www.thesundaily.my Open in urlscan Pro
130.61.205.105 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://info.silobreaker.com/e2t/tc/VWt22z7YxmcLW3d_lfb36JTN9VZjc4S4qSWfGN50kgPk2-HwrV1-WJV7CgH74W8yj8Gf5DDZvcW3TJBTT7kqbNwMR...
Effective URL:
https://www.thesundaily.my/home/astrazeneca-is-safe-to-be-given-to-senior-citizens-adham-YL7793054?_hsmi=88974744&_hsenc=p2...
Submission: On April 26 via api (April 26th 2021, 11:19:47 am UTC) from DE

Summary HTTP 636 Redirects Links 27 Behaviour Indicators

Summary

This website contacted 90 IPs in 13 countries across 77 domains to perform 636 HTTP transactions. The main IP is 130.61.205.105, located in Frankfurt am Main, Germany and belongs to ORACLE-BMC-31898, US. The main domain is www.thesundaily.my.
TLS certificate: Issued by R3 on March 16th 2021. Valid for: 3 months.

This is the only time www.thesundaily.my was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 2	199.60.103.254 199.60.103.254	209242 (CLOUDFLAR...) (CLOUDFLARESPECTRUM Cloudflare)
32	130.61.205.105 130.61.205.105	31898 (ORACLE-BM...) (ORACLE-BMC-31898)
46	142.250.186.66 142.250.186.66	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:813::2008	15169 (GOOGLE) (GOOGLE)
2	104.84.56.112 104.84.56.112	16625 (AKAMAI-AS) (AKAMAI-AS)
14	23.38.48.217 23.38.48.217	16625 (AKAMAI-AS) (AKAMAI-AS)
6	52.219.124.102 52.219.124.102	16509 (AMAZON-02) (AMAZON-02)
36	2a00:1450:400... 2a00:1450:4001:810::2002	15169 (GOOGLE) (GOOGLE)
3	2606:4700:303... 2606:4700:3038::6815:ea1c	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a04:4e42:600... 2a04:4e42:600::645	54113 (FASTLY) (FASTLY)
2 5	13.224.111.129 13.224.111.129	16509 (AMAZON-02) (AMAZON-02)
1	13.224.111.6 13.224.111.6	16509 (AMAZON-02) (AMAZON-02)
74	199.232.137.44 199.232.137.44	54113 (FASTLY) (FASTLY)
2	2a03:2880:f01... 2a03:2880:f01c:8012:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	2.16.186.105 2.16.186.105	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
3	149.129.240.178 149.129.240.178	45102 (CNNIC-ALI...) (CNNIC-ALIBABA-US-NET-AP Alibaba (US) Technology Co.)
1	184.30.21.162 184.30.21.162	16625 (AKAMAI-AS) (AKAMAI-AS)
1	13.224.111.125 13.224.111.125	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:82a::200e	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:828::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:808::2001	15169 (GOOGLE) (GOOGLE)
19	2a00:1450:400... 2a00:1450:4001:829::2001	15169 (GOOGLE) (GOOGLE)
1 3	2a02:2638::1c 2a02:2638::1c	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	178.250.2.146 178.250.2.146	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
10	35.244.159.8 35.244.159.8	15169 (GOOGLE) (GOOGLE)
1	178.250.2.131 178.250.2.131	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
5 9	37.252.172.45 37.252.172.45	29990 (ASN-APPNEX) (ASN-APPNEX)
1	185.64.189.112 185.64.189.112	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1	213.19.162.41 213.19.162.41	3356 (LEVEL3) (LEVEL3)
1	184.25.115.31 184.25.115.31	16625 (AKAMAI-AS) (AKAMAI-AS)
10	185.86.138.32 185.86.138.32	201081 (SMARTADSE...) (SMARTADSERVER)
1 5	47.74.174.177 47.74.174.177	45102 (CNNIC-ALI...) (CNNIC-ALIBABA-US-NET-AP Alibaba (US) Technology Co.)
2	2a03:2880:f11... 2a03:2880:f11c:8183:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	2a00:1450:400... 2a00:1450:4001:82f::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c0c::9c	15169 (GOOGLE) (GOOGLE)
6 17	2a00:1450:400... 2a00:1450:4001:80e::2004	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:82a::2003	15169 (GOOGLE) (GOOGLE)
85	2a00:1450:400... 2a00:1450:4001:803::2001	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:803::2002	15169 (GOOGLE) (GOOGLE)
13	2a00:1450:400... 2a00:1450:4001:802::2002	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:808::2003	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:827::200a	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:827::2002	15169 (GOOGLE) (GOOGLE)
13 40	142.250.185.98 142.250.185.98	15169 (GOOGLE) (GOOGLE)
7 16	184.30.20.241 184.30.20.241	16625 (AKAMAI-AS) (AKAMAI-AS)
2	2a00:1450:401... 2a00:1450:4019:801::2003	15169 (GOOGLE) (GOOGLE)
1 1	2a00:1450:400... 2a00:1450:4001:62::7	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:51::8	15169 (GOOGLE) (GOOGLE)
1	138.201.84.253 138.201.84.253	24940 (HETZNER-AS) (HETZNER-AS)
3	119.81.3.35 119.81.3.35	36351 (SOFTLAYER) (SOFTLAYER)
1 4	116.202.48.214 116.202.48.214	24940 (HETZNER-AS) (HETZNER-AS)
4	2a00:1450:400... 2a00:1450:4001:812::2002	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:813::2002	15169 (GOOGLE) (GOOGLE)
4 31	141.226.228.48 141.226.228.48	200478 (TABOOLA-AS) (TABOOLA-AS)
1	2a00:1450:400... 2a00:1450:4001:829::200a	15169 (GOOGLE) (GOOGLE)
1	62.138.14.19 62.138.14.19	8972 (GD-EMEA-D...) (GD-EMEA-DC-SXB1)
1	13.224.111.43 13.224.111.43	16509 (AMAZON-02) (AMAZON-02)
1 2	35.186.254.217 35.186.254.217	15169 (GOOGLE) (GOOGLE)
1	193.47.76.44 193.47.76.44	35167 (PROTEC) (PROTEC)
4 11	119.81.192.134 119.81.192.134	36351 (SOFTLAYER) (SOFTLAYER)
2	2a02:2638::3 2a02:2638::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
6 12	63.33.11.43 63.33.11.43	16509 (AMAZON-02) (AMAZON-02)
4	2600:1f18:612... 2600:1f18:612b:4232:3a2c:3c86:af1b:2715	14618 (AMAZON-AES) (AMAZON-AES)
4	52.28.254.214 52.28.254.214	16509 (AMAZON-02) (AMAZON-02)
7 7	185.94.180.125 185.94.180.125	35220 (SPOTX-AMS) (SPOTX-AMS)
13 17	52.59.128.17 52.59.128.17	16509 (AMAZON-02) (AMAZON-02)
2 5	2620:116:800d... 2620:116:800d:21:8c6e:cf2c:8d6:9fb5	16509 (AMAZON-02) (AMAZON-02)
4 4	35.227.252.103 35.227.252.103	15169 (GOOGLE) (GOOGLE)
4 5	185.64.189.115 185.64.189.115	62713 (AS-PUBMATIC) (AS-PUBMATIC)
3 5	69.173.144.165 69.173.144.165	26667 (RUBICONPR...) (RUBICONPROJECT)
1	2a05:d01c:1d8... 2a05:d01c:1d8:8100:1c45:c4d6:f2b8:9306	16509 (AMAZON-02) (AMAZON-02)
2 2	217.182.200.29 217.182.200.29	16276 (OVH) (OVH)
1 1	99.80.199.35 99.80.199.35	16509 (AMAZON-02) (AMAZON-02)
2 2	35.244.174.68 35.244.174.68	15169 (GOOGLE) (GOOGLE)
7 16	2.18.234.233 2.18.234.233	16625 (AKAMAI-AS) (AKAMAI-AS)
5	2001:4de0:ac1... 2001:4de0:ac19::1:b:2b	20446 (HIGHWINDS3) (HIGHWINDS3)
3 3	18.196.131.255 18.196.131.255	16509 (AMAZON-02) (AMAZON-02)
2 4	198.148.27.139 198.148.27.139	19189 (PULSEPOINT) (PULSEPOINT)
14	185.64.189.110 185.64.189.110	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1 3	72.251.249.9 72.251.249.9	29791 (VOXEL-DOT...) (VOXEL-DOT-NET)
2	185.86.138.143 185.86.138.143	201081 (SMARTADSE...) (SMARTADSERVER)
2	18.195.155.181 18.195.155.181	16509 (AMAZON-02) (AMAZON-02)
3 3	178.250.2.151 178.250.2.151	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2 2	172.104.121.22 172.104.121.22	63949 (LINODE-AP...) (LINODE-AP Linode)
2	192.132.33.46 192.132.33.46	18568 (BIDTELLECT) (BIDTELLECT)
7 7	37.157.4.28 37.157.4.28	198622 (ADFORM) (ADFORM)
2 2	54.149.211.134 54.149.211.134	16509 (AMAZON-02) (AMAZON-02)
2	184.30.212.16 184.30.212.16	16625 (AKAMAI-AS) (AKAMAI-AS)
1	184.30.20.185 184.30.20.185	16625 (AKAMAI-AS) (AKAMAI-AS)
2	184.30.20.198 184.30.20.198	16625 (AKAMAI-AS) (AKAMAI-AS)
3	2a00:1288:110... 2a00:1288:110:c305::8000	34010 (YAHOO-IRD) (YAHOO-IRD)
4 4	35.157.48.14 35.157.48.14	16509 (AMAZON-02) (AMAZON-02)
1 1	51.68.39.188 51.68.39.188	16276 (OVH) (OVH)
2 3	52.215.139.246 52.215.139.246	16509 (AMAZON-02) (AMAZON-02)
2 2	185.29.135.226 185.29.135.226	30419 (MEDIAMATH...) (MEDIAMATH-INC)
1 5	52.94.232.32 52.94.232.32	16509 (AMAZON-02) (AMAZON-02)
1	69.173.144.138 69.173.144.138	26667 (RUBICONPR...) (RUBICONPROJECT)
1	173.231.181.122 173.231.181.122	29791 (VOXEL-DOT...) (VOXEL-DOT-NET)
2 2	18.156.0.31 18.156.0.31	16509 (AMAZON-02) (AMAZON-02)
1 1	54.236.220.178 54.236.220.178	14618 (AMAZON-AES) (AMAZON-AES)
2 2	213.155.156.165 213.155.156.165	1299 (TELIANET ...) (TELIANET Telia Carrier)
1 1	85.114.159.93 85.114.159.93	24961 (MYLOC-AS ...) (MYLOC-AS IP Backbone of myLoc managed IT AG)
1	2606:4700:10:... 2606:4700:10::6816:1957	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 2	77.243.60.138 77.243.60.138	42697 (NETIC-AS) (NETIC-AS)
2 2	35.201.96.126 35.201.96.126	15169 (GOOGLE) (GOOGLE)
1	185.64.189.249 185.64.189.249	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1	159.253.128.188 159.253.128.188	36351 (SOFTLAYER) (SOFTLAYER)
1	185.64.189.114 185.64.189.114	62713 (AS-PUBMATIC) (AS-PUBMATIC)
2 2	35.210.53.219 35.210.53.219	15169 (GOOGLE) (GOOGLE)
1 1	2001:678:cb4:... 2001:678:cb4:bbbb::11	56396 (TURN) (TURN)
636	90

2 199.60.103.254 (United States) 1 redirects

ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US)

info.silobreaker.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

32 130.61.205.105 (Frankfurt am Main, Germany)

ASN31898 (ORACLE-BMC-31898, US)

www.thesundaily.my	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

46 142.250.186.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:813::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.84.56.112 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-84-56-112.deploy.static.akamaitechnologies.com

s7.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
v1.addthisedge.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 23.38.48.217 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-38-48-217.deploy.static.akamaitechnologies.com

cdn.innity.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
media.innity.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ssl-avd.innity.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
avd.innity.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 52.219.124.102 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: s3-ap-southeast-1.amazonaws.com

s3-ap-southeast-1.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

36 2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:3038::6815:ea1c (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.iterwebcms.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a04:4e42:600::645 (United States)

ASN54113 (FASTLY, US)

anymind360.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 13.224.111.129 (United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: server-13-224-111-129.mad50.r.cloudfront.net

sb.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.224.111.6 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-111-6.mad50.r.cloudfront.net

static.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

74 199.232.137.44 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

cdn.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
trc.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
15.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
vidstat.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
images.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
imprammp.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
wf.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c3.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
match.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f01c:8012:face:b00c:0:3 (United States)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.16.186.105 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-16-186-105.deploy.static.akamaitechnologies.com

ced.sascdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 149.129.240.178 (Jakarta, Indonesia)

ASN45102 (CNNIC-ALIBABA-US-NET-AP Alibaba (US) Technology Co., Ltd., CN)

as.innity.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 184.30.21.162 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-30-21-162.deploy.static.akamaitechnologies.com

z.moatads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.224.111.125 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-111-125.mad50.r.cloudfront.net

script.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82a::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:808::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

5f7a3c227877733a11b3d8ac75a2ccaf.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 2a00:1450:4001:829::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a02:2638::1c (France) 1 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 178.250.2.146 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

mug.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 35.244.159.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com

adasia-d.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
eu-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.2.131 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
PTR: bidder.am5.vip.prod.criteo.com

bidder.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 37.252.172.45 (Frankfurt am Main, Germany) 5 redirects

ASN29990 (ASN-APPNEX, US)

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.189.112 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

hbopenbid.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 213.19.162.41 (United Kingdom)

ASN3356 (LEVEL3, US)

fastlane.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 184.25.115.31 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-25-115-31.deploy.static.akamaitechnologies.com

htlb.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 185.86.138.32 (France)

ASN201081 (SMARTADSERVER, FR)

prg.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 47.74.174.177 (Singapore, Singapore) 1 redirects

ASN45102 (CNNIC-ALIBABA-US-NET-AP Alibaba (US) Technology Co., Ltd., CN)

adnetwork.adasiaholdings.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f11c:8183:face:b00c:0:25de (United States)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c0c::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 2a00:1450:4001:80e::2004 (Frankfurt am Main, Germany) 6 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:82a::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

85 2a00:1450:4001:803::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:803::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2a00:1450:4001:802::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:808::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:827::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

40 142.250.185.98 (United States) 13 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 184.30.20.241 (Frankfurt am Main, Germany) 7 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a184-30-20-241.deploy.static.akamaitechnologies.com

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ssum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
js-sec.indexww.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4019:801::2003 (Ireland)

ASN15169 (GOOGLE, US)

csi.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:62::7 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

r2---sn-4g5e6nsk.googlevideo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:51::8 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

r2---sn-4g5edne6.googlevideo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 138.201.84.253 (Germany)

ASN24940 (HETZNER-AS, DE)

hal9000.redintelligence.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 119.81.3.35 (Singapore, Singapore)

ASN36351 (SOFTLAYER, US)

optimize.innity.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 116.202.48.214 (Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)

hal900013.redintelligence.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

31 141.226.228.48 (Netherlands) 4 redirects

ASN200478 (TABOOLA-AS, IL)

trc-events.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
am-match.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
am-vid-events.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync-t1.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
am-wf.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 62.138.14.19 (Strasbourg, France)

ASN8972 (GD-EMEA-DC-SXB1, DE)

cdn.contentspread.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.224.111.43 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-111-43.mad50.r.cloudfront.net

vars.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.186.254.217 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)

aw.dw.impact-ad.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 193.47.76.44 (Spain)

ASN35167 (PROTEC, ES)

mas.protecmedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 119.81.192.134 (Singapore, Singapore) 4 redirects

ASN36351 (SOFTLAYER, US)

avd.innity.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 63.33.11.43 (Dublin, Ireland) 6 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-63-33-11-43.eu-west-1.compute.amazonaws.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2600:1f18:612b:4232:3a2c:3c86:af1b:2715 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

taboola-supply-partners.tremorhub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 52.28.254.214 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)

pixel.advertising.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 185.94.180.125 (United States) 7 redirects

ASN35220 (SPOTX-AMS, US)

sync.search.spotxchange.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 52.59.128.17 (Frankfurt am Main, Germany) 13 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-59-128-17.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2620:116:800d:21:8c6e:cf2c:8d6:9fb5 (United States) 2 redirects

ASN16509 (AMAZON-02, US)

cms.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 35.227.252.103 (Kansas City, United States) 4 redirects

ASN15169 (GOOGLE, US)
PTR: 103.252.227.35.bc.googleusercontent.com

rtb.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 185.64.189.115 (United Kingdom) 4 redirects

ASN62713 (AS-PUBMATIC, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 69.173.144.165 (Frankfurt am Main, Germany) 3 redirects

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a05:d01c:1d8:8100:1c45:c4d6:f2b8:9306 (London, United Kingdom)

ASN16509 (AMAZON-02, US)

ag.innovid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 217.182.200.29 (France) 2 redirects

ASN16276 (OVH, FR)
PTR: gcm7.host.hit.gemius.pl

googlecm.hit.gemius.pl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 99.80.199.35 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-99-80-199-35.eu-west-1.compute.amazonaws.com

pixel.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.244.174.68 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com

id.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 2.18.234.233 (Frankfurt am Main, Germany) 7 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-233.deploy.static.akamaitechnologies.com

ads.stickyadstv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2001:4de0:ac19::1:b:2b (Netherlands)

ASN20446 (HIGHWINDS3, US)

cdn.stickyadstv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 18.196.131.255 (Frankfurt am Main, Germany) 3 redirects

ASN16509 (AMAZON-02, US)

rtb.mfadsrvr.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 198.148.27.139 (New York, United States) 2 redirects

ASN19189 (PULSEPOINT, US)

bh.contextweb.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 185.64.189.110 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

simage2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
image2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 72.251.249.9 (Amsterdam, Netherlands) 1 redirects

ASN29791 (VOXEL-DOT-NET, US)

ce.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.86.138.143 (France)

ASN201081 (SMARTADSERVER, FR)

rtb-csync.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.195.155.181 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)

e1.emxdgt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 178.250.2.151 (France) 3 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

dis.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.104.121.22 (Tokyo, Japan) 2 redirects

ASN63949 (LINODE-AP Linode, LLC, US)

s.c.appier.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 192.132.33.46 (United States)

ASN18568 (BIDTELLECT, US)
PTR: 46.bidtellect.com

bttrack.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 37.157.4.28 (Denmark) 7 redirects

ASN198622 (ADFORM, DK)

c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.149.211.134 (Boardman, United States) 2 redirects

ASN16509 (AMAZON-02, US)

e.dlx.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 184.30.212.16 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-30-212-16.deploy.static.akamaitechnologies.com

eus.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 184.30.20.185 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-30-20-185.deploy.static.akamaitechnologies.com

acdn.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 184.30.20.198 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-30-20-198.deploy.static.akamaitechnologies.com

ads.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1288:110:c305::8000 (United Kingdom)

ASN34010 (YAHOO-IRD, GB)

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 35.157.48.14 (Frankfurt am Main, Germany) 4 redirects

ASN16509 (AMAZON-02, US)

pm.w55c.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 51.68.39.188 (France) 1 redirects

ASN16276 (OVH, FR)
PTR: ns3129809.ip-51-68-39.eu

dsp.nrich.ai	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.215.139.246 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)

match.prod.bidr.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.29.135.226 (United Kingdom) 2 redirects

ASN30419 (MEDIAMATH-INC, US)

sync.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 52.94.232.32 (Ashburn, United States) 1 redirects

ASN16509 (AMAZON-02, US)

s.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.138 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

token.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 173.231.181.122 (United States)

ASN29791 (VOXEL-DOT-NET, US)

cm.adgrx.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.156.0.31 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-156-0-31.eu-central-1.compute.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.236.220.178 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)

sync.extend.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 213.155.156.165 (Sweden) 2 redirects

ASN1299 (TELIANET Telia Carrier, SE)

d5p.de17a.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 85.114.159.93 (Germany) 1 redirects

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)

dsp.adfarm1.adition.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::6816:1957 (United States)

ASN13335 (CLOUDFLARENET, US)

mwzeom.zeotap.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 77.243.60.138 (Aalborg, Denmark) 1 redirects

ASN42697 (NETIC-AS, DK)

uipglob.semasio.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.201.96.126 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)

visitor.fiftyt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.189.249 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

aud.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 159.253.128.188 (Amsterdam, Netherlands)

ASN36351 (SOFTLAYER, US)
PTR: bc.80.fd9f.ip4.static.sl-reverse.com

um.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.189.114 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

image4.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.210.53.219 (Brussels, Belgium) 2 redirects

ASN15169 (GOOGLE, US)

pool.admedo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:678:cb4:bbbb::11 (United Kingdom) 1 redirects

ASN56396 (TURN, GB)

ad.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
125	googlesyndication.com pagead2.googlesyndication.com 5f7a3c227877733a11b3d8ac75a2ccaf.safeframe.googlesyndication.com tpc.googlesyndication.com	4 MB
105	taboola.com 4 redirects cdn.taboola.com trc.taboola.com 15.taboola.com trc-events.taboola.com vidstat.taboola.com images.taboola.com imprammp.taboola.com am-match.taboola.com wf.taboola.com am-vid-events.taboola.com c3.taboola.com sync-t1.taboola.com sync.taboola.com match.taboola.com am-wf.taboola.com	2 MB
87	doubleclick.net 13 redirects securepubads.g.doubleclick.net stats.g.doubleclick.net googleads.g.doubleclick.net cm.g.doubleclick.net	324 KB
32	thesundaily.my www.thesundaily.my	1 MB
24	pubmatic.com 4 redirects hbopenbid.pubmatic.com image6.pubmatic.com simage2.pubmatic.com ads.pubmatic.com image2.pubmatic.com aud.pubmatic.com image4.pubmatic.com	40 KB
23	google.com 6 redirects adservice.google.com www.google.com	1 KB
21	stickyadstv.com 7 redirects ads.stickyadstv.com cdn.stickyadstv.com	398 KB
17	bidswitch.net 13 redirects x.bidswitch.net	5 KB
17	googletagservices.com www.googletagservices.com	576 KB
17	innity.com 4 redirects as.innity.com optimize.innity.com avd.innity.com	10 KB
16	ampproject.org cdn.ampproject.org	351 KB
15	casalemedia.com 7 redirects htlb.casalemedia.com dsum-sec.casalemedia.com ssum-sec.casalemedia.com	16 KB
14	openx.net 4 redirects adasia-d.openx.net rtb.openx.net u.openx.net eu-u.openx.net us-u.openx.net	3 KB
14	innity.net cdn.innity.net media.innity.net ssl-avd.innity.net avd.innity.net	33 KB
12	adsrvr.org 6 redirects match.adsrvr.org	4 KB
12	smartadserver.com prg.smartadserver.com rtb-csync.smartadserver.com	8 KB
10	gstatic.com www.gstatic.com csi.gstatic.com fonts.gstatic.com	149 KB
10	adnxs.com 5 redirects ib.adnxs.com acdn.adnxs.com	24 KB
9	rubiconproject.com 3 redirects fastlane.rubiconproject.com pixel.rubiconproject.com eus.rubiconproject.com token.rubiconproject.com	17 KB
9	criteo.com 4 redirects gum.criteo.com mug.criteo.com bidder.criteo.com dis.criteo.com	3 KB
7	adform.net 7 redirects c1.adform.net	3 KB
7	spotxchange.com 7 redirects sync.search.spotxchange.com	5 KB
7	google.de adservice.google.de www.google.de	925 B
6	amazonaws.com s3-ap-southeast-1.amazonaws.com	284 KB
5	amazon-adsystem.com 1 redirects s.amazon-adsystem.com	2 KB
5	yahoo.com 2 redirects pr-bh.ybp.yahoo.com ups.analytics.yahoo.com	3 KB
5	quantserve.com 2 redirects cms.quantserve.com pixel.quantserve.com	2 KB
5	redintelligence.net 1 redirects hal9000.redintelligence.net hal900013.redintelligence.net	11 KB
5	adasiaholdings.com 1 redirects adnetwork.adasiaholdings.com	1 KB
5	scorecardresearch.com 2 redirects sb.scorecardresearch.com	4 KB
4	w55c.net 4 redirects pm.w55c.net	3 KB
4	contextweb.com 2 redirects bh.contextweb.com	1 KB
4	advertising.com pixel.advertising.com	497 B
4	tremorhub.com taboola-supply-partners.tremorhub.com	729 B
3	bidr.io 2 redirects match.prod.bidr.io	2 KB
3	lijit.com 1 redirects ce.lijit.com	2 KB
3	mfadsrvr.com 3 redirects rtb.mfadsrvr.com	2 KB
3	googleadservices.com partner.googleadservices.com	384 B
3	googleapis.com fonts.googleapis.com ajax.googleapis.com	33 KB
3	google-analytics.com www.google-analytics.com	19 KB
3	hotjar.com static.hotjar.com script.hotjar.com vars.hotjar.com	61 KB
3	iterwebcms.com cdn.iterwebcms.com	33 KB
3	addthis.com 2 redirects s7.addthis.com e.dlx.addthis.com	116 KB
2	admedo.com 2 redirects pool.admedo.com	783 B
2	fiftyt.com 2 redirects visitor.fiftyt.com	994 B
2	semasio.net 1 redirects uipglob.semasio.net	1 KB
2	de17a.com 2 redirects d5p.de17a.com	631 B
2	mathtag.com 2 redirects sync.mathtag.com	1 KB
2	indexww.com js-sec.indexww.com	2 KB
2	bttrack.com bttrack.com	760 B
2	appier.net 2 redirects s.c.appier.net	722 B
2	emxdgt.com e1.emxdgt.com	81 B
2	rlcdn.com 2 redirects id.rlcdn.com	887 B
2	gemius.pl 2 redirects googlecm.hit.gemius.pl	516 B
2	criteo.net static.criteo.net	51 KB
2	impact-ad.jp 1 redirects aw.dw.impact-ad.jp	338 B
2	googlevideo.com 1 redirects r2---sn-4g5e6nsk.googlevideo.com r2---sn-4g5edne6.googlevideo.com	1 MB
2	facebook.com www.facebook.com	278 B
2	facebook.net connect.facebook.net	96 KB
2	anymind360.com anymind360.com	134 KB
2	googletagmanager.com www.googletagmanager.com	81 KB
2	silobreaker.com 1 redirects info.silobreaker.com	4 KB
1	turn.com 1 redirects ad.turn.com	518 B
1	simpli.fi um.simpli.fi	609 B
1	zeotap.com mwzeom.zeotap.com	596 B
1	adition.com 1 redirects dsp.adfarm1.adition.com	501 B
1	extend.tv 1 redirects sync.extend.tv	546 B
1	adgrx.com cm.adgrx.com	408 B
1	nrich.ai 1 redirects dsp.nrich.ai	486 B
1	everesttech.net 1 redirects pixel.everesttech.net	376 B
1	innovid.com ag.innovid.com	296 B
1	protecmedia.com mas.protecmedia.com	209 B
1	addthisedge.com v1.addthisedge.com	325 B
1	contentspread.net cdn.contentspread.net	52 KB
1	moatads.com z.moatads.com	1 KB
1	sascdn.com ced.sascdn.com	11 KB
0	exelator.com Failed loadus.exelator.com Failed
636	77

	Domain	Requested by
88	tpc.googlesyndication.com	securepubads.g.doubleclick.net 5f7a3c227877733a11b3d8ac75a2ccaf.safeframe.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com pagead2.googlesyndication.com www.thesundaily.my cdn.ampproject.org
40	cm.g.doubleclick.net	13 redirects googleads.g.doubleclick.net www.thesundaily.my eu-u.openx.net
34	pagead2.googlesyndication.com	www.thesundaily.my 5f7a3c227877733a11b3d8ac75a2ccaf.safeframe.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com media.innity.net pagead2.googlesyndication.com www.googletagservices.com securepubads.g.doubleclick.net
32	www.thesundaily.my	info.silobreaker.com www.thesundaily.my
27	images.taboola.com	www.thesundaily.my
25	securepubads.g.doubleclick.net	www.thesundaily.my securepubads.g.doubleclick.net info.silobreaker.com www.googletagservices.com 5f7a3c227877733a11b3d8ac75a2ccaf.safeframe.googlesyndication.com
21	googleads.g.doubleclick.net	5f7a3c227877733a11b3d8ac75a2ccaf.safeframe.googlesyndication.com info.silobreaker.com pagead2.googlesyndication.com googleads.g.doubleclick.net www.thesundaily.my
17	x.bidswitch.net	13 redirects am-match.taboola.com imprammp.taboola.com
17	www.googletagservices.com	securepubads.g.doubleclick.net 5f7a3c227877733a11b3d8ac75a2ccaf.safeframe.googlesyndication.com pagead2.googlesyndication.com googleads.g.doubleclick.net
17	www.google.com	6 redirects www.thesundaily.my securepubads.g.doubleclick.net 5f7a3c227877733a11b3d8ac75a2ccaf.safeframe.googlesyndication.com googleads.g.doubleclick.net
16	ads.stickyadstv.com	7 redirects vidstat.taboola.com www.thesundaily.my cdn.stickyadstv.com
16	cdn.ampproject.org	5f7a3c227877733a11b3d8ac75a2ccaf.safeframe.googlesyndication.com securepubads.g.doubleclick.net
13	cdn.taboola.com	www.thesundaily.my cdn.taboola.com
12	match.adsrvr.org	6 redirects am-match.taboola.com imprammp.taboola.com eu-u.openx.net ssum-sec.casalemedia.com
11	avd.innity.com	4 redirects avd.innity.net www.thesundaily.my
10	sync.taboola.com	4 redirects www.thesundaily.my
10	vidstat.taboola.com	cdn.taboola.com vidstat.taboola.com
10	prg.smartadserver.com	anymind360.com
9	simage2.pubmatic.com	www.thesundaily.my ads.pubmatic.com
9	trc.taboola.com	cdn.taboola.com www.thesundaily.my
9	ib.adnxs.com	5 redirects anymind360.com www.thesundaily.my acdn.adnxs.com
8	sync-t1.taboola.com	am-match.taboola.com imprammp.taboola.com www.thesundaily.my
8	dsum-sec.casalemedia.com	3 redirects googleads.g.doubleclick.net ssum-sec.casalemedia.com
7	c1.adform.net	7 redirects
7	sync.search.spotxchange.com	7 redirects
7	cdn.innity.net	www.thesundaily.my cdn.innity.net as.innity.com
6	ssum-sec.casalemedia.com	4 redirects js-sec.indexww.com ssum-sec.casalemedia.com
6	adservice.google.com	securepubads.g.doubleclick.net pagead2.googlesyndication.com
6	adservice.google.de	securepubads.g.doubleclick.net pagead2.googlesyndication.com
6	s3-ap-southeast-1.amazonaws.com	www.thesundaily.my s3-ap-southeast-1.amazonaws.com
5	image2.pubmatic.com	ads.pubmatic.com
5	s.amazon-adsystem.com	1 redirects www.thesundaily.my ssum-sec.casalemedia.com
5	cdn.stickyadstv.com	vidstat.taboola.com cdn.stickyadstv.com
5	pixel.rubiconproject.com	3 redirects www.thesundaily.my
5	image6.pubmatic.com	4 redirects ads.pubmatic.com
5	adnetwork.adasiaholdings.com	1 redirects www.thesundaily.my
5	sb.scorecardresearch.com	2 redirects www.thesundaily.my
4	am-wf.taboola.com	vidstat.taboola.com
4	pm.w55c.net	4 redirects
4	eu-u.openx.net	anymind360.com eu-u.openx.net
4	bh.contextweb.com	2 redirects www.thesundaily.my
4	rtb.openx.net	4 redirects
4	pixel.advertising.com	am-match.taboola.com imprammp.taboola.com
4	taboola-supply-partners.tremorhub.com	am-match.taboola.com imprammp.taboola.com
4	imprammp.taboola.com	info.silobreaker.com vidstat.taboola.com
4	15.taboola.com	cdn.taboola.com
4	hal900013.redintelligence.net	1 redirects 5f7a3c227877733a11b3d8ac75a2ccaf.safeframe.googlesyndication.com hal900013.redintelligence.net
4	fonts.gstatic.com	fonts.googleapis.com
4	media.innity.net	as.innity.com cdn.innity.net
4	www.gstatic.com	5f7a3c227877733a11b3d8ac75a2ccaf.safeframe.googlesyndication.com googleads.g.doubleclick.net
3	match.prod.bidr.io	2 redirects eu-u.openx.net
3	us-u.openx.net	eu-u.openx.net
3	pr-bh.ybp.yahoo.com	eu-u.openx.net ssum-sec.casalemedia.com ads.pubmatic.com
3	dis.criteo.com	3 redirects
3	ce.lijit.com	1 redirects www.thesundaily.my
3	rtb.mfadsrvr.com	3 redirects
3	cms.quantserve.com	googleads.g.doubleclick.net
3	c3.taboola.com	www.thesundaily.my
3	am-vid-events.taboola.com	www.thesundaily.my vidstat.taboola.com
3	am-match.taboola.com	vidstat.taboola.com
3	trc-events.taboola.com	www.thesundaily.my
3	partner.googleadservices.com	pagead2.googlesyndication.com
3	optimize.innity.com	www.thesundaily.my
3	gum.criteo.com	1 redirects static.criteo.net
3	5f7a3c227877733a11b3d8ac75a2ccaf.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
3	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
3	as.innity.com	cdn.innity.net
3	cdn.iterwebcms.com	www.thesundaily.my cdn.iterwebcms.com
2	pool.admedo.com	2 redirects
2	visitor.fiftyt.com	2 redirects
2	uipglob.semasio.net	1 redirects ads.pubmatic.com
2	d5p.de17a.com	2 redirects
2	ups.analytics.yahoo.com	2 redirects
2	pixel.quantserve.com	2 redirects
2	sync.mathtag.com	2 redirects
2	ads.pubmatic.com	anymind360.com ads.pubmatic.com
2	js-sec.indexww.com	anymind360.com ssum-sec.casalemedia.com
2	eus.rubiconproject.com	anymind360.com eus.rubiconproject.com
2	e.dlx.addthis.com	2 redirects
2	bttrack.com	www.thesundaily.my
2	s.c.appier.net	2 redirects
2	e1.emxdgt.com	www.thesundaily.my
2	rtb-csync.smartadserver.com	www.thesundaily.my
2	u.openx.net	www.thesundaily.my
2	match.taboola.com	www.thesundaily.my
2	id.rlcdn.com	2 redirects
2	googlecm.hit.gemius.pl	2 redirects
2	static.criteo.net	anymind360.com static.criteo.net
2	wf.taboola.com	vidstat.taboola.com
2	aw.dw.impact-ad.jp	1 redirects www.thesundaily.my
2	ssl-avd.innity.net	info.silobreaker.com
2	csi.gstatic.com	www.gstatic.com
2	fonts.googleapis.com	5f7a3c227877733a11b3d8ac75a2ccaf.safeframe.googlesyndication.com googleads.g.doubleclick.net
2	www.facebook.com	www.thesundaily.my connect.facebook.net
2	mug.criteo.com	www.thesundaily.my
2	connect.facebook.net	www.thesundaily.my connect.facebook.net
2	anymind360.com	www.thesundaily.my anymind360.com
2	www.googletagmanager.com	www.thesundaily.my www.googletagmanager.com
2	info.silobreaker.com	1 redirects
1	ad.turn.com	1 redirects
1	image4.pubmatic.com	ads.pubmatic.com
1	um.simpli.fi	ads.pubmatic.com
1	aud.pubmatic.com	ads.pubmatic.com
1	mwzeom.zeotap.com	ads.pubmatic.com
1	dsp.adfarm1.adition.com	1 redirects
1	sync.extend.tv	1 redirects
1	cm.adgrx.com	ssum-sec.casalemedia.com
1	token.rubiconproject.com	eus.rubiconproject.com
1	dsp.nrich.ai	1 redirects
1	acdn.adnxs.com	anymind360.com
1	pixel.everesttech.net	1 redirects
1	ag.innovid.com	googleads.g.doubleclick.net
1	mas.protecmedia.com	www.thesundaily.my
1	avd.innity.net	ssl-avd.innity.net
1	vars.hotjar.com	static.hotjar.com
1	v1.addthisedge.com	s7.addthis.com
1	cdn.contentspread.net	hal900013.redintelligence.net
1	ajax.googleapis.com	hal900013.redintelligence.net
1	hal9000.redintelligence.net	5f7a3c227877733a11b3d8ac75a2ccaf.safeframe.googlesyndication.com
1	r2---sn-4g5edne6.googlevideo.com	5f7a3c227877733a11b3d8ac75a2ccaf.safeframe.googlesyndication.com
1	r2---sn-4g5e6nsk.googlevideo.com	1 redirects
1	www.google.de	www.thesundaily.my
1	stats.g.doubleclick.net	www.google-analytics.com
1	htlb.casalemedia.com	anymind360.com
1	fastlane.rubiconproject.com	anymind360.com
1	hbopenbid.pubmatic.com	anymind360.com
1	bidder.criteo.com	anymind360.com
1	adasia-d.openx.net	anymind360.com
1	script.hotjar.com	static.hotjar.com
1	z.moatads.com	s7.addthis.com
1	ced.sascdn.com	anymind360.com
1	static.hotjar.com	www.thesundaily.my
1	s7.addthis.com	www.thesundaily.my
0	loadus.exelator.com Failed	www.thesundaily.my
636	134

This site contains links to these domains. Also see Links.

Domain
click.gamingtrk.com
popup.taboola.com
www.casada-medical.com
om.forgeofempires.com
safesly.com
extraclicktrk.com
anwalt-kg.de
ipaper.thesundaily.my
itunes.apple.com
play.google.com
appgallery7.huawei.com
taongafarm.com

Subject Issuer	Validity	Valid
info.silobreaker.com Cloudflare Inc ECC CA-3	`2020-06-30` - `2021-06-30`	a year	crt.sh
www.thesundaily.my R3	`2021-03-16` - `2021-06-14`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2021-03-23` - `2021-06-15`	3 months	crt.sh
*.google-analytics.com GTS CA 1O1	`2021-03-23` - `2021-06-15`	3 months	crt.sh
odc-prod-01.oracle.com DigiCert SHA2 Secure Server CA	`2021-04-06` - `2022-04-11`	a year	crt.sh
*.innity.net DigiCert Secure Site ECC CA-1	`2020-04-10` - `2021-07-10`	a year	crt.sh
*.s3-ap-southeast-1.amazonaws.com DigiCert Baltimore CA-2 G2	`2020-08-27` - `2021-09-01`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2020-09-06` - `2021-09-06`	a year	crt.sh
anymind360.com R3	`2021-03-09` - `2021-06-07`	3 months	crt.sh
*.scorecardresearch.com Amazon	`2021-02-28` - `2022-03-29`	a year	crt.sh
*.hotjar.com Amazon	`2020-12-25` - `2022-01-23`	a year	crt.sh
*.taboola.com DigiCert TLS RSA SHA256 2020 CA1	`2020-11-25` - `2021-12-26`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-04-06` - `2021-07-03`	3 months	crt.sh
*.sascdn.com DigiCert Secure Site ECC CA-1	`2020-10-14` - `2021-11-11`	a year	crt.sh
*.innity.com Sectigo RSA Domain Validation Secure Server CA	`2020-11-11` - `2021-12-12`	a year	crt.sh
moatads.com DigiCert SHA2 Secure Server CA	`2021-01-21` - `2022-01-25`	a year	crt.sh
*.google.de GTS CA 1O1	`2021-03-23` - `2021-06-15`	3 months	crt.sh
*.google.com GTS CA 1O1	`2021-03-23` - `2021-06-15`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1O1	`2021-03-23` - `2021-06-15`	3 months	crt.sh
*.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2021-04-14` - `2021-07-12`	3 months	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2020-06-18` - `2021-08-17`	a year	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2021-03-05` - `2022-02-19`	a year	crt.sh
*.pubmatic.com DigiCert Baltimore TLS RSA SHA256 2020 CA1	`2020-12-07` - `2021-12-14`	a year	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2020-12-18` - `2022-01-18`	a year	crt.sh
san.casalemedia.com GeoTrust RSA CA 2018	`2021-02-05` - `2022-02-09`	a year	crt.sh
*.smartadserver.com DigiCert ECC Secure Server CA	`2020-01-30` - `2022-02-03`	2 years	crt.sh
*.adasiaholdings.com Go Daddy Secure Certificate Authority - G2	`2019-05-24` - `2021-05-24`	2 years	crt.sh
www.google.com GTS CA 1O1	`2021-03-23` - `2021-06-15`	3 months	crt.sh
www.google.de GTS CA 1O1	`2021-03-23` - `2021-06-15`	3 months	crt.sh
*.gstatic.com GTS CA 1O1	`2021-03-23` - `2021-06-15`	3 months	crt.sh
upload.video.google.com GTS CA 1O1	`2021-03-23` - `2021-06-15`	3 months	crt.sh
misc-sni.google.com GTS CA 1O1	`2021-03-23` - `2021-06-15`	3 months	crt.sh
*.c.docs.google.com GTS CA 1O1	`2021-04-13` - `2021-06-22`	2 months	crt.sh
redintelligence.net R3	`2021-04-21` - `2021-07-20`	3 months	crt.sh
cdn.contentspread.net Go Daddy Secure Certificate Authority - G2	`2020-07-08` - `2021-07-08`	a year	crt.sh
aw.dw.impact-ad.jp SECOM Passport for Web SR 3.0 CA	`2021-03-17` - `2022-03-31`	a year	crt.sh
mas.protecmedia.com R3	`2021-02-14` - `2021-05-15`	3 months	crt.sh
*.criteo.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2021-04-14` - `2021-07-12`	3 months	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2021-03-18` - `2022-04-19`	a year	crt.sh
*.tremorhub.com Amazon	`2020-07-25` - `2021-08-25`	a year	crt.sh
pixel.advertising.com DigiCert SHA2 High Assurance Server CA	`2021-03-01` - `2021-08-24`	6 months	crt.sh
*.bidswitch.net Sectigo RSA Domain Validation Secure Server CA	`2020-04-23` - `2022-05-04`	2 years	crt.sh
*.quantserve.com DigiCert SHA2 High Assurance Server CA	`2020-10-02` - `2021-10-07`	a year	crt.sh
*.innovid.com RapidSSL RSA CA 2018	`2020-02-07` - `2022-04-07`	2 years	crt.sh
ads.stickyadstv.com DigiCert TLS RSA SHA256 2020 CA1	`2020-11-13` - `2021-11-17`	a year	crt.sh
*.stickyadstv.com DigiCert SHA2 High Assurance Server CA	`2019-11-25` - `2022-02-18`	2 years	crt.sh
*.lijit.com Go Daddy Secure Certificate Authority - G2	`2021-03-11` - `2022-04-12`	a year	crt.sh
*.contextweb.com DigiCert SHA2 Secure Server CA	`2020-05-07` - `2022-05-12`	2 years	crt.sh
*.emxdgt.com Go Daddy Secure Certificate Authority - G2	`2020-05-18` - `2021-07-17`	a year	crt.sh
*.bttrack.com Sectigo RSA Domain Validation Secure Server CA	`2021-03-29` - `2022-03-29`	a year	crt.sh
cdn.adnxs.com GeoTrust RSA CA 2018	`2021-03-11` - `2022-02-07`	a year	crt.sh
*.ybp.yahoo.com DigiCert SHA2 High Assurance Server CA	`2020-10-30` - `2021-04-27`	6 months	crt.sh
*.match.prod.bidr.io Amazon	`2021-02-26` - `2022-03-27`	a year	crt.sh
s.amazon-adsystem.com Amazon	`2020-08-28` - `2021-08-20`	a year	crt.sh
public1.adgear.com Sectigo RSA Domain Validation Secure Server CA	`2021-02-24` - `2022-03-26`	a year	crt.sh
*.semasio.net GlobalSign GCC R3 DV TLS CA 2020	`2021-03-09` - `2022-04-10`	a year	crt.sh
*.simpli.fi DigiCert SHA2 Secure Server CA	`2019-09-18` - `2021-12-12`	2 years	crt.sh

This page contains 66 frames:

Primary Page: https://www.thesundaily.my/home/astrazeneca-is-safe-to-be-given-to-senior-citizens-adham-YL7793054?_hsmi=88974744&_hsenc=p2ANqtz-_G5s6CORBttERc_beHteVqqnJIJh5EriMR00fz0Cexxf2lQpsFfBisijUxttE-tNX9yfHTn7fBQWbcOnOkY3_eCosMOOPpTIuaIKsiuCzrvP7v03c
Frame ID: E63648545F8E3EB9C20701D7D5105F58
Requests: 209 HTTP requests in this frame

Frame: https://cdn.innity.net/admanager.js
Frame ID: D321FD922E593D7EE8990DC9708D022A
Requests: 5 HTTP requests in this frame

Frame: https://s3-ap-southeast-1.amazonaws.com/thesun-epaper.com/theSundaily/AFO.html
Frame ID: 71ECCE0513EDBF03C330A8B312497A45
Requests: 3 HTTP requests in this frame

Frame: https://5f7a3c227877733a11b3d8ac75a2ccaf.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 22B1FCC2705AD041A18F5A1E62EEB9F7
Requests: 28 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvepoDsd1jo4mulgB6aM4tg3b0RsjnGZjMNqbN1iw5JctO1yeT2pMCejc4nkQe6BDHB9XammrY57YgeKOA5pjZTU25Yaifw_MVdjTogtdsnNY9kRg1C9u1YH6Czs9GnA3MsHURi6JQLO0sd3PzjtKQTZmNRJCD8eTs6OHdVWyWlVPSI_d5PYbjhaoK8XVjvnHQkRRJ1T_Dr2G5GngwKMnVsUKL3vH1u94BzEDxfnu5O4t8DKHVBzY-NcHjIQEEyip9zkxAZLL5zTMJqlArYvxhpxX8wrXgr6uzSpMbPtcMUFyYg&sai=AMfl-YRo1IYZijNjuPm5pT3bNw-s9eA3B35Wjfo3Q6tNEOzkhPO6HLwoONgeBSNgh0WEYCvcKmkUPeAE1SMqShtP4poCCNVCK5MO8-uhNjGuaM6BRkaFJUdOqaNIZYZz1oJn&sig=Cg0ArKJSzOa9m8mpgo3nEAE&adurl=
Frame ID: AE57A3CA1A54EE30AD0CBA99657A512B
Requests: 8 HTTP requests in this frame

