzyxzJle6iztbDyOOSY
.tradedoubler.com/	1970-01-20 18:57:48	Name: BT Value: 1z11zzyxzNL1pWzdkXRapizzGx1y2x1yIx1y3x1yJx1yKx1y5x1y6x1y8x1yAx1yBx1yDx1z9ydkXRapi
.tradedoubler.com/	1970-01-20 18:57:48	Name: PI Value: 1z11z1zyxz2AnPEez7ab3y1y21FmOy1FRDyyy7WPTyvUky2KTq0tyyEo1KrnbdEWpVSOJbqZ5gOGH7kGuIlOfmt2vntWSqsqbmG5OQCqdjga9Ty
pb.media01.eu/	1969-12-31 23:59:59	Name: ASP.NET_SessionId Value: cuyatqr1lsbnv0mjmdwzmbrb
pb.media01.eu/	1970-01-20 19:48:12	Name: DTU Value: 44E09D66E59FB376DF0CE8B2489C7055
.dpm.demdex.net/	1970-01-20 14:31:24	Name: dpm Value: 63587191003890494922291085960355266704
.pubmatic.com/	1970-01-20 10:55:24	Name: KRTBCOOKIE_1051 Value: 22884-18072662266092918314
.krxd.net/	1970-01-20 14:31:24	Name: _kuid_ Value: PbGrA71g
.toast.com/	1970-01-20 19:48:12	Name: BID Value: QPSGFKJO6VTF632EC6AHPH4XY
.toast.com/	1970-01-20 14:31:24	Name: txmed_1440080439 Value: 00000000.0000000000000_:_EXP_:_1693884876
.toast.com/	1970-01-20 14:31:24	Name: txsync Value: 1678332876
.tribalfusion.com/	1970-01-20 12:21:48	Name: ANON_ID Value: atnxvYriIt7P3PTReBiRxJHVjuOxgZdAuIASqslIa1XNjZc35rF0yshu6DoRYKrked3lZcfYlVT1dcDZc8gbGGROwZbR5MdevqwHOZbDs93YgAKEWe451GqnAcELSwrAuebOixapsX
.office-partner.de/	1970-01-20 19:48:12	Name: source Value: {"webgains_webgains":{"timestamp":1678332877110,"clickCookie":false}}
.ad.daum.net/	1970-01-20 12:21:48	Name: DSPR Value: %7B%22v%22%3A1%2C%22dr%22%3A%7B%22t%22%3A%2220230309%22%2C%22u%22%3A%2200000000.0000000000000%22%7D%7D
.ds.kakao.com/	1970-01-20 12:21:48	Name: DSPR Value: %7B%22v%22%3A1%2C%22dr%22%3A%7B%22t%22%3A%2220230309%22%2C%22u%22%3A%2200000000.0000000000000%22%7D%7D
.pubmatic.com/	1970-01-20 12:21:48	Name: chkChromeAb67Sec Value: 1
.pubmatic.com/	1970-01-20 10:13:39	Name: pi Value: 158497:3
.pubmatic.com/	1970-01-20 12:21:48	Name: DPSync3 Value: 1679529600%3A241_235_201_245
.pubmatic.com/	1970-01-20 12:21:48	Name: SyncRTB3 Value: 1679529600%3A13_21_54_8_3_220_7_71_161_56_251%7C1680912000%3A203%7C1679184000%3A63%7C1678924800%3A223%7C1679616000%3A35
.analytics.yahoo.com/	1970-01-20 18:57:48	Name: IDSYNC Value: "18gs~2aer:18z8~2aer"
.pubmatic.com/	1970-01-20 10:55:24	Name: KRTBCOOKIE_57 Value: 22776-7313373080911371245&KRTB&23339-7313373080911371245
.adfarm1.adition.com/	1970-01-20 12:21:48	Name: UserID1 Value: 7208384827111962768
.pubmatic.com/	1970-01-20 10:55:24	Name: KRTBCOOKIE_1101 Value: 23040-7208384827111962768&KRTB&23278-7208384827111962768&KRTB&23369-7208384827111962768
.weborama.fr/	1970-01-20 19:38:08	Name: AFFICHE_W Value: xM6@BWNbcXvE90
.de17a.com/	1970-01-20 18:50:36	Name: guid Value: 1.2582284890286784696
.quantserve.com/	1970-01-20 12:21:48	Name: d Value: ENQBCwG8KPijAA
.quantserve.com/	1970-01-20 19:42:27	Name: mc Value: 640953cf-6396d-4aec9-4f1fd
.simpli.fi/	1970-01-20 18:59:15	Name: suid Value: B1A5DECF3FC2407194EF86A9CA2C264B
.adform.net/	1970-01-20 10:56:51	Name: C Value: 1
.adform.net/	1970-01-20 11:38:36	Name: uid Value: 176919369591299655
.pubmatic.com/	1970-01-20 10:55:24	Name: KRTBCOOKIE_391 Value: 22924-176919369591299655&KRTB&23263-176919369591299655
.pubmatic.com/	1970-01-20 10:55:24	Name: KRTBCOOKIE_153 Value: 1923-ZT2gp2Y68_h-P6OnZW29qjJs86d-PfavNW3KjcOG&KRTB&19420-ZT2gp2Y68_h-P6OnZW29qjJs86d-PfavNW3KjcOG&KRTB&22979-ZT2gp2Y68_h-P6OnZW29qjJs86d-PfavNW3KjcOG&KRTB&23462-ZT2gp2Y68_h-P6OnZW29qjJs86d-PfavNW3KjcOG