Frame: https://5f7a3c227877733a11b3d8ac75a2ccaf.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: E158510846FFAB92D07B5918A9E9766F
Requests: 13 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsubFKgX0uvcRIRaicNmj4zvfMu0iVdaTIygXksuPTfPi3MDfvmquzMNxyXHI0FLwBW_6EoIOKHMsvFWAsjGade30INtJDm6mejneLZHbvSTyB_xGGVOxcm3VU_pwvZDaGIx2zqCMLcYAJG99_p7gIIQbQvGBRCH3dPtE2bWQO7TOB2JJsGPTWtNb9vFsBN7UNPHTeUSMr7o4iCAT0nvtw_KQkUGtI2gtQGpZZT_7UwMBSHZUXrKH3mI0EWKFbWjzuN32y8KUDSXgLzA1ufXIS3Ay6BSyVWZHZQdMmWn6YWyPhkD&sai=AMfl-YQECTDzo7gH1YseBLJ1vdRoPD5eUEyxcqn9stlBJHLvuFzFKQSZd5qFjVHKV5yc88ndG7tpCC98RrWUfi9ABZMzbWFpW3JPXPXdriCkJfnaPG-XsptVVSrBlakfIN7I&sig=Cg0ArKJSzKLot_kxNKXWEAE&adurl=
Frame ID: F49EF2441BDE985032DFD21B9AA811BB
Requests: 8 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvYjQxTJ8QnMuvXKD0BWylc_l1vnEs45akbtvzl8vKSpGhGw8-4FHSpWeea90NZ9g2Tp5vsHZj1PB7Iee08jxpNdOIgty2Pjju1-VsmhaVCk6BM961plO3rNDU3mqyMHwINcQXI8ot4NgeNHWYfCWX5KbpqTR3H7_8R8mSY1A-89MCm74hvFjqpxz8yrEafmvvJVo-_-ihJdkmpu2w4m75x54oIHCFXp5kyz85_TuyBqsLZcC5K5GOKIV1VZHclBG-xSk5rIcBybZ0UpRIfxpGp10yaCkAj4hire6Y1inEfcUJr&sai=AMfl-YQwaJ0gW9Rpa-ZY6gmuycLN8sBG0_k7VAQhKRCi3ax_OzMrNZk3LljeGKP36pcEoS9kEBWanBe9nb5InfNJWBsTCPq_wiohd8cmka8gIWfX4R9czVGCSARxWRbPvmRa&sig=Cg0ArKJSzAsJazhdhFB_EAE&adurl=
Frame ID: EE3E4C696A333904A07DB311DEB5DF20
Requests: 7 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstEv2ayNFl3yZlSdkwPWteSRt_sG02dAP3L3CdxTnyX4c7FieszkstFs8zKy-0e9giwf_5NWUZmV90tSVSPfOf6ef9e87LG8vPY2NAAM289lc3REgGMUppsEBTImNm6ryP1PTBx070StI9AIGhkHIhCwqOhlE_jadTJl2uqVtgxBo7fn9B25aYtoM1EefuJUx-4hlgZaMHLL9ytBPTqjtLpSA7TpVtQUBVdpUKOaJ7CptbIvQt_y-jaK50JmqNGLk53ievtq0vtXaHavd4SugX9Yie9ny1l1V_R4KtAMAPdC7EZ&sai=AMfl-YQkSc_GB0zlo502MSj_F1p4WCvX5zre6ckg_nX8R_ECbb_jp1Ng_uCYUsrsC7fmJKlBa7PEEOGlM54g_wn45sAYkMeSCliTTToSqKDkjbS9WN86ukMt1AcJ7as0dSUC&sig=Cg0ArKJSzK3QVxhCbX28EAE&adurl=
Frame ID: 76805981BBCF23A366C86A63B85B220C
Requests: 8 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsYj6_ClQEwAQ&v=APEucNUTIp87Ma6c46hiIXXfhiOlTfSVqzckMSDlpqE9NVACMlFDZup8liGzcenNC_QrMCd7z_vGh1NFlj3J5kNiFiJUl_X6O-c-FNKU7jLcr-B3mOkhSNxBT4FkSusCvbqQaDtNWGpp2R5ASg3pcu1qJiZbpwqyatWAq6q34JIcP3C9W9Z-FAJairSkH_7i7KXF5urOznn8LKsoVWheewXfzRl6ne7klA
Frame ID: 97A1E3EEFDF59626C7828F2090EFCD81
Requests: 4 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 6238B2AB87D35D8BE534763D21A017D6
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Frame ID: B900FB973B3D1563963163E099719DAB
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20210422/r20190131/zrt_lookup.html
Frame ID: EE7FBE0FE60D03AE76BA59D66DF82FC6
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6999968698827395&output=html&h=250&slotname=9935330980&adk=3580731020&adf=3496064688&pi=t.ma~as.9935330980&w=300&lmt=1619435961&psa=0&format=300x250&url=https%3A%2F%2Fwww.thesundaily.my%2Fhome%2Fastrazeneca-is-safe-to-be-given-to-senior-citizens-adham-YL7793054%3F_hsmi%3D88974744%26_hsenc%3Dp2ANqtz-_G5s6CORBttERc_beHteVqqnJIJh5EriMR00fz0Cexxf2lQpsFfBisijUxttE-tNX9yfHTn7fBQWbcOnOkY3_eCosMOOPpTIuaIKsiuCzrvP7v03c&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1619435961184&bpp=12&bdt=1408&idt=76&shv=r20210422&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3De3d6216e8f34a7bf-22ed5eaef1c70050%3AT%3D1619435960%3AS%3DALNI_MZZAhX_12i2lcgiNsdHRzfKQXL_FQ&correlator=3256238547201&frm=20&pv=2&ga_vid=353529585.1619435960&ga_sid=1619435960&ga_hid=1243480928&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1040&ady=2951&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C21068108%2C31060839&oid=3&pvsid=3866203379239951&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=13&uci=a!d&btvi=1&fsb=1&xpc=FHWuNUYsg8&p=https%3A//www.thesundaily.my&dtd=90
Frame ID: D53A057FED2BB0DA9195BE462561ED95
Requests: 14 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6999968698827395&output=html&h=600&slotname=3502211389&adk=549021246&adf=281698034&pi=t.ma~as.3502211389&w=300&lmt=1619435961&psa=0&format=300x600&url=https%3A%2F%2Fwww.thesundaily.my%2Fhome%2Fastrazeneca-is-safe-to-be-given-to-senior-citizens-adham-YL7793054%3F_hsmi%3D88974744%26_hsenc%3Dp2ANqtz-_G5s6CORBttERc_beHteVqqnJIJh5EriMR00fz0Cexxf2lQpsFfBisijUxttE-tNX9yfHTn7fBQWbcOnOkY3_eCosMOOPpTIuaIKsiuCzrvP7v03c&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1619435961197&bpp=2&bdt=1420&idt=115&shv=r20210422&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3De3d6216e8f34a7bf-22ed5eaef1c70050%3AT%3D1619435960%3AS%3DALNI_MZZAhX_12i2lcgiNsdHRzfKQXL_FQ&prev_fmts=300x250&correlator=3256238547201&frm=20&pv=1&ga_vid=353529585.1619435960&ga_sid=1619435960&ga_hid=1243480928&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1040&ady=3708&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C21068108%2C31060839&oid=3&pvsid=3866203379239951&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=14&uci=a!e&btvi=2&fsb=1&xpc=XyCO8G3lCI&p=https%3A//www.thesundaily.my&dtd=119
Frame ID: 0F1B04C9E16C0D4EC7378D9A93ED8280
Requests: 8 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6999968698827395&output=html&h=250&slotname=5114150528&adk=120511616&adf=2751417941&pi=t.ma~as.5114150528&w=300&psa=0&format=300x250&url=https%3A%2F%2Fwww.thesundaily.my%2Fhome%2Fastrazeneca-is-safe-to-be-given-to-senior-citizens-adham-YL7793054%3F_hsmi%3D88974744%26_hsenc%3Dp2ANqtz-_G5s6CORBttERc_beHteVqqnJIJh5EriMR00fz0Cexxf2lQpsFfBisijUxttE-tNX9yfHTn7fBQWbcOnOkY3_eCosMOOPpTIuaIKsiuCzrvP7v03c&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1619435961243&bpp=2&bdt=82&idt=203&shv=r20210422&cbv=r20190131&ptt=9&saldr=aa&cookie=ID%3De3d6216e8f34a7bf-22ed5eaef1c70050%3AT%3D1619435960%3AS%3DALNI_MZZAhX_12i2lcgiNsdHRzfKQXL_FQ&correlator=3256238547201&frm=23&ife=1&pv=1&ga_vid=353529585.1619435960&ga_sid=1619435961&ga_hid=1372567628&ga_fc=1&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1040&ady=2676&biw=1600&bih=1200&isw=300&ish=250&ifk=2991338289&scr_x=0&scr_y=0&oid=3&pvsid=3912251608612625&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.mdw51gcrxzsj&btvi=1&fsb=1&dtd=211
Frame ID: C6B05D9C0F4A426C922D17A5B504D3EE
Requests: 10 HTTP requests in this frame

Frame: https://hal900013.redintelligence.net/request_content.php?s=55752200112266400710584011576013&a=abac143e
Frame ID: 63D4369C8C3DD53BC13D577B3AB13994
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Frame ID: B3230E8527C1BF7CCE55AE35803DA58F
Requests: 9 HTTP requests in this frame

Frame: https://ssl-avd.innity.net/1/container_576b5a051c51b1c0244bca09.js
Frame ID: DB75DC2A169B65BE0404B910CD1131F4
Requests: 6 HTTP requests in this frame

Frame: https://ssl-avd.innity.net/1/container_549927e79bd1fa1a040041a9.js
Frame ID: F5E48C5C3DE3BBCF76E5918BFAD6252D
Requests: 1 HTTP requests in this frame

Frame: https://imprammp.taboola.com/st?cipid=7991117&ttype=0&cirid=2AA9DEB79826211485392253757&cicmp=1337627&cijs=1&dast=V7XuUCFgMx4ZFo0aUEZgQx4ZFo0aUEZgUAAAAGBugHHLJgMEcsCm85nMwmi8VoOFosJoPFZDUYDJYwMYvFYjRcrUZjzWKxGE1mq-EUDLbwOd3dbdhA0-nwue71ut_vLjq6PK-7yeE0O-9q518OAAAAAA8ARC3REDu-De0RAAAAABI8I9cKFAEV_xYCFwAAAAAYAARi4RoAUBwG4rKcnXZ_AAA8FIAAAAhghACwhEKIAAAAAIwAAAAAkAAIJBaWADjcLZoAAATkNZzvop4AAAAc1Mk8bbP8____xwDkvTfJAFCkbdwY9AA8-AA8CAEAAFwM1bCgehgGuEMRFVQWMQIAAADIygdaPprUCZVF1f___78VwBUAQEBewzlvbdbNSTFrGAAAAMDYAj0sfr_ZYdf43S77_________zf7PwNAE5LywE0LsqLYU-MZuVZY-wUEAGB7NwCAtwC4mAOwAwAAALj7____zwMAADjZo2R7rcazR1nvM9jC53R312_CFqPVZLJZDmfLxWQwHA1Ho_0J4HKAEzFYLieTxWS3Gq1Gm-FuNBssUCAGE5yQ4WgzWY12q91kOZyMRrPNZIMUrVrNRpvBcDWbzHa71XAwXI5GSNGaxWwyWcxGy91msJyMBsPJcIgHVefS-bw6HxtwOZeMlnPZaC4ZbFYJAAAAAAAAAGAJU-ZNAAAAAE6DmM0mu92KG2_2TBBrtVrWAAAAANy6kQM!&excid=22&tst=1&docw=0&cs=false
Frame ID: 75DB2E2451ED936ED39F262318A01B8B
Requests: 1 HTTP requests in this frame

Frame: https://imprammp.taboola.com/st?cipid=7991117&ttype=0&cirid=FE42C649D4236770291241570006&cicmp=1337627&cijs=1&dast=V7da4CFgMx4ZFo0aUEZgQx4ZFo0aUEZgUAAAAGBugHGsYiTTa00XJEmmxmu91gMlwuh5vBbjVcwsQsFovRcLUajTWLxWI0ma2GUzDYwud0d7dhA02nw-e61-t-v7vo6PK87iaH0-y8q51_OQAAAAA8ABC1REPs-Da0RwAAAABI8IxcK1AEVPxbCFwAAAAAYAAQiIVrAEBxGIjLcnba_QEA8FAAAgAggBECwBIKIQIAAAAwAgAAAEACIJBYWALgcLdoAgAQkNdwvot6AgAAcFAn87TN8v___x8DkPfeJANAkbZxY9AD8OAD8CAEAABwMRRFNXxorLRnS1SQWsQIAAAAICsfaPloUidUFlX_____VgBXAAABeQ3nvLVZNyfFrGEAAAAAYwv0sPj9Zodd43e77P_________f7P8MAE1IygM3LciKYk-NZ-RaYe0XEACA7d0AAN4C4GIOwA4AAADg7v___z8PAAAgaY-S7bUazx5lvc9gC5_T3V2_CVuMVpPJZjmcLReTwXA0HI32J4DLAU7EYLmcTBaT3Wq0Gm2Gu9FssECBGExwQoajzWQ12q12k-VwMhrNNpMNUrRqNRttBsPVbDLb7VbDwXA5GiFFaxazyWQxGy13m8FyMhoMJ8MhHlSdS-fz6nxswOVcMlrOZaO5ZLBZJQAAAAAAAACAJUyZNwEAAAA4DWI2m-x2K2682TNBrNVqWQMAAABw60YO!&excid=22&tst=1&docw=0&cs=false
Frame ID: 5AF10D79C237AE2C3C39B642F05692F3
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html
Frame ID: 473DC62156A8AA9DC914DF8F382CB1D1
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6999968698827395&output=html&adk=1812271804&adf=3025194257&lmt=1619435961&plat=1%3A16809992%2C2%3A32776%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.thesundaily.my%2Fhome%2Fastrazeneca-is-safe-to-be-given-to-senior-citizens-adham-YL7793054%3F_hsmi%3D88974744%26_hsenc%3Dp2ANqtz-_G5s6CORBttERc_beHteVqqnJIJh5EriMR00fz0Cexxf2lQpsFfBisijUxttE-tNX9yfHTn7fBQWbcOnOkY3_eCosMOOPpTIuaIKsiuCzrvP7v03c&ea=0&flash=0&pra=7&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1619435961742&bpp=3&bdt=1965&idt=4&shv=r20210422&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3De3d6216e8f34a7bf-22ed5eaef1c70050%3AT%3D1619435960%3AS%3DALNI_MZZAhX_12i2lcgiNsdHRzfKQXL_FQ&prev_fmts=300x250%2C300x600&nras=1&correlator=3256238547201&frm=20&pv=1&ga_vid=353529585.1619435960&ga_sid=1619435960&ga_hid=1243480928&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C21068108%2C31060839&oid=3&pvsid=3866203379239951&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=0&bc=31&ifi=15&uci=a!f&fsb=1&dtd=17
Frame ID: 8A54125858B57FE2028E428C57C4FCCB
Requests: 1 HTTP requests in this frame

Frame: https://imprammp.taboola.com/st?cipid=7991117&ttype=0&cirid=2780B557FB247400181887100807&cicmp=1337627&cijs=1&dast=V7idQCFgMx4ZFo0aUEZgQx4ZFo0aUEZgUAAAAGBugHHLIbDias1W5GoYx2o8FgsVvshpvBbLUcTJYwMYvFYjRcrUZjzWKxGE1mq-EUDLbwOd3dbdhA0-nwue71ut_vLjq6PK-7yeE0O-9q518OAAAAAA8ARC3REDu-De0RAAAAABI8I9cKFAEV_xYCFwAAAAAYAARi4RoAUBwG4rKcnXZ_AAA8FIAAAAhghACwhK6IAAAAAIwAAAAAkAAIJBaWADjcLZoAAATkNZz3Rp0AAAAc1Mk8bbP8____xwDkvTfJAFCkbdwY9AA8-AA8CAEAAFwMbbv1RHM0224SFZwWMQIAAADIygdaPprUCZVF1f___78VwBUAQEBew3nvX9bNSTFrGAAAAMDYAj0sfr_ZYdf43S77_________zf7PwNAE5LywE0LsqLYU-MZuVZY-wUEAGB7NwCAtwC4mAOwAwAAALj7____zwMAADDZo2R7rcazR1nvM9jC53R312_CFqPVZLJZDmfLxWQwHA1Ho_0J4HKAEzFYLieTxWS3Gq1Gm-FuNBssUCAGE5yQ4WgzWY12q91kOZyMRrPNZIMUrVrNRpvBcDWbzHa71XAwXI5GSNGaxWwyWcxGy91msJyMBsPJcIgHVefS-bw6HxtwOZeMlnPZaC4ZbFYJAAAAAAAAAGAJU-ZNAAAAAE6DmM0mu92KG2_2TBBrtVrWAAAAANy6kQM!&excid=22&tst=1&docw=0&cs=false
Frame ID: 24681A724C7552B0D85F9905FF38556E
Requests: 1 HTTP requests in this frame

Frame: https://vars.hotjar.com/box-5e3cec51ed8e99df6977c199d27812d7.html
Frame ID: 755F380546751AC993274D7C36C2645E
Requests: 1 HTTP requests in this frame

Frame: https://aw.dw.impact-ad.jp/c/ur/callback_dac/?oid=d3a712103738215a
Frame ID: 9AA47B0D7670EE77ACD61E385B25C145
Requests: 4 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1684394985928583253/index.html
Frame ID: AB7D9FAA486FB7074029052F41E83C13
Requests: 21 HTTP requests in this frame

Frame: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=7993797&crid=5029295&dast=V75g8CFgOOnMIAPEMHZgSOnMIAPEMHZgUAAAAGBvQHGbOgjCjDEY3CYc6Wo9FysVksZqvRcDeEjVlQRpThiEbhMGfL0Wg5mCwmo91uMBtMpvBhLJfJoBZIWGa_76CgnJ4es8sgKrreFrvDafa8QQxNp8Pnutfrfr-76OjyvO4mh9PsvKudf6Hf7fIrPKfLw_qyuzwOt9Lz1jxsLrfo75a43Dqn7WV3i_5uzcvu9FveGqfpaX3ZPW-Fyehwu5Vl3m65GaxGcwAAAAB4AGDqfYX4AQQAiAAAAACQAAAAAKAIqPi3ELgAAAAAwAAgcGvVAIDiMBCX5ey0-wMA4KEABABAAIMEQCCypQTgYiv0BAAAAAAAAACA5f___z8GIC-_WAZgw-etB-DBB-CBqOCwiBEAAABAVj7Q8tGkTqgsqgAACNKtAK4AAALyGs55GcIAAAAExhboYfH7zQ67xu92GQAAAAAAAACA2f_ZP5qQlAduWpAVxZ7aLyAAwNovIAAAm7oBALwFwAUdQSsGg9UpxG44W-xGk81ydgAAAAB3_____3ogMlrZRg6PZeWwTGy7iW04s-xWM99wZJs5d4PFwntAcSWW4lUNdH0hwjL7fQcF5fT0mF0GUdH1ttgdTrPnID5oGJaTQTC_CVuMVpPJZjmcLReTwXA0HI32J4DLAU7EYLmcTBaT3Wq0Gm2Gu9FssECBGExwQoajzWQ12q12k-VwMhrNNpMNUrRqNRttBsPVbDLb7VbDwXA5GiFFaxazyWQxGy13m8FyMhoMJ8MhwthosnLZfBu3ZjDzrEWzlWmtsPlWbt1mMJotjLvhYGNxi14f0284mOw2wy0KBkjtRXCRTkRHl-d1NzmcZudFLNGcLNKJ7LKvjFa2kcNjWTksE9tuYhvOLLvVzDcc2WbO3WCx8NdGk5XL5tu4NYOZZy2arUxrhc23cus2g9FsYdwNBxuLW_T6mH7DwWS3Ge4bs8VytFktZ4N9Y7ZYjjar5Wyw79AZvqvP2ehMiw8emXa9u96KMvNB4TJYvD-JaTHtzg5-aevo9Pk8yoLOKLx-j16DwnPwmMbLW-1Y3j6b6eMwoYglgtNFOhG9jKeLWCJ5WqQT0ciy8i0mHsdqt3DZDIvBZrma7WYuj8Xk8sxmE4tYojRdpBO90O92-RWe0-VhfdldHodb6XlrHjaXW_R3S1xundP2srtFf7fmZXf6LW-N0_S0vuyet8JkdLjdyrNvt9wMVqOJ-o8NuJxLRsu5bDSXDDarBAAAAAAAAACwhDnzJgAAAACnQcyGk81uuQAQDl26QAI-TLYRHou79mNeBUaCCjXFjR8v0NHled1NDqfZeebNnglirVbLGgAAQAAbAAAggFs3bwFhkRw!&cmcv=&pix=undefined&cb=1619435961995&uv=2958&tms=1619435961995&abt=adh5c-1_vA!insc_vA!nrlc_vA!ntvc_vB!rft_vC!secure_protocol_vA!secure_protocol_vB!secure_vB!spa2_vA!ufm_vD&ft=0&su=3&unm=FEED_MANAGER&aure=false&agl=1&cirid=3A2D28DFBC969449131165487&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Frame ID: 63EC09E0AFF69FB46E3DFF265C4F31D0
Requests: 6 HTTP requests in this frame

Frame: https://am-match.taboola.com/sync?dast=V75g8CFgOOnMIAPEMHZgSOnMIAPEMHZgUAAAAGBvQHGbOgjCjDEY3CYc6Wo9FysVksZqvRcDeEjVlQRpThiEbhMGfL0Wg5mCwmo91uMBtMpvBhLJfJoBZIWGa_76CgnJ4es8sgKrreFrvDafa8QQxNp8Pnutfrfr-76OjyvO4mh9PsvKudf6Hf7fIrPKfLw_qyuzwOt9Lz1jxsLrfo75a43Dqn7WV3i_5uzcvu9FveGqfpaX3ZPW-Fyehwu5Vl3m65GaxGcwAAAAB4AGDqfYX4AQQAiAAAAACQAAAAAKAIqPi3ELgAAAAAwAAgcGvVAIDiMBCX5ey0-wMA4KEABABAAIMEQCCypQTgYiv0BAAAAAAAAACA5f___z8GIC-_WAZgw-etB-DBB-CBqOCwiBEAAABAVj7Q8tGkTqgsqgAACNKtAK4AAALyGs55GcIAAAAExhboYfH7zQ67xu92GQAAAAAAAACA2f_ZP5qQlAduWpAVxZ7aLyAAwNovIAAAm7oBALwFwAUdQSsGg9UpxG44W-xGk81ydgAAAAB3_____3ogMlrZRg6PZeWwTGy7iW04s-xWM99wZJs5d4PFwntAcSWW4lUNdH0hwjL7fQcF5fT0mF0GUdH1ttgdTrPnID5oGJaTQTC_CVuMVpPJZjmcLReTwXA0HI32J4DLAU7EYLmcTBaT3Wq0Gm2Gu9FssECBGExwQoajzWQ12q12k-VwMhrNNpMNUrRqNRttBsPVbDLb7VbDwXA5GiFFaxazyWQxGy13m8FyMhoMJ8MhwthosnLZfBu3ZjDzrEWzlWmtsPlWbt1mMJotjLvhYGNxi14f0284mOw2wy0KBkjtRXCRTkRHl-d1NzmcZudFLNGcLNKJ7LKvjFa2kcNjWTksE9tuYhvOLLvVzDcc2WbO3WCx8NdGk5XL5tu4NYOZZy2arUxrhc23cus2g9FsYdwNBxuLW_T6mH7DwWS3Ge4bs8VytFktZ4N9Y7ZYjjar5Wyw79AZvqvP2ehMiw8emXa9u96KMvNB4TJYvD-JaTHtzg5-aevo9Pk8yoLOKLx-j16DwnPwmMbLW-1Y3j6b6eMwoYglgtNFOhG9jKeLWCJ5WqQT0ciy8i0mHsdqt3DZDIvBZrma7WYuj8Xk8sxmE4tYojRdpBO90O92-RWe0-VhfdldHodb6XlrHjaXW_R3S1xundP2srtFf7fmZXf6LW-N0_S0vuyet8JkdLjdyrNvt9wMVqOJ-o8NuJxLRsu5bDSXDDarBAAAAAAAAACwhDnzJgAAAACnQcyGk81uuQAQDl26QAI-TLYRHou79mNeBUaCCjXFjR8v0NHled1NDqfZeebNnglirVbLGgAAQAAbAAAggFs3bwFhkRw!&excid=22&docw=0&cijs=1&nlb=true
Frame ID: BDDFBECEB9ED51CE93CCF83AEB5AF211
Requests: 6 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 0662968EFC8EB14164BD677461BD28F0
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6999968698827395&output=html&h=600&slotname=9497258750&adk=365577592&adf=2751417938&pi=t.ma~as.9497258750&w=160&psa=0&format=160x600&url=https%3A%2F%2Fwww.thesundaily.my%2Fhome%2Fastrazeneca-is-safe-to-be-given-to-senior-citizens-adham-YL7793054%3F_hsmi%3D88974744%26_hsenc%3Dp2ANqtz-_G5s6CORBttERc_beHteVqqnJIJh5EriMR00fz0Cexxf2lQpsFfBisijUxttE-tNX9yfHTn7fBQWbcOnOkY3_eCosMOOPpTIuaIKsiuCzrvP7v03c&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1619435961809&bpp=4&bdt=193&idt=225&shv=r20210422&cbv=r20190131&ptt=9&saldr=aa&cookie=ID%3De3d6216e8f34a7bf-22ed5eaef1c70050%3AT%3D1619435960%3AS%3DALNI_MZZAhX_12i2lcgiNsdHRzfKQXL_FQ&correlator=3256238547201&frm=23&ife=1&pv=1&ga_vid=353529585.1619435960&ga_sid=1619435962&ga_hid=1087719516&ga_fc=1&nhd=1&u_tz=120&u_his=4&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1110&ady=4378&biw=1600&bih=1200&isw=160&ish=600&ifk=1594691852&scr_x=0&scr_y=0&eid=44740386&oid=3&pvsid=11907315495935&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C160%2C600&vis=1&rsz=%7C%7CEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.6uytnh5uuri&btvi=1&fsb=1&dtd=232
Frame ID: BDE305A67B62F2208AB4AC372E439F87
Requests: 10 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si
Frame ID: 81C04B39A2A156CEE3693AB1E789BAF1
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si
Frame ID: 12BF4F424058893727A8670FB681F01C
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 4A6C012773792357071091EEC92B96C2
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html
Frame ID: E7640E64890195637941374F64612716
Requests: 2 HTTP requests in this frame

Frame: https://am-match.taboola.com/sync?dast=V75g8CFgOOnMIAPEMHZgSOnMIAPEMHZgUAAAAGBvQHGbOgjCjDEY3CYc6Wo9FysVksZqvRcDeEjVlQRpThiEbhMGfL0Wg5mCwmo91uMBtMpvBhLJfJoBZIWGa_76CgnJ4es8sgKrreFrvDafa8QQxNp8Pnutfrfr-76OjyvO4mh9PsvKudf6Hf7fIrPKfLw_qyuzwOt9Lz1jxsLrfo75a43Dqn7WV3i_5uzcvu9FveGqfpaX3ZPW-Fyehwu5Vl3m65GaxGcwAAAAB4AGDqfYX4AQQAiAAAAACQAAAAAKAIqPi3ELgAAAAAwAAgcGvVAIDiMBCX5ey0-wMA4KEABABAAIMEQCCypQTgYiv0BAAAAAAAAACA5f___z8GIC-_WAZgw-etB-DBB-CBqOCwiBEAAABAVj7Q8tGkTqgsqgAACNKtAK4AAALyGs55GcIAAAAExhboYfH7zQ67xu92GQAAAAAAAACA2f_ZP5qQlAduWpAVxZ7aLyAAwNovIAAAm7oBALwFwAUdQSsGg9UpxG44W-xGk81ydgAAAAB3_____3ogMlrZRg6PZeWwTGy7iW04s-xWM99wZJs5d4PFwntAcSWW4lUNdH0hwjL7fQcF5fT0mF0GUdH1ttgdTrPnID5oGJaTQTC_CVuMVpPJZjmcLReTwXA0HI32J4DLAU7EYLmcTBaT3Wq0Gm2Gu9FssECBGExwQoajzWQ12q12k-VwMhrNNpMNUrRqNRttBsPVbDLb7VbDwXA5GiFFaxazyWQxGy13m8FyMhoMJ8MhwthosnLZfBu3ZjDzrEWzlWmtsPlWbt1mMJotjLvhYGNxi14f0284mOw2wy0KBkjtRXCRTkRHl-d1NzmcZudFLNGcLNKJ7LKvjFa2kcNjWTksE9tuYhvOLLvVzDcc2WbO3WCx8NdGk5XL5tu4NYOZZy2arUxrhc23cus2g9FsYdwNBxuLW_T6mH7DwWS3Ge4bs8VytFktZ4N9Y7ZYjjar5Wyw79AZvqvP2ehMiw8emXa9u96KMvNB4TJYvD-JaTHtzg5-aevo9Pk8yoLOKLx-j16DwnPwmMbLW-1Y3j6b6eMwoYglgtNFOhG9jKeLWCJ5WqQT0ciy8i0mHsdqt3DZDIvBZrma7WYuj8Xk8sxmE4tYojRdpBO90O92-RWe0-VhfdldHodb6XlrHjaXW_R3S1xundP2srtFf7fmZXf6LW-N0_S0vuyet8JkdLjdyrNvt9wMVqOJ-o8NuJxLRsu5bDSXDDarBAAAAAAAAACwhDnzJgAAAACnQcyGk81uuQAQDl26QAI-TLYRHou79mNeBUaCCjXFjR8v0NHled1NDqfZeebNnglirVbLGgAAQAAbAAAggFs3bwFhkRw!&excid=22&docw=0&cijs=1&nlb=true
Frame ID: 8C0EC5C426CB1E194D3360B6859454EF
Requests: 6 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/wkpRfPPcRT5gRuVOwfaUS9di2m_GhEf8-oTDdHI7uwk.js
Frame ID: E0D3C6B9C6A7622E38B8F92A5713A236
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/wkpRfPPcRT5gRuVOwfaUS9di2m_GhEf8-oTDdHI7uwk.js
Frame ID: B46DF8E3E14B5245F337FDF53E23360A
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si
Frame ID: 58440B1B31E730309010DDA471B881B0
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 26B14426C4198DE09F6B68DA208A3257
Requests: 9 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012103020108001/amp4ads-v0.mjs
Frame ID: 621F3C7148C02E0404979B609A7DC914
Requests: 15 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuF4TECX2cRip_-emmBC4lljHOtqVnDe_7ZJCmo1u6bIGsxX8miZnzmhe4AEJUxAvs0wBjZZjFSLo_U9N8XANm3D4rFtOJO5jhGDi9STgK8J4mpPMRAYfqibXd5-eBRBksZqE1Jn8bhyOwJz3Tb6D5zJV9hzcaR56kOS8_ZjiZQrheiGRAdIm0fPtPhoX1sS4u4QMHKtiGr4H7etfhQouVdiKXh9OJhZ3htpeujzF2oeZAdqEOG6F6WfhejPnxY6Ejybxj9oyo1vtPg3RwWLp2q45Bbu8EaSB4LPQvsqr2hUgmk&sai=AMfl-YT5zSYyWAnh86sOhaExAP38rXE3EVDG7F1SFfpA3YCCQO5LNlAmSIAgSFy_PxhGJCGuhWagY2WKS-882hOpJw03QgUxGro-5Rl4g0HS4Hd_ZQOzeW4p8aJ2hJCl-lS-&sig=Cg0ArKJSzAPlH49VItQ_EAE&adurl=
Frame ID: 025B0DD1752E1B17E3D5C1EE7F3E16FC
Requests: 8 HTTP requests in this frame

Frame: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Frame ID: 20B35D468646488B67FC886AC604ECF5
Requests: 4 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012103020108001/amp4ads-v0.mjs
Frame ID: 704F4668932554B5F75F57A35285E8D0
Requests: 15 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012103020108001/amp4ads-v0.mjs
Frame ID: D9757CC6CFB8222C5C75954A78ACFA89
Requests: 14 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsulrlCT8pATkmISIuIMvaWGcNPx_R0k8tO5b5XNBFy2zbvi7niRuK4dHe956zs6oOhbEmzEnNoiNM9Ky9va7RWpRCWhg5KfVQ6FlVriqHYZy7qCIz52z5GEACpBivFhWnahm3p_axXgthrd6wNq5lnJETq-JHxvb3QEXHYDJ5AGdiDwZPn9jM_ACeTcJ7RGdaIlZWP-buG_xxDoKkmTeV8WwBuVb2i9WlaMG53kgbgyVbaeEQwBFetRNo1ZdRBWKfgwXCPN8u6uqIWsEU55JuyxKMCJU4sS2WfyTj-fCx6O-NoM&sai=AMfl-YQYtMWdDAjB3oBPgMQqG3kiaWBHOU7dQVDzZ0OkD3VDlVjhtbq1NRDrfDEnPw_cv6EQuXTWb95VStPYRbZtfJ_-Tgg4fDzxAGPdNVTDvpya7fnjwPUxdpGbFlrW2FUt&sig=Cg0ArKJSzJBHEIIj6N8LEAE&adurl=
Frame ID: D65F86F9386137CFDAE9BAE56447184B
Requests: 7 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvnFgiyEZw-Rgu-Fj531TfaUpQGMS6KG1tVLKVRtnfOkK9ebLCvG_-zBDwgZQrxjO7y1Y9HJ9upsWMwktN36cf3OyrM8Y3_lQV-693gTIbCzdNqUxaq_xK6TM1-qUJxAkYrh3DxDkKETsi56elZrvxOz-PGeA1cEuAF7vesQo-arjQQMwUde-T70NCdIKiD-o8GLuYQs5qOVhkKFydmyCDRL4VYPtjhyqwHsRbppl6-7Y78TBbhEWYjR5x1QIhVA52bAs0RUaIsiiNPJQ7fJfgdtFavqD6tRCoq1i-cIneffSKm&sai=AMfl-YTFw35qYdea_xuUEtaIHV44pdvQAYZPtFZhImEycrN_m-xqG-eWhp4zM7YFDGqG56KEkHo-I_dcVNzVELrnw8K8TLmMksy4W_lXQHnIV_3KCvuv4-Okng60v2IMQJSm&sig=Cg0ArKJSzJSogrjSZoqjEAE&adurl=
Frame ID: BF1DE88D19CDE4C5611FA7F8DE58FD89
Requests: 7 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstFt9jrbfS-lapz6jWQ1hsJk6QbXDc729XpfNqG2jUrbUmpr0tJKUp-DixQhq46mtbNDkbdmUHMsjEpGdxR5eNGkRwjCZ97kJnX7nB2F0_pJSyRyQMB1SJzpI8yn5LVMawK-2FmY4pttrtQ9XGdzAW17yD11PyTUn9J9Rpd98GeBk5-ZUXAWovskjFQ22jK-igxNnoPMjV4ulrF1BjJgL06WjEZ3MakHXBg8g187co99sZPIrET-qUuVKzbtsPerZPcABV51qANKGkOEbai457IRWbA2hlY7i3ghYcq1loS7rPx&sai=AMfl-YTRb1jc_2_0MQuQjTvDBKu_0NED4-yDn9vFarrMj1VqIFA8a7BOBoCy4JMFFu7T1yYlyvgEuSvVgTr08Tgmm53LxQtmirBZx3cRWB8bPNbHM5G9aubSgFl84LywYtxg&sig=Cg0ArKJSzIlG9IEDKacyEAE&adurl=
Frame ID: 25F294D678B2D803CF33FE2D49453F81
Requests: 8 HTTP requests in this frame

Frame: https://match.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=902d8956-0dfd-4bde-9a44-ed5d464a74aa&tbid=b52d0d6d-23ae-409f-97e9-10b67c82e353-tuct780273a&query=taboola_hm%3D902d8956-0dfd-4bde-9a44-ed5d464a74aa&isDirect=0
Frame ID: E0C13D251C173FFCD64E5CE3066A8DD8
Requests: 18 HTTP requests in this frame

Frame: https://match.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=902d8956-0dfd-4bde-9a44-ed5d464a74aa&tbid=b52d0d6d-23ae-409f-97e9-10b67c82e353-tuct780273a&query=taboola_hm%3D902d8956-0dfd-4bde-9a44-ed5d464a74aa&isDirect=0
Frame ID: F6184702164AA19CEED8302031ABFADA
Requests: 18 HTTP requests in this frame

Frame: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=569ad57e-43c9-460e-9a8f-667f824c03af&gdpr=1
Frame ID: D11B8E62C97DF6CD3DEE9BA085FDD294
Requests: 11 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: 6FE6EF3222ED49606CEBDDC16D75E8B0
Requests: 3 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: 43B5C6E994A2096AE8898F2B7F4F1108
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 26A87C668E42279293370E2F085E6DFB
Requests: 3 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: 0F3CAEBEBB1D427E413728639CD178AF
Requests: 18 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/wkpRfPPcRT5gRuVOwfaUS9di2m_GhEf8-oTDdHI7uwk.js
Frame ID: E34D5C4A85EFD0EEB43A412CEEE86C62
Requests: 1 HTTP requests in this frame

Frame: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Frame ID: A2F08C2934C34E772CFC7F87C9BCE47A
Requests: 6 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?d=https://www.thesundaily.my/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Frame ID: ECD010FBC4BB9F07273AE263D6F89D92
Requests: 10 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=
Frame ID: 78BF0D3B93BD0626E1D240652CBC60B2
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=75074705950488085
Frame ID: 0EEE831DE71F00C7FAB12AE33FA5C6CB
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=6955424520543533205
Frame ID: 7DA3A4C6EB1D5B528577A5D5F3572794
Requests: 1 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?topUrl=www.thesundaily.my
Frame ID: 5F028DA895550182427066687C7241E2
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html
Frame ID: 73501CF123E5915FD9340123324D18D0
Requests: 2 HTTP requests in this frame

Frame: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Frame ID: D855D3A52906F0AD3BFD172BBD832ACF
Requests: 6 HTTP requests in this frame

Frame: https://am-match.taboola.com/sync?dast=V75g8CFgOOnMIAPEMHZgSOnMIAPEMHZgUAAAAGBvQHGbOgjCjDEY3CYc6Wo9FysVksZqvRcDeEjVlQRpThiEbhMGfL0Wg5mCwmo91uMBtMpvBhLJfJoBZIWGa_76CgnJ4es8sgKrreFrvDafa8QQxNp8Pnutfrfr-76OjyvO4mh9PsvKudf6Hf7fIrPKfLw_qyuzwOt9Lz1jxsLrfo75a43Dqn7WV3i_5uzcvu9FveGqfpaX3ZPW-Fyehwu5Vl3m65GaxGcwAAAAB4AGDqfYX4AQQAiAAAAACQAAAAAKAIqPi3ELgAAAAAwAAgcGvVAIDiMBCX5ey0-wMA4KEABABAAIMEQCCypQTgYiv0BAAAAAAAAACA5f___z8GIC-_WAZgw-etB-DBB-CBqOCwiBEAAABAVj7Q8tGkTqgsqgAACNKtAK4AAALyGs55GcIAAAAExhboYfH7zQ67xu92GQAAAAAAAACA2f_ZP5qQlAduWpAVxZ7aLyAAwNovIAAAm7oBALwFwAUdQSsGg9UpxG44W-xGk81ydgAAAAB3_____3ogMlrZRg6PZeWwTGy7iW04s-xWM99wZJs5d4PFwntAcSWW4lUNdH0hwjL7fQcF5fT0mF0GUdH1ttgdTrPnID5oGJaTQTC_CVuMVpPJZjmcLReTwXA0HI32J4DLAU7EYLmcTBaT3Wq0Gm2Gu9FssECBGExwQoajzWQ12q12k-VwMhrNNpMNUrRqNRttBsPVbDLb7VbDwXA5GiFFaxazyWQxGy13m8FyMhoMJ8MhwthosnLZfBu3ZjDzrEWzlWmtsPlWbt1mMJotjLvhYGNxi14f0284mOw2wy0KBkjtRXCRTkRHl-d1NzmcZudFLNGcLNKJ7LKvjFa2kcNjWTksE9tuYhvOLLvVzDcc2WbO3WCx8NdGk5XL5tu4NYOZZy2arUxrhc23cus2g9FsYdwNBxuLW_T6mH7DwWS3Ge4bs8VytFktZ4N9Y7ZYjjar5Wyw79AZvqvP2ehMiw8emXa9u96KMvNB4TJYvD-JaTHtzg5-aevo9Pk8yoLOKLx-j16DwnPwmMbLW-1Y3j6b6eMwoYglgtNFOhG9jKeLWCJ5WqQT0ciy8i0mHsdqt3DZDIvBZrma7WYuj8Xk8sxmE4tYojRdpBO90O92-RWe0-VhfdldHodb6XlrHjaXW_R3S1xundP2srtFf7fmZXf6LW-N0_S0vuyet8JkdLjdyrNvt9wMVqOJ-o8NuJxLRsu5bDSXDDarBAAAAAAAAACwhDnzJgAAAACnQcyGk81uuQAQDl26QAI-TLYRHou79mNeBUaCCjXFjR8v0NHled1NDqfZeebNnglirVbLGgAAQAAbAAAggFs3bwFhkRw!&excid=22&docw=0&cijs=1&nlb=true
Frame ID: D808E14E77C968E35B5674DCD84424F0
Requests: 6 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://info.silobreaker.com/e2t/tc/VWt22z7YxmcLW3d_lfb36JTN9VZjc4S4qSWfGN50kgPk2-HwrV1-WJV7CgH74W8yj8Gf5... Page URL
https://info.silobreaker.com/events/public/v1/track/tc/VWt22z7YxmcLW3d_lfb36JTN9VZjc4S4qSWfGN50kgPk2-HwrV... HTTP 307
https://www.thesundaily.my/home/astrazeneca-is-safe-to-be-given-to-senior-citizens-adham-YL7793054?_hsm... Page URL

Detected technologies

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /^cloudflare$/i

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

script /\/\/connect\.facebook\.net\/[^/]*\/[a-z]*\.js/i

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

script /googlesyndication\.com\//i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Prebid (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

script /\/prebid\.js/i

comScore (Analytics) Expand

Overall confidence: 100%
Detected patterns

html /<iframe[^>]* (?:id="comscore"|scr=[^>]+comscore)|\.scorecardresearch\.com\/beacon\.js|COMSCORE\.beacon/i
script /\.scorecardresearch\.com\/beacon\.js|COMSCORE\.beacon/i

Page Statistics

636
Requests

94 %
HTTPS

32 %
IPv6

77
Domains

134
Subdomains

90
IPs

13
Countries

10775 kB
Transfer

20770 kB
Size

3
Cookies

27 Outgoing links

These are links going to different origins than the main page.

URL: https://click.gamingtrk.com/b584dbb8-4534-4042-b34c-befb6484755c?site=thesundaily&site_id=1052253&title=In+diesem+Spiel+darfst+du+machen%2C+was+du+willst&platform=Desktop&campaign_id=6556728&campaign_item_id=2966163851&thumbnail=http%3A%2F%2Fcdn.taboola.com%2Flibtrc%2Fstatic%2Fthumbnails%2Ffd55410888c000a4326410482631fecc.jpg&click_id=GiCUG3t4OXjXUpS7LGCpE0dm_sPseAdJ4lvVkFvWAbq3wSDt7k8o4a2AtNXsgbqMAQ&tblci=GiCUG3t4OXjXUpS7LGCpE0dm_sPseAdJ4lvVkFvWAbq3wSDt7k8o4a2AtNXsgbqMAQ#tblciGiCUG3t4OXjXUpS7LGCpE0dm_sPseAdJ4lvVkFvWAbq3wSDt7k8o4a2AtNXsgbqMAQ
Title: Best Game 2020

Search URL Search Domain Scan URL

URL: https://popup.taboola.com/en/?template=colorbox&utm_source=thesundaily&utm_medium=referral&utm_content=thumbs-feed-01:Below%20Article%20Thumbnails%20|%20Card%201:
Title: Sponsored

Search URL Search Domain Scan URL

URL: https://www.casada-medical.com/?variant=34870619570342&utm_source=taboola&utm_medium=paid_native&utm_campaign=MAYPLE_TB_DE_Nano-Masks_DESKTOP_AWARENESS&utm_source=taboola&utm_medium=paid_native&utm_campaign=MAYPLE_TB_DE_Nano-Masks_DESKTOP_AWARENESS&tblci=GiCUG3t4OXjXUpS7LGCpE0dm_sPseAdJ4lvVkFvWAbq3wSCW904ot9jYr8q-5c5n#tblciGiCUG3t4OXjXUpS7LGCpE0dm_sPseAdJ4lvVkFvWAbq3wSCW904ot9jYr8q-5c5n
Title: Casada Hygiene

Search URL Search Domain Scan URL

URL: https://popup.taboola.com/en/?template=colorbox&utm_source=thesundaily&utm_medium=referral&utm_content=thumbs-feed-01-a:Below%20Article%20Thumbnails%20|%20Card%202:
Title: Sponsored

Search URL Search Domain Scan URL

URL: https://om.forgeofempires.com/foe/de/?ref=tab_de_de&&external_param=2986478256&pid=thesundaily&bid=http%3A%2F%2Fcdn.taboola.com%2Flibtrc%2Fstatic%2Fthumbnails%2F34ae3d8438b9f0684092dd84dd25fdb9.jpeg&tblci=GiCUG3t4OXjXUpS7LGCpE0dm_sPseAdJ4lvVkFvWAbq3wSDJqD8o1OqB1PKzksF-#tblciGiCUG3t4OXjXUpS7LGCpE0dm_sPseAdJ4lvVkFvWAbq3wSDJqD8o1OqB1PKzksF-
Title: Forge Of Empires - Free Online Game

Search URL Search Domain Scan URL

URL: https://safesly.com/579e1305-bcf2-4562-9f87-91dd2b5e975f?site=thesundaily&title=Wer+eine+Immobilie+besitzt%2C+sollte+diesen+genialen+Rechner+kennen&thumbnail=http%3A%2F%2Fcdn.taboola.com%2Flibtrc%2Fstatic%2Fthumbnails%2Fef84fc293d41224c184dbdcfd8c83181.jpg&campaign=DE_McMakler_Clean_Desktop3&utm_content=2982266411&conversionname=6H_Lead&click_id=GiCUG3t4OXjXUpS7LGCpE0dm_sPseAdJ4lvVkFvWAbq3wSCD0VMo7ZXCg6a6uLln&tblci=GiCUG3t4OXjXUpS7LGCpE0dm_sPseAdJ4lvVkFvWAbq3wSCD0VMo7ZXCg6a6uLln#tblciGiCUG3t4OXjXUpS7LGCpE0dm_sPseAdJ4lvVkFvWAbq3wSCD0VMo7ZXCg6a6uLln
Title: McMakler

Search URL Search Domain Scan URL

URL: https://popup.taboola.com/en/?template=colorbox&utm_source=thesundaily&utm_medium=referral&utm_content=thumbs-feed-01:Below%20Article%20Thumbnails%20|%20Card%203:
Title: Sponsored

Search URL Search Domain Scan URL

URL: https://extraclicktrk.com/b725a58d-5bdd-49dd-ba24-0ec4becf2a65?site=thesundaily&site_id=1052253&title=Chance%2C+in+Amazon+zu+investieren%21+Starten+Sie+mit+nur+250%E2%82%AC&platform=Desktop&campaign_id=9038632&campaign_item_id=2977478824&thumbnail=https%3A%2F%2Fnative-images.s3.amazonaws.com%2F765d64aac16f4029194e10272fcde12b.jpeg&click_id=GiCUG3t4OXjXUpS7LGCpE0dm_sPseAdJ4lvVkFvWAbq3wSD3h1MokM32qILM-KRX&tblci=GiCUG3t4OXjXUpS7LGCpE0dm_sPseAdJ4lvVkFvWAbq3wSD3h1MokM32qILM-KRX#tblciGiCUG3t4OXjXUpS7LGCpE0dm_sPseAdJ4lvVkFvWAbq3wSD3h1MokM32qILM-KRX
Title: T1 Markets

Search URL Search Domain Scan URL

URL: https://popup.taboola.com/en/?template=colorbox&utm_source=thesundaily&utm_medium=referral&utm_content=thumbs-feed-01-a:Below%20Article%20Thumbnails%20|%20Card%204:
Title: Sponsored

Search URL Search Domain Scan URL

URL: https://anwalt-kg.de/abgasskandal/jetzt-entschaedigung-fuer-wohnmobile-erhalten/?utm_source=taboola&utm_medium=cpc&utm_campaign=Abgas-Wohnmobil&tblci=GiCUG3t4OXjXUpS7LGCpE0dm_sPseAdJ4lvVkFvWAbq3wSDf7VAotJCy_tnlz56UAQ#tblciGiCUG3t4OXjXUpS7LGCpE0dm_sPseAdJ4lvVkFvWAbq3wSDf7VAotJCy_tnlz56UAQ
Title: Wohnmobil Schnell Check

Search URL Search Domain Scan URL

URL: https://om.forgeofempires.com/foe/de/?ref=tab_de_de_videonew&external_param=2965949202&pid=thesundaily&bid=http%3A%2F%2Fcdn.taboola.com%2Flibtrc%2Fstatic%2Fthumbnails%2Fbee9b08157d32efe0dfdca0d1da6df9d.jpg&tblci=GiCUG3t4OXjXUpS7LGCpE0dm_sPseAdJ4lvVkFvWAbq3wSDJqD8ompPa1veFh_Id#tblciGiCUG3t4OXjXUpS7LGCpE0dm_sPseAdJ4lvVkFvWAbq3wSDJqD8ompPa1veFh_Id
Title: Forge Of EmpiresAdvertisement

Search URL Search Domain Scan URL

URL: https://popup.taboola.com/en/?template=colorbox&utm_source=thesundaily&utm_medium=referral&utm_content=thumbs-feed-01:Below%20Article%20Thumbnails%20|%20Card%205:
Title: Sponsored

Search URL Search Domain Scan URL

URL: http://ipaper.thesundaily.my/epaper/viewer.aspx?publication=The%20Sun%20Daily

Search URL Search Domain Scan URL

URL: https://itunes.apple.com/my/app/the-sun-daily-epaper/id1440139272
Title:

Search URL Search Domain Scan URL

URL: https://play.google.com/store/apps/details?id=my.thesundaily.android
Title:

Search URL Search Domain Scan URL

URL: https://appgallery7.huawei.com/#/app/C101189379
Title:

Search URL Search Domain Scan URL

URL: https://click.gamingtrk.com/b584dbb8-4534-4042-b34c-befb6484755c?site=thesundaily&site_id=1052253&title=In+diesem+Spiel+darfst+du+machen%2C+was+du+willst&platform=Desktop&campaign_id=6556728&campaign_item_id=2966163851&thumbnail=http%3A%2F%2Fcdn.taboola.com%2Flibtrc%2Fstatic%2Fthumbnails%2Ffd55410888c000a4326410482631fecc.jpg&click_id=GiCUG3t4OXjXUpS7LGCpE0dm_sPseAdJ4lvVkFvWAbq3wSDt7k8op-OOy-SPqMU6&tblci=GiCUG3t4OXjXUpS7LGCpE0dm_sPseAdJ4lvVkFvWAbq3wSDt7k8op-OOy-SPqMU6#tblciGiCUG3t4OXjXUpS7LGCpE0dm_sPseAdJ4lvVkFvWAbq3wSDt7k8op-OOy-SPqMU6
Title: Best Game 2020

Search URL Search Domain Scan URL

URL: https://popup.taboola.com/en/?template=colorbox&utm_source=thesundaily&utm_medium=referral&utm_content=thumbs-feed-01-y-delta:Explore%20More%20|%20Card%203:
Title: Sponsored

Search URL Search Domain Scan URL

URL: https://safesly.com/579e1305-bcf2-4562-9f87-91dd2b5e975f?site=thesundaily&title=Wer+eine+Immobilie+besitzt%2C+sollte+diesen+genialen+Rechner+kennen&thumbnail=http%3A%2F%2Fcdn.taboola.com%2Flibtrc%2Fstatic%2Fthumbnails%2Fef84fc293d41224c184dbdcfd8c83181.jpg&campaign=DE_McMakler_Clean_Desktop3&utm_content=2982266411&conversionname=6H_Lead&click_id=GiCUG3t4OXjXUpS7LGCpE0dm_sPseAdJ4lvVkFvWAbq3wSCD0VMolqCfjubwr4qmAQ&tblci=GiCUG3t4OXjXUpS7LGCpE0dm_sPseAdJ4lvVkFvWAbq3wSCD0VMolqCfjubwr4qmAQ#tblciGiCUG3t4OXjXUpS7LGCpE0dm_sPseAdJ4lvVkFvWAbq3wSCD0VMolqCfjubwr4qmAQ
Title: McMakler

Search URL Search Domain Scan URL

URL: https://om.forgeofempires.com/foe/de/?ref=tab_de_de_videonew&external_param=2965949202&pid=thesundaily&bid=http%3A%2F%2Fcdn.taboola.com%2Flibtrc%2Fstatic%2Fthumbnails%2Fbee9b08157d32efe0dfdca0d1da6df9d.jpg&tblci=GiCUG3t4OXjXUpS7LGCpE0dm_sPseAdJ4lvVkFvWAbq3wSDJqD8oyZixytrb59P2AQ#tblciGiCUG3t4OXjXUpS7LGCpE0dm_sPseAdJ4lvVkFvWAbq3wSDJqD8oyZixytrb59P2AQ
Title: Forge Of EmpiresAdvertisement

Search URL Search Domain Scan URL

URL: https://popup.taboola.com/en/?template=colorbox&utm_source=thesundaily&utm_medium=referral&utm_content=thumbs-feed-01-y-em-delta:Explore%20More%20|%20Card%205:
Title: Sponsored

Search URL Search Domain Scan URL

URL: https://taongafarm.com/de/landings/gp/28?ref=W_010221_DE_Click_Image&mng=VK&utm_source=taboola&utm_term=1052253_thesundaily&utm_content=2969249200#tblciGiCUG3t4OXjXUpS7LGCpE0dm_sPseAdJ4lvVkFvWAbq3wSDJpEco9_zsncH7vqHCAQ
Title: Taonga: Die Inselfarm

Search URL Search Domain Scan URL

URL: https://click.gamingtrk.com/b584dbb8-4534-4042-b34c-befb6484755c?site=thesundaily&site_id=1052253&title=In+diesem+Spiel+darfst+du+machen%2C+was+du+willst&platform=Desktop&campaign_id=6556728&campaign_item_id=2966163851&thumbnail=http%3A%2F%2Fcdn.taboola.com%2Flibtrc%2Fstatic%2Fthumbnails%2Ffd55410888c000a4326410482631fecc.jpg&click_id=GiCUG3t4OXjXUpS7LGCpE0dm_sPseAdJ4lvVkFvWAbq3wSDt7k8oqafJ8bL65JUV&tblci=GiCUG3t4OXjXUpS7LGCpE0dm_sPseAdJ4lvVkFvWAbq3wSDt7k8oqafJ8bL65JUV#tblciGiCUG3t4OXjXUpS7LGCpE0dm_sPseAdJ4lvVkFvWAbq3wSDt7k8oqafJ8bL65JUV
Title: Best Game 2020

Search URL Search Domain Scan URL

URL: https://popup.taboola.com/en/?template=colorbox&utm_source=thesundaily&utm_medium=referral&utm_content=next-up-a:Next%20Up:
Title: Sponsored

Search URL Search Domain Scan URL

URL: https://safesly.com/579e1305-bcf2-4562-9f87-91dd2b5e975f?site=thesundaily&title=Wer+eine+Immobilie+besitzt%2C+sollte+diesen+genialen+Rechner+kennen&thumbnail=http%3A%2F%2Fcdn.taboola.com%2Flibtrc%2Fstatic%2Fthumbnails%2Fef84fc293d41224c184dbdcfd8c83181.jpg&campaign=DE_McMakler_Clean_Desktop3&utm_content=2982266411&conversionname=6H_Lead&click_id=GiCUG3t4OXjXUpS7LGCpE0dm_sPseAdJ4lvVkFvWAbq3wSCD0VMonO3iyty7u9Fj&tblci=GiCUG3t4OXjXUpS7LGCpE0dm_sPseAdJ4lvVkFvWAbq3wSCD0VMonO3iyty7u9Fj#tblciGiCUG3t4OXjXUpS7LGCpE0dm_sPseAdJ4lvVkFvWAbq3wSCD0VMonO3iyty7u9Fj
Title: McMakler

Search URL Search Domain Scan URL

URL: https://om.forgeofempires.com/foe/de/?ref=tab_de_de_videonew&external_param=2965949202&pid=thesundaily&bid=http%3A%2F%2Fcdn.taboola.com%2Flibtrc%2Fstatic%2Fthumbnails%2Fbee9b08157d32efe0dfdca0d1da6df9d.jpg&tblci=GiCUG3t4OXjXUpS7LGCpE0dm_sPseAdJ4lvVkFvWAbq3wSDJqD8o3Yfg0r6VrIRg#tblciGiCUG3t4OXjXUpS7LGCpE0dm_sPseAdJ4lvVkFvWAbq3wSDJqD8o3Yfg0r6VrIRg
Title: Forge Of EmpiresAdvertisement

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://info.silobreaker.com/e2t/tc/VWt22z7YxmcLW3d_lfb36JTN9VZjc4S4qSWfGN50kgPk2-HwrV1-WJV7CgH74W8yj8Gf5DDZvcW3TJBTT7kqbNwMR6s8lJGK_xW9h7hwf27nzMqW5wGLkb4hf5GgW3lN5Td7tRBTkW30lvRX1N-LFjW1tW32m7Trp5GW4xr3Wn7WcQ5vW23hz6z6nGFdkW7VpsPv34ByTlW1KrtR88V7szrW39MzFN7Py845W3wb58d2vpQrZW4tlyqy4716kPW7N7-KV2vQ-5fW7qBTzn7dJ1BKW4VM3fG2FFWxyW3sfPLt74fFR8N6_-qlgnJKNxW60WBkK3dW8pZW2_vCdB2RRvxLW5F45Z61c1l3BVnybQW29v8QnW3Bf6923kQS6jN6fzWv1M0WN93c-z1 Page URL
https://info.silobreaker.com/events/public/v1/track/tc/VWt22z7YxmcLW3d_lfb36JTN9VZjc4S4qSWfGN50kgPk2-HwrV1-WJV7CgH74W8yj8Gf5DDZvcW3TJBTT7kqbNwMR6s8lJGK_xW9h7hwf27nzMqW5wGLkb4hf5GgW3lN5Td7tRBTkW30lvRX1N-LFjW1tW32m7Trp5GW4xr3Wn7WcQ5vW23hz6z6nGFdkW7VpsPv34ByTlW1KrtR88V7szrW39MzFN7Py845W3wb58d2vpQrZW4tlyqy4716kPW7N7-KV2vQ-5fW7qBTzn7dJ1BKW4VM3fG2FFWxyW3sfPLt74fFR8N6_-qlgnJKNxW60WBkK3dW8pZW2_vCdB2RRvxLW5F45Z61c1l3BVnybQW29v8QnW3Bf6923kQS6jN6fzWv1M0WN93c-z1?_ud=5afe7eea-95a1-4a7e-93c8-1998170a2723&_ch=p&_pr2=p&_pl=0&_lg=en-US&_dr=b&_ts=p HTTP 307
https://www.thesundaily.my/home/astrazeneca-is-safe-to-be-given-to-senior-citizens-adham-YL7793054?_hsmi=88974744&_hsenc=p2ANqtz-_G5s6CORBttERc_beHteVqqnJIJh5EriMR00fz0Cexxf2lQpsFfBisijUxttE-tNX9yfHTn7fBQWbcOnOkY3_eCosMOOPpTIuaIKsiuCzrvP7v03c Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 58

https://sb.scorecardresearch.com/b?c1=2&c2=18518498&ns__t=1619435960164&ns_c=UTF-8&cv=3.5&c8=AstraZeneca%20is%20safe%2C%20to%20be%20given%20to%20senior%20citizens%20-%20Adham&c7=https%3A%2F%2Fwww.thesundaily.my%2Fhome%2Fastrazeneca-is-safe-to-be-given-to-senior-citizens-adham-YL7793054%3F_hsmi%3D88974744%26_hsenc%3Dp2ANqtz-_G5s6CORBttERc_beHteVqqnJIJh5EriMR00fz0Cexxf2lQpsFfBisijUxttE-tNX9yfHTn7fBQWbcOnOkY3_eCosMOOPpTIuaIKsiuCzrvP7v03c&c9= HTTP 302
https://sb.scorecardresearch.com/b2?c1=2&c2=18518498&ns__t=1619435960164&ns_c=UTF-8&cv=3.5&c8=AstraZeneca%20is%20safe%2C%20to%20be%20given%20to%20senior%20citizens%20-%20Adham&c7=https%3A%2F%2Fwww.thesundaily.my%2Fhome%2Fastrazeneca-is-safe-to-be-given-to-senior-citizens-adham-YL7793054%3F_hsmi%3D88974744%26_hsenc%3Dp2ANqtz-_G5s6CORBttERc_beHteVqqnJIJh5EriMR00fz0Cexxf2lQpsFfBisijUxttE-tNX9yfHTn7fBQWbcOnOkY3_eCosMOOPpTIuaIKsiuCzrvP7v03c&c9=

Request Chain 59

https://sb.scorecardresearch.com/b?c1=7&c2=34354936&c3=1&ns__t=1619435960164&ns_c=UTF-8&cv=3.5&c8=AstraZeneca%20is%20safe%2C%20to%20be%20given%20to%20senior%20citizens%20-%20Adham&c7=https%3A%2F%2Fwww.thesundaily.my%2Fhome%2Fastrazeneca-is-safe-to-be-given-to-senior-citizens-adham-YL7793054%3F_hsmi%3D88974744%26_hsenc%3Dp2ANqtz-_G5s6CORBttERc_beHteVqqnJIJh5EriMR00fz0Cexxf2lQpsFfBisijUxttE-tNX9yfHTn7fBQWbcOnOkY3_eCosMOOPpTIuaIKsiuCzrvP7v03c&c9= HTTP 302
https://sb.scorecardresearch.com/b2?c1=7&c2=34354936&c3=1&ns__t=1619435960164&ns_c=UTF-8&cv=3.5&c8=AstraZeneca%20is%20safe%2C%20to%20be%20given%20to%20senior%20citizens%20-%20Adham&c7=https%3A%2F%2Fwww.thesundaily.my%2Fhome%2Fastrazeneca-is-safe-to-be-given-to-senior-citizens-adham-YL7793054%3F_hsmi%3D88974744%26_hsenc%3Dp2ANqtz-_G5s6CORBttERc_beHteVqqnJIJh5EriMR00fz0Cexxf2lQpsFfBisijUxttE-tNX9yfHTn7fBQWbcOnOkY3_eCosMOOPpTIuaIKsiuCzrvP7v03c&c9=

Request Chain 68

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.thesundaily.my%2F&domain=www.thesundaily.my&cw=1 HTTP 302
https://mug.criteo.com/sid?cpp=cNB4nnw0WCtpbHMxck9MNEdrMTVRMis1cFVhUGtFaDFscHBvVUQya2hwNnZpZzBNTUIwRjV6T2lZaUIrT0ozdHovZ1hNU3o3UW5weVNoUm15WDM1MVJhcmFoSnBpUFl2Y0FiR1JsTFVEcEZyQmJ0c1MzR3BySnRTbDZXczAvbHluVVBtTzlIcFBFOUtQd3FGVVRIbXlra0JOcTdiT3Jyc0lCV3ZpalY5UFFlbDFZc3JJQTNWUlR1UXVaazU5ZW9KNnlpTjBKd0VENStvdmYxeFU0ZkRsYUExSTMvWTVrRUhDRTU4Ym9tNW5YcjQvclpFPXw&cppv=2

Request Chain 86

https://adnetwork.adasiaholdings.com/2060/call HTTP 307
https://adnetwork.adasiaholdings.com/2060/call?cklb=1

Request Chain 147

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELfZgMuRglUhqF1OGqc7CVw&google_cver=1

Request Chain 148

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YIahuQsOyujtAJx47NRlhQAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELfZgMuRglUhqF1OGqc7CVw&google_cver=1

Request Chain 154

https://r2---sn-4g5e6nsk.googlevideo.com/videoplayback?expire=1619464760&ei=uKGGYPqvKt-B6dsP1rWDuAI&ip=89.249.64.203&id=16de1625ddc475dc&itag=18&source=youtube&requiressl=yes&mh=bp&mm=31&mn=sn-4g5e6nsk&ms=au&mv=m&mvi=2&pl=25&susc=gvp&acao=yes&ctier=L&mime=video/mp4&vprv=1&dur=22.616&lmt=1611934249563212&mt=1619435805&txp=6210222&sparams=expire,ei,ip,id,itag,source,requiressl,susc,acao,ctier,mime,vprv,dur,lmt&sig=AOq0QJ8wRQIhAOaVpjNZixE5cx6BU_oumwsUgCiP68XmRc8SWQZWI9tzAiA7t4nm3d5Jj3DaqZFKZFBjvgtzM3l-bkoTK8T9_-6TWw==&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRAIgevbBXSr8o5Fa-XEDtIfCspf-589HsultIycRUH3880kCIDh-bujKapMZkB9qQnF1BVoyYPQv72gMDz-D0rOVyInG HTTP 302
https://r2---sn-4g5edne6.googlevideo.com/videoplayback?expire=1619464760&ei=uKGGYPqvKt-B6dsP1rWDuAI&ip=89.249.64.203&id=16de1625ddc475dc&itag=18&source=youtube&requiressl=yes&susc=gvp&acao=yes&ctier=L&mime=video/mp4&vprv=1&dur=22.616&lmt=1611934249563212&txp=6210222&sparams=expire,ei,ip,id,itag,source,requiressl,susc,acao,ctier,mime,vprv,dur,lmt&sig=AOq0QJ8wRQIhAOaVpjNZixE5cx6BU_oumwsUgCiP68XmRc8SWQZWI9tzAiA7t4nm3d5Jj3DaqZFKZFBjvgtzM3l-bkoTK8T9_-6TWw==&redirect_counter=1&rm=sn-4g5ezd7l&req_id=f2ee6a02b4e836e2&cms_redirect=yes&ipbypass=yes&mh=bp&mip=2a01:4f8:121:131a::2&mm=31&mn=sn-4g5edne6&ms=au&mt=1619435805&mv=m&mvi=2&pl=42&lsparams=ipbypass,mh,mip,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRAIgcrd3kgJY1QIf_sUuHeKKmaBlZjCQ3eJcLGTDwtHq0i0CICwrgWRX1ygR7aINZhDHo2hhuIEwp8FFyZx37v-6u7gK

Request Chain 172

https://hal900013.redintelligence.net/request.php?zone=hjtkt1t9m63l&nw=20&renderingType=javascript&namespace=e6697659d1&subid=&uid=d20e93b66f12f092&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x18&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCeiZEuKGGYKyQEZSY7_UPysuGyAuP4PiGU_Woi6TKDPAuEAEg9Ov2K2CV-vCBjAfIAQmpAuia16jxS7Q-qAMBqgTsAU_QVRmRyhsmS9I132uzAlHccjrM3q_8nJKBkhFSVc-Mhk4Rl4F4nHtfUsRWyV3mrablYuAHgyKB8zBFpTCGYp7falA3-Ky6dTh10FkaUksNGZ61RX-Oy_s0dZtGBKA8Smbbw0G2dyjrCDEC1XOMWq3PL9AZELUlqLhhim2ren9hm0fOx1sLQ4va38bm76ywrqiYORUSoYfmNPmCdW4UsXkjfi1w1r0UIzfNwXFBDGQymROChupEysULTHFutxsIbtcLf8Ov_TxtRih9JYWQIOYIq06ye-LrsgEKPY_-xmhQJrE6b2Fm5cHBvGQ3wAS78ajAzwHgBAOQBgGgBk2AB-vn6F6oB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7NUbqAfulrECqAemvhuoB-zVG6gH89EbqAeW2BvYBwDSCAkIgOGAUBABGB3yCBthZHgtc3Vic3luLTY4NTYzNDk5MjY1MDYxOTWACgOYCwHICwGADAGwE8Ka2grQEwDYEwPYFAE%26ae%3D1%26num%3D1%26cid%3DCAASPeRoY1OtUsWcxFyvYdKn-JN2vTKS0UOxx9kJDW36Ty_wzUfB5os68RJABmPK_zabef4jns5BClC6KmXHCEY%26sig%3DAOD64_1BTZuc-Xa-Amn2EZJMhHw9_SZAHw%26client%3Dca-pub-1738284215641521%26dbm_c%3DAKAmf-BmcqaMappX0zMGQt4F0vzl8MRkDzTAXd6bGTRJao97RaF-qdEoIa2uBfDuwqf3XJMIfJ0ROPtSJTfu2R2SzoJMuzc2urAI9N1F11h1MoRMxx1OLRnhQ1trUa9SU_OeqWXpwwVY3MHL7AWpA-CCoUwgP2EUgQ%26cry%3D1%26dbm_d%3DAKAmf-DKAU4H1mklmwwyyKQNI5Kxrnw6dXmAzNQyA4YWsAGvOBbcWD1TiVlK8qaUzr_JHzSty1D2claXAkf75Sr5G53f_4LSoEFjBq5b5Y5LIKASQp9ome4MaLAYwVtEC-fhgM99gWgKdyfzmIwhNbMw8JuKp9Oeu7aNPkUtYNGj-StpWXXVCboK2D1dxcYoCJI-P8HmFrL-O-1Msfts5y4yJpf9_fk67dFteTI4HAvVOkGkERTU9gWvTjxzd8VR4pWTe2TVY-SlIua1b7sEKujQK-8kg68r5wE3OLGZx8fSZ_x4NWAGzgZ_ZCD_e83gJKgFeL_vGFpO9NRarBkXoMKxkJd_7ih8kNqaZ3Hxr7DODVbUhHuIr_517W-4npJ0nQXg58t3ArPuU1Zzaer3yiwIzzU3GAwFjrE5DOGESiBHmPEEtrdFZeRzh1HAiLJoiHJEnHKSkfTLB4CEZ0P5gTkuWgNR_CKRidlzDy-m93Ehkp1Y1hPSCXj7g40izFqa2DOeJWV8WSJRn-CYCQooZ2i7oWuiAdUg4L91FQBbqG6zwReEAs0uLCryS923Nsze6m4QoM-UZyRHwdXK3AZHbxnV-IwDgiSqLITQcdwE4KqT1uYdQcMhAZzSW-EInvyYvLyCs2oawpDNNp62z52hsoh9M1zStZCiOC3Pa6KvyLz7hEh0yfat8Zo8KSQfYSptVOoPXKKUVXSQ-060mpN8ebmapvwvzMqwSiSzzY9mokFlS6cDYuxVYRg%26adurl%3D&documentReferer=https%3A%2F%2Fwww.thesundaily.my%2F&ancestorOrigins=https%3A%2F%2Fwww.thesundaily.my&random=9689339753700&isIframe=1&container=&adPos=0x14&adPosCheck=1x15&adtagId=0 HTTP 302
https://hal900013.redintelligence.net/request.php?zone=hjtkt1t9m63l&nw=20&renderingType=javascript&namespace=e6697659d1&subid=&uid=d20e93b66f12f092&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x18&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCeiZEuKGGYKyQEZSY7_UPysuGyAuP4PiGU_Woi6TKDPAuEAEg9Ov2K2CV-vCBjAfIAQmpAuia16jxS7Q-qAMBqgTsAU_QVRmRyhsmS9I132uzAlHccjrM3q_8nJKBkhFSVc-Mhk4Rl4F4nHtfUsRWyV3mrablYuAHgyKB8zBFpTCGYp7falA3-Ky6dTh10FkaUksNGZ61RX-Oy_s0dZtGBKA8Smbbw0G2dyjrCDEC1XOMWq3PL9AZELUlqLhhim2ren9hm0fOx1sLQ4va38bm76ywrqiYORUSoYfmNPmCdW4UsXkjfi1w1r0UIzfNwXFBDGQymROChupEysULTHFutxsIbtcLf8Ov_TxtRih9JYWQIOYIq06ye-LrsgEKPY_-xmhQJrE6b2Fm5cHBvGQ3wAS78ajAzwHgBAOQBgGgBk2AB-vn6F6oB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7NUbqAfulrECqAemvhuoB-zVG6gH89EbqAeW2BvYBwDSCAkIgOGAUBABGB3yCBthZHgtc3Vic3luLTY4NTYzNDk5MjY1MDYxOTWACgOYCwHICwGADAGwE8Ka2grQEwDYEwPYFAE%26ae%3D1%26num%3D1%26cid%3DCAASPeRoY1OtUsWcxFyvYdKn-JN2vTKS0UOxx9kJDW36Ty_wzUfB5os68RJABmPK_zabef4jns5BClC6KmXHCEY%26sig%3DAOD64_1BTZuc-Xa-Amn2EZJMhHw9_SZAHw%26client%3Dca-pub-1738284215641521%26dbm_c%3DAKAmf-BmcqaMappX0zMGQt4F0vzl8MRkDzTAXd6bGTRJao97RaF-qdEoIa2uBfDuwqf3XJMIfJ0ROPtSJTfu2R2SzoJMuzc2urAI9N1F11h1MoRMxx1OLRnhQ1trUa9SU_OeqWXpwwVY3MHL7AWpA-CCoUwgP2EUgQ%26cry%3D1%26dbm_d%3DAKAmf-DKAU4H1mklmwwyyKQNI5Kxrnw6dXmAzNQyA4YWsAGvOBbcWD1TiVlK8qaUzr_JHzSty1D2claXAkf75Sr5G53f_4LSoEFjBq5b5Y5LIKASQp9ome4MaLAYwVtEC-fhgM99gWgKdyfzmIwhNbMw8JuKp9Oeu7aNPkUtYNGj-StpWXXVCboK2D1dxcYoCJI-P8HmFrL-O-1Msfts5y4yJpf9_fk67dFteTI4HAvVOkGkERTU9gWvTjxzd8VR4pWTe2TVY-SlIua1b7sEKujQK-8kg68r5wE3OLGZx8fSZ_x4NWAGzgZ_ZCD_e83gJKgFeL_vGFpO9NRarBkXoMKxkJd_7ih8kNqaZ3Hxr7DODVbUhHuIr_517W-4npJ0nQXg58t3ArPuU1Zzaer3yiwIzzU3GAwFjrE5DOGESiBHmPEEtrdFZeRzh1HAiLJoiHJEnHKSkfTLB4CEZ0P5gTkuWgNR_CKRidlzDy-m93Ehkp1Y1hPSCXj7g40izFqa2DOeJWV8WSJRn-CYCQooZ2i7oWuiAdUg4L91FQBbqG6zwReEAs0uLCryS923Nsze6m4QoM-UZyRHwdXK3AZHbxnV-IwDgiSqLITQcdwE4KqT1uYdQcMhAZzSW-EInvyYvLyCs2oawpDNNp62z52hsoh9M1zStZCiOC3Pa6KvyLz7hEh0yfat8Zo8KSQfYSptVOoPXKKUVXSQ-060mpN8ebmapvwvzMqwSiSzzY9mokFlS6cDYuxVYRg%26adurl%3D&documentReferer=https%3A%2F%2Fwww.thesundaily.my%2F&ancestorOrigins=https%3A%2F%2Fwww.thesundaily.my&random=9689339753700&isIframe=1&container=&adPos=0x14&adPosCheck=1x15&adtagId=0&uidRedirect=1

Request Chain 267

https://aw.dw.impact-ad.jp/c/u/callback_dac/?oid=d3a712103738215a HTTP 303
https://aw.dw.impact-ad.jp/c/ur/callback_dac/?oid=d3a712103738215a

Request Chain 333

https://sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1--- HTTP 302
https://sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---&__user_check__=1&sync_id=404c342a-a681-11eb-8021-19fa6cc80106 HTTP 302
https://sync-t1.taboola.com/sg/spotx-rtb-network/1/rtb-h?taboola_hm=405243d3-a681-11eb-accb-1131174c0206&orig=video&us_privacy=1---

Request Chain 342

https://sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1--- HTTP 302
https://sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---&__user_check__=1&sync_id=40524408-a681-11eb-accb-1131174c0206 HTTP 302
https://sync-t1.taboola.com/sg/spotx-rtb-network/1/rtb-h?taboola_hm=405243d3-a681-11eb-accb-1131174c0206&orig=video&us_privacy=1---

Request Chain 350

https://rtb.openx.net/sync/dds?google_gid=CAESEEu7vkVv1iNdcc15fskK-hE&google_cver=1&google_push=AQvitUIXcyUEpBtGFbqLM2eF2iOoEwgbvkgDST0r5CepDgxNNk5FsHppeYi0Z1cDBTXo_OqrMqz4pUibNktkoy5L62G74hmg7sGyQQ HTTP 302
https://rtb.openx.net/sync/dds?google_gid=CAESEEu7vkVv1iNdcc15fskK-hE&google_cver=1&google_push=AQvitUIXcyUEpBtGFbqLM2eF2iOoEwgbvkgDST0r5CepDgxNNk5FsHppeYi0Z1cDBTXo_OqrMqz4pUibNktkoy5L62G74hmg7sGyQQ&ox_sc=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AQvitUIXcyUEpBtGFbqLM2eF2iOoEwgbvkgDST0r5CepDgxNNk5FsHppeYi0Z1cDBTXo_OqrMqz4pUibNktkoy5L62G74hmg7sGyQQ&google_hm=jJhXFr89zLkthyqG8Gc0mQ==

Request Chain 351

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEEi9u27Pi_RRDxtzDX4UqXQ&google_cver=1&google_push=AQvitUKIR3mjeJn-EC6TQed_-_XoB4g-zPkfcYqtu9B6viM7BENlxqff7urv5l1OhcMkwHuTFSaa4AI4u-UTJeku6T6-uHdI6Jpy7Q HTTP 302
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEEi9u27Pi_RRDxtzDX4UqXQ&google_cver=1&google_push=AQvitUKIR3mjeJn-EC6TQed_-_XoB4g-zPkfcYqtu9B6viM7BENlxqff7urv5l1OhcMkwHuTFSaa4AI4u-UTJeku6T6-uHdI6Jpy7Q&rdf=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=jOD3olP0SgOIghYk3xryHg%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AQvitUKIR3mjeJn-EC6TQed_-_XoB4g-zPkfcYqtu9B6viM7BENlxqff7urv5l1OhcMkwHuTFSaa4AI4u-UTJeku6T6-uHdI6Jpy7Q

Request Chain 352

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEOl8LJVbPWFvVYBVPUdVPbo&google_cver=1&google_push=AQvitUJ4YKfDBWX85TOIT0h1B_UZwYDXknZQEo8rFhK_uue18Bj6duGj-ddkX1e1ec7inbZvklh7YMry_qrgRxoYh9EtzQlXAzhTIA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S05ZSUNYWkEtMjYtMUFVRQ==&google_push=AQvitUJ4YKfDBWX85TOIT0h1B_UZwYDXknZQEo8rFhK_uue18Bj6duGj-ddkX1e1ec7inbZvklh7YMry_qrgRxoYh9EtzQlXAzhTIA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S05ZSUNYWkEtMjYtMUFVRQ==&google_push=AQvitUJ4YKfDBWX85TOIT0h1B_UZwYDXknZQEo8rFhK_uue18Bj6duGj-ddkX1e1ec7inbZvklh7YMry_qrgRxoYh9EtzQlXAzhTIA&google_tc=

Request Chain 353

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEP1dt27PLY7fuJ_GbYJMWbc&google_cver=1&google_push=AQvitULWwJ8BZKiXrp6s3GH8DaQQWZvc0a6DoCh0cOh2bKxTd2BAF5jvnbp_aGNeGc8fLGtiDNqzoEtmkf1dk5ejfv4W9Oe7eA1Kiw HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEP1dt27PLY7fuJ_GbYJMWbc&google_cver=1&google_push=AQvitULWwJ8BZKiXrp6s3GH8DaQQWZvc0a6DoCh0cOh2bKxTd2BAF5jvnbp_aGNeGc8fLGtiDNqzoEtmkf1dk5ejfv4W9Oe7eA1Kiw&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YIahukBEpeGBJB7M0r2UnAAABIsAAAIB&google_push=AQvitULWwJ8BZKiXrp6s3GH8DaQQWZvc0a6DoCh0cOh2bKxTd2BAF5jvnbp_aGNeGc8fLGtiDNqzoEtmkf1dk5ejfv4W9Oe7eA1Kiw&google_gid=CAESEP1dt27PLY7fuJ_GbYJMWbc&google_cver=1

Request Chain 355

https://googlecm.hit.gemius.pl/googleredir?rid=tknhntsqez&id=ndBK6L_fzwx7rssCbe8.iLes3yi8eMbF6r2JE6Xu.b7.N7&google_gid=CAESEKnf-vR81uJIsJAtl6Joreo&google_cver=1&google_push=AQvitUJXQduM2H4d05YxY30MfDgAPz_jzXvgFccGGMMFHXIvvHRqv2IokawfMCx3eDpCx0ezqU7FyCVXcGTDxHeL10yt43TqGj__GR0 HTTP 301
https://cm.g.doubleclick.net/pixel?google_nid=gemius_adh&google_push=AQvitUJXQduM2H4d05YxY30MfDgAPz_jzXvgFccGGMMFHXIvvHRqv2IokawfMCx3eDpCx0ezqU7FyCVXcGTDxHeL10yt43TqGj__GR0&google_hm=

Request Chain 367

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si

Request Chain 369

https://avd.innity.com/uidsync/init/?idsr=https%3A%2F%2Favd.innity.com%2Fsync%2F%3Fpartner%3Daone%26token%3D%26type%3Dcookie&c=ID HTTP 302
https://avd.innity.com/bounce/?%2Fuidsync%2Finit%2F%3Fidsr%3Dhttps%253A%252F%252Favd.innity.com%252Fsync%252F%253Fpartner%253Daone%2526token%253D%2526type%253Dcookie%26c%3DID

Request Chain 370

https://avd.innity.com/uidsync/init/?idsr=https%3A%2F%2Floadus.exelator.com%2Fload%2F%3Fp%3D1381%26g%3D204%26j%3D0&c=HK&itmcb=1619435962684 HTTP 302
https://avd.innity.com/bounce/?%2Fuidsync%2Finit%2F%3Fidsr%3Dhttps%253A%252F%252Floadus.exelator.com%252Fload%252F%253Fp%253D1381%2526g%253D204%2526j%253D0%26c%3DHK%26itmcb%3D1619435962684

Request Chain 371

https://avd.innity.com/uidsync/getuid/?idsr=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fssp%3Dinnity%26user_id%3D%24UID&itmcb=1619435962684 HTTP 302
https://avd.innity.com/bounce/?%2Fuidsync%2Fgetuid%2F%3Fidsr%3Dhttps%253A%252F%252Fx.bidswitch.net%252Fsync%253Fssp%253Dinnity%2526user_id%253D%2524UID%26itmcb%3D1619435962684 HTTP 302
https://x.bidswitch.net/sync?ssp=innity&user_id=730309ba557998ce9ce9b3a57f65aca6 HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=bidswitch&ttd_tpi=1&ttd_puid=innity&gdpr=&gdpr_consent= HTTP 302
https://x.bidswitch.net/sync?dsp_id=93&user_id=18af8a2d-70bd-419a-9398-d8e481f0d7cd&expires=30&ssp=innity&gdpr=${GDPR}&gdpr_consent=${GDPR_CONSENT_21} HTTP 302
https://avd.innity.com/uidsync/mapuid/?pid=689&puuid=2c42101e-bbfe-48bd-ba4a-2c71f7d05af6

Request Chain 374

https://pixel.everesttech.net/1/m?url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Deverest%26google_hm%3D__EFGSURFER_USB64__%26google_push%3DAQvitUKhRvrNE-rvyCqC9tpjzy3pAmwj2uxCjFsiuJkQyF9FEf4XtEpnaCNBcM4albxNSECJ0ssIonK8WSNBzlB6KS5sGnCHv1SI&google_gid=CAESEHL351OlZznawIhH53dy4No&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WUlhaHV3QUFBQnRTUlVuUQ&google_push=AQvitUKhRvrNE-rvyCqC9tpjzy3pAmwj2uxCjFsiuJkQyF9FEf4XtEpnaCNBcM4albxNSECJ0ssIonK8WSNBzlB6KS5sGnCHv1SI

Request Chain 375

https://id.rlcdn.com/466606.gif?cparams=google_push%3DAQvitUKel0Lmz5jrx3bP7144moJdV-v6HlgUpbCLisfMyj-xKK-vbzXqfBUEK-di_FjRApFILPa9qBmfqM7RSmcZnnvaMQWjcmHE&google_gid=CAESEH6Bie7-raFUQq_ym7b8LGc&google_cver=1 HTTP 307
https://id.rlcdn.com/1000.gif?memo=CK69HBoNCLrDmoQGEgUI6AcQAEIASnBnb29nbGVfcHVzaD1BUXZpdFVLZWwwTG16NWpyeDNiUDcxNDRtb0pkVi12NkhsZ1VwYkNMaXNmTXlqLXhLSy12YnpYcWZCVUVLLWRpX0ZqUkFwRklMUGE5cUJtZnFNN1JTbWNabm52YU1RV2pjbUhF HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=liveramp&google_hm=WGMzMDcwNG04VmV4ZEl5MGdRQWozMHp3UFpwWGdxNkhWaEF3eDY0YmV6cW9DSmhMVQ==&google_push

Request Chain 376

https://rtb.openx.net/sync/dds?google_gid=CAESEEu7vkVv1iNdcc15fskK-hE&google_cver=1&google_push=AQvitUI4tEwQw5yCSGRtezWFEv0s1VNCyJ95WA7NRoidSpWR97abNy7IoGRdgmxJGcfv0ElL9xS4FWSzBqTY4G9fQ-SgGN4d_8K5 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AQvitUI4tEwQw5yCSGRtezWFEv0s1VNCyJ95WA7NRoidSpWR97abNy7IoGRdgmxJGcfv0ElL9xS4FWSzBqTY4G9fQ-SgGN4d_8K5&google_hm=jJhXFr89zLkthyqG8Gc0mQ==

Request Chain 377

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEEi9u27Pi_RRDxtzDX4UqXQ&google_cver=1&google_push=AQvitUIkUlWXeyi5wImQtwbcoY66D-PCZdjYVA48uy4AMnGMDrElqmBOYAomvwg8Uj1Ji5ru-P5oG9rZSSHr_0AeWfw4UvXvLTTA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=RGyh4xHYQlalcGkhabNmRQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AQvitUIkUlWXeyi5wImQtwbcoY66D-PCZdjYVA48uy4AMnGMDrElqmBOYAomvwg8Uj1Ji5ru-P5oG9rZSSHr_0AeWfw4UvXvLTTA

Request Chain 378

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEOl8LJVbPWFvVYBVPUdVPbo&google_cver=1&google_push=AQvitULuJzGYkN3v30-EMij6ckGQAxoMXUoLC5Pc_EUx-GxfgJzcTG-wV_u7gKoKwnx2eEddXPs5cjX_-JD67unK6PGYCb4E7lUc HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S05ZSUNZMUstNS0yRjUz&google_push=AQvitULuJzGYkN3v30-EMij6ckGQAxoMXUoLC5Pc_EUx-GxfgJzcTG-wV_u7gKoKwnx2eEddXPs5cjX_-JD67unK6PGYCb4E7lUc

Request Chain 379

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEP1dt27PLY7fuJ_GbYJMWbc&google_cver=1&google_push=AQvitUKJ6z3r8Wj8XKTd4gnRWDH-AzxPormOeE3hWqPFsWdF3F61_JhOGHkOYfjcS3A7pv38KjoD3g6HNho1BOLVMTdGzLokAggP HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YIahukBEpeGBJB7M0r2UnAAABIsAAAIB&google_cver=1&google_gid=CAESEP1dt27PLY7fuJ_GbYJMWbc&google_push=AQvitUKJ6z3r8Wj8XKTd4gnRWDH-AzxPormOeE3hWqPFsWdF3F61_JhOGHkOYfjcS3A7pv38KjoD3g6HNho1BOLVMTdGzLokAggP

Request Chain 382

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si

Request Chain 406

https://sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1--- HTTP 302
https://sync-t1.taboola.com/sg/spotx-rtb-network/1/rtb-h?taboola_hm=405243d3-a681-11eb-accb-1131174c0206&orig=video&us_privacy=1---

Request Chain 433

https://ib.adnxs.com/getuid?https%3A%2F%2Favd.innity.com%2Fsync%2F%3Fpartner%3Dappnexus%26token%3D%24UID%26type%3Dcookie%26itmcb%3D1619435963058 HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Favd.innity.com%252Fsync%252F%253Fpartner%253Dappnexus%2526token%253D%2524UID%2526type%253Dcookie%2526itmcb%253D1619435963058 HTTP 302
https://avd.innity.com/sync/?partner=appnexus&token=3124726849276262110&type=cookie&itmcb=1619435963058

Request Chain 479

https://ads.stickyadstv.com/auto-user-sync?gdpr=1&gdpr_consent=null HTTP 302
https://1f2e7.v.fwmrm.net/ad/u?_dv=2&dsp_user_mapping=true&127719=89c7a92ae37a047e7c2543e316bcf&rdU=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D1169%26userId%3d%23%7buser.id%7d&gdpr=1&gdpr_consent=null HTTP 302
https://ads.stickyadstv.com/user-registering?dataProviderId=1169&userId=g056_6955424503347001598 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_cm=&google_sc&google_hm=ODljN2E5MmFlMzdhMDQ3ZTdjMjU0M2UzMTZiY2Y=&gdpr=0&gdpr_consent= HTTP 302
https://ads.stickyadstv.com/user-registering?dataProviderId=141&userId=CAESELu00vq5qwWhl3e6ph52jqE&google_cver=1&gdpr=0&gdpr_consent= HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=stickyads&ttd_tpi=1&gdpr=0&gdpr_consent=&gdpr=0&gdpr_consent= HTTP 302
https://ads.stickyadstv.com/user-registering?dataProviderId=208&userId=18af8a2d-70bd-419a-9398-d8e481f0d7cd HTTP 302
https://pr-bh.ybp.yahoo.com/sync/stickyads/89c7a92ae37a047e7c2543e316bcf&gdpr=0&gdpr_consent= HTTP 302
https://ads.stickyadstv.com/user-registering?dataProviderId=199&userId=y-tnlrThRE2oO3ltv5IWR5mibAKPQ4g.f2J88vz_p.~A HTTP 302
https://ib.adnxs.com/getuid?https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D209&gdpr=0&gdpr_consent=%26userId%3D$UID HTTP 302
https://ads.stickyadstv.com/user-registering?dataProviderId=209&gdpr=0&gdpr_consent=&userId=3124726849276262110 HTTP 302
https://sync.mathtag.com/sync/img?mt_exid=44&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D183%26userId%3D%5BMM_UUID%5D&gdpr=0&gdpr_consent= HTTP 302
https://ads.stickyadstv.com/user-registering?dataProviderId=183&userId=b3fe6086-a1bd-4500-b9d2-c8dcb027345b&gdpr=0&gdpr_consent= HTTP 302
https://sync-tm.everesttech.net/upi/pid/wGbQAlJJ?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D187%26userId%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent= HTTP 302
https://sync-tm.everesttech.net/ct/upi/pid/wGbQAlJJ?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D187%26userId%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent=&_test=YIahvgAAdZdozwAC HTTP 302
https://ads.stickyadstv.com/user-registering?dataProviderId=187&userId=YIahvgAAdZdozwAC&gdpr=0&gdpr_consent=&_test=YIahvgAAdZdozwAC HTTP 302
https://c1.adform.net/serving/cookie/match/?party=18&gdpr=0&gdpr_consent= HTTP 302
https://ads.stickyadstv.com/user-registering?dataProviderId=189&userId=3078880720611692555 HTTP 302
https://pm.w55c.net/ping_match.gif?st=FREEWHEEL&rurl=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D593&userId=_wfivefivec_ HTTP 302
https://pm.w55c.net/ping_match.gif?scc=1&st=FREEWHEEL&rurl=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D593&userId=_wfivefivec_ HTTP 302
https://ads.stickyadstv.com/user-registering?dataProviderId=593&userId=gyFyDF9F1LAZgW5

Request Chain 480

https://rtb.mfadsrvr.com/sync?ssp=taboola HTTP 302
https://rtb.mfadsrvr.com/ul_cb/sync?ssp=taboola HTTP 302
https://sync.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=902d8956-0dfd-4bde-9a44-ed5d464a74aa HTTP 302
https://match.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=902d8956-0dfd-4bde-9a44-ed5d464a74aa&tbid=b52d0d6d-23ae-409f-97e9-10b67c82e353-tuct780273a&query=taboola_hm%3D902d8956-0dfd-4bde-9a44-ed5d464a74aa&isDirect=0

Request Chain 483

https://bh.contextweb.com/bh/rtset?pid=562107&ev=1&rurl=https%3A%2F%2Fsync.taboola.com/sg/pulsepointrtb-network/1/rtb-h/?taboola_hm=%%VGUID%%&orig=trc HTTP 302
https://sync.taboola.com/sg/pulsepointrtb-network/1/rtb-h/?taboola_hm=9fvhJO49lnlq&ev=1&orig=trc&pid=562107

Request Chain 484

https://ib.adnxs.com/getuidnb?https://sync.taboola.com/sg/appnexus-network/1/rtb-h/?taboola_hm=$UID&orig=trc HTTP 302
https://sync.taboola.com/sg/appnexus-network/1/rtb-h/?taboola_hm=3124726849276262110&orig=trc

Request Chain 485

https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_cm&google_sc HTTP 302
https://trc.taboola.com/sg/google-network/1/rtb-h/?taboola_hm=CAESELUUJXl3r4RPBRLA-hbDma0&google_cver=1

Request Chain 487

https://sync.taboola.com/sg/google-network/1/rtb?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dtaboola_dbm%26google_sc%26gdpr%3D0%26gdpr_consent%3D&orig=trc HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_sc&gdpr=0&gdpr_consent=&google_hm=b52d0d6d-23ae-409f-97e9-10b67c82e353-tuct780273a

Request Chain 488

https://match.adsrvr.org/track/cmf/generic?ttd_pid=054f32o&ttd_tpi=1 HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=054f32o&ttd_tpi=1 HTTP 302
https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=18af8a2d-70bd-419a-9398-d8e481f0d7cd

Request Chain 489

https://ce.lijit.com/merge?pid=42&3pid=642eef7c-30f3-46e4-af7e-73046a8780cb-tuct7802738&us_privacy=&gdpr=0&gdpr_consent= HTTP 302
https://ce.lijit.com/merge?pid=42&3pid=642eef7c-30f3-46e4-af7e-73046a8780cb-tuct7802738&us_privacy=&gdpr=0&gdpr_consent=&dnr=1

Request Chain 493

https://dis.criteo.com/dis/usersync.aspx?r=29&p=282&cp=taboolaortb&cu=1&url=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fcriteortb-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D%40%40CRITEO_USERID%40%40 HTTP 302
https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=c1a416c1-af50-42e2-8c66-28de4abb8457

Request Chain 494

https://id5-sync.com/s/464/9.gif?puid=642eef7c-30f3-46e4-af7e-73046a8780cb-tuct7802738&gdpr=0&gdpr_consent=&callback=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fid5-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D%7BID5UID%7D HTTP 302
https://id5-sync.com/c/464/464/7/1.gif?puid=642eef7c-30f3-46e4-af7e-73046a8780cb-tuct7802738&gdpr=1&gdpr_consent= HTTP 302
https://ice.360yield.com/match?publisher_dsp_id=79&dsp_callback=1&external_user_id=ID5-ZHMOl9xlmBjOhKVgy0RpGwly2pcuhg-z8GQzjME0gg&r=https%3A%2F%2Fid5-sync.com%2Fcq%2F464%2F124%2F6%2F2.gif%3Fpuid%3D%7BPUB_USER_ID%7D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_consent= HTTP 302
https://ice.360yield.com/ul_cb/match?publisher_dsp_id=79&dsp_callback=1&external_user_id=ID5-ZHMOl9xlmBjOhKVgy0RpGwly2pcuhg-z8GQzjME0gg&r=https%3A%2F%2Fid5-sync.com%2Fcq%2F464%2F124%2F6%2F2.gif%3Fpuid%3D%7BPUB_USER_ID%7D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_consent= HTTP 302
https://id5-sync.com/cq/464/124/6/2.gif?puid=b7cb156b-35af-4029-9a51-2ab7bb709734&gdpr=1&gdpr_consent=&gdpr=1&gdpr_consent= HTTP 302
https://rtb.gumgum.com/getuid/id5?r=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F441%2F5%2F3.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_consent= HTTP 302
https://id5-sync.com/c/464/441/5/3.gif?puid=e_c6f0f640-d3e4-4d8a-93c4-c76efaa1a6f1&gdpr=1&gdpr_consent= HTTP 302
https://cookie-matching.mediarithmics.com/v1/get_user_agent_id?dom_token=id517&sd=Y2FzY2FkZXNSZW1haW5pbmc9NCZjYXNjYWRlc0RvbmU9NCZpbml0aWF0aW5nUGFydG5lcj00NjQmZm9ybWF0PWdpZiY HTTP 303
https://cookie-matching.mediarithmics.com/v1/get_or_create?sd=Y2FzY2FkZXNSZW1haW5pbmc9NCZjYXNjYWRlc0RvbmU9NCZpbml0aWF0aW5nUGFydG5lcj00NjQmZm9ybWF0PWdpZiY&domid=1033 HTTP 303
https://cm.g.doubleclick.net/pixel?google_nid=medr&google_cm&key=GOO&sd=Y2FzY2FkZXNSZW1haW5pbmc9NCZjYXNjYWRlc0RvbmU9NCZpbml0aWF0aW5nUGFydG5lcj00NjQmZm9ybWF0PWdpZiY&action=GET_ID&opid=goo&etid=&domid=1033&ops=apx HTTP 302
https://cookie-matching.mediarithmics.com/input?key=GOO&key=GOO&sd=Y2FzY2FkZXNSZW1haW5pbmc9NCZjYXNjYWRlc0RvbmU9NCZpbml0aWF0aW5nUGFydG5lcj00NjQmZm9ybWF0PWdpZiY&action=GET_ID&opid=goo&etid=&domid=1033&ops=apx&google_gid=CAESEE6FlY97YJX51xPmAyfdnEU&google_cver=1 HTTP 303
https://ib.adnxs.com/getuid?https://cookie-matching.mediarithmics.com/input?key=APX&apx_uid=$UID&opid=apx&ops=&utidl=tech:goo:CAESEE6FlY97YJX51xPmAyfdnEU&sd=Y2FzY2FkZXNSZW1haW5pbmc9NCZjYXNjYWRlc0RvbmU9NCZpbml0aWF0aW5nUGFydG5lcj00NjQmZm9ybWF0PWdpZiY&action=GET_ID&etid=&domid=1033 HTTP 302
https://cookie-matching.mediarithmics.com/input?key=APX&apx_uid=3124726849276262110&opid=apx&ops=&utidl=tech:goo:CAESEE6FlY97YJX51xPmAyfdnEU&sd=Y2FzY2FkZXNSZW1haW5pbmc9NCZjYXNjYWRlc0RvbmU9NCZpbml0aWF0aW5nUGFydG5lcj00NjQmZm9ybWF0PWdpZiY&action=GET_ID&etid=&domid=1033 HTTP 303
https://id5-sync.com/qp/18.gif?puid=vec%3A17134053203&sd=Y2FzY2FkZXNSZW1haW5pbmc9NCZjYXNjYWRlc0RvbmU9NCZpbml0aWF0aW5nUGFydG5lcj00NjQmZm9ybWF0PWdpZiY HTTP 302
https://sync.crwdcntrl.net/map/c=13953/tp=IDFI/gdpr=1/gdpr_consent=?https://id5-sync.com/c/464/19/3/5.gif?puid=${profile_id}&gdpr=1&gdpr_consent= HTTP 302
https://sync.crwdcntrl.net/map/ct=y/c=13953/tp=IDFI/gdpr=1/gdpr_consent=?https://id5-sync.com/c/464/19/3/5.gif?puid=${profile_id}&gdpr=1&gdpr_consent= HTTP 302
https://id5-sync.com/c/464/19/3/5.gif?puid=769ff3ce7fe246262629c1d1d4cef3ce&gdpr=1&gdpr_consent= HTTP 302
https://ads.creative-serving.com/id5_cm?callback=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F101%2F2%2F6.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D1%26gdpr_consent%3D HTTP 302
https://ads.creative-serving.com/ul_cb/id5_cm?callback=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F101%2F2%2F6.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D1%26gdpr_consent%3D HTTP 302
https://id5-sync.com/c/464/101/2/6.gif?puid=3842729f-8980-4d8c-aaba-4d4d4e670a2b&gdpr=1&gdpr_consent= HTTP 302
https://loadus.exelator.com/load/?p=1082&g=204&j=r&gdpr=1&gdpr_consent=&ru=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F103%2F1%2F7.gif%3Fpuid%3D%25%25UID%25%25%26gdpr%3D1%26gdpr_consent%3D