.pubmatic.com/	1970-01-20 10:55:24	Name: PugT Value: 1678332879
.pubmatic.com/	1970-01-20 10:55:24	Name: KRTBCOOKIE_336 Value: 5844-2582284890286784696
.pubmatic.com/	1970-01-20 10:55:24	Name: KRTBCOOKIE_80 Value: 16514-CAESEC4be2Wkl2awLY_SvPYbEMU&KRTB&22987-CAESEC4be2Wkl2awLY_SvPYbEMU&KRTB&23025-CAESEC4be2Wkl2awLY_SvPYbEMU&KRTB&23386-CAESEC4be2Wkl2awLY_SvPYbEMU
.bidswitch.net/	1970-01-20 18:57:48	Name: tuuid Value: 002591d0-be1d-4fea-ac54-d8ebee6e0e4e
.bidswitch.net/	1970-01-20 18:57:48	Name: c Value: 1678332879
.bidswitch.net/	1970-01-20 18:57:48	Name: tuuid_lu Value: 1678332879
.orientaldaily.com.my/	1970-01-20 19:33:48	Name: cto_bundle Value: 1GfwrV9ZTkJOUXRvRU44ZnVONWp2M21uaUFDOU42Nm5zVXlUJTJGdHZyRkgyOTNsbWdCbkpnd0JMJTJCVWVnVEd6dkRKZVhMN0Z6UjhVVEpvWSUyRjRsclU1QmlVMnJhNjJMajhGcE5oTWRhQ3hLZ3JZZ0JQU2hPNkRucVVybjBTdHEwSjBaWCUyQmRm
.orientaldaily.com.my/	1970-01-20 19:33:48	Name: cto_bidid Value: RzbBb19OcUlIY2VMWXRtVWlHc1d1T3c0dGd0N1JSNjElMkJ2ZSUyQnRDaXlNd3FweDZsMlRtd0VxUnM4SHFCMGQ0NnlvNTY4a3MyNkdXWkxSRUk0bFFoQU9LbCUyQlFBVSUyQjdwaFBqeGdXVjFLMFJMOGFOM2lvJTNE
.amazon-adsystem.com/	1970-01-20 15:08:51	Name: ad-id Value: Awy562xGPED5mNVVbdfTINg
.amazon-adsystem.com/	1970-01-20 19:48:12	Name: ad-privacy Value: 0
.pubmatic.com/	1970-01-20 10:55:24	Name: SPugT Value: 1678332879
.audrte.com/	1970-01-20 10:33:48	Name: arcki2 Value: 2l6Tzwly-5MQBay3B-IDRA8hA!20220908!1678332879725!ip#185.213.155.181
.audrte.com/	1970-01-20 10:33:48	Name: arcki2_pubmatic Value: 389B1C7D-66D3-46E8-82A6-7EF23C70ED44!20220908!1678332879728
.bidr.io/	1970-01-20 19:40:42	Name: bito Value: AAFrcE7IEqgAAB-HxJVZfA
.bidr.io/	1970-01-20 19:40:42	Name: bitoIsSecure Value: ok
.audrte.com/	1970-01-20 10:33:48	Name: arcki2_ddp2 Value: 2l6Tzwly-5MQBay3B-IDRA8hA!20220908!1678332879893
.linkedin.com/	1970-01-20 18:57:48	Name: bcookie Value: "v=2&eb8a8456-03fc-4225-8d88-c2cb71b58077"
.linkedin.com/	1970-01-20 14:31:24	Name: li_gc Value: MTswOzE2NzgzMzI4Nzk7MjswMjEWQDLG+gfs/TDY4rjxMleIK8ySivez7ioJXecN6GzfDA==
.linkedin.com/	1970-01-20 10:13:39	Name: lidc Value: "b=OGST04:s=O:r=O:a=O:p=O:g=2822:u=1:x=1:i=1678332879:t=1678419279:v=2:sig=AQFe0L2QR9F0gNlMn_yEG-CYpzm58NbF"
.mathtag.com/	1970-01-20 19:38:08	Name: uuid Value: 9dde6409-53d0-4f00-bb19-51a018b3ce92
.scoota.co/	1970-01-20 19:48:12	Name: tuuid Value: 734537a3-8ca9-4b0b-a4a9-92da98b7fb75
.scoota.co/	1970-01-20 19:48:12	Name: c Value: 1678332880
.scoota.co/	1970-01-20 19:48:12	Name: tuuid_lu Value: 1678332880
.pubmatic.com/	1970-01-20 10:55:24	Name: KRTBCOOKIE_27 Value: 16735-uid:9dde6409-53d0-4f00-bb19-51a018b3ce92&KRTB&16736-uid:9dde6409-53d0-4f00-bb19-51a018b3ce92&KRTB&23019-uid:9dde6409-53d0-4f00-bb19-51a018b3ce92&KRTB&23114-uid:9dde6409-53d0-4f00-bb19-51a018b3ce92
.pubmatic.com/	1970-01-20 10:55:24	Name: KRTBCOOKIE_466 Value: 16530-002591d0-be1d-4fea-ac54-d8ebee6e0e4e
.audrte.com/	1970-01-20 10:33:48	Name: arcki2_adform Value: 176919369591299655!20220908!1678332880283
.ads.stickyadstv.com/	1970-01-20 10:55:24	Name: UID Value: 669d22e4b2cf4f26a316d1e31b4cf4
.ads.stickyadstv.com/	1970-01-20 10:55:24	Name: uid-bp-34673 Value: ZAlTyvjUpeZJG3e3wedcfAAA&3230