Request Chain 495

https://s.c.appier.net/taboola HTTP 302
https://sync.taboola.com/sg/appierrtb-network/1/rtb-h?taboola_hm=cZ_DtKotCkqvubgcvKGGYA

Request Chain 497

https://x.bidswitch.net/sync?ssp=taboola&gdpr=0&gdpr_consent= HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=taboola&gdpr=0&gdpr_consent= HTTP 302
https://c1.adform.net/serving/cookie/match/?party=24&bidswitch_ssp_id=taboola HTTP 302
https://c1.adform.net/serving/cookie/match/?CC=1&party=24&bidswitch_ssp_id=taboola HTTP 302
https://x.bidswitch.net/sync?dsp_id=70&user_id=5891697160456001480&ssp=taboola HTTP 302
https://sync-t1.taboola.com/sg/bidswitch-network/1/rtb-h?taboola_hm=2c42101e-bbfe-48bd-ba4a-2c71f7d05af6

Request Chain 498

https://rtb.mfadsrvr.com/sync?ssp=taboola HTTP 302
https://sync.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=902d8956-0dfd-4bde-9a44-ed5d464a74aa HTTP 302
https://match.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=902d8956-0dfd-4bde-9a44-ed5d464a74aa&tbid=b52d0d6d-23ae-409f-97e9-10b67c82e353-tuct780273a&query=taboola_hm%3D902d8956-0dfd-4bde-9a44-ed5d464a74aa&isDirect=0

Request Chain 501

https://bh.contextweb.com/bh/rtset?pid=562107&ev=1&rurl=https%3A%2F%2Fsync.taboola.com/sg/pulsepointrtb-network/1/rtb-h/?taboola_hm=%%VGUID%%&orig=trc HTTP 302
https://sync.taboola.com/sg/pulsepointrtb-network/1/rtb-h/?taboola_hm=TJtWtYOsvWag&ev=1&orig=trc&pid=562107

Request Chain 502

https://ib.adnxs.com/getuidnb?https://sync.taboola.com/sg/appnexus-network/1/rtb-h/?taboola_hm=$UID&orig=trc HTTP 302
https://sync.taboola.com/sg/appnexus-network/1/rtb-h/?taboola_hm=3124726849276262110&orig=trc

Request Chain 503

https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_cm&google_sc HTTP 302
https://trc.taboola.com/sg/google-network/1/rtb-h/?taboola_hm=CAESELUUJXl3r4RPBRLA-hbDma0&google_cver=1

Request Chain 505

https://sync.taboola.com/sg/google-network/1/rtb?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dtaboola_dbm%26google_sc%26gdpr%3D0%26gdpr_consent%3D&orig=trc HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_sc&gdpr=0&gdpr_consent=&google_hm=b52d0d6d-23ae-409f-97e9-10b67c82e353-tuct780273a

Request Chain 506

https://match.adsrvr.org/track/cmf/generic?ttd_pid=054f32o&ttd_tpi=1 HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=054f32o&ttd_tpi=1 HTTP 302
https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=18af8a2d-70bd-419a-9398-d8e481f0d7cd

Request Chain 511

https://dis.criteo.com/dis/usersync.aspx?r=29&p=282&cp=taboolaortb&cu=1&url=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fcriteortb-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D%40%40CRITEO_USERID%40%40 HTTP 302
https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=6d5a19bf-39a2-47ef-bcee-d34dba1fa51b

Request Chain 512

https://id5-sync.com/s/464/9.gif?puid=642eef7c-30f3-46e4-af7e-73046a8780cb-tuct7802738&gdpr=0&gdpr_consent=&callback=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fid5-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D%7BID5UID%7D HTTP 302
https://ice.360yield.com/match?publisher_dsp_id=79&dsp_callback=1&external_user_id=ID5-ZHMOl9xlmBjOhKVgy0RpGwly2pcuhg-z8GQzjME0gg&r=https%3A%2F%2Fid5-sync.com%2Fcq%2F464%2F124%2F6%2F2.gif%3Fpuid%3D%7BPUB_USER_ID%7D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_consent= HTTP 302
https://ice.360yield.com/ul_cb/match?publisher_dsp_id=79&dsp_callback=1&external_user_id=ID5-ZHMOl9xlmBjOhKVgy0RpGwly2pcuhg-z8GQzjME0gg&r=https%3A%2F%2Fid5-sync.com%2Fcq%2F464%2F124%2F6%2F2.gif%3Fpuid%3D%7BPUB_USER_ID%7D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_consent= HTTP 302
https://id5-sync.com/cq/464/124/6/2.gif?puid=b7cb156b-35af-4029-9a51-2ab7bb709734&gdpr=1&gdpr_consent=&gdpr=1&gdpr_consent= HTTP 302
https://rtb.gumgum.com/getuid/id5?r=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F441%2F5%2F3.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_consent= HTTP 302
https://id5-sync.com/c/464/441/5/3.gif?puid=e_9ffbbe72-1772-4a9b-bb50-ebeb710bd466&gdpr=1&gdpr_consent= HTTP 302
https://cookie-matching.mediarithmics.com/v1/get_user_agent_id?dom_token=id517&sd=Y2FzY2FkZXNSZW1haW5pbmc9NCZjYXNjYWRlc0RvbmU9NCZpbml0aWF0aW5nUGFydG5lcj00NjQmZm9ybWF0PWdpZiY HTTP 303
https://cookie-matching.mediarithmics.com/v1/get_or_create?sd=Y2FzY2FkZXNSZW1haW5pbmc9NCZjYXNjYWRlc0RvbmU9NCZpbml0aWF0aW5nUGFydG5lcj00NjQmZm9ybWF0PWdpZiY&domid=1033 HTTP 303
https://cm.g.doubleclick.net/pixel?google_nid=medr&google_cm&key=GOO&sd=Y2FzY2FkZXNSZW1haW5pbmc9NCZjYXNjYWRlc0RvbmU9NCZpbml0aWF0aW5nUGFydG5lcj00NjQmZm9ybWF0PWdpZiY&action=GET_ID&opid=goo&etid=&domid=1033&ops=apx HTTP 302
https://cookie-matching.mediarithmics.com/input?key=GOO&key=GOO&sd=Y2FzY2FkZXNSZW1haW5pbmc9NCZjYXNjYWRlc0RvbmU9NCZpbml0aWF0aW5nUGFydG5lcj00NjQmZm9ybWF0PWdpZiY&action=GET_ID&opid=goo&etid=&domid=1033&ops=apx&google_gid=CAESEE6FlY97YJX51xPmAyfdnEU&google_cver=1 HTTP 303
https://ib.adnxs.com/getuid?https://cookie-matching.mediarithmics.com/input?key=APX&apx_uid=$UID&opid=apx&ops=&utidl=tech:goo:CAESEE6FlY97YJX51xPmAyfdnEU&sd=Y2FzY2FkZXNSZW1haW5pbmc9NCZjYXNjYWRlc0RvbmU9NCZpbml0aWF0aW5nUGFydG5lcj00NjQmZm9ybWF0PWdpZiY&action=GET_ID&etid=&domid=1033 HTTP 302
https://cookie-matching.mediarithmics.com/input?key=APX&apx_uid=3124726849276262110&opid=apx&ops=&utidl=tech:goo:CAESEE6FlY97YJX51xPmAyfdnEU&sd=Y2FzY2FkZXNSZW1haW5pbmc9NCZjYXNjYWRlc0RvbmU9NCZpbml0aWF0aW5nUGFydG5lcj00NjQmZm9ybWF0PWdpZiY&action=GET_ID&etid=&domid=1033 HTTP 303
https://id5-sync.com/qp/18.gif?puid=vec%3A17134053203&sd=Y2FzY2FkZXNSZW1haW5pbmc9NCZjYXNjYWRlc0RvbmU9NCZpbml0aWF0aW5nUGFydG5lcj00NjQmZm9ybWF0PWdpZiY HTTP 302
https://sync.crwdcntrl.net/map/c=13953/tp=IDFI/gdpr=1/gdpr_consent=?https://id5-sync.com/c/464/19/3/5.gif?puid=${profile_id}&gdpr=1&gdpr_consent= HTTP 302
https://sync.crwdcntrl.net/map/ct=y/c=13953/tp=IDFI/gdpr=1/gdpr_consent=?https://id5-sync.com/c/464/19/3/5.gif?puid=${profile_id}&gdpr=1&gdpr_consent= HTTP 302
https://id5-sync.com/c/464/19/3/5.gif?puid=769ff3ce7fe246262629c1d1d4cef3ce&gdpr=1&gdpr_consent= HTTP 302
https://ads.creative-serving.com/id5_cm?callback=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F101%2F2%2F6.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D1%26gdpr_consent%3D HTTP 302
https://ads.creative-serving.com/ul_cb/id5_cm?callback=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F101%2F2%2F6.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D1%26gdpr_consent%3D HTTP 302
https://id5-sync.com/c/464/101/2/6.gif?puid=5a7cc394-2165-4d83-b4b7-d8725509b285&gdpr=1&gdpr_consent= HTTP 302
https://loadus.exelator.com/load/?p=1082&g=204&j=r&gdpr=1&gdpr_consent=&ru=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F103%2F1%2F7.gif%3Fpuid%3D%25%25UID%25%25%26gdpr%3D1%26gdpr_consent%3D HTTP 302
https://loadus.exelator.com/load/?p=1082&g=204&j=r&gdpr=1&gdpr_consent=&ru=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F103%2F1%2F7.gif%3Fpuid%3D%25%25UID%25%25%26gdpr%3D1%26gdpr_consent%3D&xl8blockcheck=1

Request Chain 513

https://s.c.appier.net/taboola HTTP 302
https://sync.taboola.com/sg/appierrtb-network/1/rtb-h?taboola_hm=RJNftNHaAk64qRBVvKGGYA

Request Chain 515

https://x.bidswitch.net/sync?ssp=taboola&gdpr=0&gdpr_consent= HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=taboola&gdpr=0&gdpr_consent= HTTP 302
https://c1.adform.net/serving/cookie/match/?party=24&bidswitch_ssp_id=taboola HTTP 302
https://c1.adform.net/serving/cookie/match/?CC=1&party=24&bidswitch_ssp_id=taboola HTTP 302
https://x.bidswitch.net/sync?dsp_id=70&user_id=7798176862863764396&ssp=taboola HTTP 302
https://sync-t1.taboola.com/sg/bidswitch-network/1/rtb-h?taboola_hm=2c42101e-bbfe-48bd-ba4a-2c71f7d05af6

Request Chain 516

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si

Request Chain 518

https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAQvitUKTKD00kC4jw-12cU3DU-QsaM18AG0zNnSgNlTCeT7lc-yutz2Rd4d3xGQ7KvQ9GUObstWoyiu3WrSWMYocAS3Q6TE0VqA&google_gid=CAESEIek1QN485wxNE-XP4j2KrA&google_cver=1 HTTP 302
https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAQvitUKTKD00kC4jw-12cU3DU-QsaM18AG0zNnSgNlTCeT7lc-yutz2Rd4d3xGQ7KvQ9GUObstWoyiu3WrSWMYocAS3Q6TE0VqA&google_gid=CAESEIek1QN485wxNE-XP4j2KrA&google_cver=1&rd=Y HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMTA0MjYxMTE5MjUyMTk4MjI5MzQ5NTM0MA%3D%3D&google_push=AQvitUKTKD00kC4jw-12cU3DU-QsaM18AG0zNnSgNlTCeT7lc-yutz2Rd4d3xGQ7KvQ9GUObstWoyiu3WrSWMYocAS3Q6TE0VqA

Request Chain 519

https://rtb.openx.net/sync/dds?google_gid=CAESEEu7vkVv1iNdcc15fskK-hE&google_cver=1&google_push=AQvitUIGy_6TLJHA3nSdK8bJtEPOuMI00MPlDjr1qYcxTubwj5CCbc3xhhOtMDsloqH6LJUQhgX7r5YvySdJulWiRMaBNNH9Hw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AQvitUIGy_6TLJHA3nSdK8bJtEPOuMI00MPlDjr1qYcxTubwj5CCbc3xhhOtMDsloqH6LJUQhgX7r5YvySdJulWiRMaBNNH9Hw&google_hm=jJhXFr89zLkthyqG8Gc0mQ==

Request Chain 520

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEEi9u27Pi_RRDxtzDX4UqXQ&google_cver=1&google_push=AQvitUJDpLni-uMcewFc18CrXLcDCjJjWZYZooV9A1N3DylMK4gDoIPjDYU-mSzhdfC_lqhnXJ4A1JhYvIK0uXGYFV0H_WpcVQA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=RGyh4xHYQlalcGkhabNmRQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AQvitUJDpLni-uMcewFc18CrXLcDCjJjWZYZooV9A1N3DylMK4gDoIPjDYU-mSzhdfC_lqhnXJ4A1JhYvIK0uXGYFV0H_WpcVQA

Request Chain 521

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEOl8LJVbPWFvVYBVPUdVPbo&google_cver=1&google_push=AQvitUJbYaDhnNY7YQWtszsS2fEHXGm-4-bBfDwWlbn4_0lac_JruLuE-4fRe0FvK9aFgL8nEzbfk6S2jE6OtgpJlxJhaDRWvkM HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S05ZSUNZUEMtMVktM1ZCVA==&google_push=AQvitUJbYaDhnNY7YQWtszsS2fEHXGm-4-bBfDwWlbn4_0lac_JruLuE-4fRe0FvK9aFgL8nEzbfk6S2jE6OtgpJlxJhaDRWvkM

Request Chain 522

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEP1dt27PLY7fuJ_GbYJMWbc&google_cver=1&google_push=AQvitUITqbHHpeuf4kpYplFkDkH2RTwQZ2WQkJKp0tby9-to1DnGsVyM1dKLRu-Tww9UyVSNP_21XcLsmijHyaoOaE1bTf8i-6c HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YIahukBEpeGBJB7M0r2UnAAABIsAAAIB&google_gid=CAESEP1dt27PLY7fuJ_GbYJMWbc&google_cver=1&google_push=AQvitUITqbHHpeuf4kpYplFkDkH2RTwQZ2WQkJKp0tby9-to1DnGsVyM1dKLRu-Tww9UyVSNP_21XcLsmijHyaoOaE1bTf8i-6c

Request Chain 523

https://googlecm.hit.gemius.pl/googleredir?rid=tknhntsqez&id=ndBK6L_fzwx7rssCbe8.iLes3yi8eMbF6r2JE6Xu.b7.N7&google_gid=CAESEKnf-vR81uJIsJAtl6Joreo&google_cver=1&google_push=AQvitUKc8BRuiMpCl_V9OI1PaiJnldjDd_IbDQqo6RDSHWF_uYbNCR-y_Mhi7wtvVME2taZg5Fxd0_yVigfFeSNlc8aSDJWr7nL5 HTTP 301
https://cm.g.doubleclick.net/pixel?google_nid=gemius_adh&google_push=AQvitUKc8BRuiMpCl_V9OI1PaiJnldjDd_IbDQqo6RDSHWF_uYbNCR-y_Mhi7wtvVME2taZg5Fxd0_yVigfFeSNlc8aSDJWr7nL5&google_hm=

Request Chain 539

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si

Request Chain 541

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si

Request Chain 542

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si

Request Chain 552

https://pm.w55c.net/ping_match.gif?ei=OPENX&rurl=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537072979%26val%3D_wfivefivec_ HTTP 302
https://pm.w55c.net/ping_match.gif?scc=1&ei=OPENX&rurl=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537072979%26val%3D_wfivefivec_ HTTP 302
https://eu-u.openx.net/w/1.0/sd?id=537072979&val=TsNNFTQ11LAZgW5

Request Chain 553

https://x.bidswitch.net/sync?ssp=openx HTTP 302
https://dsp.nrich.ai/bidswitch/sync?bidswitch_ssp_id=openx&bsw_custom_parameter=2c42101e-bbfe-48bd-ba4a-2c71f7d05af6&gdpr=&gdpr_consent=&gdpr_pd=&us_privacy= HTTP 302
https://x.bidswitch.net/sync?dsp_id=283&user_id=f3b1e256-60a9-4232-a642-f5442629e8ff&expires=1&user_group=5&ssp=openx&bsw_param=2c42101e-bbfe-48bd-ba4a-2c71f7d05af6 HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072968&val=2c42101e-bbfe-48bd-ba4a-2c71f7d05af6

Request Chain 554

https://match.prod.bidr.io/cookie-sync/ox HTTP 303
https://match.prod.bidr.io/cookie-sync/ox?_bee_ppp=1 HTTP 303
https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFHTXFVN0JEVU1BQUNwc21wNVNodw&bee_sync_partners=pm%2Csas%2Cpp%2Cox&bee_sync_current_partner=adx&bee_sync_initiator=ox&bee_sync_hop_count=1 HTTP 302
https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=pm%2Csas%2Cpp%2Cox&bee_sync_current_partner=adx&bee_sync_initiator=ox&bee_sync_hop_count=1

Request Chain 555

https://sync.mathtag.com/sync/img?mt_exid=5&redir=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D536872786%26val%3D%5BMM_UUID%5D HTTP 302
https://eu-u.openx.net/w/1.0/sd?id=536872786&val=b3fe6086-a1bd-4500-b9d2-c8dcb027345b

Request Chain 556

https://pixel.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=1 HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=1&val=HwmNDkgI11kEAdAIH1yYDxEJhQAEWIxbS1_ldA4h

Request Chain 557

https://c1.adform.net/serving/cookie/match?party=22 HTTP 302
https://c1.adform.net/serving/cookie/match?CC=1&party=22 HTTP 302
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=3078880720611692555

Request Chain 560

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEKt8Vc2C8GRcIfboiEHOX0E&google_cver=1

Request Chain 561

https://ads.stickyadstv.com/user-matching?id=11&_fw_gdpr=0&_fw_gdpr_consent= HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_hm=ODljN2E5MmFlMzdhMDQ3ZTdjMjU0M2UzMTZiY2Y=&gdpr=0&gdpr_consent=

Request Chain 562

https://ads.stickyadstv.com/user-matching?id=2545&_fw_gdpr=0&_fw_gdpr_consent= HTTP 302
https://s.amazon-adsystem.com/ecm3?id=89c7a92ae37a047e7c2543e316bcf&ex=freewheel.tv&gdpr=0&gdpr_consent=

Request Chain 572

https://ads.stickyadstv.com/auto-user-sync?gdpr=1&gdpr_consent=null HTTP 302
https://ib.adnxs.com/getuid?https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D209&gdpr=1&gdpr_consent=null%26userId%3D$UID&gdpr=1&gdpr_consent=null

Request Chain 576

https://ads.stickyadstv.com/user-matching?id=11&_fw_gdpr=0&_fw_gdpr_consent= HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_hm=ODljN2E5MmFlMzdhMDQ3ZTdjMjU0M2UzMTZiY2Y=&gdpr=0&gdpr_consent=

Request Chain 578

https://ads.stickyadstv.com/user-matching?id=2545&_fw_gdpr=0&_fw_gdpr_consent= HTTP 302
https://s.amazon-adsystem.com/ecm3?id=89c7a92ae37a047e7c2543e316bcf&ex=freewheel.tv&gdpr=0&gdpr_consent=

Request Chain 582

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YIahukBEpeGBJB7M0r2UnAAABIsAAAIB HTTP 302
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YIahukBEpeGBJB7M0r2UnAAABIsAAAIB&dcc=t

Request Chain 583

https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YIahukBEpeGBJB7M0r2UnAAA HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEFY9dvIjWLqxdenGmIHMMFo&google_cver=1

Request Chain 584

https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YIahukBEpeGBJB7M0r2UnAAABIsAAAIB HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&google_gid=CAESEDmObYsS3ZtHXdUhu_P_5Jo&google_cver=1

Request Chain 586

https://pm.w55c.net/ping_match.gif?ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_&gdpr=1 HTTP 302
https://pm.w55c.net/ping_match.gif?scc=1&ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_&gdpr=1 HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=S0DxRsvo1LAZgW5&gdpr=1

Request Chain 588

https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=YIahukBEpeGBJB7M0r2UnAAABIsAAAIB HTTP 302
https://pr-bh.ybp.yahoo.com/sync/casale/YIahukBEpeGBJB7M0r2UnAAABIsAAAIB

Request Chain 589

https://sync.extend.tv/r.gif?exchange=index HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=152&external_user_id=36697381-8cfb-4f74-8a8c-ea9782e7c40d

Request Chain 597

https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@ HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=

Request Chain 598

https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=75074705950488085

Request Chain 599

https://dsp.adfarm1.adition.com/cookie/?ssp=9 HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=6955424520543533205

Request Chain 600

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=RGyh4xHYQlalcGkhabNmRQ%3D%3D HTTP 302
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=

Request Chain 602

https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=446CA1E3-11D8-4256-A570-692169B36645&sInitiator=external&gdpr=0&gdpr_consent= HTTP 302
https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=446CA1E3-11D8-4256-A570-692169B36645&sInitiator=external&gdpr=0&gdpr_consent=

Request Chain 603

https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=446CA1E3-11D8-4256-A570-692169B36645&gdpr= HTTP 302
https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=446CA1E3-11D8-4256-A570-692169B36645&gdpr=&fbounce=1 HTTP 302
https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=446CA1E3-11D8-4256-A570-692169B36645&addseg=19,36,42

Request Chain 604

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=NDQ2Q0ExRTMtMTFEOC00MjU2LUE1NzAtNjkyMTY5QjM2NjQ1&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=

Request Chain 605

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEDM2nwF7ghJBvmp_d5ZaKR4&google_cver=1

Request Chain 607

https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA%3D%3D%26piggybackCookie%3Duid%3A%5BMM_UUID%5D HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:b3fe6086-a1bd-4500-b9d2-c8dcb027345b&gdpr=0&gdpr_consent=

Request Chain 608

https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=3078880720611692555

Request Chain 609

https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=18af8a2d-70bd-419a-9398-d8e481f0d7cd

Request Chain 610

https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=3124726849276262110&gdpr=0&gdpr_consent=

Request Chain 612

https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=446CA1E3-11D8-4256-A570-692169B36645&redir=true&gdpr=0&gdpr_consent= HTTP 302
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-7y1l5TRE2uVVi2vRfDCqRaCX2DQ.nzA-~A&gdpr=0&gdpr_consent=

Request Chain 613

https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
https://pool.admedo.com/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic&bsw_custom_parameter=2c42101e-bbfe-48bd-ba4a-2c71f7d05af6 HTTP 302
https://pool.admedo.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic&bsw_custom_parameter=2c42101e-bbfe-48bd-ba4a-2c71f7d05af6 HTTP 302
https://x.bidswitch.net/sync?dsp_id=23&expires=14&user_id=02223ae6-ef1f-47c5-8382-ddc27e08da5b&user_group=1&ssp=pubmatic&bsw_param=2c42101e-bbfe-48bd-ba4a-2c71f7d05af6 HTTP 302
https://x.bidswitch.net/ul_cb/sync?dsp_id=23&expires=14&user_id=02223ae6-ef1f-47c5-8382-ddc27e08da5b&user_group=1&ssp=pubmatic&bsw_param=2c42101e-bbfe-48bd-ba4a-2c71f7d05af6 HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=12428329-f4e5-4cb6-aee7-6ed04bfce60a&gdpr=&gdpr_consent=&gdpr_pd=

Request Chain 614

https://pixel.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=I5lpkHSYM8c4kTSWI8x8kS2ZYZ44yGjFd8_TuKBI

Request Chain 615

https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=3276339339565175683&gdpr=0&gdpr_consent=&us_privacy=

Request Chain 629

https://ads.stickyadstv.com/auto-user-sync?gdpr=1&gdpr_consent=null HTTP 302
https://1f2e7.v.fwmrm.net/ad/u?_dv=2&dsp_user_mapping=true&127719=712ef37f46499463d4476c2269e7aaf&rdU=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D1169%26userId%3d%23%7buser.id%7d&gdpr=1&gdpr_consent=null HTTP 302
https://ads.stickyadstv.com/user-registering?dataProviderId=1169&userId=g036_6955424546296472212 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_cm=&google_sc&google_hm=NzEyZWYzN2Y0NjQ5OTQ2M2Q0NDc2YzIyNjllN2FhZg==&gdpr=0&gdpr_consent= HTTP 302
https://ads.stickyadstv.com/user-registering?dataProviderId=141&userId=CAESELxv6NZ5l5pOx3Uc8YBijkU&google_cver=1&gdpr=0&gdpr_consent= HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=stickyads&ttd_tpi=1&gdpr=0&gdpr_consent=&gdpr=0&gdpr_consent= HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=stickyads&ttd_tpi=1&gdpr=0&gdpr_consent=&gdpr=0&gdpr_consent= HTTP 302
https://ads.stickyadstv.com/user-registering?dataProviderId=208&userId=1f33deb6-383a-46f7-982e-cbff394eba23 HTTP 302
https://ib.adnxs.com/getuid?https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D209&gdpr=0&gdpr_consent=%26userId%3D$UID HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fads.stickyadstv.com%252Fuser-registering%253FdataProviderId%253D209%26gdpr%3D0%26gdpr_consent%3D%2526userId%253D%24UID HTTP 302
https://ads.stickyadstv.com/user-registering?dataProviderId=209&gdpr=0&gdpr_consent=&userId=7574884497883542956 HTTP 302
https://pr-bh.ybp.yahoo.com/sync/stickyads/712ef37f46499463d4476c2269e7aaf&gdpr=0&gdpr_consent=?gdpr=0&gdpr_consent= HTTP 302
https://ads.stickyadstv.com/user-registering?dataProviderId=199&userId=y-_lK8l0VE2oOD9TSJcWiwm_uqAlFcVKloaOSbQmVe~A HTTP 302
https://sync.mathtag.com/sync/img?mt_exid=44&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D183%26userId%3D%5BMM_UUID%5D HTTP 302
https://ads.stickyadstv.com/user-registering?dataProviderId=183&userId=4fe76086-a1c6-4f00-8794-6662d8ed14a7&gdpr=0&gdpr_consent= HTTP 302
https://pm.w55c.net/ping_match.gif?st=FREEWHEEL&rurl=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D593&userId=_wfivefivec_&gdpr=0&gdpr_consent= HTTP 302
https://pm.w55c.net/ping_match.gif?scc=1&st=FREEWHEEL&rurl=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D593&userId=_wfivefivec_&gdpr=0&gdpr_consent= HTTP 302
https://ads.stickyadstv.com/user-registering?dataProviderId=593&userId=r8rT2d6b1LAZh45&gdpr=0&gdpr_consent= HTTP 302
https://sync-tm.everesttech.net/upi/pid/wGbQAlJJ?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D187%26userId%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent= HTTP 302
https://sync-tm.everesttech.net/ct/upi/pid/wGbQAlJJ?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D187%26userId%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent=&_test=YIahxwAAeGtLpAA4 HTTP 302
https://ads.stickyadstv.com/user-registering?dataProviderId=187&userId=YIahxwAAeGtLpAA4&gdpr=0&gdpr_consent=&_test=YIahxwAAeGtLpAA4

Request Chain 633

https://ads.stickyadstv.com/user-matching?id=11&_fw_gdpr=0&_fw_gdpr_consent= HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_hm=NzEyZWYzN2Y0NjQ5OTQ2M2Q0NDc2YzIyNjllN2FhZg==&gdpr=0&gdpr_consent= HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_hm=NzEyZWYzN2Y0NjQ5OTQ2M2Q0NDc2YzIyNjllN2FhZg==&gdpr=0&gdpr_consent=&google_tc=

Request Chain 635

https://ads.stickyadstv.com/user-matching?id=2545&_fw_gdpr=0&_fw_gdpr_consent= HTTP 302
https://s.amazon-adsystem.com/ecm3?id=712ef37f46499463d4476c2269e7aaf&ex=freewheel.tv&gdpr=0&gdpr_consent=

Request Chain 642

https://sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1--- HTTP 302
https://sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---&__user_check__=1&sync_id=4c4b18ac-a681-11eb-8c37-1a7ccaea0206 HTTP 302
https://sync-t1.taboola.com/sg/spotx-rtb-network/1/rtb-h?taboola_hm=4c4b1875-a681-11eb-8c37-1a7ccaea0206&orig=video&us_privacy=1---

636 HTTP transactions
9 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 VWt22z7YxmcLW3d_lfb36JTN9VZjc4S4qSWfGN50kgPk2-HwrV1-WJV7CgH74W8yj8Gf5DDZvcW3TJBTT7kqbNwMR6s8lJGK_xW9h7hwf27nzMqW5wGLkb4hf5GgW3lN5Td7tRBTkW30lvRX1N-LFjW1tW32m7Trp5GW4xr3Wn7WcQ5vW23hz6z6nGFdkW7VpsPv3... Show response
info.silobreaker.com/e2t/tc/ 9 KB
3 KB 137ms
136ms Document
text/html 199.60.103.254
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://info.silobreaker.com/e2t/tc/VWt22z7YxmcLW3d_lfb36JTN9VZjc4S4qSWfGN50kgPk2-HwrV1-WJV7CgH74W8yj8Gf5DDZvcW3TJBTT7kqbNwMR6s8lJGK_xW9h7hwf27nzMqW5wGLkb4hf5GgW3lN5Td7tRBTkW30lvRX1N-LFjW1tW32m7Trp5GW4xr3Wn7WcQ5vW23hz6z6nGFdkW7VpsPv34ByTlW1KrtR88V7szrW39MzFN7Py845W3wb58d2vpQrZW4tlyqy4716kPW7N7-KV2vQ-5fW7qBTzn7dJ1BKW4VM3fG2FFWxyW3sfPLt74fFR8N6_-qlgnJKNxW60WBkK3dW8pZW2_vCdB2RRvxLW5F45Z61c1l3BVnybQW29v8QnW3Bf6923kQS6jN6fzWv1M0WN93c-z1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.60.103.254 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9c9ec2e1c2ecb073ed2e3333c93604a38eb2791aa9e2e9d51521ac9de7728f2b

Request headers

:method: GET
:authority: info.silobreaker.com
:scheme: https
:path: /e2t/tc/VWt22z7YxmcLW3d_lfb36JTN9VZjc4S4qSWfGN50kgPk2-HwrV1-WJV7CgH74W8yj8Gf5DDZvcW3TJBTT7kqbNwMR6s8lJGK_xW9h7hwf27nzMqW5wGLkb4hf5GgW3lN5Td7tRBTkW30lvRX1N-LFjW1tW32m7Trp5GW4xr3Wn7WcQ5vW23hz6z6nGFdkW7VpsPv34ByTlW1KrtR88V7szrW39MzFN7Py845W3wb58d2vpQrZW4tlyqy4716kPW7N7-KV2vQ-5fW7qBTzn7dJ1BKW4VM3fG2FFWxyW3sfPLt74fFR8N6_-qlgnJKNxW60WBkK3dW8pZW2_vCdB2RRvxLW5F45Z61c1l3BVnybQW29v8QnW3Bf6923kQS6jN6fzWv1M0WN93c-z1
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Apr 2021 11:19:19 GMT
content-type: text/html;charset=utf-8
set-cookie: __cfduid=d842b9eaff9b085234a664117b54cb3021619435959; expires=Wed, 26-May-21 11:19:19 GMT; path=/; domain=.info.silobreaker.com; HttpOnly; SameSite=Lax __cfruid=83f36e73970fef90fdaa4393b94db055785664b8-1619435959; path=/; domain=.info.silobreaker.com; HttpOnly; Secure; SameSite=None
cf-ray: 645f6a59ce60ee85-CDG
vary: Accept-Encoding
cf-cache-status: MISS
access-control-allow-credentials: false
cf-request-id: 09af80cc1c0000ee85b0a21000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
referrer-policy: no-referrer
x-hubspot-correlation-id: e54df134-04f9-45ef-ab4a-a2ce5b17aa35
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=Tj4FR2BCM6SxPpOp6ffq%2F%2BC1Mrs6LBjeEZ%2Fde7wHTE5NqdjzatSEC8ZuB0Ewl5fo%2B2UgMiMzFyhnZeiFps%2F5DyHA%2BzfB1JfSjQD9N4AXQgKxkwg65g%3D%3D"}],"max_age":604800,"group":"cf-nel"}
nel: {"max_age":604800,"report_to":"cf-nel"}
server: cloudflare
content-encoding: br

GET
H2

200

Primary Request astrazeneca-is-safe-to-be-given-to-senior-citizens-adham-YL7793054 Show response
www.thesundaily.my/home/
Redirect Chain

https://info.silobreaker.com/events/public/v1/track/tc/VWt22z7YxmcLW3d_lfb36JTN9VZjc4S4qSWfGN50kgPk2-HwrV1-WJV7CgH74W8yj8Gf5DDZvcW3TJBTT7kqbNwMR6s8lJGK_xW9h7hwf27nzMqW5wGLkb4hf5GgW3lN5Td7tRBTkW30lv...
https://www.thesundaily.my/home/astrazeneca-is-safe-to-be-given-to-senior-citizens-adham-YL7793054?_hsmi=88974744&_hsenc=p2ANqtz-_G5s6CORBttERc_beHteVqqnJIJh5EriMR00fz0Cexxf2lQpsFfBisijUxttE-tNX9yf...

74 KB
17 KB

82ms
34ms

Document
text/html

130.61.205.105
ORACLE-BMC-31898

General

Check archive.org

Show headers Download Go to

Full URL: https://www.thesundaily.my/home/astrazeneca-is-safe-to-be-given-to-senior-citizens-adham-YL7793054?_hsmi=88974744&_hsenc=p2ANqtz-_G5s6CORBttERc_beHteVqqnJIJh5EriMR00fz0Cexxf2lQpsFfBisijUxttE-tNX9yfHTn7fBQWbcOnOkY3_eCosMOOPpTIuaIKsiuCzrvP7v03c
Requested by: Host: info.silobreaker.com
URL: https://info.silobreaker.com/e2t/tc/VWt22z7YxmcLW3d_lfb36JTN9VZjc4S4qSWfGN50kgPk2-HwrV1-WJV7CgH74W8yj8Gf5DDZvcW3TJBTT7kqbNwMR6s8lJGK_xW9h7hwf27nzMqW5wGLkb4hf5GgW3lN5Td7tRBTkW30lvRX1N-LFjW1tW32m7Trp5GW4xr3Wn7WcQ5vW23hz6z6nGFdkW7VpsPv34ByTlW1KrtR88V7szrW39MzFN7Py845W3wb58d2vpQrZW4tlyqy4716kPW7N7-KV2vQ-5fW7qBTzn7dJ1BKW4VM3fG2FFWxyW3sfPLt74fFR8N6_-qlgnJKNxW60WBkK3dW8pZW2_vCdB2RRvxLW5F45Z61c1l3BVnybQW29v8QnW3Bf6923kQS6jN6fzWv1M0WN93c-z1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 130.61.205.105 Frankfurt am Main, Germany, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software: nginx/1.14.0 /
Resource Hash: 4e9f8560c686afcbdc3030e59191231a8ae26da17497f9925595c84f86474410

Request headers

:method: GET
:authority: www.thesundaily.my
:scheme: https
:path: /home/astrazeneca-is-safe-to-be-given-to-senior-citizens-adham-YL7793054?_hsmi=88974744&_hsenc=p2ANqtz-_G5s6CORBttERc_beHteVqqnJIJh5EriMR00fz0Cexxf2lQpsFfBisijUxttE-tNX9yfHTn7fBQWbcOnOkY3_eCosMOOPpTIuaIKsiuCzrvP7v03c
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://info.silobreaker.com/e2t/tc/VWt22z7YxmcLW3d_lfb36JTN9VZjc4S4qSWfGN50kgPk2-HwrV1-WJV7CgH74W8yj8Gf5DDZvcW3TJBTT7kqbNwMR6s8lJGK_xW9h7hwf27nzMqW5wGLkb4hf5GgW3lN5Td7tRBTkW30lvRX1N-LFjW1tW32m7Trp5GW4xr3Wn7WcQ5vW23hz6z6nGFdkW7VpsPv34ByTlW1KrtR88V7szrW39MzFN7Py845W3wb58d2vpQrZW4tlyqy4716kPW7N7-KV2vQ-5fW7qBTzn7dJ1BKW4VM3fG2FFWxyW3sfPLt74fFR8N6_-qlgnJKNxW60WBkK3dW8pZW2_vCdB2RRvxLW5F45Z61c1l3BVnybQW29v8QnW3Bf6923kQS6jN6fzWv1M0WN93c-z1

Response headers

server: nginx/1.14.0
date: Mon, 26 Apr 2021 11:19:19 GMT
content-type: text/html
content-length: 17327
cache-control: no-store, no-cache, must-revalidate
set-cookie: ITR_COOKIE_DEVID=ba736116605cda1f55d7f2aecffa54bd03; Expires=Sat, 31-Jan-2050 23:59:59 GMT; Path=/; ITR_COOKIE_USRID=ba736116605cda1f55d7f2aecffa54bd03; Expires=Sat, 31-Jan-2050 23:59:59 GMT; Path=/;
vary: Accept-Encoding
content-encoding: gzip

Redirect headers

date: Mon, 26 Apr 2021 11:19:19 GMT
location: https://www.thesundaily.my/home/astrazeneca-is-safe-to-be-given-to-senior-citizens-adham-YL7793054?_hsmi=88974744&_hsenc=p2ANqtz-_G5s6CORBttERc_beHteVqqnJIJh5EriMR00fz0Cexxf2lQpsFfBisijUxttE-tNX9yfHTn7fBQWbcOnOkY3_eCosMOOPpTIuaIKsiuCzrvP7v03c
cf-ray: 645f6a5aa804ee85-CDG
link: <https://www.thesundaily.my/home/astrazeneca-is-safe-to-be-given-to-senior-citizens-adham-YL7793054?_hsmi=88974744&_hsenc=p2ANqtz-_G5s6CORBttERc_beHteVqqnJIJh5EriMR00fz0Cexxf2lQpsFfBisijUxttE-tNX9yfHTn7fBQWbcOnOkY3_eCosMOOPpTIuaIKsiuCzrvP7v03c>; rel="canonical"
vary: Accept-Encoding
cf-cache-status: MISS
access-control-allow-credentials: false
cf-request-id: 09af80ccae0000ee8599979000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
referrer-policy: no-referrer
x-hubspot-correlation-id: 4f1f6118-437a-4d75-bc59-93f020afd644
x-robots-tag: none
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=y3Ke5yGZXSZaR42AjyHLel8d47M6VeDgXtmj9gyGU%2BAHVmD5NLHcs8UkfZqTIOEKklVagxVBqdCXVQuj8bZo1fPfiXJtWQaaoflE%2Bs1XRWbljQKbxQ%3D%3D"}],"max_age":604800,"group":"cf-nel"}
nel: {"max_age":604800,"report_to":"cf-nel"}
server: cloudflare

GET
H2 200 f85ec37f13f2cce80e58028ae1f51f32.css
www.thesundaily.my/base-portlet/webrsrc/theme/ 397 KB
61 KB 22ms
21ms Stylesheet
text/css 130.61.205.105
ORACLE-BMC-31898

General

Check archive.org

Show headers Download Go to

Full URL: https://www.thesundaily.my/base-portlet/webrsrc/theme/f85ec37f13f2cce80e58028ae1f51f32.css
Requested by: Host: www.thesundaily.my
URL: https://www.thesundaily.my/home/astrazeneca-is-safe-to-be-given-to-senior-citizens-adham-YL7793054?_hsmi=88974744&_hsenc=p2ANqtz-_G5s6CORBttERc_beHteVqqnJIJh5EriMR00fz0Cexxf2lQpsFfBisijUxttE-tNX9yfHTn7fBQWbcOnOkY3_eCosMOOPpTIuaIKsiuCzrvP7v03c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 130.61.205.105 Frankfurt am Main, Germany, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software: nginx/1.14.0 /
Resource Hash: 8c8c7c53a0259bd41a6d96e868fb82fa77ac515e86b6d77d8b391dea590da66d

Request headers

:path: /base-portlet/webrsrc/theme/f85ec37f13f2cce80e58028ae1f51f32.css
pragma: no-cache
cookie: ITR_COOKIE_DEVID=ba736116605cda1f55d7f2aecffa54bd03; ITR_COOKIE_USRID=ba736116605cda1f55d7f2aecffa54bd03
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: www.thesundaily.my
referer: https://www.thesundaily.my/home/astrazeneca-is-safe-to-be-given-to-senior-citizens-adham-YL7793054?_hsmi=88974744&_hsenc=p2ANqtz-_G5s6CORBttERc_beHteVqqnJIJh5EriMR00fz0Cexxf2lQpsFfBisijUxttE-tNX9yfHTn7fBQWbcOnOkY3_eCosMOOPpTIuaIKsiuCzrvP7v03c
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.thesundaily.my/home/astrazeneca-is-safe-to-be-given-to-senior-citizens-adham-YL7793054?_hsmi=88974744&_hsenc=p2ANqtz-_G5s6CORBttERc_beHteVqqnJIJh5EriMR00fz0Cexxf2lQpsFfBisijUxttE-tNX9yfHTn7fBQWbcOnOkY3_eCosMOOPpTIuaIKsiuCzrvP7v03c
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Apr 2021 11:19:19 GMT
content-encoding: gzip
server: nginx/1.14.0
etag: "4e1373a0"
vary: Accept-Encoding
content-type: text/css;charset=UTF-8
access-control-allow-origin: https://www.thesundaily.my
cache-control: max-age=31536000
url-regex-ignore-pattern: .+/-/.+
filter-class: com.liferay.portal.servlet.filters.header.HeaderFilter
content-length: 62443
expires: Thu, 21 Apr 2022 19:28:15 GMT

GET
H2 200 89666ad5dc245ccaa3c4b8b0e66c19f2.js Show response
www.thesundaily.my/base-portlet/webrsrc/ 525 KB
158 KB 38ms
37ms Script
text/javascript 130.61.205.105
ORACLE-BMC-31898

General

Check archive.org

Show headers Download Go to

Full URL: https://www.thesundaily.my/base-portlet/webrsrc/89666ad5dc245ccaa3c4b8b0e66c19f2.js
Requested by: Host: www.thesundaily.my
URL: https://www.thesundaily.my/home/astrazeneca-is-safe-to-be-given-to-senior-citizens-adham-YL7793054?_hsmi=88974744&_hsenc=p2ANqtz-_G5s6CORBttERc_beHteVqqnJIJh5EriMR00fz0Cexxf2lQpsFfBisijUxttE-tNX9yfHTn7fBQWbcOnOkY3_eCosMOOPpTIuaIKsiuCzrvP7v03c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 130.61.205.105 Frankfurt am Main, Germany, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software: nginx/1.14.0 /
Resource Hash: bf9481fb626a2265fa1b095558486dbc0c88698501eb3e9c22d5dd5f78a83e87

Request headers

:path: /base-portlet/webrsrc/89666ad5dc245ccaa3c4b8b0e66c19f2.js
pragma: no-cache
cookie: ITR_COOKIE_DEVID=ba736116605cda1f55d7f2aecffa54bd03; ITR_COOKIE_USRID=ba736116605cda1f55d7f2aecffa54bd03
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.thesundaily.my
referer: https://www.thesundaily.my/home/astrazeneca-is-safe-to-be-given-to-senior-citizens-adham-YL7793054?_hsmi=88974744&_hsenc=p2ANqtz-_G5s6CORBttERc_beHteVqqnJIJh5EriMR00fz0Cexxf2lQpsFfBisijUxttE-tNX9yfHTn7fBQWbcOnOkY3_eCosMOOPpTIuaIKsiuCzrvP7v03c
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.thesundaily.my/home/astrazeneca-is-safe-to-be-given-to-senior-citizens-adham-YL7793054?_hsmi=88974744&_hsenc=p2ANqtz-_G5s6CORBttERc_beHteVqqnJIJh5EriMR00fz0Cexxf2lQpsFfBisijUxttE-tNX9yfHTn7fBQWbcOnOkY3_eCosMOOPpTIuaIKsiuCzrvP7v03c
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Apr 2021 11:19:19 GMT
content-encoding: gzip
server: nginx/1.14.0
etag: "243e09e7"
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://www.thesundaily.my
cache-control: max-age=31536000
url-regex-ignore-pattern: .+/-/.+
filter-class: com.liferay.portal.servlet.filters.header.HeaderFilter
content-length: 161321
expires: Mon, 25 Apr 2022 19:01:04 GMT

GET
H2 200 2149d9eac7427e6ec28d8caf83f1eab4.js Show response
www.thesundaily.my/base-portlet/webrsrc/theme/ 82 KB
28 KB 49ms
48ms Script
text/javascript 130.61.205.105
ORACLE-BMC-31898

General

Check archive.org

Show headers Download Go to

Full URL: https://www.thesundaily.my/base-portlet/webrsrc/theme/2149d9eac7427e6ec28d8caf83f1eab4.js
Requested by: Host: www.thesundaily.my
URL: https://www.thesundaily.my/home/astrazeneca-is-safe-to-be-given-to-senior-citizens-adham-YL7793054?_hsmi=88974744&_hsenc=p2ANqtz-_G5s6CORBttERc_beHteVqqnJIJh5EriMR00fz0Cexxf2lQpsFfBisijUxttE-tNX9yfHTn7fBQWbcOnOkY3_eCosMOOPpTIuaIKsiuCzrvP7v03c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 130.61.205.105 Frankfurt am Main, Germany, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software: nginx/1.14.0 /
Resource Hash: 349fa148f9805b6478042aee691db1401816421fc5deb0ffee7e7a424c8b3803

Request headers

:path: /base-portlet/webrsrc/theme/2149d9eac7427e6ec28d8caf83f1eab4.js
pragma: no-cache
cookie: ITR_COOKIE_DEVID=ba736116605cda1f55d7f2aecffa54bd03; ITR_COOKIE_USRID=ba736116605cda1f55d7f2aecffa54bd03
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.thesundaily.my
referer: https://www.thesundaily.my/home/astrazeneca-is-safe-to-be-given-to-senior-citizens-adham-YL7793054?_hsmi=88974744&_hsenc=p2ANqtz-_G5s6CORBttERc_beHteVqqnJIJh5EriMR00fz0Cexxf2lQpsFfBisijUxttE-tNX9yfHTn7fBQWbcOnOkY3_eCosMOOPpTIuaIKsiuCzrvP7v03c
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.thesundaily.my/home/astrazeneca-is-safe-to-be-given-to-senior-citizens-adham-YL7793054?_hsmi=88974744&_hsenc=p2ANqtz-_G5s6CORBttERc_beHteVqqnJIJh5EriMR00fz0Cexxf2lQpsFfBisijUxttE-tNX9yfHTn7fBQWbcOnOkY3_eCosMOOPpTIuaIKsiuCzrvP7v03c
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Apr 2021 11:19:19 GMT
content-encoding: gzip
server: nginx/1.14.0
etag: "5db5e1b9"
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://www.thesundaily.my
cache-control: max-age=31536000
url-regex-ignore-pattern: .+/-/.+
filter-class: com.liferay.portal.servlet.filters.header.HeaderFilter
content-length: 28472
expires: Thu, 21 Apr 2022 19:38:46 GMT

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 62 KB
21 KB 55ms
18ms Script
text/javascript 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: www.thesundaily.my
URL: https://www.thesundaily.my/home/astrazeneca-is-safe-to-be-given-to-senior-citizens-adham-YL7793054?_hsmi=88974744&_hsenc=p2ANqtz-_G5s6CORBttERc_beHteVqqnJIJh5EriMR00fz0Cexxf2lQpsFfBisijUxttE-tNX9yfHTn7fBQWbcOnOkY3_eCosMOOPpTIuaIKsiuCzrvP7v03c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

sffe /

Resource Hash

a32de0e80741978e7816c3639f2697f435e1c270c04c755c2367e1c2829a9d84

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.thesundaily.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Apr 2021 11:19:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "853 / 656 of 1000 / last-modified: 1619435468"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21097
x-xss-protection: 0
expires: Mon, 26 Apr 2021 11:19:19 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 90 KB
36 KB 23ms
18ms Script
application/javascript 2a00:1450:4001:813::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-23981916-1

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

20b3cf55287b0c4c9f124b07ea4733deb541f4cc6704ebfa20bbf59ca22863cf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.thesundaily.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Apr 2021 11:19:19 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36579
x-xss-protection: 0
expires: Mon, 26 Apr 2021 11:19:19 GMT

GET
H2 200 768x432
www.thesundaily.my/placeholder/svg/viewbox/ 63 B
266 B 26ms
21ms Image
image/svg+xml 130.61.205.105
ORACLE-BMC-31898

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.thesundaily.my/placeholder/svg/viewbox/768x432
Requested by: Host: www.thesundaily.my
URL: https://www.thesundaily.my/home/astrazeneca-is-safe-to-be-given-to-senior-citizens-adham-YL7793054?_hsmi=88974744&_hsenc=p2ANqtz-_G5s6CORBttERc_beHteVqqnJIJh5EriMR00fz0Cexxf2lQpsFfBisijUxttE-tNX9yfHTn7fBQWbcOnOkY3_eCosMOOPpTIuaIKsiuCzrvP7v03c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 130.61.205.105 Frankfurt am Main, Germany, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software: nginx/1.14.0 /
Resource Hash: 9be5b68f33b03d2124a2d2e6b307e3100430dc4304e9f4d60d63c89165990fae

Request headers

:path: /placeholder/svg/viewbox/768x432
pragma: no-cache
cookie: ITR_COOKIE_DEVID=ba736116605cda1f55d7f2aecffa54bd03; ITR_COOKIE_USRID=ba736116605cda1f55d7f2aecffa54bd03
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.thesundaily.my
referer: https://www.thesundaily.my/home/astrazeneca-is-safe-to-be-given-to-senior-citizens-adham-YL7793054?_hsmi=88974744&_hsenc=p2ANqtz-_G5s6CORBttERc_beHteVqqnJIJh5EriMR00fz0Cexxf2lQpsFfBisijUxttE-tNX9yfHTn7fBQWbcOnOkY3_eCosMOOPpTIuaIKsiuCzrvP7v03c
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.thesundaily.my/home/astrazeneca-is-safe-to-be-given-to-senior-citizens-adham-YL7793054?_hsmi=88974744&_hsenc=p2ANqtz-_G5s6CORBttERc_beHteVqqnJIJh5EriMR00fz0Cexxf2lQpsFfBisijUxttE-tNX9yfHTn7fBQWbcOnOkY3_eCosMOOPpTIuaIKsiuCzrvP7v03c
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Apr 2021 11:19:19 GMT
content-encoding: gzip
server: nginx/1.14.0
etag: "162cd86a"
vary: Accept-Encoding
content-type: image/svg+xml;charset=UTF-8
cache-control: max-age=31536000
content-length: 82
expires: Thu, 21 Apr 2022 19:36:14 GMT

GET
H2 200 addthis_widget.js Show response
s7.addthis.com/js/300/ 353 KB
114 KB 70ms
25ms Script
application/javascript 104.84.56.112
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://s7.addthis.com/js/300/addthis_widget.js

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.84.56.112 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-84-56-112.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

acd2f7ad78edeebad4b6b0fdd17ff57d81c3726c60fd5435ee8c5a0115d29403

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://www.thesundaily.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
last-modified: Mon, 26 Oct 2020 18:11:48 GMT
server: nginx/1.15.8
etag: "5f971164-5834c"
vary: Accept-Encoding
x-distribution: 99
content-type: application/javascript
cache-control: public, max-age=600
date: Mon, 26 Apr 2021 11:19:19 GMT
x-host: s7.addthis.com
content-length: 116325

GET
H/1.1 200
OK admanager-async.js Show response
cdn.innity.net/ 5 KB
2 KB 11ms
7ms Script
application/javascript 23.38.48.217
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.innity.net/admanager-async.js
Requested by: Host: www.thesundaily.my
URL: https://www.thesundaily.my/home/astrazeneca-is-safe-to-be-given-to-senior-citizens-adham-YL7793054?_hsmi=88974744&_hsenc=p2ANqtz-_G5s6CORBttERc_beHteVqqnJIJh5EriMR00fz0Cexxf2lQpsFfBisijUxttE-tNX9yfHTn7fBQWbcOnOkY3_eCosMOOPpTIuaIKsiuCzrvP7v03c
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 23.38.48.217 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-38-48-217.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: f38579c50edb7a9e22a53d52a6272f6180b39cfcf6eae6fcf9009b659b0d58df

Request headers

Referer: https://www.thesundaily.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 26 Apr 2021 11:19:19 GMT
Content-Encoding: gzip
Last-Modified: Mon, 24 Feb 2020 09:20:41 GMT
Server: Apache
ETag: "121a-59f4ee2916c40-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=86400
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1546
Expires: Tue, 27 Apr 2021 11:19:19 GMT

GET
H/1.1 200
OK ipaper.png
s3-ap-southeast-1.amazonaws.com/thesun-epaper.com/ePaper+Images/ 201 KB
201 KB 700ms
180ms Image
image/png 52.219.124.102
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3-ap-southeast-1.amazonaws.com/thesun-epaper.com/ePaper+Images/ipaper.png
Requested by: Host: www.thesundaily.my
URL: https://www.thesundaily.my/home/astrazeneca-is-safe-to-be-given-to-senior-citizens-adham-YL7793054?_hsmi=88974744&_hsenc=p2ANqtz-_G5s6CORBttERc_beHteVqqnJIJh5EriMR00fz0Cexxf2lQpsFfBisijUxttE-tNX9yfHTn7fBQWbcOnOkY3_eCosMOOPpTIuaIKsiuCzrvP7v03c
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.219.124.102 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-ap-southeast-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 9eacb8bdf4836baccca546694198346ddc9728702c3933ff18b75b65ad05d059

Request headers

Referer: https://www.thesundaily.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 26 Apr 2021 11:19:21 GMT
Last-Modified: Sun, 25 Apr 2021 16:30:35 GMT
Server: AmazonS3
x-amz-request-id: XWK1GZW05A540Y1E
ETag: "9f80702cb474362676d217665648cbc8"
x-amz-meta-origin-date-iso8601: 2021-04-25T16:26:02.535Z
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 205336
x-amz-id-2: 8puqFSMoGiw3yAeRq4MCRyQ0zDdlbenrEUS8AcNLPcrDhuMHeIFTz8sssGZJXBNhhZzDvSIW27E=

GET
H/1.1 200
OK admanager.js Show response
cdn.innity.net/ 10 KB
4 KB 31ms
8ms Script
application/javascript 23.38.48.217
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.innity.net/admanager.js
Requested by: Host: www.thesundaily.my
URL: https://www.thesundaily.my/home/astrazeneca-is-safe-to-be-given-to-senior-citizens-adham-YL7793054?_hsmi=88974744&_hsenc=p2ANqtz-_G5s6CORBttERc_beHteVqqnJIJh5EriMR00fz0Cexxf2lQpsFfBisijUxttE-tNX9yfHTn7fBQWbcOnOkY3_eCosMOOPpTIuaIKsiuCzrvP7v03c
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 23.38.48.217 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-38-48-217.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 3cbc91b08f13856bfdca4216f4827f45654ee8c4daa770f79767d967595194a7

Request headers

Referer: https://www.thesundaily.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 26 Apr 2021 11:19:19 GMT
Content-Encoding: gzip
Last-Modified: Thu, 21 Feb 2019 01:30:07 GMT
Server: Apache
ETag: "2833-5825d6a16c5c0-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=86400
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3259
Expires: Tue, 27 Apr 2021 11:19:19 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 133 KB
47 KB 26ms
22ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6d0b74f2a3e089cde650f0972d1a568843c275718277a2c167af9011ebf91ff5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.thesundaily.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Apr 2021 11:19:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 48209
x-xss-protection: 0
server: cafe
etag: 2341374986041078434
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Mon, 26 Apr 2021 11:19:19 GMT

GET
H2 200 250x250
www.thesundaily.my/placeholder/svg/viewbox/ 63 B
262 B 25ms
21ms Image
image/svg+xml 130.61.205.105
ORACLE-BMC-31898

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.thesundaily.my/placeholder/svg/viewbox/250x250
Requested by: Host: www.thesundaily.my
URL: https://www.thesundaily.my/home/astrazeneca-is-safe-to-be-given-to-senior-citizens-adham-YL7793054?_hsmi=88974744&_hsenc=p2ANqtz-_G5s6CORBttERc_beHteVqqnJIJh5EriMR00fz0Cexxf2lQpsFfBisijUxttE-tNX9yfHTn7fBQWbcOnOkY3_eCosMOOPpTIuaIKsiuCzrvP7v03c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 130.61.205.105 Frankfurt am Main, Germany, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software: nginx/1.14.0 /
Resource Hash: bbe3f0d71fa3d9cbed7b339e485093cf66cb0f77017e5697f49b9209d0cad6f8

Request headers

:path: /placeholder/svg/viewbox/250x250
pragma: no-cache
cookie: ITR_COOKIE_DEVID=ba736116605cda1f55d7f2aecffa54bd03; ITR_COOKIE_USRID=ba736116605cda1f55d7f2aecffa54bd03
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.thesundaily.my
referer: https://www.thesundaily.my/home/astrazeneca-is-safe-to-be-given-to-senior-citizens-adham-YL7793054?_hsmi=88974744&_hsenc=p2ANqtz-_G5s6CORBttERc_beHteVqqnJIJh5EriMR00fz0Cexxf2lQpsFfBisijUxttE-tNX9yfHTn7fBQWbcOnOkY3_eCosMOOPpTIuaIKsiuCzrvP7v03c
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.thesundaily.my/home/astrazeneca-is-safe-to-be-given-to-senior-citizens-adham-YL7793054?_hsmi=88974744&_hsenc=p2ANqtz-_G5s6CORBttERc_beHteVqqnJIJh5EriMR00fz0Cexxf2lQpsFfBisijUxttE-tNX9yfHTn7fBQWbcOnOkY3_eCosMOOPpTIuaIKsiuCzrvP7v03c
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Apr 2021 11:19:19 GMT
content-encoding: gzip
server: nginx/1.14.0
etag: "545939d"
vary: Accept-Encoding
content-type: image/svg+xml;charset=UTF-8
cache-control: max-age=31536000
content-length: 78
expires: Sun, 24 Apr 2022 19:35:44 GMT

GET
H/1.1 200
OK Subscribe-BTN.gif
s3-ap-southeast-1.amazonaws.com/thesun-epaper.com/images/ 34 KB
34 KB 721ms
190ms Image
image/gif 52.219.124.102
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3-ap-southeast-1.amazonaws.com/thesun-epaper.com/images/Subscribe-BTN.gif
Requested by: Host: www.thesundaily.my
URL: https://www.thesundaily.my/home/astrazeneca-is-safe-to-be-given-to-senior-citizens-adham-YL7793054?_hsmi=88974744&_hsenc=p2ANqtz-_G5s6CORBttERc_beHteVqqnJIJh5EriMR00fz0Cexxf2lQpsFfBisijUxttE-tNX9yfHTn7fBQWbcOnOkY3_eCosMOOPpTIuaIKsiuCzrvP7v03c
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.219.124.102 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-ap-southeast-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: ac9f15a4b28501837dd55b92e1434389b004cfa3193599ccd98a246137126ac4

Request headers

Referer: https://www.thesundaily.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 26 Apr 2021 11:19:21 GMT
Last-Modified: Tue, 29 Jan 2019 11:18:15 GMT
Server: AmazonS3
x-amz-request-id: XWK7Y0V3H7SEH81N
ETag: "94041773e1b9a073a36211bfd8ed095b"
Content-Type: image/gif
Accept-Ranges: bytes
Content-Length: 34686
x-amz-id-2: iqoXYAAEAPH1rf1rlzq0eGVMBT/YUeTNQUwaO4n19ekh69krjo+Izf17LhKX0EyTR122uvHleM0=

GET
H/1.1 200
OK huawei.png
s3-ap-southeast-1.amazonaws.com/thesun-epaper.com/images/ 30 KB
31 KB 790ms
190ms Image
image/png 52.219.124.102
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3-ap-southeast-1.amazonaws.com/thesun-epaper.com/images/huawei.png
Requested by: Host: www.thesundaily.my
URL: https://www.thesundaily.my/home/astrazeneca-is-safe-to-be-given-to-senior-citizens-adham-YL7793054?_hsmi=88974744&_hsenc=p2ANqtz-_G5s6CORBttERc_beHteVqqnJIJh5EriMR00fz0Cexxf2lQpsFfBisijUxttE-tNX9yfHTn7fBQWbcOnOkY3_eCosMOOPpTIuaIKsiuCzrvP7v03c
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.219.124.102 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-ap-southeast-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 61801d5580c277cdff50b58bceb3c37762c7d747d44419992b821e1ccaa99c4e

Request headers

Referer: https://www.thesundaily.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 26 Apr 2021 11:19:21 GMT
Last-Modified: Tue, 02 Mar 2021 04:08:55 GMT
Server: AmazonS3
x-amz-request-id: XWK05P4Y8C2XH60E
ETag: "f4ee034aada457aeba5bb8efcedf3547"
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 31189
x-amz-id-2: GVG2MiCylZ9VgWwn814ZAJbk1sjZPPyerMzK83vt1LbRSdQtY1JtONI2Fdce/e28Lt0SNY7WvBM=

GET
H2 200 219454c19a4cafd1e0acd126273c97f5.js Show response
www.thesundaily.my/base-portlet/webrsrc/ 38 KB
10 KB 20ms
20ms Script
text/javascript 130.61.205.105
ORACLE-BMC-31898

General

Check archive.org

Show headers Download Go to

Full URL: https://www.thesundaily.my/base-portlet/webrsrc/219454c19a4cafd1e0acd126273c97f5.js
Requested by: Host: www.thesundaily.my
URL: https://www.thesundaily.my/home/astrazeneca-is-safe-to-be-given-to-senior-citizens-adham-YL7793054?_hsmi=88974744&_hsenc=p2ANqtz-_G5s6CORBttERc_beHteVqqnJIJh5EriMR00fz0Cexxf2lQpsFfBisijUxttE-tNX9yfHTn7fBQWbcOnOkY3_eCosMOOPpTIuaIKsiuCzrvP7v03c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 130.61.205.105 Frankfurt am Main, Germany, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software: nginx/1.14.0 /
Resource Hash: 9d1b6b1c9184afcdd7b9dd634420536eee8a6022c1f370a54da9295ec3f47e86

Request headers

:path: /base-portlet/webrsrc/219454c19a4cafd1e0acd126273c97f5.js
pragma: no-cache
cookie: ITR_COOKIE_DEVID=ba736116605cda1f55d7f2aecffa54bd03; ITR_COOKIE_USRID=ba736116605cda1f55d7f2aecffa54bd03
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.thesundaily.my
referer: https://www.thesundaily.my/home/astrazeneca-is-safe-to-be-given-to-senior-citizens-adham-YL7793054?_hsmi=88974744&_hsenc=p2ANqtz-_G5s6CORBttERc_beHteVqqnJIJh5EriMR00fz0Cexxf2lQpsFfBisijUxttE-tNX9yfHTn7fBQWbcOnOkY3_eCosMOOPpTIuaIKsiuCzrvP7v03c
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.thesundaily.my/home/astrazeneca-is-safe-to-be-given-to-senior-citizens-adham-YL7793054?_hsmi=88974744&_hsenc=p2ANqtz-_G5s6CORBttERc_beHteVqqnJIJh5EriMR00fz0Cexxf2lQpsFfBisijUxttE-tNX9yfHTn7fBQWbcOnOkY3_eCosMOOPpTIuaIKsiuCzrvP7v03c
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Apr 2021 11:19:19 GMT
content-encoding: gzip
server: nginx/1.14.0
etag: "4d5a94b2"
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://www.thesundaily.my
cache-control: max-age=31536000
url-regex-ignore-pattern: .+/-/.+
filter-class: com.liferay.portal.servlet.filters.header.HeaderFilter
content-length: 9677
expires: Thu, 21 Apr 2022 19:30:42 GMT

GET
H2 200 d87fd46c27fbd23ff232308aa10ab110.js Show response
www.thesundaily.my/base-portlet/webrsrc/theme/ 17 KB
5 KB 26ms
20ms Script
text/javascript 130.61.205.105
ORACLE-BMC-31898

General

Check archive.org

Show headers Download Go to

Full URL: https://www.thesundaily.my/base-portlet/webrsrc/theme/d87fd46c27fbd23ff232308aa10ab110.js
Requested by: Host: www.thesundaily.my
URL: https://www.thesundaily.my/home/astrazeneca-is-safe-to-be-given-to-senior-citizens-adham-YL7793054?_hsmi=88974744&_hsenc=p2ANqtz-_G5s6CORBttERc_beHteVqqnJIJh5EriMR00fz0Cexxf2lQpsFfBisijUxttE-tNX9yfHTn7fBQWbcOnOkY3_eCosMOOPpTIuaIKsiuCzrvP7v03c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 130.61.205.105 Frankfurt am Main, Germany, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software: nginx/1.14.0 /
Resource Hash: 9291fd7563b1ee6c2d2c4747f480794e1ad909c7a1ebce7d3e482855d7df44c1

Request headers

:path: /base-portlet/webrsrc/theme/d87fd46c27fbd23ff232308aa10ab110.js
pragma: no-cache
cookie: ITR_COOKIE_DEVID=ba736116605cda1f55d7f2aecffa54bd03; ITR_COOKIE_USRID=ba736116605cda1f55d7f2aecffa54bd03
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.thesundaily.my
referer: https://www.thesundaily.my/home/astrazeneca-is-safe-to-be-given-to-senior-citizens-adham-YL7793054?_hsmi=88974744&_hsenc=p2ANqtz-_G5s6CORBttERc_beHteVqqnJIJh5EriMR00fz0Cexxf2lQpsFfBisijUxttE-tNX9yfHTn7fBQWbcOnOkY3_eCosMOOPpTIuaIKsiuCzrvP7v03c
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.thesundaily.my/home/astrazeneca-is-safe-to-be-given-to-senior-citizens-adham-YL7793054?_hsmi=88974744&_hsenc=p2ANqtz-_G5s6CORBttERc_beHteVqqnJIJh5EriMR00fz0Cexxf2lQpsFfBisijUxttE-tNX9yfHTn7fBQWbcOnOkY3_eCosMOOPpTIuaIKsiuCzrvP7v03c
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Apr 2021 11:19:19 GMT
content-encoding: gzip
server: nginx/1.14.0
etag: "8a65ad2b"
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://www.thesundaily.my
cache-control: max-age=31536000
url-regex-ignore-pattern: .+/-/.+
filter-class: com.liferay.portal.servlet.filters.header.HeaderFilter
content-length: 4419
expires: Thu, 21 Apr 2022 19:46:11 GMT

GET
H2 200 mas-tracker-min.js Show response
cdn.iterwebcms.com/_proxy_https_/mas.protecmedia.com/ 14 KB
5 KB 48ms
13ms Script
application/javascript 2606:4700:3038::6815:ea1c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.iterwebcms.com/_proxy_https_/mas.protecmedia.com/mas-tracker-min.js
Requested by: Host: www.thesundaily.my
URL: https://www.thesundaily.my/home/astrazeneca-is-safe-to-be-given-to-senior-citizens-adham-YL7793054?_hsmi=88974744&_hsenc=p2ANqtz-_G5s6CORBttERc_beHteVqqnJIJh5EriMR00fz0Cexxf2lQpsFfBisijUxttE-tNX9yfHTn7fBQWbcOnOkY3_eCosMOOPpTIuaIKsiuCzrvP7v03c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3038::6815:ea1c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4ac28f060464a9c2a7beea74360934edf0fc235d344a76a3037a790a4c822ae8

Request headers

Referer: https://www.thesundaily.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Apr 2021 11:19:19 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 2226
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 09af80ce8200004ab0de056000000001
last-modified: Sat, 06 Feb 2021 21:37:59 GMT
server: cloudflare
etag: W/"3883-5bab1c0225545-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=SvIaUlNdD5C%2BbCCxpR0Q7r96dkIe6ScD3oMFuhCyH9fZf7Lm5rRiieEsKfhMdaNiCuupeLAcIsQj4JR9gu12BzTY9j7dbSgsNFwiRVnH%2BkqLjB1xvyjrOUm7qcGjK1c%3D"}],"group":"cf-nel"}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=1800
cf-ray: 645f6a5d9cb64ab0-FRA

GET
H2 200 mas-push-min.js Show response
cdn.iterwebcms.com/_proxy_https_/mas.protecmedia.com/ 18 KB
6 KB 59ms
24ms Script
application/javascript 2606:4700:3038::6815:ea1c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.iterwebcms.com/_proxy_https_/mas.protecmedia.com/mas-push-min.js
Requested by: Host: www.thesundaily.my
URL: https://www.thesundaily.my/home/astrazeneca-is-safe-to-be-given-to-senior-citizens-adham-YL7793054?_hsmi=88974744&_hsenc=p2ANqtz-_G5s6CORBttERc_beHteVqqnJIJh5EriMR00fz0Cexxf2lQpsFfBisijUxttE-tNX9yfHTn7fBQWbcOnOkY3_eCosMOOPpTIuaIKsiuCzrvP7v03c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3038::6815:ea1c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b5365b15867c2d17d443fd69880ffd3cac93a2cd851061167e1891d6ea103754

Request headers

Referer: https://www.thesundaily.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Apr 2021 11:19:19 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 2641
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 09af80ce8200004ab00b014000000001
last-modified: Fri, 29 Jan 2021 10:36:12 GMT
server: cloudflare
etag: W/"47f3-5ba0792b5681f-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=bEydbJR%2BdV0JTqid%2F4XGu%2FxPMJ6b3d7bP1M7jwNSWYB8GllQuY4rIbGunrF6zZQo96DLd2L1o3MU84tDT36yPNLeoJlMOD5B4s%2BE8wkulXxEqtxtQPFDevD%2BsXikNBQ%3D"}],"group":"cf-nel"}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=1800
cf-ray: 645f6a5d9cb84ab0-FRA

GET
H2 200 36c91f796b81b753e735ffdcd653c89c.woff2
www.thesundaily.my/base-portlet/webrsrc/theme/ 20 KB
20 KB 21ms
21ms Font
application/font-woff2 130.61.205.105
ORACLE-BMC-31898

General

Check archive.org

Show headers Download Go to

Full URL: https://www.thesundaily.my/base-portlet/webrsrc/theme/36c91f796b81b753e735ffdcd653c89c.woff2
Requested by: Host: www.thesundaily.my
URL: https://www.thesundaily.my/base-portlet/webrsrc/theme/f85ec37f13f2cce80e58028ae1f51f32.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 130.61.205.105 Frankfurt am Main, Germany, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software: nginx/1.14.0 /
Resource Hash: 5b52d68c9d30d14a23513011c23f3ea687170446a7abc0f9e0c8987fc0ada86a

Request headers

sec-fetch-mode: cors
origin: https://www.thesundaily.my
accept-encoding: gzip, deflate, br
accept-language: en-US
sec-fetch-dest: font
cookie: ITR_COOKIE_DEVID=ba736116605cda1f55d7f2aecffa54bd03; ITR_COOKIE_USRID=ba736116605cda1f55d7f2aecffa54bd03
:path: /base-portlet/webrsrc/theme/36c91f796b81b753e735ffdcd653c89c.woff2
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: */*
cache-control: no-cache
:authority: www.thesundaily.my
referer: https://www.thesundaily.my/base-portlet/webrsrc/theme/f85ec37f13f2cce80e58028ae1f51f32.css
:scheme: https
sec-fetch-site: same-origin
:method: GET
Origin: https://www.thesundaily.my
Referer: https://www.thesundaily.my/base-portlet/webrsrc/theme/f85ec37f13f2cce80e58028ae1f51f32.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Apr 2021 11:19:19 GMT
content-encoding: gzip
server: nginx/1.14.0
etag: "ab4a441b"
vary: Accept-Encoding
content-type: application/font-woff2;charset=UTF-8
access-control-allow-origin: https://www.thesundaily.my
cache-control: max-age=31536000
url-regex-ignore-pattern: .+/-/.+
filter-class: com.liferay.portal.servlet.filters.header.HeaderFilter
content-length: 20032
expires: Thu, 21 Apr 2022 19:31:39 GMT

GET
H2 200 ats.js Show response
anymind360.com/js/4542/ 109 KB
27 KB 41ms
13ms Script
application/javascript 2a04:4e42:600::645
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://anymind360.com/js/4542/ats.js

Requested by

Host: www.thesundaily.my
URL: https://www.thesundaily.my/base-portlet/webrsrc/89666ad5dc245ccaa3c4b8b0e66c19f2.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:600::645 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

f1a56be294df13289aa964ea8724fa7f4d9feb12104fe4a60bf1c8f26aa2669d

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

Referer: https://www.thesundaily.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Apr 2021 11:19:19 GMT
content-encoding: gzip
age: 25387
x-guploader-uploadid: ABg5-UyGHoe2yY3fz4lrXhbwOBDJJivcu7kaMj2WmB5nR3ifh71GvjhWqH3gfXJKNVPo173PsSAaqg-rMF7qdfH0oJQ
x-cache: HIT, HIT
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
strict-transport-security: max-age=300
content-length: 26630
x-served-by: cache-tyo11978-TYO, cache-fra19156-FRA
access-control-allow-origin: *
expires: Mon, 26 Apr 2021 04:16:12 GMT
last-modified: Mon, 26 Apr 2021 04:16:10 GMT
server: UploadServer
x-timer: S1619435960.949336,VS0,VE1
etag: "59a21027f6cc36182b4c432c010aa790"
vary: Accept-Encoding
x-goog-hash: crc32c=/xIs9w==, md5=WaIQJ/bMNhgrTEMsAQqnkA==
x-goog-generation: 1619410570491587
via: 1.1 varnish, 1.1 varnish
access-control-expose-headers: Content-Type
cache-control: max-age=1200
x-goog-stored-content-length: 26630
accept-ranges: bytes
content-type: application/javascript; charset=UTF-8
x-cache-hits: 1, 1

GET
H2 200 3f12d2fe9ea76c77583057aa4123c765.js Show response
www.thesundaily.my/base-portlet/webrsrc/theme/ 138 KB
56 KB 22ms
21ms XHR
text/javascript 130.61.205.105
ORACLE-BMC-31898

General

Check archive.org

Show headers Download Go to

Full URL: https://www.thesundaily.my/base-portlet/webrsrc/theme/3f12d2fe9ea76c77583057aa4123c765.js
Requested by: Host: www.thesundaily.my
URL: https://www.thesundaily.my/base-portlet/webrsrc/89666ad5dc245ccaa3c4b8b0e66c19f2.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 130.61.205.105 Frankfurt am Main, Germany, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software: nginx/1.14.0 /
Resource Hash: 558f5e477d6379eaa1adc698499f722a3bac712d0488f6ded10f8436e5399dd5

Request headers

sec-fetch-mode: cors
accept-encoding: gzip, deflate, br
accept-language: en-US
x-requested-with: XMLHttpRequest
sec-fetch-dest: empty
cookie: ITR_COOKIE_DEVID=ba736116605cda1f55d7f2aecffa54bd03; ITR_COOKIE_USRID=ba736116605cda1f55d7f2aecffa54bd03
:path: /base-portlet/webrsrc/theme/3f12d2fe9ea76c77583057aa4123c765.js
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
cache-control: no-cache
:authority: www.thesundaily.my
referer: https://www.thesundaily.my/home/astrazeneca-is-safe-to-be-given-to-senior-citizens-adham-YL7793054?_hsmi=88974744&_hsenc=p2ANqtz-_G5s6CORBttERc_beHteVqqnJIJh5EriMR00fz0Cexxf2lQpsFfBisijUxttE-tNX9yfHTn7fBQWbcOnOkY3_eCosMOOPpTIuaIKsiuCzrvP7v03c
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept: text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Referer: https://www.thesundaily.my/home/astrazeneca-is-safe-to-be-given-to-senior-citizens-adham-YL7793054?_hsmi=88974744&_hsenc=p2ANqtz-_G5s6CORBttERc_beHteVqqnJIJh5EriMR00fz0Cexxf2lQpsFfBisijUxttE-tNX9yfHTn7fBQWbcOnOkY3_eCosMOOPpTIuaIKsiuCzrvP7v03c
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Apr 2021 11:19:19 GMT
content-encoding: gzip
server: nginx/1.14.0
etag: "25596057"
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://www.thesundaily.my
cache-control: max-age=31536000
url-regex-ignore-pattern: .+/-/.+
filter-class: com.liferay.portal.servlet.filters.header.HeaderFilter
content-length: 56593
expires: Thu, 21 Apr 2022 19:46:09 GMT

GET
H2 200 beacon.js Show response
sb.scorecardresearch.com/ 1 KB
2 KB 123ms
38ms Script
application/javascript 13.224.111.129
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sb.scorecardresearch.com/beacon.js
Requested by: Host: www.thesundaily.my
URL: https://www.thesundaily.my/home/astrazeneca-is-safe-to-be-given-to-senior-citizens-adham-YL7793054?_hsmi=88974744&_hsenc=p2ANqtz-_G5s6CORBttERc_beHteVqqnJIJh5EriMR00fz0Cexxf2lQpsFfBisijUxttE-tNX9yfHTn7fBQWbcOnOkY3_eCosMOOPpTIuaIKsiuCzrvP7v03c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.111.129 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-111-129.mad50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79

Request headers

Referer: https://www.thesundaily.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Apr 2021 11:04:59 GMT
via: 1.1 1ae38585ee28c81ff103c9adf137d5ac.cloudfront.net (CloudFront)
etag: "1827f116c73f319409b97f10b8a58ade"
last-modified: Fri, 26 Feb 2021 14:35:05 GMT
server: AmazonS3
age: 862
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-pop: MAD50-C1
accept-ranges: bytes
content-length: 1469
x-amz-cf-id: mnFYDikAwPYU1rSDJ8Ctwdj7W_ZR6KQiIHnq6vR4HRWkqBtzMLy4QQ==

GET
H2 200 hotjar-1730601.js Show response
static.hotjar.com/c/ 3 KB
2 KB 65ms
65ms Script
application/javascript 13.224.111.6
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-1730601.js?sv=6

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.111.6 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-111-6.mad50.r.cloudfront.net

Software

Resource Hash

fe24229d8cfef27f2aaea56ff0d10972b4166bd907b6fec887a39d6bf183ed3b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.thesundaily.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Apr 2021 11:18:52 GMT
content-encoding: br
x-content-type-options: nosniff
cache-control: max-age=60
age: 27
etag: W/086df5d0e7b32bc9ee92aedc28322b79
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
x-cache-hit: 1
x-amz-cf-pop: MAD50-C1
content-length: 1547
via: 1.1 a79264f1781916a9abe8d5b96e40a058.cloudfront.net (CloudFront)
x-amz-cf-id: -jYzja0emhDcyoRof_OMXjmkNNu_fly1aZDtmP_9mWcm9tW5qdCkwA==

GET
H2 200 loader.js Show response
cdn.taboola.com/libtrc/thesundaily/ 321 KB
29 KB 11ms
10ms Script
application/javascript 199.232.137.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/thesundaily/loader.js
Requested by: Host: www.thesundaily.my
URL: https://www.thesundaily.my/home/astrazeneca-is-safe-to-be-given-to-senior-citizens-adham-YL7793054?_hsmi=88974744&_hsenc=p2ANqtz-_G5s6CORBttERc_beHteVqqnJIJh5EriMR00fz0Cexxf2lQpsFfBisijUxttE-tNX9yfHTn7fBQWbcOnOkY3_eCosMOOPpTIuaIKsiuCzrvP7v03c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e12e5d65843f708d15b2a16d0c658f5df3fd46201f0167d2ccea42e77a43a4ce

Request headers

Referer: https://www.thesundaily.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: iD_6YCnr9f2nIh49tbuflSIrplMJOAO7
content-encoding: gzip
etag: "8470418e3d1af9de85ab9fa308b54605"
age: 3149
x-cache: HIT
content-length: 29851
x-amz-id-2: ZhsYPv8xTLQ02rfghUbStmN1JcpTCZvZqeKtBP7Tl8pdhl9MlGeVXhQxHuVHov9Pn9dqVfq5jNU=
x-served-by: cache-hhn11538-HHN
last-modified: Mon, 26 Apr 2021 10:22:17 GMT
server: AmazonS3
x-timer: S1619435960.957126,VS0,VE0
date: Mon, 26 Apr 2021 11:19:19 GMT
vary: Accept-Encoding
x-amz-request-id: 1VEEA8W6BCP9941C
via: 1.1 varnish
cache-control: private,max-age=14401
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
abp: 66
x-cache-hits: 60

POST
H2 200 visit.jsp Show response
www.thesundaily.my/news-portlet/html/counter-portlet/ 0
57 B 21ms
18ms XHR
text/plain 130.61.205.105
ORACLE-BMC-31898

General

Check archive.org

Show headers Download Go to

Full URL: https://www.thesundaily.my/news-portlet/html/counter-portlet/visit.jsp
Requested by: Host: www.thesundaily.my
URL: https://www.thesundaily.my/base-portlet/webrsrc/89666ad5dc245ccaa3c4b8b0e66c19f2.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 130.61.205.105 Frankfurt am Main, Germany, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software: nginx/1.14.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-fetch-mode: cors
origin: https://www.thesundaily.my
accept-encoding: gzip, deflate, br
accept-language: en-US
sec-fetch-dest: empty
x-requested-with: XMLHttpRequest
cookie: ITR_COOKIE_DEVID=ba736116605cda1f55d7f2aecffa54bd03; ITR_COOKIE_USRID=ba736116605cda1f55d7f2aecffa54bd03
content-length: 72
:path: /news-portlet/html/counter-portlet/visit.jsp
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type: application/x-www-form-urlencoded; charset=UTF-8
accept: */*
cache-control: no-cache
:authority: www.thesundaily.my
referer: https://www.thesundaily.my/home/astrazeneca-is-safe-to-be-given-to-senior-citizens-adham-YL7793054?_hsmi=88974744&_hsenc=p2ANqtz-_G5s6CORBttERc_beHteVqqnJIJh5EriMR00fz0Cexxf2lQpsFfBisijUxttE-tNX9yfHTn7fBQWbcOnOkY3_eCosMOOPpTIuaIKsiuCzrvP7v03c
:scheme: https
sec-fetch-site: same-origin
:method: POST
Accept: */*
Referer: https://www.thesundaily.my/home/astrazeneca-is-safe-to-be-given-to-senior-citizens-adham-YL7793054?_hsmi=88974744&_hsenc=p2ANqtz-_G5s6CORBttERc_beHteVqqnJIJh5EriMR00fz0Cexxf2lQpsFfBisijUxttE-tNX9yfHTn7fBQWbcOnOkY3_eCosMOOPpTIuaIKsiuCzrvP7v03c
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Mon, 26 Apr 2021 11:19:19 GMT
server: nginx/1.14.0
content-length: 0
content-type: text/plain

GET
H2 200 c2899e661774233109757d88e4ec683f.jpg
www.thesundaily.my/base-portlet/webrsrc/theme/ 55 KB
55 KB 24ms
21ms Image
image/jpeg 130.61.205.105
ORACLE-BMC-31898

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.thesundaily.my/base-portlet/webrsrc/theme/c2899e661774233109757d88e4ec683f.jpg
Requested by: Host: www.thesundaily.my
URL: https://www.thesundaily.my/base-portlet/webrsrc/theme/f85ec37f13f2cce80e58028ae1f51f32.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 130.61.205.105 Frankfurt am Main, Germany, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software: nginx/1.14.0 /
Resource Hash: 55e3eee43df639a4f89d9103cedcc64729b3ce59bb32330086350c1651a9af3c

Request headers

:path: /base-portlet/webrsrc/theme/c2899e661774233109757d88e4ec683f.jpg
pragma: no-cache
cookie: ITR_COOKIE_DEVID=ba736116605cda1f55d7f2aecffa54bd03; ITR_COOKIE_USRID=ba736116605cda1f55d7f2aecffa54bd03
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.thesundaily.my
referer: https://www.thesundaily.my/base-portlet/webrsrc/theme/f85ec37f13f2cce80e58028ae1f51f32.css
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.thesundaily.my/base-portlet/webrsrc/theme/f85ec37f13f2cce80e58028ae1f51f32.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Apr 2021 11:19:19 GMT
server: nginx/1.14.0
etag: "c2bb41bc"
content-type: image/jpeg;charset=UTF-8
access-control-allow-origin: https://www.thesundaily.my
cache-control: max-age=31536000
url-regex-ignore-pattern: .+/-/.+
filter-class: com.liferay.portal.servlet.filters.header.HeaderFilter
content-length: 56432
expires: Sun, 24 Apr 2022 19:26:11 GMT

GET
H2 200 3e4c48833dbea0345a186d0b29d85367.png
www.thesundaily.my/base-portlet/webrsrc/theme/ 23 KB
23 KB 26ms
23ms Image
image/png 130.61.205.105
ORACLE-BMC-31898

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.thesundaily.my/base-portlet/webrsrc/theme/3e4c48833dbea0345a186d0b29d85367.png
Requested by: Host: www.thesundaily.my
URL: https://www.thesundaily.my/base-portlet/webrsrc/theme/f85ec37f13f2cce80e58028ae1f51f32.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 130.61.205.105 Frankfurt am Main, Germany, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software: nginx/1.14.0 /
Resource Hash: b46ab317e5326f3919bd0b20fd72555c7bc38b8407e687fec48899d977d5e36f

Request headers

:path: /base-portlet/webrsrc/theme/3e4c48833dbea0345a186d0b29d85367.png
pragma: no-cache
cookie: ITR_COOKIE_DEVID=ba736116605cda1f55d7f2aecffa54bd03; ITR_COOKIE_USRID=ba736116605cda1f55d7f2aecffa54bd03
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.thesundaily.my
referer: https://www.thesundaily.my/base-portlet/webrsrc/theme/f85ec37f13f2cce80e58028ae1f51f32.css
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.thesundaily.my/base-portlet/webrsrc/theme/f85ec37f13f2cce80e58028ae1f51f32.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Apr 2021 11:19:19 GMT
server: nginx/1.14.0
etag: "c3ab0e5e"
content-type: image/png;charset=UTF-8
access-control-allow-origin: https://www.thesundaily.my
cache-control: max-age=31536000
url-regex-ignore-pattern: .+/-/.+
filter-class: com.liferay.portal.servlet.filters.header.HeaderFilter
content-length: 23097
expires: Sun, 24 Apr 2022 19:19:10 GMT

GET
H2 200 73a971da4986c6c6a528b9c5b89c4632.woff2
www.thesundaily.my/base-portlet/webrsrc/theme/ 20 KB
20 KB 24ms
21ms Font
application/font-woff2 130.61.205.105
ORACLE-BMC-31898

General

Check archive.org

Show headers Download Go to

Full URL: https://www.thesundaily.my/base-portlet/webrsrc/theme/73a971da4986c6c6a528b9c5b89c4632.woff2
Requested by: Host: www.thesundaily.my
URL: https://www.thesundaily.my/base-portlet/webrsrc/theme/f85ec37f13f2cce80e58028ae1f51f32.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 130.61.205.105 Frankfurt am Main, Germany, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software: nginx/1.14.0 /
Resource Hash: 90132c6f6a9d0cf9c2bc7da491cb11e76311653271890a46f6933af8bdc6e0f2

Request headers

sec-fetch-mode: cors
origin: https://www.thesundaily.my
accept-encoding: gzip, deflate, br
accept-language: en-US
sec-fetch-dest: font
cookie: ITR_COOKIE_DEVID=ba736116605cda1f55d7f2aecffa54bd03; ITR_COOKIE_USRID=ba736116605cda1f55d7f2aecffa54bd03
:path: /base-portlet/webrsrc/theme/73a971da4986c6c6a528b9c5b89c4632.woff2
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: */*
cache-control: no-cache
:authority: www.thesundaily.my
referer: https://www.thesundaily.my/base-portlet/webrsrc/theme/f85ec37f13f2cce80e58028ae1f51f32.css
:scheme: https
sec-fetch-site: same-origin
:method: GET
Origin: https://www.thesundaily.my
Referer: https://www.thesundaily.my/base-portlet/webrsrc/theme/f85ec37f13f2cce80e58028ae1f51f32.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Apr 2021 11:19:19 GMT
content-encoding: gzip
server: nginx/1.14.0
etag: "2a40f4e"
vary: Accept-Encoding
content-type: application/font-woff2;charset=UTF-8
access-control-allow-origin: https://www.thesundaily.my
cache-control: max-age=31536000
url-regex-ignore-pattern: .+/-/.+
filter-class: com.liferay.portal.servlet.filters.header.HeaderFilter
content-length: 20324
expires: Thu, 21 Apr 2022 19:37:26 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 92 KB
24 KB 6ms
6ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

0ae5ed57dc48abbee125d5f915e37110c9f2bb6a95d1aa5ccf3c141f8fe10db3

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.thesundaily.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 23961
x-fb-rlafr: 0
pragma: public
x-fb-debug: qVB7gd59pDSXbq/tGJDLinjgmotswRwLVgUp71HmHJqxVn9BtrTzOxrXkZk1Nz969SEqiAWcnRHkBC8hiNoJWw==
x-fb-trip-id: 2050670934
x-frame-options: DENY
date: Mon, 26 Apr 2021 11:19:19 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 0bf140f7a033f72b96e6429c8ec9c427.png
www.thesundaily.my/base-portlet/webrsrc/theme/ 7 KB
7 KB 22ms
20ms Image
image/png 130.61.205.105
ORACLE-BMC-31898

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.thesundaily.my/base-portlet/webrsrc/theme/0bf140f7a033f72b96e6429c8ec9c427.png
Requested by: Host: www.thesundaily.my
URL: https://www.thesundaily.my/base-portlet/webrsrc/theme/f85ec37f13f2cce80e58028ae1f51f32.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 130.61.205.105 Frankfurt am Main, Germany, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software: nginx/1.14.0 /
Resource Hash: 1c1a6037f2f27ee6b37ff438c5cabf1a23cce7cce2aa5bf1e8a9de014a660bb5

Request headers

:path: /base-portlet/webrsrc/theme/0bf140f7a033f72b96e6429c8ec9c427.png
pragma: no-cache
cookie: ITR_COOKIE_DEVID=ba736116605cda1f55d7f2aecffa54bd03; ITR_COOKIE_USRID=ba736116605cda1f55d7f2aecffa54bd03
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.thesundaily.my
referer: https://www.thesundaily.my/base-portlet/webrsrc/theme/f85ec37f13f2cce80e58028ae1f51f32.css
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.thesundaily.my/base-portlet/webrsrc/theme/f85ec37f13f2cce80e58028ae1f51f32.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Apr 2021 11:19:19 GMT
server: nginx/1.14.0
etag: "770fd8eb"
content-type: image/png;charset=UTF-8
access-control-allow-origin: https://www.thesundaily.my
cache-control: max-age=31536000
url-regex-ignore-pattern: .+/-/.+
filter-class: com.liferay.portal.servlet.filters.header.HeaderFilter
content-length: 7291
expires: Sun, 24 Apr 2022 19:06:59 GMT

GET
H2 200 3cec42686a4b3647a3f78ce6a4ff0c67.png
www.thesundaily.my/base-portlet/webrsrc/theme/ 9 KB
9 KB 22ms
21ms Image
image/png 130.61.205.105
ORACLE-BMC-31898

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.thesundaily.my/base-portlet/webrsrc/theme/3cec42686a4b3647a3f78ce6a4ff0c67.png
Requested by: Host: www.thesundaily.my
URL: https://www.thesundaily.my/base-portlet/webrsrc/theme/f85ec37f13f2cce80e58028ae1f51f32.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 130.61.205.105 Frankfurt am Main, Germany, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software: nginx/1.14.0 /
Resource Hash: 7a9231ced64015c8c91a49518821713c638355d64135fbd30f465384f5a4a6f1

Request headers

:path: /base-portlet/webrsrc/theme/3cec42686a4b3647a3f78ce6a4ff0c67.png
pragma: no-cache
cookie: ITR_COOKIE_DEVID=ba736116605cda1f55d7f2aecffa54bd03; ITR_COOKIE_USRID=ba736116605cda1f55d7f2aecffa54bd03
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.thesundaily.my
referer: https://www.thesundaily.my/base-portlet/webrsrc/theme/f85ec37f13f2cce80e58028ae1f51f32.css
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.thesundaily.my/base-portlet/webrsrc/theme/f85ec37f13f2cce80e58028ae1f51f32.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Apr 2021 11:19:19 GMT
server: nginx/1.14.0
etag: "c90d7958"
content-type: image/png;charset=UTF-8
access-control-allow-origin: https://www.thesundaily.my
cache-control: max-age=31536000
url-regex-ignore-pattern: .+/-/.+
filter-class: com.liferay.portal.servlet.filters.header.HeaderFilter
content-length: 8856
expires: Thu, 21 Apr 2022 19:56:09 GMT

GET
H2 200 7401e50d22a4c36cbc7e4b0539f6b153.png
www.thesundaily.my/base-portlet/webrsrc/theme/ 12 KB
12 KB 22ms
21ms Image
image/png 130.61.205.105
ORACLE-BMC-31898

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.thesundaily.my/base-portlet/webrsrc/theme/7401e50d22a4c36cbc7e4b0539f6b153.png
Requested by: Host: www.thesundaily.my
URL: https://www.thesundaily.my/base-portlet/webrsrc/theme/f85ec37f13f2cce80e58028ae1f51f32.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 130.61.205.105 Frankfurt am Main, Germany, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software: nginx/1.14.0 /
Resource Hash: 19d7405b9856b0dd6b4aed0b4054ff8c855865c62be73e52bf519f894df29ab8

Request headers

:path: /base-portlet/webrsrc/theme/7401e50d22a4c36cbc7e4b0539f6b153.png
pragma: no-cache
cookie: ITR_COOKIE_DEVID=ba736116605cda1f55d7f2aecffa54bd03; ITR_COOKIE_USRID=ba736116605cda1f55d7f2aecffa54bd03
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.thesundaily.my
referer: https://www.thesundaily.my/base-portlet/webrsrc/theme/f85ec37f13f2cce80e58028ae1f51f32.css
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.thesundaily.my/base-portlet/webrsrc/theme/f85ec37f13f2cce80e58028ae1f51f32.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Apr 2021 11:19:19 GMT
server: nginx/1.14.0
etag: "e4c25bfe"
content-type: image/png;charset=UTF-8
access-control-allow-origin: https://www.thesundaily.my
cache-control: max-age=31536000
url-regex-ignore-pattern: .+/-/.+
filter-class: com.liferay.portal.servlet.filters.header.HeaderFilter
content-length: 12464
expires: Sun, 24 Apr 2022 19:09:12 GMT