6 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://www.orientaldaily.com.my/(Line 426) Message: Unrecognized feature: 'web-share'.
network	error	URL: https://ads.pubmatic.com/AdServer/js/pwt/990468/8969/pwt.js Message: Failed to load resource: the server responded with a status of 404 ()
other	warning	URL: https://25f0b6c781c28f0ec66a58e178665f44.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html(Line 15) Message: Origin trial controlled feature not enabled: 'attribution-reporting'.
other	warning	URL: https://www.googletagservices.com/dcm/impl_v95.js(Line 97) Message: Unrecognized feature: 'attribution-reporting'.
network	error	URL: https://cs.gssprt.jp/yie/ld/cs?dspid=dable&uid=00000000.0000000000000 Message: Failed to load resource: the server responded with a status of 403 ()
network	error	URL: https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=389B1C7D-66D3-46E8-82A6-7EF23C70ED44&gdpr=0&gdpr_consent= Message: Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

25f0b6c781c28f0ec66a58e178665f44.safeframe.googlesyndication.com
47ad345191e702c3a5b895d83c644918.safeframe.googlesyndication.com
5994599.fls.doubleclick.net
a.audrte.com
a.teads.tv
a.tribalfusion.com
aax-eu.amazon-adsystem.com
act.ds.kakao.com
ad-server.eu
ad.doubleclick.net
adasia-d.openx.net
ads.eu.criteo.com
ads.pubmatic.com
ads.stickyadstv.com
adservice.google.com
adservice.google.de
adv.office-partner.de
ajax.googleapis.com
analytics.ad.daum.net
analytics.webgains.io
anymind360.com
api.dable.io
api.webgains.io
beacon.krxd.net
buttons-config.sharethis.com
c.amazon-adsystem.com
c1.adform.net
cat.nl3.eu.criteo.com
cdn.id5-sync.com
cdn.indexww.com
cdn.izooto.com
cdn.jsdelivr.net
cdn.track.production.webgains.team
cdnjs.cloudflare.com
cm-exchange.toast.com
cm.g.doubleclick.net
cms.quantserve.com
code.createjs.com
connect.facebook.net
contextual.media.net
cr.frontend.weborama.fr
cs.gssprt.jp
csm.eu.criteo.net
d5p.de17a.com
dis.criteo.com
dmp.adform.net
dpm.demdex.net
dsp.adfarm1.adition.com
dsum-sec.casalemedia.com
eb2.3lift.com
eus.rubiconproject.com
fastlane.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
global.cloud.netacuity.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
gu.dyntrk.com
gum.criteo.com
hal9000.redintelligence.net
hal900017.redintelligence.net
hal900027.redintelligence.net
hbopenbid.pubmatic.com
htlb.casalemedia.com
ib.adnxs.com
id5-sync.com
idsync.frontend.weborama.fr
image2.pubmatic.com
image4.pubmatic.com
image6.pubmatic.com
img.tradedoubler.com
impfr.tradedoubler.com
js-sec.indexww.com
l.sharethis.com
lb.eu-1-id5-sync.com
match.adsrvr.org
match.prod.bidr.io
media5.orientaldaily.com.my
medialead.de
mug.criteo.com
nh.iz.do
nhwimp.izooto.com
p.adlooxtracking.com
pagead2.googlesyndication.com
pb.media01.eu
pix.eu.criteo.net
pixel.rubiconproject.com
platform-api.sharethis.com
pr-bh.ybp.yahoo.com
prebid.media.net
prg.smartadserver.com
prod.us-east-1.cxm-bcn.publisher-services.amazon.dev
public-prod-dspcookiematching.dmxleo.com
pv.medialead.de
px.ads.linkedin.com
r-log.dable.io
r.scoota.co
region1.google-analytics.com
rtb.nl3.eu.criteo.com
rtbpass-us.andbeyond.media
s.amazon-adsystem.com
s.tribalfusion.com
s0.2mdn.net
sb.scorecardresearch.com
scontent-lhr8-1.xx.fbcdn.net
scontent.frba2-1.fna.fbcdn.net
securepubads.g.doubleclick.net
simage2.pubmatic.com
simage4.pubmatic.com
ssfpc.orientaldaily.com.my
ssum-sec.casalemedia.com
static.criteo.net
static.dable.io
static.xx.fbcdn.net
stats.g.doubleclick.net
sync.crwdcntrl.net
sync.mathtag.com
tags.expo9.exponential.com
tlx.3lift.com
token.rubiconproject.com
tpc.googlesyndication.com
track.webgains.com
u.openx.net
um.simpli.fi
ups.analytics.yahoo.com
us-u.openx.net
video-lhr8-1.xx.fbcdn.net
video-lhr8-2.xx.fbcdn.net
visitanalytics.userreport.com
wrappers.geoedge.be
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
www.orientaldaily.com.my
x.bidswitch.net
pagead2.googlesyndication.com
103.243.202.190
104.18.11.47
104.18.24.185
107.178.248.10
108.138.7.127
121.53.104.194
124.217.235.40
13.32.110.54
13.32.99.105
13.35.166.41
13.40.90.84
135.125.160.160
138.199.36.10
141.95.33.111
142.250.184.198
142.250.186.162
142.250.201.198
142.251.208.162
145.239.193.130
151.101.129.55
159.69.70.9
162.19.138.82
178.250.0.157
178.250.0.163
178.250.1.6