GET
H2 200 67159e2e4fc35f7552236c242d6413e8.png
www.thesundaily.my/base-portlet/webrsrc/theme/ 10 KB
10 KB 22ms
21ms Image
image/png 130.61.205.105
ORACLE-BMC-31898

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.thesundaily.my/base-portlet/webrsrc/theme/67159e2e4fc35f7552236c242d6413e8.png
Requested by: Host: www.thesundaily.my
URL: https://www.thesundaily.my/base-portlet/webrsrc/theme/f85ec37f13f2cce80e58028ae1f51f32.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 130.61.205.105 Frankfurt am Main, Germany, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software: nginx/1.14.0 /
Resource Hash: 3b0d9f22f5fb1317e8b9a3a98b10e28dd253c81f807745d964a45b34fac6a600

Request headers

:path: /base-portlet/webrsrc/theme/67159e2e4fc35f7552236c242d6413e8.png
pragma: no-cache
cookie: ITR_COOKIE_DEVID=ba736116605cda1f55d7f2aecffa54bd03; ITR_COOKIE_USRID=ba736116605cda1f55d7f2aecffa54bd03
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.thesundaily.my
referer: https://www.thesundaily.my/base-portlet/webrsrc/theme/f85ec37f13f2cce80e58028ae1f51f32.css
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.thesundaily.my/base-portlet/webrsrc/theme/f85ec37f13f2cce80e58028ae1f51f32.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Apr 2021 11:19:19 GMT
server: nginx/1.14.0
etag: "dffe213f"
content-type: image/png;charset=UTF-8
access-control-allow-origin: https://www.thesundaily.my
cache-control: max-age=31536000
url-regex-ignore-pattern: .+/-/.+
filter-class: com.liferay.portal.servlet.filters.header.HeaderFilter
content-length: 10182
expires: Sun, 24 Apr 2022 19:09:12 GMT

GET
H2 200 eadbfd9eb86ce18f0d6b71259bfe3b22.png
www.thesundaily.my/base-portlet/webrsrc/theme/ 951 B
1 KB 26ms
20ms Image
image/png 130.61.205.105
ORACLE-BMC-31898

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.thesundaily.my/base-portlet/webrsrc/theme/eadbfd9eb86ce18f0d6b71259bfe3b22.png
Requested by: Host: www.thesundaily.my
URL: https://www.thesundaily.my/base-portlet/webrsrc/theme/f85ec37f13f2cce80e58028ae1f51f32.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 130.61.205.105 Frankfurt am Main, Germany, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software: nginx/1.14.0 /
Resource Hash: a49a784edfb3b0594b4bd674dce4abfb0990c42e42f232faab8478f5ae01a027

Request headers

:path: /base-portlet/webrsrc/theme/eadbfd9eb86ce18f0d6b71259bfe3b22.png
pragma: no-cache
cookie: ITR_COOKIE_DEVID=ba736116605cda1f55d7f2aecffa54bd03; ITR_COOKIE_USRID=ba736116605cda1f55d7f2aecffa54bd03
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.thesundaily.my
referer: https://www.thesundaily.my/base-portlet/webrsrc/theme/f85ec37f13f2cce80e58028ae1f51f32.css
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.thesundaily.my/base-portlet/webrsrc/theme/f85ec37f13f2cce80e58028ae1f51f32.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Apr 2021 11:19:19 GMT
server: nginx/1.14.0
etag: "2b170e4d"
content-type: image/png;charset=UTF-8
access-control-allow-origin: https://www.thesundaily.my
cache-control: max-age=31536000
url-regex-ignore-pattern: .+/-/.+
filter-class: com.liferay.portal.servlet.filters.header.HeaderFilter
content-length: 951
expires: Sun, 24 Apr 2022 19:16:15 GMT

GET
H2 200 9daba00979dd74e0d7431f7ce9cb3ef5.png
www.thesundaily.my/base-portlet/webrsrc/theme/ 72 KB
73 KB 28ms
21ms Image
image/png 130.61.205.105
ORACLE-BMC-31898

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.thesundaily.my/base-portlet/webrsrc/theme/9daba00979dd74e0d7431f7ce9cb3ef5.png
Requested by: Host: www.thesundaily.my
URL: https://www.thesundaily.my/base-portlet/webrsrc/theme/f85ec37f13f2cce80e58028ae1f51f32.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 130.61.205.105 Frankfurt am Main, Germany, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software: nginx/1.14.0 /
Resource Hash: d314cc02ddd501a04fa1fe34fa56b58e20f53e5265d9c3ae4c8247c3ed3309b0

Request headers

:path: /base-portlet/webrsrc/theme/9daba00979dd74e0d7431f7ce9cb3ef5.png
pragma: no-cache
cookie: ITR_COOKIE_DEVID=ba736116605cda1f55d7f2aecffa54bd03; ITR_COOKIE_USRID=ba736116605cda1f55d7f2aecffa54bd03
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.thesundaily.my
referer: https://www.thesundaily.my/base-portlet/webrsrc/theme/f85ec37f13f2cce80e58028ae1f51f32.css
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.thesundaily.my/base-portlet/webrsrc/theme/f85ec37f13f2cce80e58028ae1f51f32.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Apr 2021 11:19:19 GMT
server: nginx/1.14.0
etag: "10f38378"
content-type: image/png;charset=UTF-8
access-control-allow-origin: https://www.thesundaily.my
cache-control: max-age=31536000
url-regex-ignore-pattern: .+/-/.+
filter-class: com.liferay.portal.servlet.filters.header.HeaderFilter
content-length: 74023
expires: Sun, 24 Apr 2022 19:15:32 GMT

GET
H2 200 a9e86c7f9a2aeddc82028bc30be4cbef.png
www.thesundaily.my/base-portlet/webrsrc/theme/ 142 KB
143 KB 31ms
24ms Image
image/png 130.61.205.105
ORACLE-BMC-31898

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.thesundaily.my/base-portlet/webrsrc/theme/a9e86c7f9a2aeddc82028bc30be4cbef.png
Requested by: Host: www.thesundaily.my
URL: https://www.thesundaily.my/base-portlet/webrsrc/theme/f85ec37f13f2cce80e58028ae1f51f32.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 130.61.205.105 Frankfurt am Main, Germany, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software: nginx/1.14.0 /
Resource Hash: 0a8c7625349682cdf950b4675499066d1ae2640e2e9099e6a7f68f3bb09e6434

Request headers

:path: /base-portlet/webrsrc/theme/a9e86c7f9a2aeddc82028bc30be4cbef.png
pragma: no-cache
cookie: ITR_COOKIE_DEVID=ba736116605cda1f55d7f2aecffa54bd03; ITR_COOKIE_USRID=ba736116605cda1f55d7f2aecffa54bd03
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.thesundaily.my
referer: https://www.thesundaily.my/base-portlet/webrsrc/theme/f85ec37f13f2cce80e58028ae1f51f32.css
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.thesundaily.my/base-portlet/webrsrc/theme/f85ec37f13f2cce80e58028ae1f51f32.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Apr 2021 11:19:19 GMT
server: nginx/1.14.0
etag: "8623600e"
content-type: image/png;charset=UTF-8
access-control-allow-origin: https://www.thesundaily.my
cache-control: max-age=31536000
url-regex-ignore-pattern: .+/-/.+
filter-class: com.liferay.portal.servlet.filters.header.HeaderFilter
content-length: 145855
expires: Thu, 21 Apr 2022 19:50:23 GMT

GET
H2 200 ac86e8acbb262a46fd76f1de289833be.png
www.thesundaily.my/base-portlet/webrsrc/theme/ 2 KB
2 KB 34ms
28ms Image
image/png 130.61.205.105
ORACLE-BMC-31898

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.thesundaily.my/base-portlet/webrsrc/theme/ac86e8acbb262a46fd76f1de289833be.png
Requested by: Host: www.thesundaily.my
URL: https://www.thesundaily.my/base-portlet/webrsrc/theme/f85ec37f13f2cce80e58028ae1f51f32.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 130.61.205.105 Frankfurt am Main, Germany, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software: nginx/1.14.0 /
Resource Hash: 7c1c88e95545e6e4ef97f12c3249c7fdfd1bb058207f35c0b2c0c04d3873a74a

Request headers

:path: /base-portlet/webrsrc/theme/ac86e8acbb262a46fd76f1de289833be.png
pragma: no-cache
cookie: ITR_COOKIE_DEVID=ba736116605cda1f55d7f2aecffa54bd03; ITR_COOKIE_USRID=ba736116605cda1f55d7f2aecffa54bd03
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.thesundaily.my
referer: https://www.thesundaily.my/base-portlet/webrsrc/theme/f85ec37f13f2cce80e58028ae1f51f32.css
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.thesundaily.my/base-portlet/webrsrc/theme/f85ec37f13f2cce80e58028ae1f51f32.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Apr 2021 11:19:19 GMT
server: nginx/1.14.0
etag: "ca476598"
content-type: image/png;charset=UTF-8
access-control-allow-origin: https://www.thesundaily.my
cache-control: max-age=31536000
url-regex-ignore-pattern: .+/-/.+
filter-class: com.liferay.portal.servlet.filters.header.HeaderFilter
content-length: 1887
expires: Thu, 21 Apr 2022 19:53:58 GMT

GET
H2 200 237810272e1b9ed14b556bc207762464.png
www.thesundaily.my/base-portlet/webrsrc/theme/ 129 KB
130 KB 35ms
29ms Image
image/png 130.61.205.105
ORACLE-BMC-31898

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.thesundaily.my/base-portlet/webrsrc/theme/237810272e1b9ed14b556bc207762464.png
Requested by: Host: www.thesundaily.my
URL: https://www.thesundaily.my/base-portlet/webrsrc/theme/f85ec37f13f2cce80e58028ae1f51f32.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 130.61.205.105 Frankfurt am Main, Germany, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software: nginx/1.14.0 /
Resource Hash: 16786de455bbbaa9c0a012adb08494d9701d80f2fad599c7282d341f0bbaf8f8

Request headers

:path: /base-portlet/webrsrc/theme/237810272e1b9ed14b556bc207762464.png
pragma: no-cache
cookie: ITR_COOKIE_DEVID=ba736116605cda1f55d7f2aecffa54bd03; ITR_COOKIE_USRID=ba736116605cda1f55d7f2aecffa54bd03
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.thesundaily.my
referer: https://www.thesundaily.my/base-portlet/webrsrc/theme/f85ec37f13f2cce80e58028ae1f51f32.css
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.thesundaily.my/base-portlet/webrsrc/theme/f85ec37f13f2cce80e58028ae1f51f32.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Apr 2021 11:19:19 GMT
server: nginx/1.14.0
etag: "4a2e2d72"
content-type: image/png;charset=UTF-8
access-control-allow-origin: https://www.thesundaily.my
cache-control: max-age=31536000
url-regex-ignore-pattern: .+/-/.+
filter-class: com.liferay.portal.servlet.filters.header.HeaderFilter
content-length: 132501
expires: Sun, 24 Apr 2022 19:27:21 GMT

GET
H2 200 153a4a921830b1282175057c6c40ad68.png
www.thesundaily.my/base-portlet/webrsrc/theme/ 180 KB
180 KB 34ms
29ms Image
image/png 130.61.205.105
ORACLE-BMC-31898

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.thesundaily.my/base-portlet/webrsrc/theme/153a4a921830b1282175057c6c40ad68.png
Requested by: Host: www.thesundaily.my
URL: https://www.thesundaily.my/base-portlet/webrsrc/theme/f85ec37f13f2cce80e58028ae1f51f32.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 130.61.205.105 Frankfurt am Main, Germany, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software: nginx/1.14.0 /
Resource Hash: 13e40ba70d70c1785669df5c63cbe6cfb23acaef609a42ccefde3c397130f283

Request headers

:path: /base-portlet/webrsrc/theme/153a4a921830b1282175057c6c40ad68.png
pragma: no-cache
cookie: ITR_COOKIE_DEVID=ba736116605cda1f55d7f2aecffa54bd03; ITR_COOKIE_USRID=ba736116605cda1f55d7f2aecffa54bd03
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.thesundaily.my
referer: https://www.thesundaily.my/base-portlet/webrsrc/theme/f85ec37f13f2cce80e58028ae1f51f32.css
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.thesundaily.my/base-portlet/webrsrc/theme/f85ec37f13f2cce80e58028ae1f51f32.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Apr 2021 11:19:19 GMT
server: nginx/1.14.0
etag: "1331f810"
content-type: image/png;charset=UTF-8
access-control-allow-origin: https://www.thesundaily.my
cache-control: max-age=31536000
url-regex-ignore-pattern: .+/-/.+
filter-class: com.liferay.portal.servlet.filters.header.HeaderFilter
content-length: 183856
expires: Thu, 21 Apr 2022 19:29:02 GMT

GET
H2 200 1d614164593197e7eb7bf5bd33eab699.woff2
www.thesundaily.my/base-portlet/webrsrc/theme/ 23 KB
24 KB 26ms
23ms Font
application/font-woff2 130.61.205.105
ORACLE-BMC-31898

General

Check archive.org

Show headers Download Go to

Full URL: https://www.thesundaily.my/base-portlet/webrsrc/theme/1d614164593197e7eb7bf5bd33eab699.woff2
Requested by: Host: www.thesundaily.my
URL: https://www.thesundaily.my/base-portlet/webrsrc/theme/f85ec37f13f2cce80e58028ae1f51f32.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 130.61.205.105 Frankfurt am Main, Germany, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software: nginx/1.14.0 /
Resource Hash: 405541ce75b906126a780c2b7e206475eab9759c2c89acd86eefcd998f69450c

Request headers

sec-fetch-mode: cors
origin: https://www.thesundaily.my
accept-encoding: gzip, deflate, br
accept-language: en-US
sec-fetch-dest: font
cookie: ITR_COOKIE_DEVID=ba736116605cda1f55d7f2aecffa54bd03; ITR_COOKIE_USRID=ba736116605cda1f55d7f2aecffa54bd03
:path: /base-portlet/webrsrc/theme/1d614164593197e7eb7bf5bd33eab699.woff2
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: */*
cache-control: no-cache
:authority: www.thesundaily.my
referer: https://www.thesundaily.my/base-portlet/webrsrc/theme/f85ec37f13f2cce80e58028ae1f51f32.css
:scheme: https
sec-fetch-site: same-origin
:method: GET
Origin: https://www.thesundaily.my
Referer: https://www.thesundaily.my/base-portlet/webrsrc/theme/f85ec37f13f2cce80e58028ae1f51f32.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Apr 2021 11:19:19 GMT
content-encoding: gzip
server: nginx/1.14.0
etag: "fc44079"
vary: Accept-Encoding
content-type: application/font-woff2;charset=UTF-8
access-control-allow-origin: https://www.thesundaily.my
cache-control: max-age=31536000
url-regex-ignore-pattern: .+/-/.+
filter-class: com.liferay.portal.servlet.filters.header.HeaderFilter
content-length: 24076
expires: Thu, 21 Apr 2022 19:58:15 GMT

GET
H2 200 4ab2924028a1ca8322e43d54d47091c3.woff2
www.thesundaily.my/base-portlet/webrsrc/theme/ 18 KB
18 KB 26ms
24ms Font
application/font-woff2 130.61.205.105
ORACLE-BMC-31898

General

Check archive.org

Show headers Download Go to

Full URL: https://www.thesundaily.my/base-portlet/webrsrc/theme/4ab2924028a1ca8322e43d54d47091c3.woff2
Requested by: Host: www.thesundaily.my
URL: https://www.thesundaily.my/base-portlet/webrsrc/theme/f85ec37f13f2cce80e58028ae1f51f32.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 130.61.205.105 Frankfurt am Main, Germany, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software: nginx/1.14.0 /
Resource Hash: ba3fe63eac33e099b1600d123a80bc075696219926d63f6adc4b9401aad71ca9

Request headers

sec-fetch-mode: cors
origin: https://www.thesundaily.my
accept-encoding: gzip, deflate, br
accept-language: en-US
sec-fetch-dest: font
cookie: ITR_COOKIE_DEVID=ba736116605cda1f55d7f2aecffa54bd03; ITR_COOKIE_USRID=ba736116605cda1f55d7f2aecffa54bd03
:path: /base-portlet/webrsrc/theme/4ab2924028a1ca8322e43d54d47091c3.woff2
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: */*
cache-control: no-cache
:authority: www.thesundaily.my
referer: https://www.thesundaily.my/base-portlet/webrsrc/theme/f85ec37f13f2cce80e58028ae1f51f32.css
:scheme: https
sec-fetch-site: same-origin
:method: GET
Origin: https://www.thesundaily.my
Referer: https://www.thesundaily.my/base-portlet/webrsrc/theme/f85ec37f13f2cce80e58028ae1f51f32.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Apr 2021 11:19:19 GMT
content-encoding: gzip
server: nginx/1.14.0
etag: "77d9bc2c"
vary: Accept-Encoding
content-type: application/font-woff2;charset=UTF-8
access-control-allow-origin: https://www.thesundaily.my
cache-control: max-age=31536000
url-regex-ignore-pattern: .+/-/.+
filter-class: com.liferay.portal.servlet.filters.header.HeaderFilter
content-length: 18056
expires: Sun, 24 Apr 2022 19:35:30 GMT

GET
H2 200 50f7aa426fe979e2cc5fc5cb5d1dfcdf.png
www.thesundaily.my/base-portlet/webrsrc/theme/ 69 KB
70 KB 22ms
22ms Image
image/png 130.61.205.105
ORACLE-BMC-31898

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.thesundaily.my/base-portlet/webrsrc/theme/50f7aa426fe979e2cc5fc5cb5d1dfcdf.png
Requested by: Host: www.thesundaily.my
URL: https://www.thesundaily.my/base-portlet/webrsrc/theme/f85ec37f13f2cce80e58028ae1f51f32.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 130.61.205.105 Frankfurt am Main, Germany, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software: nginx/1.14.0 /
Resource Hash: c22cd8d7c9c31b9b2e14daf5bc8323d17da1e492555bc85bf8b25dedb610c829

Request headers

:path: /base-portlet/webrsrc/theme/50f7aa426fe979e2cc5fc5cb5d1dfcdf.png
pragma: no-cache
cookie: ITR_COOKIE_DEVID=ba736116605cda1f55d7f2aecffa54bd03; ITR_COOKIE_USRID=ba736116605cda1f55d7f2aecffa54bd03
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.thesundaily.my
referer: https://www.thesundaily.my/base-portlet/webrsrc/theme/f85ec37f13f2cce80e58028ae1f51f32.css
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.thesundaily.my/base-portlet/webrsrc/theme/f85ec37f13f2cce80e58028ae1f51f32.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Apr 2021 11:19:19 GMT
server: nginx/1.14.0
etag: "994171a1"
content-type: image/png;charset=UTF-8
access-control-allow-origin: https://www.thesundaily.my
cache-control: max-age=31536000
url-regex-ignore-pattern: .+/-/.+
filter-class: com.liferay.portal.servlet.filters.header.HeaderFilter
content-length: 71127
expires: Thu, 21 Apr 2022 19:34:55 GMT

GET
H2 200 8c9b3b14763909b9dc3c42833efd24ad.png
www.thesundaily.my/base-portlet/webrsrc/theme/ 1 KB
1 KB 23ms
23ms Image
image/png 130.61.205.105
ORACLE-BMC-31898

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.thesundaily.my/base-portlet/webrsrc/theme/8c9b3b14763909b9dc3c42833efd24ad.png
Requested by: Host: www.thesundaily.my
URL: https://www.thesundaily.my/base-portlet/webrsrc/theme/f85ec37f13f2cce80e58028ae1f51f32.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 130.61.205.105 Frankfurt am Main, Germany, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software: nginx/1.14.0 /
Resource Hash: 7c304b4202af3e0a82a9cae5f02805cfb31e0655db549c234ef002f311fe9a9c

Request headers

:path: /base-portlet/webrsrc/theme/8c9b3b14763909b9dc3c42833efd24ad.png
pragma: no-cache
cookie: ITR_COOKIE_DEVID=ba736116605cda1f55d7f2aecffa54bd03; ITR_COOKIE_USRID=ba736116605cda1f55d7f2aecffa54bd03
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.thesundaily.my
referer: https://www.thesundaily.my/base-portlet/webrsrc/theme/f85ec37f13f2cce80e58028ae1f51f32.css
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.thesundaily.my/base-portlet/webrsrc/theme/f85ec37f13f2cce80e58028ae1f51f32.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Apr 2021 11:19:19 GMT
server: nginx/1.14.0
etag: "76d084be"
content-type: image/png;charset=UTF-8
access-control-allow-origin: https://www.thesundaily.my
cache-control: max-age=31536000
url-regex-ignore-pattern: .+/-/.+
filter-class: com.liferay.portal.servlet.filters.header.HeaderFilter
content-length: 1076
expires: Thu, 21 Apr 2022 19:08:09 GMT

GET
H2 200 oxford-astrazeneca-reuters-20210104_1632698_20210426163913.jpg
www.thesundaily.my/binrepository/768x502/0c35/768d432/none/11808/BJHA/ 19 KB
19 KB 21ms
21ms Image
image/jpeg 130.61.205.105
ORACLE-BMC-31898

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.thesundaily.my/binrepository/768x502/0c35/768d432/none/11808/BJHA/oxford-astrazeneca-reuters-20210104_1632698_20210426163913.jpg
Requested by: Host: www.thesundaily.my
URL: https://www.thesundaily.my/home/astrazeneca-is-safe-to-be-given-to-senior-citizens-adham-YL7793054?_hsmi=88974744&_hsenc=p2ANqtz-_G5s6CORBttERc_beHteVqqnJIJh5EriMR00fz0Cexxf2lQpsFfBisijUxttE-tNX9yfHTn7fBQWbcOnOkY3_eCosMOOPpTIuaIKsiuCzrvP7v03c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 130.61.205.105 Frankfurt am Main, Germany, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software: nginx/1.14.0 /
Resource Hash: 2f16af2b3d040cd6b65671f0b22ffbf57dfdfc0fbaf56edc728edf159bc7cca9

Request headers

:path: /binrepository/768x502/0c35/768d432/none/11808/BJHA/oxford-astrazeneca-reuters-20210104_1632698_20210426163913.jpg
pragma: no-cache
cookie: ITR_COOKIE_DEVID=ba736116605cda1f55d7f2aecffa54bd03; ITR_COOKIE_USRID=ba736116605cda1f55d7f2aecffa54bd03
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.thesundaily.my
referer: https://www.thesundaily.my/home/astrazeneca-is-safe-to-be-given-to-senior-citizens-adham-YL7793054?_hsmi=88974744&_hsenc=p2ANqtz-_G5s6CORBttERc_beHteVqqnJIJh5EriMR00fz0Cexxf2lQpsFfBisijUxttE-tNX9yfHTn7fBQWbcOnOkY3_eCosMOOPpTIuaIKsiuCzrvP7v03c
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.thesundaily.my/home/astrazeneca-is-safe-to-be-given-to-senior-citizens-adham-YL7793054?_hsmi=88974744&_hsenc=p2ANqtz-_G5s6CORBttERc_beHteVqqnJIJh5EriMR00fz0Cexxf2lQpsFfBisijUxttE-tNX9yfHTn7fBQWbcOnOkY3_eCosMOOPpTIuaIKsiuCzrvP7v03c
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Apr 2021 11:19:19 GMT
server: nginx/1.14.0
etag: "2b61eb22"
content-type: image/jpeg
cache-control: max-age=31536000
url-regex-ignore-pattern: .+/-/.+
content-length: 19100
expires: Tue, 26 Apr 2022 08:40:39 GMT

GET
H/1.1 200
OK admanager.js Show response
cdn.innity.net/ Frame D321 10 KB
4 KB 7ms
7ms Script
application/javascript 23.38.48.217
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.innity.net/admanager.js
Requested by: Host: cdn.innity.net
URL: https://cdn.innity.net/admanager-async.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 23.38.48.217 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-38-48-217.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 3cbc91b08f13856bfdca4216f4827f45654ee8c4daa770f79767d967595194a7

Request headers

Referer: https://www.thesundaily.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 26 Apr 2021 11:19:19 GMT
Content-Encoding: gzip
Last-Modified: Thu, 21 Feb 2019 01:30:07 GMT
Server: Apache
ETag: "2833-5825d6a16c5c0-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=86400
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3259
Expires: Tue, 27 Apr 2021 11:19:19 GMT

GET
H/1.1 200
OK AFO.html Show response
s3-ap-southeast-1.amazonaws.com/thesun-epaper.com/theSundaily/ Frame 71EC 987 B
1 KB 614ms
186ms Document
text/html 52.219.124.102
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s3-ap-southeast-1.amazonaws.com/thesun-epaper.com/theSundaily/AFO.html
Requested by: Host: www.thesundaily.my
URL: https://www.thesundaily.my/home/astrazeneca-is-safe-to-be-given-to-senior-citizens-adham-YL7793054?_hsmi=88974744&_hsenc=p2ANqtz-_G5s6CORBttERc_beHteVqqnJIJh5EriMR00fz0Cexxf2lQpsFfBisijUxttE-tNX9yfHTn7fBQWbcOnOkY3_eCosMOOPpTIuaIKsiuCzrvP7v03c
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.219.124.102 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-ap-southeast-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 9c0ae2d489097d76f53e0802e81645b2a7ae0a555247472ade11437edaa9570c

Request headers

Host: s3-ap-southeast-1.amazonaws.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://www.thesundaily.my/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.thesundaily.my/

Response headers

x-amz-id-2: Fws4clazy+dNzB5jLXvX/wbxg9rYWAxkgaLOZAl3+M1bhY/OEwIw2775Tukxv98+sTpl4o62//k=
x-amz-request-id: XWKEX6NQ27Y7BC16
Date: Mon, 26 Apr 2021 11:19:21 GMT
Last-Modified: Sat, 18 Apr 2020 13:04:57 GMT
ETag: "061fc9ef8cc1f92c9d6387d59cc9255f"
Accept-Ranges: bytes
Content-Type: text/html
Content-Length: 987
Server: AmazonS3

GET
H2 200 prebid.js Show response
anymind360.com/js/ 345 KB
108 KB 14ms
12ms Script
application/javascript 2a04:4e42:600::645
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://anymind360.com/js/prebid.js

Requested by

Host: anymind360.com
URL: https://anymind360.com/js/4542/ats.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:600::645 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

8263f9da1782d4879e1c77cf61a3a8bec0f95e5938c47647aa1cf6b1d62ebf56

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

Referer: https://www.thesundaily.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Apr 2021 11:19:20 GMT
content-encoding: gzip
age: 90956
x-guploader-uploadid: ABg5-Uzyc1oThyqgFIf8RTqn57WUxv2TZwXlGKwFx0cIMJ0ypW76yjMNroy0qO7g3i_gehYZcmMojVYbouR53xuP8JU
x-cache: HIT, HIT
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
strict-transport-security: max-age=300
content-length: 109706
x-served-by: cache-tyo11980-TYO, cache-fra19156-FRA
access-control-allow-origin: *
expires: Sun, 25 Apr 2021 10:03:24 GMT
last-modified: Thu, 22 Apr 2021 10:03:24 GMT
server: UploadServer
x-timer: S1619435960.023174,VS0,VE0
etag: "c50acee76bd173592a29a2e8663473ae"
vary: Accept-Encoding
x-goog-hash: crc32c=VhvwXg==, md5=xQrO52vRc1kqKaLoZjRzrg==
x-goog-generation: 1619085804396559
via: 1.1 varnish, 1.1 varnish
access-control-expose-headers: Content-Type
cache-control: max-age=43200
x-goog-stored-content-length: 109706
accept-ranges: bytes
content-type: application/javascript
x-cache-hits: 45336, 390

GET
H/1.1 200
OK smart.js Show response
ced.sascdn.com/tag/2060/ 32 KB
11 KB 97ms
25ms Script
application/javascript 2.16.186.105
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://ced.sascdn.com/tag/2060/smart.js
Requested by: Host: anymind360.com
URL: https://anymind360.com/js/4542/ats.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.186.105 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-186-105.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: a2a5e6325d40edbab3cecba200c1c5030f0a10f1568727b67dab4f7062ba1890

Request headers

Referer: https://www.thesundaily.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 26 Apr 2021 11:19:20 GMT
Content-Encoding: gzip
Cache-Control: public, max-age=138
Content-Length: 11367
Vary: Accept-Encoding
Connection: keep-alive
Content-Type: application/javascript; charset=UTF-8

GET
H/1.1 200
OK admanager.js Show response
cdn.innity.net/ 10 KB
4 KB 7ms
7ms Script
application/javascript 23.38.48.217
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.innity.net/admanager.js
Requested by: Host: www.thesundaily.my
URL: https://www.thesundaily.my/home/astrazeneca-is-safe-to-be-given-to-senior-citizens-adham-YL7793054?_hsmi=88974744&_hsenc=p2ANqtz-_G5s6CORBttERc_beHteVqqnJIJh5EriMR00fz0Cexxf2lQpsFfBisijUxttE-tNX9yfHTn7fBQWbcOnOkY3_eCosMOOPpTIuaIKsiuCzrvP7v03c
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 23.38.48.217 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-38-48-217.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 3cbc91b08f13856bfdca4216f4827f45654ee8c4daa770f79767d967595194a7

Request headers

Referer: https://www.thesundaily.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 26 Apr 2021 11:19:20 GMT
Content-Encoding: gzip
Last-Modified: Thu, 21 Feb 2019 01:30:07 GMT
Server: Apache
ETag: "2833-5825d6a16c5c0-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=86400
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3259
Expires: Tue, 27 Apr 2021 11:19:20 GMT

GET
H3-29 200 js Show response
www.googletagmanager.com/gtag/ 117 KB
45 KB 37ms
35ms Script
application/javascript 2a00:1450:4001:813::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-KL5X26DVW5&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-23981916-1

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

2f52bdc5837cbc605bf38597f5df498ad59fcb64a1fce3314df2a5c4aa93dd09

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.thesundaily.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Apr 2021 11:19:20 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 46243
x-xss-protection: 0
expires: Mon, 26 Apr 2021 11:19:20 GMT

GET
H3-29 200 pubads_impl_2021042001.js Show response
securepubads.g.doubleclick.net/gpt/ 301 KB
105 KB 24ms
22ms Script
text/javascript 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042001.js?31060870

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

sffe /

Resource Hash

a2aca9aa200ad3e4dd9afcd27fd2bd5b272a5d297e9f85d708394857ca6a1ffe

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.thesundaily.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Apr 2021 11:19:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 20 Apr 2021 08:40:14 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 107961
x-xss-protection: 0
expires: Mon, 26 Apr 2021 11:19:20 GMT

GET
H/1.1 200
OK / Show response
as.innity.com/synd/ Frame D321 586 B
1 KB 846ms
213ms Script
text/javascript 149.129.240.178
CNNIC-ALIBABA-US-...

General

Check archive.org

Show headers Download Go to

Full URL: https://as.innity.com/synd/?cb=1619435960064&ver=1&pub=1f9b616faddedc02339603f3b37d196c&zone=65639&output=js&flash=0&url=www.thesundaily.my&width=*&height=*&cat=BUSINESS_FINANCE,CAREERS_LEARNING,HEALTH_FITNESS&vpw=1600&vph=1200&auction=0945b9b-4f9518a
Requested by: Host: cdn.innity.net
URL: https://cdn.innity.net/admanager.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 149.129.240.178 Jakarta, Indonesia, ASN45102 (CNNIC-ALIBABA-US-NET-AP Alibaba (US) Technology Co., Ltd., CN),
Reverse DNS
Software: Apache /
Resource Hash: f82abc2c65c00e9d871d105ef3b92e25e01b41890f5d4273b9dc191f5ba73ad0

Request headers

Referer: https://www.thesundaily.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 26 Apr 2021 11:19:20 GMT
Content-Encoding: gzip
Last-Modified: Mon, 26 Apr 2021 11:19:20 GMT
Server: Apache
Vary: Accept-Encoding
P3P: policyref=http://www.innity.com/p3p/p3p.xml,CP="CURa ADMa DEVa OUR BUS UNI COM NAV INT"
Cache-Control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
Content-Type: text/javascript; charset=utf-8
Content-Length: 356
Expires: Sat, 03 Sep 1983 02:00:00 GMT

GET
H3-29 200 2418678745093464 Show response
connect.facebook.net/signals/config/ 254 KB
72 KB 61ms
61ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/2418678745093464?v=2.9.39&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

92ff3edb324c891dfe71beedf1d4e202952eeac6a9858fba1330258760f83c2b

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.thesundaily.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
x-fb-rlafr: 0
pragma: public
x-fb-debug: BwJrXeJ3oNLYlQanK6/mFo1mMPBrDzemL3dDInI8M3ZbwvZIIbAxOfo9k+hSc9BHDe86xk3HIUBYTcA57gPr9Q==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-frame-options: DENY
date: Mon, 26 Apr 2021 11:19:20 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 impl.20210426-7-RELEASE.js Show response
cdn.taboola.com/libtrc/ 483 KB
111 KB 9ms
8ms Script
application/javascript 199.232.137.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/impl.20210426-7-RELEASE.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/thesundaily/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3-br /
Resource Hash: f62ce69231fb555e50e2ae48ffab9e7d7461eb57ab59233efe313379838d7019

Request headers

Referer: https://www.thesundaily.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: qr93OI3nhccREQlpD1575_MDth3O0CNE
content-encoding: br
etag: "6e770268c2607c0319cd5ceaaa06686e"
age: 5190
x-cache: HIT
content-length: 113259
x-amz-id-2: z32/kjlBjd54rGxipt23xh6PiIswMlZ/+ZTdDdsh3oQjzYFzxQtB94aNspjeacV6myhoruCXdgA=
x-served-by: cache-hhn11538-HHN
last-modified: Mon, 26 Apr 2021 09:52:02 GMT
server: AmazonS3-br
x-timer: S1619435960.088989,VS0,VE0
date: Mon, 26 Apr 2021 11:19:20 GMT
vary: Accept-Encoding
x-amz-request-id: WKMFFT3TQVMTYDDV
via: 1.1 varnish
cache-control: private,max-age=31536000
accept-ranges: bytes
content-type: application/javascript
abp: 54
x-cache-hits: 48641

GET
H2 200 moatframe.js Show response
z.moatads.com/addthismoatframe568911941483/ 2 KB
1 KB 21ms
7ms Script
application/x-javascript 184.30.21.162
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://z.moatads.com/addthismoatframe568911941483/moatframe.js
Requested by: Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.30.21.162 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-21-162.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 05090f9390f5bc0cd23fe5f432037cc92d7cbce1ced9bfe8faf3d1c9abae85cd

Request headers

Referer: https://www.thesundaily.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Apr 2021 11:19:20 GMT
content-encoding: gzip
last-modified: Fri, 08 Nov 2019 20:13:52 GMT
server: AmazonS3
x-amz-request-id: B402EDC6F7271ED7
etag: "f14b4e1f799b14f798a195f43cf58376"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=53193
accept-ranges: bytes
content-length: 948
x-amz-id-2: 3ZiQcYtRTuh4WJ4BUq+mWoVqgQk4EdHwIkUrSZre2GxPFo/4IUZsv5aBqLknQUvSl0wjR3iM+HQ=

GET
H/1.1 200
OK / Show response
as.innity.com/synd/ 811 B
1 KB 938ms
337ms Script
text/javascript 149.129.240.178
CNNIC-ALIBABA-US-...

General

Check archive.org

Show headers Download Go to

Full URL: https://as.innity.com/synd/?cb=1619435960123&ver=1&pub=1f9b616faddedc02339603f3b37d196c&zone=65042&output=js&flash=0&url=www.thesundaily.my&width=300&height=250&cat=CAREERS_LEARNING,BUSINESS_FINANCE,HEALTH_FITNESS&vpw=1600&vph=1200&auction=1256647-5698fba
Requested by: Host: cdn.innity.net
URL: https://cdn.innity.net/admanager.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 149.129.240.178 Jakarta, Indonesia, ASN45102 (CNNIC-ALIBABA-US-NET-AP Alibaba (US) Technology Co., Ltd., CN),
Reverse DNS
Software: Apache /
Resource Hash: ed59b08efa4065120f4f31960cd0d0a6d1dfc9906e81db3c9380a9c69371c60e

Request headers

Referer: https://www.thesundaily.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Pragma: no-cache
Date: Mon, 26 Apr 2021 11:19:21 GMT
Content-Encoding: gzip
Last-Modified: Mon, 26 Apr 2021 11:19:20 GMT
Server: Apache
Vary: Accept-Encoding
P3P: policyref=http://www.innity.com/p3p/p3p.xml,CP="CURa ADMa DEVa OUR BUS UNI COM NAV INT"
Cache-Control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
Content-Type: text/javascript; charset=utf-8
Content-Length: 452
Expires: Sat, 03 Sep 1983 02:00:00 GMT

GET
H2 200 modules.8b23c17a636351708db3.js Show response
script.hotjar.com/ 219 KB
58 KB 43ms
43ms Script
application/javascript 13.224.111.125
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.hotjar.com/modules.8b23c17a636351708db3.js

Requested by

Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-1730601.js?sv=6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.111.125 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-111-125.mad50.r.cloudfront.net

Software

Resource Hash

312d088790a9ca18e8acf1c2821470549267bd6e04f2386138b6950c41b89faa

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.thesundaily.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 23 Apr 2021 08:14:08 GMT
content-encoding: br
x-content-type-options: nosniff
age: 270312
x-cache: Hit from cloudfront
content-length: 59040
access-control-allow-origin: *
last-modified: Fri, 23 Apr 2021 08:14:04 GMT
etag: "20783134264b5cc55eb8fd2fee5b1b4b"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 3a5cd718bb9eb50d9c931e1f7586b5a8.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: MAD50-C1
accept-ranges: bytes
x-robots-tag: none
x-amz-cf-id: 4SyKCD1iGUNDV3Cbg88WMJhd8-mbzUMjBW8ohFpszm6eCLLnAXuwzQ==

GET
H2

200

b2
sb.scorecardresearch.com/
Redirect Chain

https://sb.scorecardresearch.com/b?c1=2&c2=18518498&ns__t=1619435960164&ns_c=UTF-8&cv=3.5&c8=AstraZeneca%20is%20safe%2C%20to%20be%20given%20to%20senior%20citizens%20-%20Adham&c7=https%3A%2F%2Fwww.t...
https://sb.scorecardresearch.com/b2?c1=2&c2=18518498&ns__t=1619435960164&ns_c=UTF-8&cv=3.5&c8=AstraZeneca%20is%20safe%2C%20to%20be%20given%20to%20senior%20citizens%20-%20Adham&c7=https%3A%2F%2Fwww....

64 B
328 B

72ms
71ms

Image
image/gif

13.224.111.129
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b2?c1=2&c2=18518498&ns__t=1619435960164&ns_c=UTF-8&cv=3.5&c8=AstraZeneca%20is%20safe%2C%20to%20be%20given%20to%20senior%20citizens%20-%20Adham&c7=https%3A%2F%2Fwww.thesundaily.my%2Fhome%2Fastrazeneca-is-safe-to-be-given-to-senior-citizens-adham-YL7793054%3F_hsmi%3D88974744%26_hsenc%3Dp2ANqtz-_G5s6CORBttERc_beHteVqqnJIJh5EriMR00fz0Cexxf2lQpsFfBisijUxttE-tNX9yfHTn7fBQWbcOnOkY3_eCosMOOPpTIuaIKsiuCzrvP7v03c&c9=
Requested by: Host: www.thesundaily.my
URL: https://www.thesundaily.my/home/astrazeneca-is-safe-to-be-given-to-senior-citizens-adham-YL7793054?_hsmi=88974744&_hsenc=p2ANqtz-_G5s6CORBttERc_beHteVqqnJIJh5EriMR00fz0Cexxf2lQpsFfBisijUxttE-tNX9yfHTn7fBQWbcOnOkY3_eCosMOOPpTIuaIKsiuCzrvP7v03c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.111.129 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-111-129.mad50.r.cloudfront.net
Software: /
Resource Hash: 831b0d6cde4541d363bb7a67eb49010fc5fd717dda4b9c3187dd3207b1da56cd

Request headers

Referer: https://www.thesundaily.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Apr 2021 11:19:20 GMT
via: 1.1 1ae38585ee28c81ff103c9adf137d5ac.cloudfront.net (CloudFront)
x-amz-cf-pop: MAD50-C1
etag: W/"40-jHLN3x5dWpBzaQm4lkBmDWvrjrg"
x-cache: Miss from cloudfront
content-type: image/gif; charset=utf-8
content-length: 64
x-amz-cf-id: 7zWzGbgc2A152rAko1UYPdIjux1NRvuGHhc6aqo0tDormZzydx-QZA==

Redirect headers

date: Mon, 26 Apr 2021 11:19:20 GMT
via: 1.1 1ae38585ee28c81ff103c9adf137d5ac.cloudfront.net (CloudFront)
x-amz-cf-pop: MAD50-C1
vary: Accept
x-cache: Miss from cloudfront
content-type: text/plain; charset=utf-8
location: https://sb.scorecardresearch.com/b2?c1=2&c2=18518498&ns__t=1619435960164&ns_c=UTF-8&cv=3.5&c8=AstraZeneca%20is%20safe%2C%20to%20be%20given%20to%20senior%20citizens%20-%20Adham&c7=https%3A%2F%2Fwww.thesundaily.my%2Fhome%2Fastrazeneca-is-safe-to-be-given-to-senior-citizens-adham-YL7793054%3F_hsmi%3D88974744%26_hsenc%3Dp2ANqtz-_G5s6CORBttERc_beHteVqqnJIJh5EriMR00fz0Cexxf2lQpsFfBisijUxttE-tNX9yfHTn7fBQWbcOnOkY3_eCosMOOPpTIuaIKsiuCzrvP7v03c&c9=
content-length: 465
x-amz-cf-id: suC1JQCzBXy6cCDQFZMNaRxc13Ko2CXc0brHji9NVgXIgu_OMAO8DQ==

GET
H2

200

b2
sb.scorecardresearch.com/
Redirect Chain

https://sb.scorecardresearch.com/b?c1=7&c2=34354936&c3=1&ns__t=1619435960164&ns_c=UTF-8&cv=3.5&c8=AstraZeneca%20is%20safe%2C%20to%20be%20given%20to%20senior%20citizens%20-%20Adham&c7=https%3A%2F%2F...
https://sb.scorecardresearch.com/b2?c1=7&c2=34354936&c3=1&ns__t=1619435960164&ns_c=UTF-8&cv=3.5&c8=AstraZeneca%20is%20safe%2C%20to%20be%20given%20to%20senior%20citizens%20-%20Adham&c7=https%3A%2F%2...

64 B
328 B

63ms
63ms

Image
image/gif

13.224.111.129
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b2?c1=7&c2=34354936&c3=1&ns__t=1619435960164&ns_c=UTF-8&cv=3.5&c8=AstraZeneca%20is%20safe%2C%20to%20be%20given%20to%20senior%20citizens%20-%20Adham&c7=https%3A%2F%2Fwww.thesundaily.my%2Fhome%2Fastrazeneca-is-safe-to-be-given-to-senior-citizens-adham-YL7793054%3F_hsmi%3D88974744%26_hsenc%3Dp2ANqtz-_G5s6CORBttERc_beHteVqqnJIJh5EriMR00fz0Cexxf2lQpsFfBisijUxttE-tNX9yfHTn7fBQWbcOnOkY3_eCosMOOPpTIuaIKsiuCzrvP7v03c&c9=
Requested by: Host: www.thesundaily.my
URL: https://www.thesundaily.my/home/astrazeneca-is-safe-to-be-given-to-senior-citizens-adham-YL7793054?_hsmi=88974744&_hsenc=p2ANqtz-_G5s6CORBttERc_beHteVqqnJIJh5EriMR00fz0Cexxf2lQpsFfBisijUxttE-tNX9yfHTn7fBQWbcOnOkY3_eCosMOOPpTIuaIKsiuCzrvP7v03c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.111.129 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-111-129.mad50.r.cloudfront.net
Software: /
Resource Hash: 831b0d6cde4541d363bb7a67eb49010fc5fd717dda4b9c3187dd3207b1da56cd

Request headers

Referer: https://www.thesundaily.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Apr 2021 11:19:20 GMT
via: 1.1 1ae38585ee28c81ff103c9adf137d5ac.cloudfront.net (CloudFront)
x-amz-cf-pop: MAD50-C1
etag: W/"40-jHLN3x5dWpBzaQm4lkBmDWvrjrg"
x-cache: Miss from cloudfront
content-type: image/gif; charset=utf-8
content-length: 64
x-amz-cf-id: L66NVh2aVWi1yixST6lUN5CFOCT0yowjQDJecMmS3hsiq3e_sBJoOg==

Redirect headers

date: Mon, 26 Apr 2021 11:19:20 GMT
via: 1.1 1ae38585ee28c81ff103c9adf137d5ac.cloudfront.net (CloudFront)
x-amz-cf-pop: MAD50-C1
vary: Accept
x-cache: Miss from cloudfront
content-type: text/plain; charset=utf-8
location: https://sb.scorecardresearch.com/b2?c1=7&c2=34354936&c3=1&ns__t=1619435960164&ns_c=UTF-8&cv=3.5&c8=AstraZeneca%20is%20safe%2C%20to%20be%20given%20to%20senior%20citizens%20-%20Adham&c7=https%3A%2F%2Fwww.thesundaily.my%2Fhome%2Fastrazeneca-is-safe-to-be-given-to-senior-citizens-adham-YL7793054%3F_hsmi%3D88974744%26_hsenc%3Dp2ANqtz-_G5s6CORBttERc_beHteVqqnJIJh5EriMR00fz0Cexxf2lQpsFfBisijUxttE-tNX9yfHTn7fBQWbcOnOkY3_eCosMOOPpTIuaIKsiuCzrvP7v03c&c9=
content-length: 470
x-amz-cf-id: Nvf1YnBd6E51uGz07NLuBhZmbpvN3idaATNlLUgrem_4sIqi9LNKxQ==

POST
H2 204 collect
www.google-analytics.com/g/ 0
75 B 13ms
13ms Ping
text/plain 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-KL5X26DVW5&gtm=2oe4e1&_p=1243480928&sr=1600x1200&ul=en-us&cid=353529585.1619435960&_s=1&dl=https%3A%2F%2Fwww.thesundaily.my%2Fhome%2Fastrazeneca-is-safe-to-be-given-to-senior-citizens-adham-YL7793054%3F_hsmi%3D88974744%26_hsenc%3Dp2ANqtz-_G5s6CORBttERc_beHteVqqnJIJh5EriMR00fz0Cexxf2lQpsFfBisijUxttE-tNX9yfHTn7fBQWbcOnOkY3_eCosMOOPpTIuaIKsiuCzrvP7v03c&dt=AstraZeneca%20is%20safe%2C%20to%20be%20given%20to%20senior%20citizens%20-%20Adham&sid=1619435960&sct=1&seg=0&en=page_view&_fv=2&_nsi=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-KL5X26DVW5&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.thesundaily.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Mon, 26 Apr 2021 11:19:20 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.thesundaily.my
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 48 KB
19 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-23981916-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

2cb09c7b3e19bfc41743ca3624ef81c3258d56525647feac76aa757e0292627a

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.thesundaily.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 09 Apr 2021 23:59:54 GMT
server: Golfe2
age: 5927
date: Mon, 26 Apr 2021 09:40:33 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19569
expires: Mon, 26 Apr 2021 11:40:33 GMT

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
165 B 15ms
15ms Script
application/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.thesundaily.my

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042001.js?31060870

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.thesundaily.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 26 Apr 2021 11:19:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
165 B 14ms
14ms Script
application/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.thesundaily.my

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042001.js?31060870

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.thesundaily.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 26 Apr 2021 11:19:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 171 KB
36 KB 559ms
559ms XHR
text/plain 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3866203379239951&correlator=2135700716339150&output=ldjh&impl=fifs&eid=31060870%2C31060825%2C31060839&vrg=2021042001&ptt=17&sc=1&sfv=1-0-38&ecs=20210426&iu_parts=56509919%2C10082020%2CThesundaily%2CClassifieds%2CIn_House_Ent_Page%2CInnity01&enc_prev_ius=%2F0%2F1%2C%2F0%2F2%2C%2F0%2F2%2C%2F0%2F2%2C%2F0%2F2%2C%2F0%2F2%2C%2F0%2F2%2C%2F0%2F2%2C%2F0%2F2%2C%2F0%2F3%2C%2F0%2F4%2C%2F0%2F5&prev_iu_szs=300x250%2C1170x240%7C970x250%2C728x90%2C336x280%7C300x250%2C728x90%7C728x250%7C336x280%7C300x250%2C300x250%2C300x250%2C300x600%7C300x250%2C970x90%7C728x90%2C300x250%2C300x450%7C300x250%2C728x90%7C363x42%7C468x60&prev_scp=%7Cpos%3DBillboard%7Cpos%3DLeaderboard%7Cpos%3DInArticle1%7Cpos%3DMiddlebanner1%7Cpos%3DRectangle1%7Cpos%3DRectangle2%7Cpos%3DRectangle3%7Cpos%3DSticky%7C%7C%7C&cookie_enabled=1&bc=31&abxe=1&lmt=1619435960&dt=1619435960201&dlt=1619435959777&idt=406&frm=20&biw=1600&bih=1200&oid=3&adxs=1040%2C221%2C241%2C-9%2C-9%2C455%2C1040%2C1040%2C-9%2C1040%2C1040%2C-9&adys=1167%2C198%2C219%2C-9%2C-9%2C1941%2C922%2C1147%2C-9%2C652%2C1127%2C-9&adks=3514525992%2C3154283803%2C2651473827%2C1516723657%2C3677773321%2C2916017631%2C2916017630%2C846607975%2C3008151796%2C3079932573%2C1365265129%2C1710780517&ucis=1%7C2%7C3%7C4%7C5%7C6%7C7%7C8%7C9%7Ca%7Cb%7Cc&ifi=1&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.thesundaily.my%2Fhome%2Fastrazeneca-is-safe-to-be-given-to-senior-citizens-adham-YL7793054%3F_hsmi%3D88974744%26_hsenc%3Dp2ANqtz-_G5s6CORBttERc_beHteVqqnJIJh5EriMR00fz0Cexxf2lQpsFfBisijUxttE-tNX9yfHTn7fBQWbcOnOkY3_eCosMOOPpTIuaIKsiuCzrvP7v03c&vis=1&dmc=8&scr_x=0&scr_y=0&psz=300x250%7C1158x0%7C728x0%7C0x-1%7C0x-1%7C300x0%7C300x0%7C300x0%7C0x-1%7C300x250%7C300x0%7C0x-1&msz=300x-1%7C1158x0%7C728x0%7C0x-1%7C0x-1%7C300x0%7C300x0%7C300x0%7C0x-1%7C300x-1%7C300x0%7C0x-1&ga_vid=353529585.1619435960&ga_sid=1619435960&ga_hid=1243480928&ga_fc=false&fws=4%2C4%2C4%2C2%2C2%2C4%2C4%2C4%2C2%2C4%2C4%2C2&ohw=1600%2C1600%2C1600%2C0%2C0%2C1600%2C1600%2C1600%2C0%2C1600%2C1600%2C0&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042001.js?31060870

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

d7b6f06d39a54283df6f09f804a3aeecc5dfc2f6b874307cef9961eedc309be0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.thesundaily.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Apr 2021 11:19:20 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2,-2,-2,-2,-2,-2,-2,-2,-2,-2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36723
x-xss-protection: 0
google-lineitem-id: -1,5247372210,-2,-2,-2,-1,5361828634,5353053726,-2,5363684098,-2,5356886537
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -1,138346764804,-2,-2,-2,-1,138347573896,138346064390,-2,138346948945,-2,138309609816
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.thesundaily.my
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html
5f7a3c227877733a11b3d8ac75a2ccaf.safeframe.googlesyndication.com/safeframe/1-0-38/html/ 0
0 45ms
14ms Other
text/html 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://5f7a3c227877733a11b3d8ac75a2ccaf.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042001.js?31060870
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://www.thesundaily.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 200 container.html
tpc.googlesyndication.com/safeframe/1-0-38/html/ 0
0 7ms
6ms Other
text/html 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://tpc.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042001.js?31060870
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://www.thesundaily.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

OPTIONS
H2 200 json
gum.criteo.com/sid/ Frame 0
0 68ms
23ms Preflight
application/json 2a02:2638::1c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.thesundaily.my%2F&domain=www.thesundaily.my&cw=1

Protocol

Server

2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Origin: https://www.thesundaily.my
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
content-type: application/json; charset=utf-8
expires: 0
strict-transport-security: max-age=31536000
access-control-allow-origin: https://www.thesundaily.my
access-control-allow-headers: content-type
access-control-allow-credentials: true
access-control-allow-methods: GET
server-processing-duration-in-ticks: 1427
date: Mon, 26 Apr 2021 11:19:19 GMT
content-encoding: gzip
vary: Accept-Encoding

GET
H2

200

sid Show response
mug.criteo.com/
Redirect Chain

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.thesundaily.my%2F&domain=www.thesundaily.my&cw=1
https://mug.criteo.com/sid?cpp=cNB4nnw0WCtpbHMxck9MNEdrMTVRMis1cFVhUGtFaDFscHBvVUQya2hwNnZpZzBNTUIwRjV6T2lZaUIrT0ozdHovZ1hNU3o3UW5weVNoUm15WDM1MVJhcmFoSnBpUFl2Y0FiR1JsTFVEcEZyQmJ0c1MzR3BySnRTbDZXcz...

339 B
623 B

57ms
20ms

XHR
application/json

178.250.2.146
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=cNB4nnw0WCtpbHMxck9MNEdrMTVRMis1cFVhUGtFaDFscHBvVUQya2hwNnZpZzBNTUIwRjV6T2lZaUIrT0ozdHovZ1hNU3o3UW5weVNoUm15WDM1MVJhcmFoSnBpUFl2Y0FiR1JsTFVEcEZyQmJ0c1MzR3BySnRTbDZXczAvbHluVVBtTzlIcFBFOUtQd3FGVVRIbXlra0JOcTdiT3Jyc0lCV3ZpalY5UFFlbDFZc3JJQTNWUlR1UXVaazU5ZW9KNnlpTjBKd0VENStvdmYxeFU0ZkRsYUExSTMvWTVrRUhDRTU4Ym9tNW5YcjQvclpFPXw&cppv=2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

c802fe14108c420c25e7dae43ad1f50d94e80047ebdafa39a05c9a97b9ebe054

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.thesundaily.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000
content-encoding: gzip
date: Mon, 26 Apr 2021 11:19:19 GMT
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: null
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 3101
expires: 0

Redirect headers

pragma: no-cache
strict-transport-security: max-age=31536000
date: Mon, 26 Apr 2021 11:19:20 GMT
location: https://mug.criteo.com/sid?cpp=cNB4nnw0WCtpbHMxck9MNEdrMTVRMis1cFVhUGtFaDFscHBvVUQya2hwNnZpZzBNTUIwRjV6T2lZaUIrT0ozdHovZ1hNU3o3UW5weVNoUm15WDM1MVJhcmFoSnBpUFl2Y0FiR1JsTFVEcEZyQmJ0c1MzR3BySnRTbDZXczAvbHluVVBtTzlIcFBFOUtQd3FGVVRIbXlra0JOcTdiT3Jyc0lCV3ZpalY5UFFlbDFZc3JJQTNWUlR1UXVaazU5ZW9KNnlpTjBKd0VENStvdmYxeFU0ZkRsYUExSTMvWTVrRUhDRTU4Ym9tNW5YcjQvclpFPXw&cppv=2
access-control-allow-methods: GET
content-type: text/html; charset=utf-8
access-control-allow-origin: https://www.thesundaily.my
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 1651
content-length: 482
expires: 0

GET
H2 200 arj Show response
adasia-d.openx.net/w/1.0/ 173 B
562 B 63ms
18ms XHR
application/json 35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://adasia-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fwww.thesundaily.my%2Fhome%2Fastrazeneca-is-safe-to-be-given-to-senior-citizens-adham-YL7793054%3F_hsmi%3D88974744%26_hsenc%3Dp2ANqtz-_G5s6CORBttERc_beHteVqqnJIJh5EriMR00fz0Cexxf2lQpsFfBisijUxttE-tNX9yfHTn7fBQWbcOnOkY3_eCosMOOPpTIuaIKsiuCzrvP7v03c&ch=UTF-8&res=1600x1200x24&ifr=false&tz=-120&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=de57b3bf-562a-45e9-ae67-aad22572efd8%2Cd18f1b2c-13c7-483d-8735-a470c0419985%2C48f324c8-2dda-410e-86eb-a2d3d84cae5d%2Cb4582130-a3fb-4b9b-962e-fb96057f0eea&nocache=1619435960228&schain=1.0%2C1!any-digital.com%2C4542%2C1%2C%2C%2C&aus=728x90%7C336x280%2C300x250%2C468x60%7C300x250%2C336x280%2C468x60%7C300x250%2C336x280%2C468x60&divIds=ats-overlay_bottom-3%2Cats-insert_ads-4%2Cats-insert_ads-5%2Cats-insert_ads-6&auid=543851368%2C544003674%2C543851461%2C543851462
Requested by: Host: anymind360.com
URL: https://anymind360.com/js/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/16.205.4 /
Resource Hash: d33f57913b0113b92d4ebce1671a70107c9870797a2f95c6ec201c8a21702455

Request headers

Referer: https://www.thesundaily.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 26 Apr 2021 11:19:20 GMT
content-encoding: gzip
server: OXGW/16.205.4
vary: Accept, Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://www.thesundaily.my
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
content-type: application/json
alt-svc: clear
content-length: 163
via: 1.1 google
expires: Mon, 26 Jul 1997 05:00:00 GMT

POST
H2 204 cdb Show response
bidder.criteo.com/ 0
148 B 68ms
18ms XHR
text/plain 178.250.2.131
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://bidder.criteo.com/cdb?profileId=207&av=33&wv=4.30.0&cb=12824621233
Requested by: Host: anymind360.com
URL: https://anymind360.com/js/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 178.250.2.131 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS: bidder.am5.vip.prod.criteo.com
Software: Finatra /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.thesundaily.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.thesundaily.my
date: Mon, 26 Apr 2021 11:19:19 GMT
access-control-allow-credentials: true
server: Finatra
timing-allow-origin: *
vary: Origin

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 65 B
765 B 60ms
18ms XHR
application/json 37.252.172.45
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: anymind360.com
URL: https://anymind360.com/js/prebid.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.45 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

3143566bd1a7330ee43570b480ec2491abf76b5914e06b16fc6aa86106ec2eb4

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.thesundaily.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Mon, 26 Apr 2021 11:19:20 GMT
X-Proxy-Origin: 89.249.64.203; 89.249.64.203; 693.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com; 37.252.172.148:80
AN-X-Request-Uuid: 1493fde8-718d-461e-b765-1d51a5b0f38c
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.thesundaily.my
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 65
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ 0
119 B 187ms
144ms XHR
text/plain 185.64.189.112
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: anymind360.com
URL: https://anymind360.com/js/prebid.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.thesundaily.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.thesundaily.my
date: Mon, 26 Apr 2021 11:19:20 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 586 B
4 KB 237ms
153ms XHR
application/json 213.19.162.41
LEVEL3

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17692&site_id=359628&zone_id=1937534%3B2010114%3B1937536%3B1937538&size_id=2%3B15%3B15%3B15&alt_size_ids=%3B1%2C16%3B1%2C16%3B1%2C16&rf=https%3A%2F%2Fwww.thesundaily.my%2Fhome%2Fastrazeneca-is-safe-to-be-given-to-senior-citizens-adham-YL7793054%3F_hsmi%3D88974744%26_hsenc%3Dp2ANqtz-_G5s6CORBttERc_beHteVqqnJIJh5EriMR00fz0Cexxf2lQpsFfBisijUxttE-tNX9yfHTn7fBQWbcOnOkY3_eCosMOOPpTIuaIKsiuCzrvP7v03c&tk_flint=pbjs_lite_v4.30.0&x_source.tid=de57b3bf-562a-45e9-ae67-aad22572efd8%3Bd18f1b2c-13c7-483d-8735-a470c0419985%3B48f324c8-2dda-410e-86eb-a2d3d84cae5d%3Bb4582130-a3fb-4b9b-962e-fb96057f0eea&p_screen_res=1600x1200&rp_secure=1&slots=4&rand=0.052704858997979276
Requested by: Host: anymind360.com
URL: https://anymind360.com/js/prebid.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 213.19.162.41 , United Kingdom, ASN3356 (LEVEL3, US),
Reverse DNS
Software: nginx/1.16.0 /
Resource Hash: 5082af3cd4cdf806a05a45b0e79b7aa6c087b4ae3b93ec6fb1d3242a4f0fbad7

Request headers

Referer: https://www.thesundaily.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Mon, 26 Apr 2021 11:19:20 GMT
Server: nginx/1.16.0
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://www.thesundaily.my
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Keep-Alive: timeout=5
Content-Length: 586
Expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H2 200 cygnus Show response
htlb.casalemedia.com/ 25 B
376 B 184ms
148ms XHR
application/json 184.25.115.31
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://htlb.casalemedia.com/cygnus?s=619383&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%22338e41ba6ea680c%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.thesundaily.my%2Fhome%2Fastrazeneca-is-safe-to-be-given-to-senior-citizens-adham-YL7793054%3F_hsmi%3D88974744%26_hsenc%3Dp2ANqtz-_G5s6CORBttERc_beHteVqqnJIJh5EriMR00fz0Cexxf2lQpsFfBisijUxttE-tNX9yfHTn7fBQWbcOnOkY3_eCosMOOPpTIuaIKsiuCzrvP7v03c%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22mfu%22%3A0%2C%22bu%22%3A4%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allU%22%3A4%2C%22ren%22%3Afalse%2C%22version%22%3A%224.30.0%22%2C%22msd%22%3A0%2C%22msi%22%3A0%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%2234cc3ac93c67764%22%2C%22ext%22%3A%7B%22siteID%22%3A%22619383%22%2C%22sid%22%3A%2222206261690%22%7D%2C%22banner%22%3A%7B%22w%22%3A728%2C%22h%22%3A90%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%2235d0f5a7251deaf%22%2C%22ext%22%3A%7B%22siteID%22%3A%22619383%22%2C%22sid%22%3A%2222326078925%22%7D%2C%22banner%22%3A%7B%22w%22%3A468%2C%22h%22%3A60%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%22363aa2484cda5%22%2C%22ext%22%3A%7B%22siteID%22%3A%22619383%22%2C%22sid%22%3A%2222326078925%22%7D%2C%22banner%22%3A%7B%22w%22%3A336%2C%22h%22%3A280%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%22376321dd12ec8eb%22%2C%22ext%22%3A%7B%22siteID%22%3A%22619383%22%2C%22sid%22%3A%2222326078925%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%223803408cb5866a6%22%2C%22ext%22%3A%7B%22siteID%22%3A%22619383%22%2C%22sid%22%3A%2222206086971%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%2239b788e7afd30c7%22%2C%22ext%22%3A%7B%22siteID%22%3A%22619383%22%2C%22sid%22%3A%2222206086971%22%7D%2C%22banner%22%3A%7B%22w%22%3A336%2C%22h%22%3A280%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%224097228a47d5762%22%2C%22ext%22%3A%7B%22siteID%22%3A%22619383%22%2C%22sid%22%3A%2222206086971%22%7D%2C%22banner%22%3A%7B%22w%22%3A468%2C%22h%22%3A60%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%2241c0fc77c0ac14b%22%2C%22ext%22%3A%7B%22siteID%22%3A%22619383%22%2C%22sid%22%3A%2222206087337%22%7D%2C%22banner%22%3A%7B%22w%22%3A468%2C%22h%22%3A60%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%2242a47bbfe74ad37%22%2C%22ext%22%3A%7B%22siteID%22%3A%22619383%22%2C%22sid%22%3A%2222206087337%22%7D%2C%22banner%22%3A%7B%22w%22%3A336%2C%22h%22%3A280%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%2243ef4dfd17940eb%22%2C%22ext%22%3A%7B%22siteID%22%3A%22619383%22%2C%22sid%22%3A%2222206087337%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%7D%5D%7D
Requested by: Host: anymind360.com
URL: https://anymind360.com/js/prebid.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.25.115.31 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-25-115-31.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 99d2d0533f0ea79ec7f758f1e6d8d99e1efb8135f75d71129505d2b1a34831a4

Request headers

Referer: https://www.thesundaily.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 26 Apr 2021 11:19:20 GMT
content-encoding: gzip
x-ak-initial-geo: CC:[DE], RC:[HE], CN:[EU], CIP:[89.249.64.203], XFF:[]
server: Apache
vary: Is-Traffic-Invalid,Accept-Encoding
content-type: application/json
access-control-allow-origin: https://www.thesundaily.my
x-cs-client-geo: 12
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 45
x-ak-client-geo: 12
expires: Mon, 26 Apr 2021 11:19:20 GMT

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ 0
326 B 63ms
17ms XHR
application/json 185.86.138.32
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: anymind360.com
URL: https://anymind360.com/js/prebid.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.138.32 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.thesundaily.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 26 Apr 2021 11:19:20 GMT
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin: https://www.thesundaily.my
cache-control: no-cache,no-store
access-control-allow-credentials: true
content-type: application/json; charset=UTF-8
content-length: 0

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ 836 B
960 B 69ms
24ms XHR
application/json 185.86.138.32
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: anymind360.com
URL: https://anymind360.com/js/prebid.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.138.32 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 80de504019d72a8e8a153bd4f0182510e26245c2f5cd108d6c48357dbfb4bc83

Request headers

Referer: https://www.thesundaily.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 26 Apr 2021 11:19:19 GMT
content-encoding: br
vary: Accept-Encoding
x-smrt-d: 4%3b12%3b71
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin: https://www.thesundaily.my
cache-control: no-cache,no-store
access-control-allow-credentials: true
content-type: application/json; charset=UTF-8
transfer-encoding: chunked

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ 0
326 B 63ms
18ms XHR
application/json 185.86.138.32
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: anymind360.com
URL: https://anymind360.com/js/prebid.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.138.32 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.thesundaily.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 26 Apr 2021 11:19:19 GMT
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin: https://www.thesundaily.my
cache-control: no-cache,no-store
access-control-allow-credentials: true
content-type: application/json; charset=UTF-8
content-length: 0

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ 836 B
959 B 75ms
30ms XHR
application/json 185.86.138.32
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: anymind360.com
URL: https://anymind360.com/js/prebid.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.138.32 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 80de504019d72a8e8a153bd4f0182510e26245c2f5cd108d6c48357dbfb4bc83

Request headers

Referer: https://www.thesundaily.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 26 Apr 2021 11:19:19 GMT
content-encoding: br
vary: Accept-Encoding
x-smrt-d: 4%3b7%3b48
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin: https://www.thesundaily.my
cache-control: no-cache,no-store
access-control-allow-credentials: true
content-type: application/json; charset=UTF-8
transfer-encoding: chunked

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ 836 B
964 B 68ms
23ms XHR
application/json 185.86.138.32
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: anymind360.com
URL: https://anymind360.com/js/prebid.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.138.32 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: b59344d85568bcf45b54167194da3c049208e4cc0504868cfbfaaf78fb7117ba

Request headers

Referer: https://www.thesundaily.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 26 Apr 2021 11:19:19 GMT
content-encoding: br
vary: Accept-Encoding
x-smrt-d: 4%3b17%3b89
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin: https://www.thesundaily.my
cache-control: no-cache,no-store
access-control-allow-credentials: true
content-type: application/json; charset=UTF-8
transfer-encoding: chunked

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ 0
326 B 68ms
20ms XHR
application/json 185.86.138.32
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: anymind360.com
URL: https://anymind360.com/js/prebid.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.138.32 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.thesundaily.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 26 Apr 2021 11:19:19 GMT
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin: https://www.thesundaily.my
cache-control: no-cache,no-store
access-control-allow-credentials: true
content-type: application/json; charset=UTF-8
content-length: 0

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ 0
326 B 80ms
18ms XHR
application/json 185.86.138.32
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: anymind360.com
URL: https://anymind360.com/js/prebid.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.138.32 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.thesundaily.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 26 Apr 2021 11:19:19 GMT
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin: https://www.thesundaily.my
cache-control: no-cache,no-store
access-control-allow-credentials: true
content-type: application/json; charset=UTF-8
content-length: 0

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ 836 B
960 B 85ms
22ms XHR
application/json 185.86.138.32
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: anymind360.com
URL: https://anymind360.com/js/prebid.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.138.32 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 80de504019d72a8e8a153bd4f0182510e26245c2f5cd108d6c48357dbfb4bc83

Request headers

Referer: https://www.thesundaily.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 26 Apr 2021 11:19:19 GMT
content-encoding: br
vary: Accept-Encoding
x-smrt-d: 4%3b20%3b85
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin: https://www.thesundaily.my
cache-control: no-cache,no-store
access-control-allow-credentials: true
content-type: application/json; charset=UTF-8
transfer-encoding: chunked

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ 0
326 B 84ms
18ms XHR
application/json 185.86.138.32
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: anymind360.com
URL: https://anymind360.com/js/prebid.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.138.32 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.thesundaily.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 26 Apr 2021 11:19:19 GMT
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin: https://www.thesundaily.my
cache-control: no-cache,no-store
access-control-allow-credentials: true
content-type: application/json; charset=UTF-8
content-length: 0

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ 836 B
964 B 101ms
34ms XHR
application/json 185.86.138.32
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: anymind360.com
URL: https://anymind360.com/js/prebid.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.138.32 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: f88b523b2f38c276868a9abf3fb6328719f838be957d2adc94268cf898123e78

Request headers

Referer: https://www.thesundaily.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 26 Apr 2021 11:19:19 GMT
content-encoding: br
vary: Accept-Encoding
x-smrt-d: 4%3b5%3b107
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin: https://www.thesundaily.my
cache-control: no-cache,no-store
access-control-allow-credentials: true
content-type: application/json; charset=UTF-8
transfer-encoding: chunked

OPTIONS
H2 200 call
adnetwork.adasiaholdings.com/2060/ Frame 0
0 852ms
202ms Preflight 47.74.174.177
CNNIC-ALIBABA-US-...

General

Check archive.org

Show headers Download Go to

Full URL: https://adnetwork.adasiaholdings.com/2060/call
Protocol: H2
Server: 47.74.174.177 Singapore, Singapore, ASN45102 (CNNIC-ALIBABA-US-NET-AP Alibaba (US) Technology Co., Ltd., CN),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://www.thesundaily.my
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Mon, 26 Apr 2021 11:19:21 GMT
content-length: 0
cache-control: no-cache,no-store
pragma: no-cache
access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET, HEAD, POST
access-control-allow-origin: https://www.thesundaily.my
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

POST
H2

200

call Show response
adnetwork.adasiaholdings.com/2060/
Redirect Chain

https://adnetwork.adasiaholdings.com/2060/call
https://adnetwork.adasiaholdings.com/2060/call?cklb=1

462 B
607 B

210ms
209ms

XHR
application/json

47.74.174.177
CNNIC-ALIBABA-US-...

General

Check archive.org

Show headers Download Go to

Full URL: https://adnetwork.adasiaholdings.com/2060/call?cklb=1
Requested by: Host: www.thesundaily.my
URL: https://www.thesundaily.my/home/astrazeneca-is-safe-to-be-given-to-senior-citizens-adham-YL7793054?_hsmi=88974744&_hsenc=p2ANqtz-_G5s6CORBttERc_beHteVqqnJIJh5EriMR00fz0Cexxf2lQpsFfBisijUxttE-tNX9yfHTn7fBQWbcOnOkY3_eCosMOOPpTIuaIKsiuCzrvP7v03c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 47.74.174.177 Singapore, Singapore, ASN45102 (CNNIC-ALIBABA-US-NET-AP Alibaba (US) Technology Co., Ltd., CN),
Reverse DNS
Software: /
Resource Hash: 2afd0154f96dec9e032720f95fa9b57bed5bcb05e01a550855297b45bf77c9ef

Request headers

Referer: https://www.thesundaily.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 26 Apr 2021 11:19:22 GMT
content-encoding: br
vary: Accept-Encoding
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin: https://www.thesundaily.my
cache-control: no-cache,no-store
access-control-allow-credentials: true
content-type: application/json; charset=UTF-8

Redirect headers

pragma: no-cache
date: Mon, 26 Apr 2021 11:19:21 GMT
location: https://adnetwork.adasiaholdings.com/2060/call?cklb=1
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin: https://www.thesundaily.my
cache-control: no-cache,no-store
access-control-allow-credentials: true
content-length: 0

GET
H2 200 /
www.facebook.com/tr/ 44 B
258 B 12ms
12ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=2418678745093464&ev=PageView&dl=https%3A%2F%2Fwww.thesundaily.my%2Fhome%2Fastrazeneca-is-safe-to-be-given-to-senior-citizens-adham-YL7793054%3F_hsmi%3D88974744%26_hsenc%3Dp2ANqtz-_G5s6CORBttERc_beHteVqqnJIJh5EriMR00fz0Cexxf2lQpsFfBisijUxttE-tNX9yfHTn7fBQWbcOnOkY3_eCosMOOPpTIuaIKsiuCzrvP7v03c&rl=&if=false&ts=1619435960278&sw=1600&sh=1200&v=2.9.39&r=stable&ec=0&o=30&fbp=fb.1.1619435960277.961818600&it=1619435960071&coo=false&rqm=GET

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.thesundaily.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Apr 2021 11:19:20 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Mon, 26 Apr 2021 11:19:20 GMT

POST
H3-29 200 collect Show response
www.google-analytics.com/j/ 2 B
26 B 13ms
13ms XHR
text/plain 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j90&a=1243480928&t=pageview&_s=1&dl=https%3A%2F%2Fwww.thesundaily.my%2Fhome%2Fastrazeneca-is-safe-to-be-given-to-senior-citizens-adham-YL7793054&ul=en-us&de=UTF-8&dt=AstraZeneca%20is%20safe%2C%20to%20be%20given%20to%20senior%20citizens%20-%20Adham&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IADAAUABAAAAAC~&jid=1532772978&gjid=2146886990&cid=353529585.1619435960&tid=UA-23981916-1&_gid=153671978.1619435960&_r=1&gtm=2ou4e1&z=886823399

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.thesundaily.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 26 Apr 2021 11:19:20 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.thesundaily.my
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
91 B 14ms
14ms XHR
text/plain 2a00:1450:400c:c0c::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j90&tid=UA-23981916-1&cid=353529585.1619435960&jid=1532772978&gjid=2146886990&_gid=153671978.1619435960&_u=IADAAUAAAAAAAC~&z=670447878

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c0c::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.thesundaily.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Mon, 26 Apr 2021 11:19:20 GMT
content-type: text/plain
access-control-allow-origin: https://www.thesundaily.my
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
107 B 29ms
29ms Image
image/gif 2a00:1450:4001:80e::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j90&tid=UA-23981916-1&cid=353529585.1619435960&jid=1532772978&_u=IADAAUAAAAAAAC~&z=71403960

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.thesundaily.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 26 Apr 2021 11:19:20 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 28ms
28ms Image
image/gif 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j90&tid=UA-23981916-1&cid=353529585.1619435960&jid=1532772978&_u=IADAAUAAAAAAAC~&z=71403960

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.thesundaily.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 26 Apr 2021 11:19:20 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

OPTIONS
H2 200 sid
mug.criteo.com/ Frame 0
0 62ms
20ms Preflight
application/json 178.250.2.146
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Server

178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Origin: null
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
content-type: application/json; charset=utf-8
expires: 0
strict-transport-security: max-age=31536000
access-control-allow-origin: null
access-control-allow-headers: content-type
access-control-allow-credentials: true
access-control-allow-methods: GET
server-processing-duration-in-ticks: 989
date: Mon, 26 Apr 2021 11:19:19 GMT
content-encoding: gzip
vary: Accept-Encoding

GET
H/1.1 200
OK English.jpg
s3-ap-southeast-1.amazonaws.com/thesun-epaper.com/theSundaily/ Frame 71EC 8 KB
8 KB 178ms
177ms Image
image/jpeg 52.219.124.102
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3-ap-southeast-1.amazonaws.com/thesun-epaper.com/theSundaily/English.jpg
Requested by: Host: s3-ap-southeast-1.amazonaws.com
URL: https://s3-ap-southeast-1.amazonaws.com/thesun-epaper.com/theSundaily/AFO.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.219.124.102 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-ap-southeast-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 3227f954577feca555b88c25cffb2066f5a61ee87a01f164eca996a9bf685944

Request headers

Referer: https://s3-ap-southeast-1.amazonaws.com/thesun-epaper.com/theSundaily/AFO.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 26 Apr 2021 11:19:21 GMT
Last-Modified: Wed, 15 Apr 2020 13:31:43 GMT
Server: AmazonS3
x-amz-request-id: XWKEBZMCEHZZM31B
ETag: "aeef88d64486aa1d915dc9a3363612a1"
Content-Type: image/jpeg
Accept-Ranges: bytes
Content-Length: 8057
x-amz-id-2: KmdTHAkEPe+OdOhkPmbU/r6HBEHiDgXfJPENmGjXHbFGwpp2sDVrVgA+6vv8vfOIXwva5MfMgQA=

GET
H/1.1 200
OK Chinese.jpg
s3-ap-southeast-1.amazonaws.com/thesun-epaper.com/theSundaily/ Frame 71EC 8 KB
8 KB 355ms
176ms Image
image/jpeg 52.219.124.102
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3-ap-southeast-1.amazonaws.com/thesun-epaper.com/theSundaily/Chinese.jpg
Requested by: Host: s3-ap-southeast-1.amazonaws.com
URL: https://s3-ap-southeast-1.amazonaws.com/thesun-epaper.com/theSundaily/AFO.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.219.124.102 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-ap-southeast-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 9feb3da6f0a093b114d04d1c928f886a5875c0333df13e269d3d1d9ff5e4546e

Request headers

Referer: https://s3-ap-southeast-1.amazonaws.com/thesun-epaper.com/theSundaily/AFO.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 26 Apr 2021 11:19:21 GMT
Last-Modified: Wed, 15 Apr 2020 13:31:43 GMT
Server: AmazonS3
x-amz-request-id: XWK4WV26S8YTBKQZ
ETag: "517fd1c8599e78305146fe67cefcb502"
Content-Type: image/jpeg
Accept-Ranges: bytes
Content-Length: 8012
x-amz-id-2: FQKMahr73HcuCX3026pXIcaWNcMedJNoSYj6IgFks69YY3/hb9SXsmoatwU0e6z2BP2n3z7JbRg=

GET
H2 200 json Show response
trc.taboola.com/thesundaily/trc/3/ 66 KB
17 KB 525ms
525ms XHR
application/javascript 199.232.137.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.taboola.com/thesundaily/trc/3/json?tim=13%3A19%3A20.765&lti=deflated&data=%7B%22id%22%3A608%2C%22ii%22%3A%22%2Fhome%2Fastrazeneca-is-safe-to-be-given-to-senior-citizens-adham-yl7793054%22%2C%22it%22%3A%22text%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22uifp%22%3Anull%2C%22lbt%22%3A1619432532825%2C%22vi%22%3A1619435960763%2C%22cv%22%3A%2220210426-7-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fwww.thesundaily.my%2Fhome%2Fastrazeneca-is-safe-to-be-given-to-senior-citizens-adham-YL7793054%22%2C%22bv%22%3A%220%22%2C%22ul%22%3A%5B%22en-US%22%5D%2C%22btv%22%3A%220%22%2C%22cos%22%3A%224g%22%2C%22bad%22%3A-1%2C%22sw%22%3A1600%2C%22sh%22%3A1200%2C%22bw%22%3A1600%2C%22sde%22%3A%221.000%22%2C%22bh%22%3A1200%2C%22dw%22%3A1600%2C%22dh%22%3A1941%2C%22qs%22%3A%22%3F_hsmi%3D88974744%26_hsenc%3Dp2ANqtz-_G5s6CORBttERc_beHteVqqnJIJh5EriMR00fz0Cexxf2lQpsFfBisijUxttE-tNX9yfHTn7fBQWbcOnOkY3_eCosMOOPpTIuaIKsiuCzrvP7v03c%22%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-t2m%22%2C%22s%22%3A8%2C%22uim%22%3A%22thumbnails-a%3Aabp%3D0%22%2C%22uip%22%3A%22Below%20Article%20Thumbnails%22%2C%22orig_uip%22%3A%22Below%20Article%20Thumbnails%22%2C%22cd%22%3A1941.375%2C%22mw%22%3A768%7D%5D%2C%22cb%22%3A%22TRC.callbacks.recommendations_1%22%2C%22lt%22%3A%22deflated%22%7D
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20210426-7-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 54790db6f990f9b2876bdc818cdf0be2cc72f59393dce8ae3046268e9efacbb6

Request headers

Referer: https://www.thesundaily.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

x-vcl-time-ms: 518
date: Mon, 26 Apr 2021 11:19:21 GMT
content-encoding: gzip
server: nginx
x-timer: S1619435961.774165,VS0,VE518
x-served-by: cache-hhn11538-HHN
vary: Accept-Encoding
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: https://www.thesundaily.my
access-control-allow-credentials: true
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
via: 1.1 varnish
x-cache-hits: 0

GET
H3-29 200 container.html Show response
5f7a3c227877733a11b3d8ac75a2ccaf.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 22B1 6 KB
3 KB 21ms
7ms Document
text/html 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://5f7a3c227877733a11b3d8ac75a2ccaf.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042001.js?31060870

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: 5f7a3c227877733a11b3d8ac75a2ccaf.safeframe.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-38/html/container.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.thesundaily.my/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.thesundaily.my/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 3108
date: Mon, 26 Apr 2021 11:19:20 GMT
expires: Tue, 26 Apr 2022 11:19:20 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 0
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 view
securepubads.g.doubleclick.net/pcs/ Frame AE57 0
0 44ms
43ms Fetch
image/gif 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvepoDsd1jo4mulgB6aM4tg3b0RsjnGZjMNqbN1iw5JctO1yeT2pMCejc4nkQe6BDHB9XammrY57YgeKOA5pjZTU25Yaifw_MVdjTogtdsnNY9kRg1C9u1YH6Czs9GnA3MsHURi6JQLO0sd3PzjtKQTZmNRJCD8eTs6OHdVWyWlVPSI_d5PYbjhaoK8XVjvnHQkRRJ1T_Dr2G5GngwKMnVsUKL3vH1u94BzEDxfnu5O4t8DKHVBzY-NcHjIQEEyip9zkxAZLL5zTMJqlArYvxhpxX8wrXgr6uzSpMbPtcMUFyYg&sai=AMfl-YRo1IYZijNjuPm5pT3bNw-s9eA3B35Wjfo3Q6tNEOzkhPO6HLwoONgeBSNgh0WEYCvcKmkUPeAE1SMqShtP4poCCNVCK5MO8-uhNjGuaM6BRkaFJUdOqaNIZYZz1oJn&sig=Cg0ArKJSzOa9m8mpgo3nEAE&adurl=

Requested by

Host: info.silobreaker.com
URL: https://info.silobreaker.com/e2t/tc/VWt22z7YxmcLW3d_lfb36JTN9VZjc4S4qSWfGN50kgPk2-HwrV1-WJV7CgH74W8yj8Gf5DDZvcW3TJBTT7kqbNwMR6s8lJGK_xW9h7hwf27nzMqW5wGLkb4hf5GgW3lN5Td7tRBTkW30lvRX1N-LFjW1tW32m7Trp5GW4xr3Wn7WcQ5vW23hz6z6nGFdkW7VpsPv34ByTlW1KrtR88V7szrW39MzFN7Py845W3wb58d2vpQrZW4tlyqy4716kPW7N7-KV2vQ-5fW7qBTzn7dJ1BKW4VM3fG2FFWxyW3sfPLt74fFR8N6_-qlgnJKNxW60WBkK3dW8pZW2_vCdB2RRvxLW5F45Z61c1l3BVnybQW29v8QnW3Bf6923kQS6jN6fzWv1M0WN93c-z1

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.thesundaily.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 26 Apr 2021 11:19:20 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Mon, 26 Apr 2021 11:19:20 GMT

GET
H3-29 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210422/r20110914/client/ Frame AE57 2 KB
1 KB 16ms
15ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210422/r20110914/client/window_focus_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042001.js?31060870

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.thesundaily.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Apr 2021 11:15:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 260
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1303
x-xss-protection: 0
server: cafe
etag: 14729628269804859526
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 10 May 2021 11:15:00 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame AE57 116 KB
35 KB 16ms
15ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042001.js?31060870

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dc015126841eaa9b1b79ee123e13d7d07ad7fe77f22366b05c480eff59a7a25e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.thesundaily.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Apr 2021 11:19:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1619017370605640"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36032
x-xss-protection: 0
expires: Mon, 26 Apr 2021 11:19:20 GMT

GET
H3-29 200 14326531214700722794
tpc.googlesyndication.com/simgad/ Frame AE57 104 KB
104 KB 17ms
16ms Image
image/gif 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/14326531214700722794

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042001.js?31060870

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0e8356462c5cc694f3aed2520181479158a7fa2e4ac768842609cdec16393efa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.thesundaily.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 23 Apr 2021 00:21:21 GMT
x-content-type-options: nosniff
age: 298679
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 106598
x-xss-protection: 0
last-modified: Mon, 19 Apr 2021 09:52:58 GMT
server: sffe
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 23 Apr 2022 00:21:21 GMT

GET
H3-29 200 container.html Show response
5f7a3c227877733a11b3d8ac75a2ccaf.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame E158 6 KB
3 KB 10ms
7ms Document
text/html 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://5f7a3c227877733a11b3d8ac75a2ccaf.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042001.js?31060870

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: 5f7a3c227877733a11b3d8ac75a2ccaf.safeframe.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-38/html/container.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.thesundaily.my/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.thesundaily.my/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 3108
date: Mon, 26 Apr 2021 11:19:20 GMT
expires: Tue, 26 Apr 2022 11:19:20 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 0
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 view
securepubads.g.doubleclick.net/pcs/ Frame F49E 0
0 68ms
66ms Fetch
image/gif 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsubFKgX0uvcRIRaicNmj4zvfMu0iVdaTIygXksuPTfPi3MDfvmquzMNxyXHI0FLwBW_6EoIOKHMsvFWAsjGade30INtJDm6mejneLZHbvSTyB_xGGVOxcm3VU_pwvZDaGIx2zqCMLcYAJG99_p7gIIQbQvGBRCH3dPtE2bWQO7TOB2JJsGPTWtNb9vFsBN7UNPHTeUSMr7o4iCAT0nvtw_KQkUGtI2gtQGpZZT_7UwMBSHZUXrKH3mI0EWKFbWjzuN32y8KUDSXgLzA1ufXIS3Ay6BSyVWZHZQdMmWn6YWyPhkD&sai=AMfl-YQECTDzo7gH1YseBLJ1vdRoPD5eUEyxcqn9stlBJHLvuFzFKQSZd5qFjVHKV5yc88ndG7tpCC98RrWUfi9ABZMzbWFpW3JPXPXdriCkJfnaPG-XsptVVSrBlakfIN7I&sig=Cg0ArKJSzKLot_kxNKXWEAE&adurl=

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.thesundaily.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 26 Apr 2021 11:19:20 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Mon, 26 Apr 2021 11:19:20 GMT

GET
H3-29 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210422/r20110914/client/ Frame F49E 2 KB
1 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210422/r20110914/client/window_focus_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042001.js?31060870

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.thesundaily.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Apr 2021 11:15:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 260
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1303
x-xss-protection: 0
server: cafe
etag: 14729628269804859526
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 10 May 2021 11:15:00 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame F49E 116 KB
35 KB 15ms
13ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042001.js?31060870

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dc015126841eaa9b1b79ee123e13d7d07ad7fe77f22366b05c480eff59a7a25e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.thesundaily.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Apr 2021 11:19:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1619017370605640"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36032
x-xss-protection: 0
expires: Mon, 26 Apr 2021 11:19:20 GMT

GET
H3-29 204 l
www.google.com/ads/measurement/ Frame F49E 0
0 14ms
13ms Image
text/html 2a00:1450:4001:80e::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSNIOxNWzWfvLdbjUdFIkMy0B9nK4dRMVQsNenFHIajJtF7pQaFrDsKhx-gFn-RMayD_j3D
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042001.js?31060870
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.thesundaily.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3-29 200 3700624880018903135
tpc.googlesyndication.com/simgad/ Frame F49E 825 KB
825 KB 12ms
11ms Image
image/gif 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/3700624880018903135

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042001.js?31060870

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1ae214329b13533df631d744f8f4d462b25b79b501a25b1f3efef6d5631fa484

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.thesundaily.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 25 Apr 2021 16:31:09 GMT
x-content-type-options: nosniff
age: 67691
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 845113
x-xss-protection: 0
last-modified: Thu, 22 Apr 2021 07:58:47 GMT
server: sffe
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 25 Apr 2022 16:31:09 GMT

GET
H3-29 200 view
securepubads.g.doubleclick.net/pcs/ Frame EE3E 0
0 74ms
71ms Fetch
image/gif 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvYjQxTJ8QnMuvXKD0BWylc_l1vnEs45akbtvzl8vKSpGhGw8-4FHSpWeea90NZ9g2Tp5vsHZj1PB7Iee08jxpNdOIgty2Pjju1-VsmhaVCk6BM961plO3rNDU3mqyMHwINcQXI8ot4NgeNHWYfCWX5KbpqTR3H7_8R8mSY1A-89MCm74hvFjqpxz8yrEafmvvJVo-_-ihJdkmpu2w4m75x54oIHCFXp5kyz85_TuyBqsLZcC5K5GOKIV1VZHclBG-xSk5rIcBybZ0UpRIfxpGp10yaCkAj4hire6Y1inEfcUJr&sai=AMfl-YQwaJ0gW9Rpa-ZY6gmuycLN8sBG0_k7VAQhKRCi3ax_OzMrNZk3LljeGKP36pcEoS9kEBWanBe9nb5InfNJWBsTCPq_wiohd8cmka8gIWfX4R9czVGCSARxWRbPvmRa&sig=Cg0ArKJSzAsJazhdhFB_EAE&adurl=

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.thesundaily.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 26 Apr 2021 11:19:20 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Mon, 26 Apr 2021 11:19:20 GMT

GET
H3-29 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210422/r20110914/client/ Frame EE3E 2 KB
1 KB 12ms
11ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210422/r20110914/client/window_focus_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042001.js?31060870

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.thesundaily.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Apr 2021 11:15:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 260
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1303
x-xss-protection: 0
server: cafe
etag: 14729628269804859526
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 10 May 2021 11:15:00 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame EE3E 116 KB
35 KB 17ms
12ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042001.js?31060870

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dc015126841eaa9b1b79ee123e13d7d07ad7fe77f22366b05c480eff59a7a25e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.thesundaily.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Apr 2021 11:19:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1619017370605640"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36032
x-xss-protection: 0
expires: Mon, 26 Apr 2021 11:19:20 GMT

GET
H3-29 200 9747837730426916910
tpc.googlesyndication.com/simgad/ Frame EE3E 161 KB
162 KB 16ms
8ms Image
image/gif 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/9747837730426916910

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042001.js?31060870

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

21a126edb70e005d4ca8eb32f1e3acecac0a63488f3a1ceee905a4c1d44ef970

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.thesundaily.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 22 Apr 2021 07:19:17 GMT
x-content-type-options: nosniff
age: 360003
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 165368
x-xss-protection: 0
last-modified: Thu, 22 Apr 2021 07:07:23 GMT
server: sffe
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 22 Apr 2022 07:19:17 GMT

GET
H3-29 200 view
securepubads.g.doubleclick.net/pcs/ Frame 7680 0
0 73ms
70ms Fetch
image/gif 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstEv2ayNFl3yZlSdkwPWteSRt_sG02dAP3L3CdxTnyX4c7FieszkstFs8zKy-0e9giwf_5NWUZmV90tSVSPfOf6ef9e87LG8vPY2NAAM289lc3REgGMUppsEBTImNm6ryP1PTBx070StI9AIGhkHIhCwqOhlE_jadTJl2uqVtgxBo7fn9B25aYtoM1EefuJUx-4hlgZaMHLL9ytBPTqjtLpSA7TpVtQUBVdpUKOaJ7CptbIvQt_y-jaK50JmqNGLk53ievtq0vtXaHavd4SugX9Yie9ny1l1V_R4KtAMAPdC7EZ&sai=AMfl-YQkSc_GB0zlo502MSj_F1p4WCvX5zre6ckg_nX8R_ECbb_jp1Ng_uCYUsrsC7fmJKlBa7PEEOGlM54g_wn45sAYkMeSCliTTToSqKDkjbS9WN86ukMt1AcJ7as0dSUC&sig=Cg0ArKJSzK3QVxhCbX28EAE&adurl=

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.thesundaily.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 26 Apr 2021 11:19:20 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Mon, 26 Apr 2021 11:19:20 GMT

GET
H3-29 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210422/r20110914/client/ Frame 7680 2 KB
1 KB 20ms
18ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210422/r20110914/client/window_focus_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042001.js?31060870

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.thesundaily.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Apr 2021 11:15:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 260
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1303
x-xss-protection: 0
server: cafe
etag: 14729628269804859526
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 10 May 2021 11:15:00 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 7680 116 KB
35 KB 26ms
23ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042001.js?31060870

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dc015126841eaa9b1b79ee123e13d7d07ad7fe77f22366b05c480eff59a7a25e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.thesundaily.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Apr 2021 11:19:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1619017370605640"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36032
x-xss-protection: 0
expires: Mon, 26 Apr 2021 11:19:20 GMT

GET
H3-29 200 10965567870320277070
tpc.googlesyndication.com/simgad/ Frame 7680 75 KB
75 KB 10ms
7ms Image
image/jpeg 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/10965567870320277070

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042001.js?31060870

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

35c39db048cd93a3368a6b1a6d567d2a813c6a9f3df304eb8d4ebbb662c5513b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.thesundaily.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 23 Apr 2021 00:11:29 GMT
x-content-type-options: nosniff
age: 299271
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 76597
x-xss-protection: 0
last-modified: Thu, 15 Apr 2021 18:14:48 GMT
server: sffe
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 23 Apr 2022 00:11:29 GMT

GET
H3-29 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 73 KB
28 KB 29ms
27ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042001.js?31060870

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4956137c69656045c048a157aaa84859657bbc7744019d26cce6b5bded84cc49

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.thesundaily.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Apr 2021 11:19:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1619017352525402"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28270
x-xss-protection: 0
expires: Mon, 26 Apr 2021 11:19:20 GMT

POST
H3-29 200 /
www.facebook.com/tr/ 0
20 B 10ms
9ms Ping
text/plain 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.thesundaily.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: multipart/form-data; boundary=----WebKitFormBoundaryHg4iJHBSfpgnQHCI

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
server: proxygen-bolt
date: Mon, 26 Apr 2021 11:19:20 GMT
content-type: text/plain
access-control-allow-origin: https://www.thesundaily.my
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
content-length: 0
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
priority: u=3,i

GET
H3-29 200 view
securepubads.g.doubleclick.net/pcs/ Frame AE57 0
0 59ms
43ms Fetch
image/gif 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssDE6fyaXIokadhFEE4R_niT1YANVgmuTVv9UJ10gSBzSsjNa6vz0JXnA27zyb2_JP4YztkIB9rvhDi6aVNku_8wgs1MwAQkBG9CePpgg73wpSjzxk6WD02h6C0W6fY1T9eq4FiuxIOZuSwaqCSd7y0JhcLIzwTV-p6nktvzNqnjNkQPAqHoKiWvNlHhdL17Ixmwtn60SH0Am6VnI_s8-csUQs5mAiRKuspimkybQ6Q-jVeJuDYqIpMOvsCwV_QvWR4CCbe2Abi3HI6nrI0LVkOxUimjp_TO-L5mYCo5Cy9hiEu7hI&sai=AMfl-YS_ndc7LJRfUX49zG_9uyPoZNsWf-KTkdWN-4KFJddyRLQ7h_bani_YZfCDmbbX8VfAPLgjOuX2oxuXKmZroY_QDkPBJF6Uj8a8x4gdPJPLafJr8kGhau3_MTokG89P&sig=Cg0ArKJSzJVRo5qZoEPNEAE&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.thesundaily.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 26 Apr 2021 11:19:20 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Mon, 26 Apr 2021 11:19:20 GMT

GET
DATA 200
OK truncated
/ Frame AE57 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 78a55057447f49aa6d8e4e5eb7905ad8f0f9961ff3b2b3c5250e16eddce86a95