18.130.199.108
18.156.40.75
18.65.39.48
18.66.23.213
185.29.132.241
185.64.189.110
185.64.189.112
185.64.190.80
185.64.190.81
185.80.39.216
185.86.139.59
188.65.124.66
198.47.127.19
198.47.127.20
2.18.36.193
2.18.79.139
2001:4288:301:1:face:b00c:0:a7
2001:4860:4802:32::15
2001:4860:4802:34::36
213.155.156.166
222.230.178.130
23.64.52.128
23.9.6.40
2600:9000:2204:fe00:2:d490:4d80:93a1
2600:9000:223c:3c00:c:abe:f440:93a1
2602:803:c004:200::140
2606:4700:10::6816:3556
2606:4700::6811:190e
2606:4700::6811:3663
2606:4700::6812:19ad
2606:4700::6812:cdb
2606:4700::6812:d841
2620:116:800d:21:93ca:31d8:d86e:38f6
2620:1ec:21::14
2a00:1450:4001:806::2002
2a00:1450:4001:810::2002
2a00:1450:4001:827::2003
2a00:1450:4001:827::200a
2a00:1450:4001:82f::2008
2a00:1450:400c:c00::9b
2a00:1450:400d:803::2006
2a00:1450:400d:805::2002
2a00:1450:400d:806::2002
2a00:1450:400d:807::2001
2a00:1450:400d:808::2002
2a00:1450:400d:80a::200e
2a00:1450:400d:80c::2001
2a00:1450:400d:80c::2003
2a00:1450:400d:80d::2002
2a00:1450:400d:80d::2004
2a00:1450:400d:80e::200a
2a02:2638:3::12
2a02:2638:3::3
2a02:2638:3::9
2a02:2638::1c
2a02:2638::21
2a02:2638::c
2a02:26f0:11a::6867:4830
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f058:113:face:b00c:0:1823
2a03:2880:f058:9:face:b00c:0:1823
2a03:2880:f058:f:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
2a04:4e42:200::485
2a05:d018:d29:3602:c4cb:4322:c3f3:dc8d
2a0b:4d07:401::1
3.33.220.150
3.37.19.165
3.38.85.21
3.75.62.37
34.107.148.139
34.107.231.31
34.111.129.221
34.111.131.239
35.204.158.49
35.244.159.8
37.157.4.24
37.252.171.84
44.197.91.112
52.0.191.77
52.17.243.237
52.208.205.244
52.214.158.183
52.222.139.62
52.29.147.93
52.29.239.121
52.31.80.193
52.46.143.56
54.171.214.88
54.194.106.129
54.76.176.197
67.220.226.238
69.16.175.42
69.173.144.138
76.223.111.18
78.46.111.106
78.46.23.46
85.114.159.93
88.198.250.30
92.123.36.4
92.123.38.97
94.23.99.218
001f718378e98773141ec1cf103fc1fb512c2025b5396ec76593c2c028d90696
003ab203aa11cb3ff3da2225f34413d8b77842d2b4597f4b9349d67dab7a0a0d
00b9fdbc4b1ebc9ffe2fb61afb7dbb78294009c11543b6a9d5649061ac338df7
04d9b9174743260b17176d8c27b77d412487cca6cc412f8bdd7319e33dca16e4
051242bce1b79bb1cc7b900a769d9f80ed3e63a7b292c6caf6847b5d2bd7bb7f
056d911e5837fb8fbaec0b98bf4403cc13867e85844c1e130f8bf8bf78738f95
0570eb4e5eb88f4bfa92f3e983084fa1aa84c26e1d48d6c8da3b904a107a915a
05e77dab19940dd457e00282837faecc886434cc8cc5f631575a5e6c386de774
063ccb8a4a4095ff5fc0064f252c3a913927b086f133806030a6eb5413d6b289
0660703509222513c21686b7757a50a9df8d5171c4b81505a2ffe90ce9e5b1c2
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
08447a7421d539fe19e6fba61968dc461ee38f415317aa6e024ce07a21608e5c
090fbcc60cc0dd8c05875f3c779a606afece246dfe0fdebba6cd8ad6638e6e99
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
099d4d993ce686e96b1a6f456b88a70c2b290c1afd3b305f66c1bc63534f2dab
09fe7be89711f0dc0ba47ab8a1a1865df7b660a1f1359d29c4c3445683d2f61f
0a6906352cd058f77f63594678aba26de413a91f1973cbfeebf32ccc7aca96a7
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0bee153352b63685e80f22f1e0d6637ffe18e38c20bf3737e414c4ccb644463f
0c824753211199697732408f5f548c8283ab099303cb368b7560336d096c2c4e
0d663a8298504aa7d938ea5ce72e27f4e604c153ba1706732b698c1858b7e652
0e7639f0277ff746d9f6524f5106da22e4ce678df509b99bd293201bc858cab6
0edb88174723b3b2fd43295d4289c4af19afef358c107eff8f96786c203c1f99
0fca0294cfaf24a4db0852415eee7bcdea7b9766d59e443fb2d5f0c77eb23363
0fe290941ef198f193eb0c2d0b76b557a453cb16be083de097d990d6dc585dbf
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
146b33f2cfea9748c1bf444a4f9257da23cd544b9d1a54f0739c547154140e35
15f0bc37447fa5c1b97c98f2651c1245ce6cbe59f6746cb7d35189ea63bc33c8
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
16a9ac84a15152e7da59099fc687c86b0964506e89dbc1131830f80e503a16eb
16b432ac8f43a6b2d8aa358f41ee60e2ef5923b2645bf2c37f3a06f8334b1557
170105cb5252ff71acdc7dde058455eb7dac2c6e0744f0c81653dd832ede0b13
18032b241f713e5267c39ed23b783497b52d9d50a8dc8fff0bfe2b2cd4af01b6
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
189a29e5a4d065c56c099e301c5ab3c178105f315f0152d79df530ae4dd9f634
19e6c62be760514e8846c3853afec5882dfaf81c1da4e374e3fc24630faf5a7e
1a100b1434e7247c3c43eeb23382e9022896bd646c29f52cfb2fed33fafff373
1d6411b506100b3803555638f4f7e0c5c3576c42990b56911c4b3c6ce31c5842
1d67273facb32941b533545ce57640c505ecd8725a50994be1a26630a1c86ded
1da231be3ec7fb61bfbd27e2f5b575476a27f7663a2615158cb1ea864df5f053
1e2a4e2988cae3e87879cb8e01908c4641a4ad2c33dabe1ff5e95a4aec69ea04
1faa10261a09b68a1f55ae0f8c1d77f5fcc540afa02590ea4e32f6de4f935801
214053741e4a584ebf4535d0ac7c98c0d592192505b07f7b37d9d0d4b01a015e
2262a2d49bafb01a20482c799f7595535c0550bfac536211bd0dba05f3b4690e
230e13e44ae30c3442c531b857b2a817a85ca03f123b4a3c75720352bcb9bc8a
232d3fbf590a584138bb563319747dbef0c9e41db91f19ff45d41e785a5f4f98
234605c2f314bbf7e04fe8d579098fab8c705623e37bebc913b9dfe68a7bd7d2
23b277bc8c27d92af3a14a18a70a71e3001e710b9aa9e7c87861e83e2295a5ff
2436d93e911870ccad15e7656c85af8dc07bbf25bdaf6327d7db5ea41bc69c14
2531ea591ba94a4a4dc429acc2d5b5f8381379516757f14b193fb9ac1c0ce3a3
27f2b6d9ca8d879d52104c717eef24d3b698e9f51770ec6071de8eaa72e56d8e
2a914877c4ee7a721055c627b80b01c903577b1481c3b3700c6548e119fb9a6a
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
2d8b65c457ce00e11298407d1960105b117d2d1fe214667da0d9147d7f6acdd8
2f10fe6dd506810bc1d4d3e28a8746cf807180d0364a88be0b0d5783eb9f1cd1
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
2f840763a07b5312fc63528256e33b2b0c49ba19d3ff5a2167d3496236f0afc7
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
31b61b268350ce1d2af81a84c9d87a8ba9219c145ffb55996d5f3c74401784ca
340e79a7efae87309e8b015c70816b6d8b2aaecc5b8d4a17193f8d43bf2a7f63
341e0d761251ee538d0cad6322c66abdbf78dc7d6f3ca62f3459fab822a2103f
3486e63905bfa2e7c0751737e411431989625df054f018f6747cf24210413c05
3692cf8467560f1e5020e3315d0d7aaf944786ad2179caf249f0122bb859aa85
3772b63eb39dcce11a3014a8d4a94011954d9bef7e3f5e7c17e949b6a9c9295c
379c40020fb39d02aa888ad1a3f61d2de98486dce81d7aa5a620e8b90d8ff675
3819fc227174541f1651b23e59b5901da751984105d624450ab31e99544146af
384179ee8fb1fd393558e28ea811532ea776e8cd69f9e94f379ddefb78948bd7
3a4fda7b449ddfa3b11ceb4c715c4c2f042e2cc1949701deb1fb8098d02b9b47
3ab46407877a67e1b0dff8b28fb19957694d585dafd4018610cd0535710797d5
3aed2f459406393f83c6931be7ab701a9d83d9e24128499ac7d06f1b3baa6084
3bbac86cad483ae69ed2a87afd300c7b9d74b3403fbff02f18bd7d81a185d3eb
3e35ad65c326e292bfed1eb0b66774a0930847f2b53f5235c61d70117bc50cbf
3fbb7dc619788ae13aec18ac90445854ead7eafa6262fe5bd343485f9be7e49a
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
405ca04bea3878adcf9a21edcf63c792c1ddb7f51a4e0fd001d3e80a4fd29ffa
410ba263ed64181ca505f0bad1ef0cd4c1ebdb33dd6e89a661b426ccbc622c24
4126ffde4b9e571b1c3e55b45a7e9596e139ad2de1bdbfe851a2e2b2c7da7f38
417cf94ea9a5b2675b5ed19b12da1145aab87ec27aeb4ee9f6c304bf1216c9c2
41f18ae2ab5bcfbe209bf3c0da4925685c189a2889a1a4721f1c2cba3e8084b6
4204d99ef5989dcc816c9601a4331b09b47c315f2c6073c41571a875867c7cb5
42ae6b49f996ca54e77f4b9f29cecb3b614b41723c93866e77d64d13551c643f
453d30e6feab35156983d8f88c293ebcc88740572e4aca5ef9cb25d5ca7f3262
454016dbf6fa6ca8f91deac46b5f60678ca5c29ddc35772c4d1ba09b70853283
45445cdb742ba713feadbb749a2328f90698cc052372bb736682afcb5e7c6345
465e6c29f9565d86eb14d05b1d1a1229c4370d4869d70346191eb7297a38022a
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
4721a9cd24b309bedf491d487733dbc62e2747904be99b12989c1cfc8f6962fe
4785f439c8c88370dbc1999303d5f4f0a310d1997a5893ae94798b568e99675b
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
48af8ec046b453cff06b924d37cfab7c9b3136fec9428f99856b2b91346e0284
49be80dcdb36905015b91cb053bf0d0d63f8a00ddb142fe8e32c9255774f3e4a
49c8eb126b6cd8b764edf78962490c8a37787fdbc6310b5b3848b7bc33910320
4b140a78a7e35151ff4098c58348b4d7a506e1c29bafa6904f695d2b8bc20ed0
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4d352b80fd702f7736c4988e2c62b8c360275049fed7ee53ee14c87c2ddd9c4c
4d5c4f86aa07a673942105061dc477b7b95f08e7aec749814a20e80e2be9fda3
4d78910da55f15b014f7d5aa1f3d7e1fb6a3a3ba2bf80922c14a5269ec05b72c
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4e6beb658e0ddb9f40e89cfd82670b4432588adcf02c19545645e8177ce5c839
4eec123c863a660bb8005747d8f070346c1446531320c11a3bdf2cda930f7c60
4ef61c947239953e2afbca18eefdd0d022c7e32db285de43561b9188f74c41ae
4f0ff945c12d28c62effff8bc09b7ad76aabc037611ced0068d6efe536fc5498
4f5e6153ea2586a59a5bce88c469efd0c90b20d900d3f90baaf44cef5fc828f0
50397c5aa79d6ebdad07c9a18f0a1a1024e3d2e98101566cef88d71b8879cfaa
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
53588c6a09b35e691b55d4cc5f7fc0d5617ef36ff4581d6cce52fca27946cd9f
53e9c19809385bddb9907b35c08e3dd35307afbe708af36c2ae3b9e0d442d92e
548703c5b3f25bd130cdac45774268fd9162c65d942640851871b2ad1a69811b
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
55a9a512c5bbbb8642ea7639285eb3e9a606cf858be603c4eb95cea7632bc49f
55ab64885e89d497a2e3e3ebb57779322518fe7af2e897888256a7a320ec60ae
56105503a9c39b872ec3615e9d946bea910cc8bcf22f30f9ae7ca5f2955ca60c
5630be2fb652392f0890e37ade94df9e4d32cd2f69ee8f55b8a44d93b973f179
567f5bfaf65bc217c532596cba3773f47cb7e4e8cf338f93509348e494dbee7f
569af2fb04e92b7c002397e2b2d5da15d25775eeb836687e5348f77db14ad5c3
56abd4fc8b4f206d6660fdb7a6e8c56081d111c4dac08c35295c6d48500ef6a2
573dea8b5a27df76b56b5d17a872bf655eeadd5d7923111c100dcf4252c428ab
577130d074247ee5fa90eb49b8bb0165e0d2c6404dadcfc1feba832abeb3007d
577e1bf31bc8725166df6c42c6df94534ebb31d7b9d6e48109869d2ecce82287
581750a192eb7583673a7927b1c6317b7310afe103a4907aedd904ca5e8ea7c1
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de
5a72219aca47c37593217bf6ea839db7045e8501ea96ad9f7266c5991195e91b
5b44060031c0ee30d5b452d94317aace7ba9d2db2b374e550a4fcf8cf167266d
5b69b2a0aa4b961ac545008abb1e472f316b4ddba78f5a861baec9f28a5a1882
5d1151d3a01727a6594099d6bc5812752b1346fdda5e787ae3f641d96666988c
607c067c93be6c66b4de32a17a445e355db31be2adb526a7c014c54227a1e60e
612170aeb690659163763177c6a810499c507b66a06153fd69cf028d928e2ea5
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
61dbce7aa2ccecc67730272f173b6239241441ba052c3cb4cf2078266e4b443e
623de39974775464bec1a38f4046f1cd71247ad1f79465628f026f75299a3531
647805fef89e44e4e3942e92c192434d983722a531ff9315767c1e4196677ac0
64a0fb9cdda418f4e39f26be0bb9e121ede4af55aee2d3a93947df004db65165
659a31fc93ee1c457578c4243a8c059c071b2c6de710ba2a5841cfc4535298a2
66803d39ad6a5b8b8259327122b5deaf8561a961c3c9d5c83b2a880705bbd835
6766428abb5a01aa54de2575563a81335e06e56cec167317e46def2c02bd4fbf
67aa392d49016623c0a3097621b5855a7568d74cbd65c91b673229fb3b1a9e42
695dd27eb1e48273adc484bd6097a2963531dc3b2f61980d03e4c1b3c40c7e4e
6a7b0c8bf87b2bd5ca31557f25cf2a6c80f93af72bf68a6085e9b55a87fe908c
6a7f5c8b94aeabd36d687b1cf99c880a2a8eb481dab4d3ae98957f76567a6d42
6c95fae81c74bcffbf17e425b12ade6b9a510178a5fc66ddfaeee0d0db76c5c5
6cc212483920f1b4636c0ce41e2b06269af93b63fb0afa46f1e1c5319d601081
7073ea631cb49303e060807d387276a6b70eb95f67dcaf653978c106c1e25f18
71f9b69fc262825e43d17f4db79e52130c11d511b9e568081785fcd75db024f6
723d57b7855b528165a97a6d7b89fbcb61c249b754a31f76291d057db325c039
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48
74ed65704f5330002f4c611da5e971c6b0cdbce6c0b41696d026ffb590b7762b
750e067d58c1164a7aff6d3b9b6e2c29e13f100036f2ec4762d83f3ced39b84c
7834285adf11edb80b477051d5a8ac79671ba775b4d7d55d99bf0b2e458d72de
78a0fc9ad097afc1c62b8e35b933f8a3f0d8334a84a6d8bdc19ef0fbaffdbe8a
79945e1dd6dea7162868c12091a18fe961654b79d61092f0c3cebdf8f6c6faa6
7ae58ca4886d3d2e2a14a2ebb2033e57a546cb3cadbb5645e1a03a7c6ec6ddde
7bc0c4519150a490750c0f9f77857d5af952bca0bad56e3db6d24bd79f18b4e7
7bf9c9cb00bd532b1ac17fc6babd801383146fd2e97af39bf6c7fbbb5b7f8411
7ca7a1e30027e42d510cd253b29f1b9f505c04b9af48c9ed20804d9d8006faff
7dfbecc7f60754c9c4a71ccd3801d4b4fdb83c902dc7400db4ee03b45b96896e
7ea7c6d62af4ce5ef418ea31d7bfd4b938eb254ab9088501ac030638abc8447a
80388f28f817f808eede42049995e804230f2fd8823827c397cd2d8b0a5d55e9
80f5daf27fab81d89bd7fce3e1ee19f2d157c16203e08e03ecc838c4fd6c9160
8234c00ee5d863fb4ca3def4b3a0d7dce5b968a43e3ea959ae412d6cb6fea5f6
8265c5aec9ae3882691303cec1b6993e75b12e8071fe6710826f7fc6b5cbccdb
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb
83a818561b7f93e0f7664504ef5993250ab3f2e6420b5d73cf708fba0f5665e4
83d54fa4c15bdc778dd41cced4ed53183e71c8cb4afb03c4c28693f4f54c0418
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
8531b0d224edb463d8363f639c155821c69755bf2d6d6d486184fe82c13180bd
85413426e41d3c18edd918e80bc5f2704c03185880393fffab2415930cbee1f5
855e15fcdc7a729b06238328936629eac46e2251d9d3d71a5d65510451f4e7c1
8562240ec6aa051f41a4daca76c9e8a1b87cc1e4f976897c82948b2b8431cd2b
871469d7db411effa912da2f18a5cf1dc710b40987198fe30f98358f982003e8
872d646f1ce79e6125d7d80ab0a8c5ddf69f05967c3da5d07061c19b183ef362
8a72db19bbe66583d4cd7840d76965b8a91774a6c4ec0556e2d8a933e8b52ea8
8b5ebd69e3f4bb9f3fe150fdb6b72f339f7fced406fcfa59534ac491d1818ef4
8d0737e0ece483f6e5ce03c5001f43b81f7d032ee74c65374e9f1d40f4a85cf6
8d31e71cab9f649f2163699a4a7d6b7bafe49b0713ddaeaee3788c98e3452394
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8dcefacf777ae6a6dfd5a21fd33880f42a5b44477d5c9cce78c2ddd32933dd18
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
9031fe7b76b0fbcb11763998cfe0aaaa978dce93e520ca22eff04307193b5a16
90ae3adc0fd9cc61b41f34782236b9d3933d3be626b7f6baa1b883a8ceeaaa0c
92d3db8695c64cc909cb7cb3463371e4417ee03ea8d465d28b290de6f09d5f2f
93ae7d494fad0fb30cbf3ae746a39c4bc7a0f8bbf87fbb587a3f3c01f3c5ce20
966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068
96cf30af4edde24bb654cbc9d5904364465c570cf15fb44ab0b92e2673ec08e8
96fd606edfd369bf8b415587eff5b112556eff4896eb6ae7f3d65a826323f50f
9722064989ddb79703b9917737347ade9b451517c72829be44267a0e31cd7b65
9851ceb4047cce27caede83d31192be447561dbaac0caa65e870575d22d4e0a0
9b4a6ebe3e504b894684b8e94e18e39c512908b42313776600c3cde2452f04df
9b5bfeb9f8b0e508db9f50ac8ec09f2a53b5dad8d0e46ab662f5d6174d4d8856
9bfdf999bad057a0d27798c1d00d6021403c420b6047e2e4808495642c354cab
9c12e5b369a88f54a6f2fc0118b3225203b1f84d860965b5bba06c6abd2458d0
9d1ba51454d2b663b14aab11a1d3ffb9f72064b28c60ce37e1b6a3d88794283b
9d56b13c3e0c91100b3277dad620c49d679fef63897d800fc31f23c3c56b5209
9d9095c25f5663901783868e1cd2994842dcbb4967ff5d0f0d3b9409b67675c9
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
a370b7b3b608858b8aae5e8418503975abee00c4d7f0e90f1d91e7f0cd99c70d
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5caf35e21831d47f0af509096ff73c43dadadc49c7eb31274773db0a70e08bb
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
a8e2fe9eb9d7ec99595e10f796903c645b0937190a09456d55831f52faf3d996
a97f4d7f57c413e347926504441cd395fbb4a7db1128e9f6c7d6f24e5de32484
ad0155722e67f102ec64858e450e444537ff065101728a8b4849082d23fc5dd1
ae1187aeaddfa5ec5f13dbe818a951da3d3961bdccc8d8a8058d4ea67549d873
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b13d0b6748792c697e68610ce52a5ba73e3be8c47bf8a391960ce01dd7e9637c
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b157d4e973ecc16eeb9fbded5d9f881f1e9bfabfea991b05756ef7ad53aa26f3
b22620fc4d630726cb3f47fac6ade45801e71c9d90dc6ab148e51dbcc910944e
b29cdbf9832e9c172b547526ae97ad854f2271701d5f87d9e4df33a01b488ca8
b546e406d9a9a151b2ee64fb3bc6310c827415e27b518f4ab55c388381b9de7d
b7dc21177638969e38c2874920fb1e25188464ae4c6dfb2e63ab40450fd021c8
b886abbc4c85766e18560ab1b77b2991742bcee344ee31d68a540df850dcad25
b965728b47f66c6595e1c5cfcd6a2e3fd26ad21a19d76d5dc040ba1b7303508a
ba32e8bb11de17d336f76372d7761a10939c1aa386b313c9c51c76aa213865db
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bb964c19bca49e038593d4e5ca30c941d6667345c0c55e26a1790becbc0be3f4
bc0a3b3b74323528292865d4604ff641535275ccc4f174903654277df4933794
bc9a16cd945457ad9463cdaed95129b01c589466978dfee3d019d9c604b2171a
bcce350016351558ba10c39c15813b3f57d79bd01072dd7a064745175a208994
bcde4cd47f8e59dbca565f2bc9d6efe9f872d5199630d7f596bd87838efb6c5d
c124c88ca4fcb4336e97617647ef0d32441329371120c8eabaea0fea226560b0
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c24812d7d0be82ec747b2311d03312580d35b63cadfe507a1972c9c8d5532f01
c33251f3e9f16e4ad5b2c7be8e7901ef2936564e58c0e5d4923df2cf878d7023
c3efdf8dd531ea12c03e5ffb6431974cea07578a033c4835f5afa99b76d13518
c6a20b56100c4b8c84ebb09390d1296240ee9ccb1fbe64fd927e82f2b63a54a2
c83a0b4217f54bd24f49a06593826ec49df0d9c81d27d4c6035cf930e4ff74cf
c84f5c94fec8629693e4bbb5d8c6810bdeee0f88ae60703782c583d3dbcf6469
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
c95e96e12cae7cab7d5142a95068eff2bf41ac46b17ad0a1f83d182869ca044d
c9a84ac7702d1f4877c64fbf066db1ea7ef1caef884d5700488aaa06884d9c2a
ca13ce8e0077d743e7633a3f6ea66487e2ca52c068861db8437a5da2de39e537
cb6c68a18b558a3fc9fc32afd02ae989ef6fcc2410287f3d239704de9da7bf0f
cbfbd34d07dfd04579439393e95a0d3654512bc0bacb668c4e4cd8f4150a9835
cc116790e7045ea4eee628eb9b10d6cad980f15ffa253bfcfe361d4c7ad4bc10
cc3df6946d1b948b6ad4945ddc454682a9653aa30ef0afca256c948cb43d04f4
ccb65b024184fd90f00c37cd3dd39e3c9cff2c36954f527de56cb61e6df5bcb1
cd4d096aef0f12e67d254fade866062c784f4bf156fc34f1692d51e3cd69f28b
cd976551ef2101a9e270f48396030c61d3a52d54afda29a39bb455e9d24aa5a3
cefa58f52b65e3f29785afc5d00b22dd8a509582c5b504e289fe676a4999d198
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cffebf8649452a952e130a76308527dfec9740ffd3273096be06649f28392358
d0cd0fb5ba76ceec12c29f148a74a5368d07239189402bfd1e674e443647f2db
d0edf121a8928289dca62f5a114e0b5edb3f0ede42c8d01cc6de600b207ddf39
d19e7ba4decc50674c94af51a28b3dfded8a4228f5fec865b5a8063e45c06b72
d1baf1e3c12564049e49e6a2f91ab528957fa12cb80c3dc0b113329a44d4216c
d347cc3647009cf73bc98d39539b9feb1bc49ab5b05f9c629d6e835f86add964
d5ccef77f81eb6ff99292e6e3de336ecdf717b28430f5fcd5759bd05c5a96a39
d6a2f16fdc571271258a7fd14319587c47071598f52b254fd50b4344bda08607
d7a1bdec6b5209de5be156a573409f2f9e30488cca22fb380d2234057c7973f1
d7ea61fc8ce99623bd4c9929b3d6a24425a1e90fdc000768cc58cb6552432da4
d8dfd1d4aac6e97f980f9ff949059668f6fa9a36aa7acbc4f971b69fa1fe3049
dae53f389f4c01c7e1367d5a22350d9c8d6fe84483967b7484cb652f20222048
df2466a7b8017689e5660744681949cd7a0be115ebfe36802be7d76ad8b273ad
df3b5cf704454d3c242d8f373e644954802cb04133efad2c351453b7003148bc
df44ba749d14a3d21d8075563c14d9f78bda24b1f61007752ae7b5295f4f5bcf
df5da0ce655f8d17eb4b5bb4a48afbd097d20f35766103e74a1d225f8e4dec86
dfa1ecdb69b9ee93e87159bfcd4ad2b1248a7de0d6346fd42e0b600723ae7b6b
e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047
e117ce508d22eab86014ad62c1fd47df471c2ed678e48591ca318a547b354b6f
e1cadf348d4eeeeb5f323d17a00c08f64da022bcd69b8bda096eaf34e06a4906
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73
e439bebf8de2df0582273906d2c1dceff2387c661efb2152ef1c28420ce4e7e5
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e58798939afd607aa76e8be948216df69422fb6cb44d15aa7775e56c51ec4bad
e60ed7ea1dd584fd91b8c3a7288e9b55d10dfbae8f030974087d84dcd914e99a
e931a4d8a491ab9ecd03ab06594b3f255ca057fa6695163cab4d8c2dfe58c63d
ebb2026eba76b777cd1cc6d694a4609324304eeb1129a9fe0fb5a616590cc3ee
ec0ee7d1a62004da57303a02a2a562731be57bbb52b63f0cebbcebe071f58907
ec4ad710fc96159948afdf41e02f9bd304882d70c755955c89c5d5d6daf2000a
ece3489cbebe54aa2f573df7955271f0b28c0267baf858076ed519f645663011
ee4cfb80dd25cc2c164efef4ebc1b0ba0e31627dcb02eca8a726bb49347ceeb3
ee54b51af15f1f68f707da981f3c135c249a25e9293871e1e0cbd2c24c7b6117
ee97905ba7364e36e118c37ed1f877cf8f4c7addcd2ed9e003fee2af1015646e
eeee411a6fdc61456f2b5e79970b343b31c34be7b139a0713b24e94d036cb852
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef68890d8c15ee7a37bc96745558795ca96e84a8088368e49eacccdb06d6b483
ef69f9873a759e5935b2a9f346888d28c31d586133848aa2b0ad5108032e06d8
f031d0330fa0902ad02a7158a8b4aa01cefacc0f4743ab7b78f4ed517723d130
f0f725ceaee9ee49ea7a80df9cc1bbb66ecc5f6af62aa37e6d37a07eb1d04ad7
f1eed60da0364def617ce9ac15226587e135385896e59cc709626dfc9a9c53d9
f2c751aa74a96faa40eb8ce4c00785ceca874e2dd34fcea8bdc0ac994b073fba
f2e7810ea845d00731c478972aef4555f1e5d42494fc239568f4bc8e48785db7
f45efbdb50ee77b396d73399998beafef8f5d87d88c3aee0e7979d220dc06727
f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1
f6138f7df90338d65b6fd126db1fc3809a86c13aebd4108c5789ba8220018629
f6facfb2f1508e6db75710c7f95f07e9d9cca538b230a5ab4464c9dee49befd6
f92ae17d255fdb41ac5a0c5004ef5b9b8cd4d21bbfb09c964324b494b4a58d9f
f97b10a726f3dee8838075065cbb5830bdc589f2c364e3582e1822c7b4f69286
f9dc427bd933b43f00a6b153402c80c6edf36640e4b9f40495e1b00eb82bcaa2
fc678d1290a88c4b9d340d98cf770f9b95790ac5e935686bfa319ce720336f64
fd2e133a817bc2e4aee6ed34b3684c18a3ce22cfec6cb1aebfa1d9151de1c1f1
fdd338a8ba319752009571ab255226c731130038603b2e19c25e0df97c370930
fea25505358a9fb0d38689edd69a01354319a992a2ade513af64420f1a54e231
febfef406d938a359871e3b98a681e0ef67cbaee5984f76a09bcecc738b6c411
ff536649dc66f56558f0c2eba0b4bb12f5dc9c26aa3ea4ea0cef45d15b5df22a

www.orientaldaily.com.my Open in urlscan Pro 124.217.235.40 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

501 Requests

81 %HTTPS

36 %IPv6

79 Domains

138 Subdomains

113 IPs

17 Countries

12236 kBTransfer

27171 kBSize

88 Cookies

9 Outgoing links

Page URL History

Redirected requests

501 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 9 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

www.orientaldaily.com.my Open in urlscan Pro
124.217.235.40 Public Scan

Screenshot
Live screenshot

Full Image

501
Requests

81 %
HTTPS

36 %
IPv6

79
Domains

138
Subdomains

113
IPs

17
Countries

12236 kB
Transfer

27171 kB
Size

88
Cookies

501 HTTP transactions
9 data transactions