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-29 200 view
securepubads.g.doubleclick.net/pcs/ Frame F49E 0
0 70ms
70ms Fetch
image/gif 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssj0jYVw0Ki7ygwW3tlqZrO15X7Dcda7ohnFvBgIxtW_wT2f2yCq72oL7_epFHuQoAxyTIxMtCQVN0hFod0_3HlveZzcbSPEN0XiLsVuQIWUbq34HnWl26M3HS9k7IT4vpLGTShYyE9-SLyxwLHgqeZ28Siq8kjta-nT0ssRiSrJjIPMtQmIcSW11Rv-VyayXn4zqsFdy654LVZbFvcBNu_9uM3-gAstf_z8VUzI8f3V2NfnpiW9QJEFWgQRDHT9NECUDGwPT10ST1lbHFQY3LALpfebzxFToOvuMcggM6vHtqFP_w&sai=AMfl-YQthFz43RRiWaiRYz5xmbBf972kNdpy9i_srb_kx0GbffXsI_zPO4JAcH1eRAzqyrKKTrx-RFvMPXu4Ra4hOz4DdCkvuAQWu_6tWVqS6aQYIZi3WUvOqNyMD1e897CS&sig=Cg0ArKJSzAZsHx7i6GvDEAE&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.thesundaily.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 26 Apr 2021 11:19:20 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Mon, 26 Apr 2021 11:19:20 GMT

GET
DATA 200
OK truncated
/ Frame F49E 205 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 78155814e4a258353efdbce69dc7b574a80119a52885d913a747240e23fa346f

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-29 200 view
securepubads.g.doubleclick.net/pcs/ Frame EE3E 0
0 63ms
63ms Fetch
image/gif 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssNpOWvNa5j-IfV26Ht1yqEcDwkMd9E1Bt3tFs0HCh202uwt9PUOHNMhAmWi2RX4dv0_h0YQlMK490tscjaljbWjBfEuJ5__-rOH9elXp1wdq5GBR8arBK4wpMLfHHBfYGBsYWUTdPBaNGOA5mUfxqJK1JFQbAgST8g1X14chHpjfbZFkRBIYqVT-cy6y7pmGTeXefAf-_Py01FsufgnOD6FAcamzNaeU9M_pyXjj4xrvbWQYTY51xGEqgFlAESiMc2z8_jWMPHGLlIWgrPYeJ7qq-ILrZ4pv4WItzxzC2fVc9n9jM&sai=AMfl-YSD2NahfLNMMWrAZHULoD64T7D92xrxitKxR0l3CYvm0eGOVqWe8j5CON1MDts0BGoGUB__NKMj-9dbjRZ4uwgFnX8RV_1SKMUIKdjlJ6pzCJtQeMw6Jsg0m9K0iGx5&sig=Cg0ArKJSzG3pGacu3OaCEAE&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.thesundaily.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 26 Apr 2021 11:19:20 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Mon, 26 Apr 2021 11:19:20 GMT

GET
DATA 200
OK truncated
/ Frame EE3E 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f66426a0452e530b6d0376fd67ba1c12aa570ca18bb54841a29f83b07317b19e

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 3bdf4bc5a105080d989d03306174de96.js Show response
www.gstatic.com/mysidia/ Frame 22B1 6 KB
3 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/3bdf4bc5a105080d989d03306174de96.js?tag=client_fast_engine_2019

Requested by

Host: 5f7a3c227877733a11b3d8ac75a2ccaf.safeframe.googlesyndication.com
URL: https://5f7a3c227877733a11b3d8ac75a2ccaf.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c491669ffeb03b25a72061f0b309f113d9c442aad96d271841dabf757d3080ee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://5f7a3c227877733a11b3d8ac75a2ccaf.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Apr 2021 21:29:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 20 Apr 2021 07:12:01 GMT
server: sffe
age: 481776
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7776000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2784
x-xss-protection: 0
expires: Mon, 19 Jul 2021 21:29:44 GMT

GET
H2 200 51f95e8801b2f454bb1ec0b0d582ea90.js Show response
www.gstatic.com/mysidia/ Frame 22B1 142 KB
52 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/51f95e8801b2f454bb1ec0b0d582ea90.js?tag=video_mra/web_raspberry

Requested by

Host: 5f7a3c227877733a11b3d8ac75a2ccaf.safeframe.googlesyndication.com
URL: https://5f7a3c227877733a11b3d8ac75a2ccaf.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

98329b1413a0161084fbf5608a0c80759978a565ce2adcf114e72761d4531375

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://5f7a3c227877733a11b3d8ac75a2ccaf.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 22 Apr 2021 15:35:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 20 Apr 2021 07:12:01 GMT
server: sffe
age: 330236
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7776000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 53387
x-xss-protection: 0
expires: Wed, 21 Jul 2021 15:35:24 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 22B1 3 KB
675 B 15ms
14ms Stylesheet
text/css 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C700

Requested by

Host: 5f7a3c227877733a11b3d8ac75a2ccaf.safeframe.googlesyndication.com
URL: https://5f7a3c227877733a11b3d8ac75a2ccaf.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

8d9b4e8baf2d6296710fb142486efc074d1b4295512aa4125465410dbfd1053a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://5f7a3c227877733a11b3d8ac75a2ccaf.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 26 Apr 2021 10:27:29 GMT
server: ESF
date: Mon, 26 Apr 2021 11:19:20 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 26 Apr 2021 11:19:20 GMT

GET
H2 200 amp-analytics-0.1.js Show response
cdn.ampproject.org/v0/ Frame 22B1 95 KB
30 KB 36ms
14ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/v0/amp-analytics-0.1.js

Requested by

Host: 5f7a3c227877733a11b3d8ac75a2ccaf.safeframe.googlesyndication.com
URL: https://5f7a3c227877733a11b3d8ac75a2ccaf.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

53c0443a37dc70b8721904728e52d31daa6971397adef65e4588a07eee27592c

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://5f7a3c227877733a11b3d8ac75a2ccaf.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29719
x-xss-protection: 0
server: sffe
date: Mon, 26 Apr 2021 11:19:21 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: private, max-age=604800, stale-while-revalidate=604800
etag: "04e4506906a60869"
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 26 Apr 2021 11:19:21 GMT

GET
H3-29 200 load_preloaded_resource_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210422/r20110914/client/ Frame 22B1 1 KB
909 B 6ms
6ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210422/r20110914/client/load_preloaded_resource_fy2019.js

Requested by

Host: 5f7a3c227877733a11b3d8ac75a2ccaf.safeframe.googlesyndication.com
URL: https://5f7a3c227877733a11b3d8ac75a2ccaf.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

49aea8d1206dbb5e3c8a7d4db9274d2efa2111d8b53acb901efc378b1feca381

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://5f7a3c227877733a11b3d8ac75a2ccaf.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Apr 2021 11:12:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 417
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 882
x-xss-protection: 0
server: cafe
etag: 11243716317595354070
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 10 May 2021 11:12:24 GMT

GET
H3-29 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210422/r20110914/ Frame 22B1 17 KB
7 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210422/r20110914/abg_lite_fy2019.js

Requested by

Host: 5f7a3c227877733a11b3d8ac75a2ccaf.safeframe.googlesyndication.com
URL: https://5f7a3c227877733a11b3d8ac75a2ccaf.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e9f3358441fb5f83ee3575f81df787bbade8b416b009cbdcbd3b71c8b6f560e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://5f7a3c227877733a11b3d8ac75a2ccaf.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Apr 2021 11:18:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 70
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7028
x-xss-protection: 0
server: cafe
etag: 3134275839577271762
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 10 May 2021 11:18:10 GMT

GET
H3-29 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210422/r20110914/client/ Frame 22B1 2 KB
1 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210422/r20110914/client/window_focus_fy2019.js

Requested by

Host: 5f7a3c227877733a11b3d8ac75a2ccaf.safeframe.googlesyndication.com
URL: https://5f7a3c227877733a11b3d8ac75a2ccaf.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://5f7a3c227877733a11b3d8ac75a2ccaf.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Apr 2021 11:15:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 261
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1303
x-xss-protection: 0
server: cafe
etag: 14729628269804859526
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 10 May 2021 11:15:00 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 22B1 116 KB
35 KB 15ms
15ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 5f7a3c227877733a11b3d8ac75a2ccaf.safeframe.googlesyndication.com
URL: https://5f7a3c227877733a11b3d8ac75a2ccaf.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dc015126841eaa9b1b79ee123e13d7d07ad7fe77f22366b05c480eff59a7a25e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://5f7a3c227877733a11b3d8ac75a2ccaf.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Apr 2021 11:19:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1619017370605640"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36032
x-xss-protection: 0
expires: Mon, 26 Apr 2021 11:19:20 GMT

GET
H3-29 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210422/r20110914/client/ Frame 22B1 13 KB
5 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210422/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: 5f7a3c227877733a11b3d8ac75a2ccaf.safeframe.googlesyndication.com
URL: https://5f7a3c227877733a11b3d8ac75a2ccaf.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

439ab67fa3c312bb442bed574ea79be834dbd92f3bd7d2288b6f3fce4d0afb0c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://5f7a3c227877733a11b3d8ac75a2ccaf.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Apr 2021 11:17:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 99
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5604
x-xss-protection: 0
server: cafe
etag: 2846967340006788112
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 10 May 2021 11:17:41 GMT

GET
H3-29 204 l
www.google.com/ads/measurement/ Frame 22B1 0
0 15ms
14ms Image
text/html 2a00:1450:4001:80e::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSJFo4_0Brk90RINogshsIuynWMEOF1ieeMmbY4ONCC1Xugdmb9LXpmoq1YksefHnkDi0ET
Requested by: Host: 5f7a3c227877733a11b3d8ac75a2ccaf.safeframe.googlesyndication.com
URL: https://5f7a3c227877733a11b3d8ac75a2ccaf.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://5f7a3c227877733a11b3d8ac75a2ccaf.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3-29 200 b42b11247d0ebeb7b44892ca7e629453.js Show response
www.gstatic.com/mysidia/ Frame 22B1 25 KB
10 KB 9ms
6ms Script
text/javascript 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/b42b11247d0ebeb7b44892ca7e629453.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: 5f7a3c227877733a11b3d8ac75a2ccaf.safeframe.googlesyndication.com
URL: https://5f7a3c227877733a11b3d8ac75a2ccaf.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a0d34b0d95e73a7ae965ab9eef15d273c1b4ab22aa7d5648e120a2763434ce84

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://5f7a3c227877733a11b3d8ac75a2ccaf.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 25 Apr 2021 20:18:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 20 Apr 2021 07:12:01 GMT
server: sffe
age: 54057
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7776000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10497
x-xss-protection: 0
expires: Sat, 24 Jul 2021 20:18:24 GMT

GET
H2 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 97A1 478 B
322 B 19ms
17ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsYj6_ClQEwAQ&v=APEucNUTIp87Ma6c46hiIXXfhiOlTfSVqzckMSDlpqE9NVACMlFDZup8liGzcenNC_QrMCd7z_vGh1NFlj3J5kNiFiJUl_X6O-c-FNKU7jLcr-B3mOkhSNxBT4FkSusCvbqQaDtNWGpp2R5ASg3pcu1qJiZbpwqyatWAq6q34JIcP3C9W9Z-FAJairSkH_7i7KXF5urOznn8LKsoVWheewXfzRl6ne7klA

Requested by

Host: 5f7a3c227877733a11b3d8ac75a2ccaf.safeframe.googlesyndication.com
URL: https://5f7a3c227877733a11b3d8ac75a2ccaf.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0414d0221112224b4c926de91a6e316f9d9aba685aa8b05fd0654848d8fcdf55

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /xbbe/pixel?d=CN-KGhCn9EsYj6_ClQEwAQ&v=APEucNUTIp87Ma6c46hiIXXfhiOlTfSVqzckMSDlpqE9NVACMlFDZup8liGzcenNC_QrMCd7z_vGh1NFlj3J5kNiFiJUl_X6O-c-FNKU7jLcr-B3mOkhSNxBT4FkSusCvbqQaDtNWGpp2R5ASg3pcu1qJiZbpwqyatWAq6q34JIcP3C9W9Z-FAJairSkH_7i7KXF5urOznn8LKsoVWheewXfzRl6ne7klA
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://5f7a3c227877733a11b3d8ac75a2ccaf.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUn-x4tpVQ_df4hxllfSxOfRbWx8TKL0pMltEvDCgkhj5vFDGZ0KAB5i2yoxRf0
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://5f7a3c227877733a11b3d8ac75a2ccaf.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Mon, 26 Apr 2021 11:19:20 GMT
server: cafe
cache-control: private
content-length: 230
x-xss-protection: 0
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame E158 23 KB
11 KB 39ms
37ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-C_57dhl9h-wz8MO0o6SmfI1BA0DFThR72Wq7N_ibK4PsBztyQ2GCk2G6gpkAj-ez5Ihu_GI0FyAC4meXp-_FaCCkZZjVfMHDYkR-sWl_t6_9Cz_4yMMT_hDt-BjaEll_bcDlMfFhd77mv4Jl7vQ8EZhBg2GQ&cry=1&dbm_d=AKAmf-BhwQrF1PCjmTp0kooigLgokUV7bR9FtJ5srVRJ6L5DwVSks19q4eOsEOTSV27XQWk00wDLhuF6waSRPWZ3dQgBccjsh29rh5XRfn7oj9zCLMAnHkiMGYObKNZMGUAuNmd3GXxwCqEm-muFdOXFc-VgOFGwSkIAb75aAe-0XqbJSRa5lLG_8qnviMOrYzsQlZnflemLmHSyQ0fwXQt47mUQN5A01GDt9ZAne11EaYtU7uGeO2_IoIp2l7wYHnqvoIerO45udeDcyZJ9mHXRfJPTPwHgf-QwcfCcBra0tlsW_QjXzkPqv87NmovnbHM__vDrvu-1HfOBZ9toGoBvR0qRHOi7gpGv3a_Brc8FJOlaDECaZugTVBXvMKP3jSVX_53Axy31ckEPWeh3eR6BqbJ_oaAQ9iwYABmHkt-3uraDiL9sFjdWBv64_zT7mnGHhs6osk8l2XkwcUh0JfgTfQh_jIXngZP_sy7xs9inHntn1Dpjnmmyk1F5y9VUjqoZ_ZFztuJjjMMMjw0Zl_HpuWPlAS7x61CiYoa6b_Gby2Sibhvuwj2ZWRY1y5uTrEIJNqaCNRy9KiK-KWqBJbT4K6ioHlDOKgnRkiRs2QBsoYQKbRGV8MmjLlgke82-swv_EwhTbvfb5aNLqjd9CN9RsfRofQvSTKp74o1S5hguzAqURis5QCjlhbIBYYh0puWpzb0VJmGUe4eQ9WANeqcbkUOz3W8voA5nBT5kv-bJNAfCNIx-GjpGq00br3EZiThbJywMGmaoNEMvWCwxi8zkjUOBZUkq7htiaHLydDCkDI3_sk8GbUX3FxVea6PBG8wt-Bj73lk0-WBU-GKOH3NQ8IDD0d5J6VFwKKyiAYw9TKa3rGuQhWZyf37TS0v4pIErZSyg1_AkScgxQeyd12CUii0KeojfcVAO3gQGAXeEuHJiwGOxJdu1q1y8HhzhN75pSHjzzZN1mePBu_zL5wnDYNVOKYOyLPVp5TUTPSIB0nDN-28XsAyBfRmOiahQFEd_KryZ8RMFQxjx7FdPW4CHZlqZAfMNWdnRODVqT4A8NIl2OyPWeHb8rQaMMEcIjhvb2RMfDGOt8Quy546gu2QB9iVC6Y4PAH_RbCTGmm1RJFlmB54eRfvYHfcGL57GqRQ-2PETymWKMw6Kj-m_sD3dsehjfeITUjoIoX8lTaCMzRRy_PlKilSLYL24BhLdASTbQDiW3zn1rnvFx2CQ1MV0hXfIXoyWW9m6ytnMNKWZfMt5c4PK9z7v5mc49Uam2qnTRd5mrCCccUXJib6DoWJ3ijO6fvVrJbp-p1TzjUpEomWcfSfcbT090-UJ-PXgVPAE6II-XRV3BeJFGAx6Srb5oFAhyaEzbDhQQsUdyH1Tn-jNw9bmSvZc2Qf19ktMxL_7RRkIqsdauVD8EKusbhJMdzyPbKQj7tuCTDqNmX9qa1SIos8idzFzu3HEPV4J8uXfgFpXOcgJ6uFzDKE8SsC1V09EnlhQ6CJUh1Qkudq9IrylbZTRYDJ8eRR5CDC26UcwSsYQug0Im-Eh4Ca1K87QhXK-x9kPdUJr7Vwf0dkFX4wlxsZ7yX7fSBh8HtDa66bpVooMqrZ0y32fPkypnSy53CwbKGwAoW__Va27hJrBLYy1eeIteHwdqf5t9XnxK5EX1E8ba4Lbvy6EMJkuzyg0O8QRn5pxZ_jpGM438am7yNvlz-VFg6LN8Hv8ioK5mSB52Q-h8ejnRDTOE6uv7b4iVXgr2yC3ePfbOg9J6CO9smnbzYYYcAcsUQfOnJG0J2tn3cQAN8N7MJSSTsNmUqXQIFZainjRCnMzRGkyFkBnVuZStcC_oM5JPOK6s0M0qh1UsmfJp_4kb_D_EKmDvBIR7bsV6uhCHn5Oq1YiI86XOlXedhQIzR8jPwKc3E5Mc4WNTS8Syl7L6GnXOf-shMg8GXeXpcdnVn43mrLliGGpzpG_OMUJxdyTL-7mEhxledlDJG0IjKlhSAG6zjz7x5I9ld5NLew1qyPX0OTkOajiLkftKvUgrVmfW3Wzu1HQzTA9fDNrxEBXnEiNxchpZFd2EurZgLQ73IDY8IXnecKS7bzQOfNcieg0PmYTc16uMn0l1NTpE9olID8HjtxGfmtkXPV-p0QYXSzLqDeI8xT0ZVgGNeynWZI5OKNthjoesOtdmTL7BvetjZJ3HtHL3kXKkZGfWljUtHRdJKcLzK8_Tf7rvzaUcUFUC_hWgQRoXE2cAp5bt34Xodi5VdaBp_u5gkmmm2bTnoC06CbLqIdt0INVqfgx6HxzZpNYV1TptK4BhFysshW5RJa_HafZsURWf_fXlFwvPSp8BicfbSoq50C2rXLC4L1ywctEs_DfHTDXweTqRaI5j_wYaM9urbcYncEJsxrrb7WBSAc7nFge-xQSVowaoHb8s2eICtgTrqt_qx-M6dEWDMWRoaQnWI90YQxDgm17PuKnr9a1P4g33VKP7K5SqJA1EgOD2VVya3ZIPJmfpNCzxLm0a5AQE8g0uSsphe-_nBDfbBxdBCQZJ1V8JgjoU95dR2PjqDBa6tk1XXsl4GMsQzqa3r3qy3Kb648NQ54yfgYwX-VajXlNTx2XWYz65zxNrxmVq8f3E6B3M2BY2FOEQa9KD7l46rqA1qRYNGGUt4BpHQjo0AC5Wb0YmzzFscKokdkXyAtOb94PYuREwOPfZlrx7BftEy2ArJmeWBbrYSmhhYw8kqVVDxXhw0hzva1G8V-o3FyTriKyIgmzpWmxanzaskyFye2dRtqnt_-lFc0cJiTAfSzAX6ESfnNwoEV7llk4AurJh-XCAvdACZe27W97ggRkLhHfwW-MHcUnGV5lxV1W0-bRGnmiGQcignaQFlZ40yfIogwhkaLXplfb0Q9A1jCmOGQmWuhZc7AXDg2agmQYVkabUlbQb7xkr6Oa7Ru1z6h072SwK7rnmehHOuQLa7TARF7tSuT9HXO7np5s-UIrFP18uzroAhu7GoUPwpOjyHKLvCmjuIJE3aiajg4uH-YEcjx1diLNUtzwri-cj1DMQwkhfLTAn_NyH4Vk4x8bGXb8sxgXA1_xuCJTpKlkqXqMQxzIMAezW8KL624siwkSmKMGIVj87U6udX-KkCJZOdeNcTPVBSvMpicHv42IAWY_bzTw2rEyqSI9w_Iy5mn5BGbrvwegK71s8P6Nd48bqZbmqptJOFe2A8zU-GVdlhvUUGPM20ArBL_GY3_d5ug3L9meJt9NVfLcgAI8aDEIJkezs3JGlwRfrAx5ooX7T4W1eDNgtlaPovsz5-7vYEPRnr1JvY6ZidGABqPgYzh64HcZ75GhN3zYgj3Bi5BpiP9KOI1ivMt8M2FKDE1vPFcp10iVglRQyfcSCtkoi8DT2JQLwkauY9FdzCQtUEB6xDWJtCRkvDaWDEX3ke2acEVSjuZVZ86UyMt4kWoWjJacXqYADyM3nhYHrrh9PsWsv6T8otiwAJdAM2KeXDv8Sy7NQ9W-wwXoX8WhrOzdDw1MQ_eszq4-SHjPsWVXyayhVPqiIDFcEd9t9GBHJNTseBxKV7Ph4q26e3IfUEAz1qE-y93Eph-WMrWBizjbT-fPderuab6xRgDJV7uR53Bx4C7VZPtyJFoPPB4KWmO0xNb1lVSs5AFOIqOPgQaq&cid=CAASPeRoY1OtUsWcxFyvYdKn-JN2vTKS0UOxx9kJDW36Ty_wzUfB5os68RJABmPK_zabef4jns5BClC6KmXHCEY&rfl=1%2Chttps%253A%252F%252Fwww.thesundaily.my%252F%240

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

30dae27f711dfadfdc6f2bfa42ea8b1356ee4b2f1a096dc47faa7ab0172e6a31

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://5f7a3c227877733a11b3d8ac75a2ccaf.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 26 Apr 2021 11:19:20 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11680
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame E158 42 B
63 B 25ms
21ms Image
image/gif 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-AvJnKG4YME2zPTE2ZRR_MVGaEnlMpjPhlCwvoiUEO02xh9HA3CC9JSDXytY9chmwtEb4ZEcwturlE2jRDHRMxrPmzRE3wx7_lUkizW-JxkLCWLi4s

Requested by

Host: 5f7a3c227877733a11b3d8ac75a2ccaf.safeframe.googlesyndication.com
URL: https://5f7a3c227877733a11b3d8ac75a2ccaf.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://5f7a3c227877733a11b3d8ac75a2ccaf.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 26 Apr 2021 11:19:20 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210422/r20110914/client/ Frame E158 2 KB
1 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210422/r20110914/client/window_focus_fy2019.js

Requested by

Host: 5f7a3c227877733a11b3d8ac75a2ccaf.safeframe.googlesyndication.com
URL: https://5f7a3c227877733a11b3d8ac75a2ccaf.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://5f7a3c227877733a11b3d8ac75a2ccaf.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Apr 2021 11:15:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 260
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1303
x-xss-protection: 0
server: cafe
etag: 14729628269804859526
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 10 May 2021 11:15:00 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame E158 116 KB
35 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 5f7a3c227877733a11b3d8ac75a2ccaf.safeframe.googlesyndication.com
URL: https://5f7a3c227877733a11b3d8ac75a2ccaf.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d76c09ea49a67623c581149d87ec821d813b9302aea4f871df16156cd1d28a53

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://5f7a3c227877733a11b3d8ac75a2ccaf.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Apr 2021 11:19:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1619188777539687"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36031
x-xss-protection: 0
expires: Mon, 26 Apr 2021 11:19:20 GMT

GET
H3-29 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210422/r20110914/client/ Frame E158 13 KB
5 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210422/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: 5f7a3c227877733a11b3d8ac75a2ccaf.safeframe.googlesyndication.com
URL: https://5f7a3c227877733a11b3d8ac75a2ccaf.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

439ab67fa3c312bb442bed574ea79be834dbd92f3bd7d2288b6f3fce4d0afb0c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://5f7a3c227877733a11b3d8ac75a2ccaf.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Apr 2021 11:17:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 99
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5604
x-xss-protection: 0
server: cafe
etag: 2846967340006788112
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 10 May 2021 11:17:41 GMT

GET
H3-29 204 l
www.google.com/ads/measurement/ Frame E158 0
0 16ms
15ms Image
text/html 2a00:1450:4001:80e::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQQ_4uCU8mDto2IN2aBKD2gBe5T4alzazwsbQsD6L1p_w9v4FaK6LRESuBuL85-gVFlRHu2
Requested by: Host: 5f7a3c227877733a11b3d8ac75a2ccaf.safeframe.googlesyndication.com
URL: https://5f7a3c227877733a11b3d8ac75a2ccaf.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://5f7a3c227877733a11b3d8ac75a2ccaf.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3-29 200 view
securepubads.g.doubleclick.net/pcs/ Frame 7680 0
0 43ms
42ms Fetch
image/gif 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuMufonnmWKC71D1eOZn4DRVQ7uNAmukq7ZtsMjhEXfvm-LBgtUyjlHGH2nnrobDHelHWbA_vG_PbecI8jAD0f0zx9Sj_WjLXCy8eEoWCp3jJgpEiyqEEDzXvo14iFIRgjba3Vt-Ceeb27hWVjfIpKVmEHEMwvEB-tex3JOm6POlwvQBdDHRjBKaTvVK8TOowdDBUHIPnE36ulxEqcls3t0ZqMyv_wUOozct5jB5DN5QA3W1E_w4JARjr0U2lwT4bijl0VHrQEfx_FkHhxICX72PU62NlHfky8ihXi-CEO83HyWQ70&sai=AMfl-YQjRMSieSfMFHBO0q4o8imxPkFrJIjaGNMiQiTCBbjco5DUMjXYxWj_RGRHY2sjY-RwxNkAQjEmeSE38sN8v3-7XfFuWiQFGfb0Yh8mGFBsVGUWmp9OgyA8kZlj8xyX&sig=Cg0ArKJSzKU0CynwvUzYEAE&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.thesundaily.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 26 Apr 2021 11:19:20 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Mon, 26 Apr 2021 11:19:20 GMT

GET
DATA 200
OK truncated
/ Frame 7680 204 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 995100b0ecb159ae1119bbf5b3883c1efa8cbbb81a352249b196d4d40eee5ada

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H/1.1 200
OK innity_blank.js Show response
media.innity.net/adnetwork/default/ Frame D321 1 KB
834 B 33ms
7ms Script
application/javascript 23.38.48.217
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://media.innity.net/adnetwork/default/innity_blank.js
Requested by: Host: as.innity.com
URL: https://as.innity.com/synd/?cb=1619435960064&ver=1&pub=1f9b616faddedc02339603f3b37d196c&zone=65639&output=js&flash=0&url=www.thesundaily.my&width=*&height=*&cat=BUSINESS_FINANCE,CAREERS_LEARNING,HEALTH_FITNESS&vpw=1600&vph=1200&auction=0945b9b-4f9518a
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 23.38.48.217 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-38-48-217.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: cb2e39c4f50033b1e7194935df7246f61e4c8ab27af14ba9b5c2ad589d5eb275

Request headers

Referer: https://www.thesundaily.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 26 Apr 2021 11:19:21 GMT
Content-Encoding: gzip
Last-Modified: Thu, 15 Apr 2021 10:42:00 GMT
Server: Apache
ETag: "527-5c000835d0e00-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=1800
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 463
Expires: Mon, 26 Apr 2021 11:49:21 GMT

GET
H3-29 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20210422/r20110914/ Frame E158 22 KB
8 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20210422/r20110914/abg_lite.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-C_57dhl9h-wz8MO0o6SmfI1BA0DFThR72Wq7N_ibK4PsBztyQ2GCk2G6gpkAj-ez5Ihu_GI0FyAC4meXp-_FaCCkZZjVfMHDYkR-sWl_t6_9Cz_4yMMT_hDt-BjaEll_bcDlMfFhd77mv4Jl7vQ8EZhBg2GQ&cry=1&dbm_d=AKAmf-BhwQrF1PCjmTp0kooigLgokUV7bR9FtJ5srVRJ6L5DwVSks19q4eOsEOTSV27XQWk00wDLhuF6waSRPWZ3dQgBccjsh29rh5XRfn7oj9zCLMAnHkiMGYObKNZMGUAuNmd3GXxwCqEm-muFdOXFc-VgOFGwSkIAb75aAe-0XqbJSRa5lLG_8qnviMOrYzsQlZnflemLmHSyQ0fwXQt47mUQN5A01GDt9ZAne11EaYtU7uGeO2_IoIp2l7wYHnqvoIerO45udeDcyZJ9mHXRfJPTPwHgf-QwcfCcBra0tlsW_QjXzkPqv87NmovnbHM__vDrvu-1HfOBZ9toGoBvR0qRHOi7gpGv3a_Brc8FJOlaDECaZugTVBXvMKP3jSVX_53Axy31ckEPWeh3eR6BqbJ_oaAQ9iwYABmHkt-3uraDiL9sFjdWBv64_zT7mnGHhs6osk8l2XkwcUh0JfgTfQh_jIXngZP_sy7xs9inHntn1Dpjnmmyk1F5y9VUjqoZ_ZFztuJjjMMMjw0Zl_HpuWPlAS7x61CiYoa6b_Gby2Sibhvuwj2ZWRY1y5uTrEIJNqaCNRy9KiK-KWqBJbT4K6ioHlDOKgnRkiRs2QBsoYQKbRGV8MmjLlgke82-swv_EwhTbvfb5aNLqjd9CN9RsfRofQvSTKp74o1S5hguzAqURis5QCjlhbIBYYh0puWpzb0VJmGUe4eQ9WANeqcbkUOz3W8voA5nBT5kv-bJNAfCNIx-GjpGq00br3EZiThbJywMGmaoNEMvWCwxi8zkjUOBZUkq7htiaHLydDCkDI3_sk8GbUX3FxVea6PBG8wt-Bj73lk0-WBU-GKOH3NQ8IDD0d5J6VFwKKyiAYw9TKa3rGuQhWZyf37TS0v4pIErZSyg1_AkScgxQeyd12CUii0KeojfcVAO3gQGAXeEuHJiwGOxJdu1q1y8HhzhN75pSHjzzZN1mePBu_zL5wnDYNVOKYOyLPVp5TUTPSIB0nDN-28XsAyBfRmOiahQFEd_KryZ8RMFQxjx7FdPW4CHZlqZAfMNWdnRODVqT4A8NIl2OyPWeHb8rQaMMEcIjhvb2RMfDGOt8Quy546gu2QB9iVC6Y4PAH_RbCTGmm1RJFlmB54eRfvYHfcGL57GqRQ-2PETymWKMw6Kj-m_sD3dsehjfeITUjoIoX8lTaCMzRRy_PlKilSLYL24BhLdASTbQDiW3zn1rnvFx2CQ1MV0hXfIXoyWW9m6ytnMNKWZfMt5c4PK9z7v5mc49Uam2qnTRd5mrCCccUXJib6DoWJ3ijO6fvVrJbp-p1TzjUpEomWcfSfcbT090-UJ-PXgVPAE6II-XRV3BeJFGAx6Srb5oFAhyaEzbDhQQsUdyH1Tn-jNw9bmSvZc2Qf19ktMxL_7RRkIqsdauVD8EKusbhJMdzyPbKQj7tuCTDqNmX9qa1SIos8idzFzu3HEPV4J8uXfgFpXOcgJ6uFzDKE8SsC1V09EnlhQ6CJUh1Qkudq9IrylbZTRYDJ8eRR5CDC26UcwSsYQug0Im-Eh4Ca1K87QhXK-x9kPdUJr7Vwf0dkFX4wlxsZ7yX7fSBh8HtDa66bpVooMqrZ0y32fPkypnSy53CwbKGwAoW__Va27hJrBLYy1eeIteHwdqf5t9XnxK5EX1E8ba4Lbvy6EMJkuzyg0O8QRn5pxZ_jpGM438am7yNvlz-VFg6LN8Hv8ioK5mSB52Q-h8ejnRDTOE6uv7b4iVXgr2yC3ePfbOg9J6CO9smnbzYYYcAcsUQfOnJG0J2tn3cQAN8N7MJSSTsNmUqXQIFZainjRCnMzRGkyFkBnVuZStcC_oM5JPOK6s0M0qh1UsmfJp_4kb_D_EKmDvBIR7bsV6uhCHn5Oq1YiI86XOlXedhQIzR8jPwKc3E5Mc4WNTS8Syl7L6GnXOf-shMg8GXeXpcdnVn43mrLliGGpzpG_OMUJxdyTL-7mEhxledlDJG0IjKlhSAG6zjz7x5I9ld5NLew1qyPX0OTkOajiLkftKvUgrVmfW3Wzu1HQzTA9fDNrxEBXnEiNxchpZFd2EurZgLQ73IDY8IXnecKS7bzQOfNcieg0PmYTc16uMn0l1NTpE9olID8HjtxGfmtkXPV-p0QYXSzLqDeI8xT0ZVgGNeynWZI5OKNthjoesOtdmTL7BvetjZJ3HtHL3kXKkZGfWljUtHRdJKcLzK8_Tf7rvzaUcUFUC_hWgQRoXE2cAp5bt34Xodi5VdaBp_u5gkmmm2bTnoC06CbLqIdt0INVqfgx6HxzZpNYV1TptK4BhFysshW5RJa_HafZsURWf_fXlFwvPSp8BicfbSoq50C2rXLC4L1ywctEs_DfHTDXweTqRaI5j_wYaM9urbcYncEJsxrrb7WBSAc7nFge-xQSVowaoHb8s2eICtgTrqt_qx-M6dEWDMWRoaQnWI90YQxDgm17PuKnr9a1P4g33VKP7K5SqJA1EgOD2VVya3ZIPJmfpNCzxLm0a5AQE8g0uSsphe-_nBDfbBxdBCQZJ1V8JgjoU95dR2PjqDBa6tk1XXsl4GMsQzqa3r3qy3Kb648NQ54yfgYwX-VajXlNTx2XWYz65zxNrxmVq8f3E6B3M2BY2FOEQa9KD7l46rqA1qRYNGGUt4BpHQjo0AC5Wb0YmzzFscKokdkXyAtOb94PYuREwOPfZlrx7BftEy2ArJmeWBbrYSmhhYw8kqVVDxXhw0hzva1G8V-o3FyTriKyIgmzpWmxanzaskyFye2dRtqnt_-lFc0cJiTAfSzAX6ESfnNwoEV7llk4AurJh-XCAvdACZe27W97ggRkLhHfwW-MHcUnGV5lxV1W0-bRGnmiGQcignaQFlZ40yfIogwhkaLXplfb0Q9A1jCmOGQmWuhZc7AXDg2agmQYVkabUlbQb7xkr6Oa7Ru1z6h072SwK7rnmehHOuQLa7TARF7tSuT9HXO7np5s-UIrFP18uzroAhu7GoUPwpOjyHKLvCmjuIJE3aiajg4uH-YEcjx1diLNUtzwri-cj1DMQwkhfLTAn_NyH4Vk4x8bGXb8sxgXA1_xuCJTpKlkqXqMQxzIMAezW8KL624siwkSmKMGIVj87U6udX-KkCJZOdeNcTPVBSvMpicHv42IAWY_bzTw2rEyqSI9w_Iy5mn5BGbrvwegK71s8P6Nd48bqZbmqptJOFe2A8zU-GVdlhvUUGPM20ArBL_GY3_d5ug3L9meJt9NVfLcgAI8aDEIJkezs3JGlwRfrAx5ooX7T4W1eDNgtlaPovsz5-7vYEPRnr1JvY6ZidGABqPgYzh64HcZ75GhN3zYgj3Bi5BpiP9KOI1ivMt8M2FKDE1vPFcp10iVglRQyfcSCtkoi8DT2JQLwkauY9FdzCQtUEB6xDWJtCRkvDaWDEX3ke2acEVSjuZVZ86UyMt4kWoWjJacXqYADyM3nhYHrrh9PsWsv6T8otiwAJdAM2KeXDv8Sy7NQ9W-wwXoX8WhrOzdDw1MQ_eszq4-SHjPsWVXyayhVPqiIDFcEd9t9GBHJNTseBxKV7Ph4q26e3IfUEAz1qE-y93Eph-WMrWBizjbT-fPderuab6xRgDJV7uR53Bx4C7VZPtyJFoPPB4KWmO0xNb1lVSs5AFOIqOPgQaq&cid=CAASPeRoY1OtUsWcxFyvYdKn-JN2vTKS0UOxx9kJDW36Ty_wzUfB5os68RJABmPK_zabef4jns5BClC6KmXHCEY&rfl=1%2Chttps%253A%252F%252Fwww.thesundaily.my%252F%240

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a8a2b3462c740c8347f2e5db24143b43e7cfd0adfae2f65f3ae30254985a300e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://5f7a3c227877733a11b3d8ac75a2ccaf.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Apr 2021 11:18:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 50
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8608
x-xss-protection: 0
server: cafe
etag: 8606185217770904955
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 10 May 2021 11:18:31 GMT

GET
H3-29 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame E158 41 KB
15 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://5f7a3c227877733a11b3d8ac75a2ccaf.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 21 Apr 2021 06:06:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 450776
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 21 Apr 2022 06:06:25 GMT

GET
H2 200 pixel
cm.g.doubleclick.net/ Frame 97A1 170 B
506 B 41ms
16ms Image
image/png 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=adscale&google_cm&google_dbm

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsYj6_ClQEwAQ&v=APEucNUTIp87Ma6c46hiIXXfhiOlTfSVqzckMSDlpqE9NVACMlFDZup8liGzcenNC_QrMCd7z_vGh1NFlj3J5kNiFiJUl_X6O-c-FNKU7jLcr-B3mOkhSNxBT4FkSusCvbqQaDtNWGpp2R5ASg3pcu1qJiZbpwqyatWAq6q34JIcP3C9W9Z-FAJairSkH_7i7KXF5urOznn8LKsoVWheewXfzRl6ne7klA

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 26 Apr 2021 11:19:21 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 97A1
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELfZgMuRglUhqF1OGqc7CVw&google_cver=1

43 B
1014 B

37ms
35ms

Image
image/gif

184.30.20.241
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELfZgMuRglUhqF1OGqc7CVw&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsYj6_ClQEwAQ&v=APEucNUTIp87Ma6c46hiIXXfhiOlTfSVqzckMSDlpqE9NVACMlFDZup8liGzcenNC_QrMCd7z_vGh1NFlj3J5kNiFiJUl_X6O-c-FNKU7jLcr-B3mOkhSNxBT4FkSusCvbqQaDtNWGpp2R5ASg3pcu1qJiZbpwqyatWAq6q34JIcP3C9W9Z-FAJairSkH_7i7KXF5urOznn8LKsoVWheewXfzRl6ne7klA
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.30.20.241 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-20-241.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 26 Apr 2021 11:19:21 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Mon, 26 Apr 2021 11:19:21 GMT

Redirect headers

pragma: no-cache
date: Mon, 26 Apr 2021 11:19:21 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELfZgMuRglUhqF1OGqc7CVw&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 97A1
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YIahuQsOyujtAJx47NRlhQAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELfZgMuRglUhqF1OGqc7CVw&google_cver=1

43 B
894 B

14ms
14ms

Image
image/gif

184.30.20.241
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELfZgMuRglUhqF1OGqc7CVw&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsYj6_ClQEwAQ&v=APEucNUTIp87Ma6c46hiIXXfhiOlTfSVqzckMSDlpqE9NVACMlFDZup8liGzcenNC_QrMCd7z_vGh1NFlj3J5kNiFiJUl_X6O-c-FNKU7jLcr-B3mOkhSNxBT4FkSusCvbqQaDtNWGpp2R5ASg3pcu1qJiZbpwqyatWAq6q34JIcP3C9W9Z-FAJairSkH_7i7KXF5urOznn8LKsoVWheewXfzRl6ne7klA
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.30.20.241 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-20-241.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 26 Apr 2021 11:19:21 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Mon, 26 Apr 2021 11:19:21 GMT

Redirect headers

pragma: no-cache
date: Mon, 26 Apr 2021 11:19:21 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELfZgMuRglUhqF1OGqc7CVw&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame 22B1 0
331 B 634ms
238ms Ping
image/gif 2a00:1450:4019:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=1~knyicwqn&c=467284438145&slotId=233642219072.5&qqid=CPnHmInlm_ACFRTMuwgdyqUBuQ&sei=44729911%2C44730425%2C44730426%2C75259407%2C75259408&nsei=44714510%2C75259405%2C447279544&bi=rda&ulv=1
Requested by: Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/51f95e8801b2f454bb1ec0b0d582ea90.js?tag=video_mra/web_raspberry
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4019:801::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://5f7a3c227877733a11b3d8ac75a2ccaf.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Mon, 26 Apr 2021 11:19:21 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/6661460353496773470/ Frame 22B1 3 KB
3 KB 7ms
7ms Image
image/jpeg 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/6661460353496773470/downsize_200k_v1?w=100&h=100

Requested by

Host: 5f7a3c227877733a11b3d8ac75a2ccaf.safeframe.googlesyndication.com
URL: https://5f7a3c227877733a11b3d8ac75a2ccaf.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9ccc325a8953d6d7de4a70da6056c4528d5142604b0d5acb70d2aa908f787508

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://5f7a3c227877733a11b3d8ac75a2ccaf.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 24 Apr 2021 08:36:42 GMT
x-content-type-options: nosniff
age: 182559
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2671
x-xss-protection: 0
last-modified: Tue, 10 Nov 2020 12:15:59 GMT
server: sffe
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 24 Apr 2022 08:36:42 GMT

GET
DATA 200
OK truncated
/ Frame 22B1 221 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 613603afe8c5203c59d7f9df1cbac87109df7ffdf245fd20becfa6bd95b92155

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3-29 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/10203136949031276387/ Frame 22B1 195 KB
195 KB 9ms
8ms Image
image/jpeg 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/10203136949031276387/downsize_200k_v1

Requested by

Host: 5f7a3c227877733a11b3d8ac75a2ccaf.safeframe.googlesyndication.com
URL: https://5f7a3c227877733a11b3d8ac75a2ccaf.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

66697ee2ff0039464856dfde7c59a672165ec2157f62ec1fe8cefb7e389b0529

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://5f7a3c227877733a11b3d8ac75a2ccaf.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 24 Apr 2021 20:26:15 GMT
x-content-type-options: nosniff
age: 139986
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 199743
x-xss-protection: 0
last-modified: Fri, 23 Apr 2021 10:14:42 GMT
server: sffe
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 24 Apr 2022 20:26:15 GMT

GET
H3-29 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 22B1 0
0 42ms
41ms Fetch
text/html 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CWNQiuKGGYPmLEZSY7_UPysuGyAvq_LK4YsCt5PaIDvXo2r_NARABIMP1lxFglfrwgYwHoAGEzvW4AsgBCakC6JrXqPFLtD7gAgCoAwHIAwiqBNADT9B6lFwC-WO6rm1GO668LkhWeLl_TCoezhdfGyrIxxkSLQdHBxPNd60CWMbqFAHJYwZjgPaOa6MAe4qBjUxDOkQdKD9UR-3UYXCDKVI6qn9wTzskazRrUsqU5ijBe0t--ZgbFj63JLl4jEm9Srr-yN-p0t1ZyBjW5kAl7k-PLekywBMoMLaYrzPbBKujWe61_ocLoc8Qd0llFalpWmuhaB4f6GB-ZkP36ExeF43gbn5hFEkgdTq6_IrgLnwTIIGjiK6rdSuweSUUgKDKVcRiFH58LSpzpW0X-x5Bf6PnP0SBPvMesjvoGu1SIOeYu8SU2CtZqc85xFa5lVx-jzoLbA2FtqT_rdZk_KcDpbjW0HIMl7w_SnjdBfsj4CHuxZ1dY2SB-TewnzRVNI5OOwWtM1YwVj5tA-0uAXwzFKhdRvWvBxyw5f5z1_MTqi9B1mVOV2oMKn0VlQ_nhQWryUsT3sWjUrI8ph7Q63KlsEqi6kB92w5XRCrJEUYFfS_ZZdqJjmQxLir906OzVJbd9X9SJlPqXeEKh-Gmm6oH82RpEJ1Muq3oRtjx7Y6yRbeg35hfrL6yPzzStwkw_kly2EyHLRTAUiYEwFjQoj4VdllXyfLABIqIiKPPA-AEAZIFBAgEGAGSBQQIBRgEoAYugAf7nY3HAagH1ckbqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfulrECqAemvhuoB-zVG9gHAPIHBBDU3AHSCAkIgOGAUBABGB2ACgHICwHYEw2yFxoKGAgAEhRwdWItNjk5OTk2ODY5ODgyNzM5NQ&sigh=oJ7lkOY3cCU&template_id=3484
Requested by: Host: 5f7a3c227877733a11b3d8ac75a2ccaf.safeframe.googlesyndication.com
URL: https://5f7a3c227877733a11b3d8ac75a2ccaf.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s05-in-f2.1e100.net
Software: /
Resource Hash

Request headers

Referer: https://5f7a3c227877733a11b3d8ac75a2ccaf.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H/1.1

206
Partial Content

videoplayback
r2---sn-4g5edne6.googlevideo.com/ Frame 22B1
Redirect Chain

https://r2---sn-4g5e6nsk.googlevideo.com/videoplayback?expire=1619464760&ei=uKGGYPqvKt-B6dsP1rWDuAI&ip=89.249.64.203&id=16de1625ddc475dc&itag=18&source=youtube&requiressl=yes&mh=bp&mm=31&mn=sn-4g5e...
https://r2---sn-4g5edne6.googlevideo.com/videoplayback?expire=1619464760&ei=uKGGYPqvKt-B6dsP1rWDuAI&ip=89.249.64.203&id=16de1625ddc475dc&itag=18&source=youtube&requiressl=yes&susc=gvp&acao=yes&ctie...

1 MB
1 MB

23ms
7ms

Media
video/mp4

2a00:1450:4001:51::8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://r2---sn-4g5edne6.googlevideo.com/videoplayback?expire=1619464760&ei=uKGGYPqvKt-B6dsP1rWDuAI&ip=89.249.64.203&id=16de1625ddc475dc&itag=18&source=youtube&requiressl=yes&susc=gvp&acao=yes&ctier=L&mime=video/mp4&vprv=1&dur=22.616&lmt=1611934249563212&txp=6210222&sparams=expire,ei,ip,id,itag,source,requiressl,susc,acao,ctier,mime,vprv,dur,lmt&sig=AOq0QJ8wRQIhAOaVpjNZixE5cx6BU_oumwsUgCiP68XmRc8SWQZWI9tzAiA7t4nm3d5Jj3DaqZFKZFBjvgtzM3l-bkoTK8T9_-6TWw==&redirect_counter=1&rm=sn-4g5ezd7l&req_id=f2ee6a02b4e836e2&cms_redirect=yes&ipbypass=yes&mh=bp&mip=2a01:4f8:121:131a::2&mm=31&mn=sn-4g5edne6&ms=au&mt=1619435805&mv=m&mvi=2&pl=42&lsparams=ipbypass,mh,mip,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRAIgcrd3kgJY1QIf_sUuHeKKmaBlZjCQ3eJcLGTDwtHq0i0CICwrgWRX1ygR7aINZhDHo2hhuIEwp8FFyZx37v-6u7gK

Requested by

Host: 5f7a3c227877733a11b3d8ac75a2ccaf.safeframe.googlesyndication.com
URL: https://5f7a3c227877733a11b3d8ac75a2ccaf.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:51::8 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

0b17718f9aed950d85f11511bbdbc12bd3e352979de46c50532b0f0c3d34f390

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://5f7a3c227877733a11b3d8ac75a2ccaf.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 26 Apr 2021 11:19:21 GMT
X-Content-Type-Options: nosniff
Last-Modified: Fri, 29 Jan 2021 15:30:49 GMT
Server: gvs 1.0
Vary: Origin
Content-Type: video/mp4
Content-Range: bytes 0-1076618/1076619
Cache-Control: private, max-age=28499
Cross-Origin-Resource-Policy: cross-origin
Connection: close
Accept-Ranges: bytes
Alt-Svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length: 1076619
Expires: Mon, 26 Apr 2021 11:19:21 GMT

Redirect headers

Date: Mon, 26 Apr 2021 11:19:21 GMT
X-Content-Type-Options: nosniff
Last-Modified: Wed, 02 May 2007 10:26:10 GMT
Server: gvs 1.0
Vary: Origin
Content-Type: text/html
Location: https://r2---sn-4g5edne6.googlevideo.com/videoplayback?expire=1619464760&ei=uKGGYPqvKt-B6dsP1rWDuAI&ip=89.249.64.203&id=16de1625ddc475dc&itag=18&source=youtube&requiressl=yes&susc=gvp&acao=yes&ctier=L&mime=video/mp4&vprv=1&dur=22.616&lmt=1611934249563212&txp=6210222&sparams=expire,ei,ip,id,itag,source,requiressl,susc,acao,ctier,mime,vprv,dur,lmt&sig=AOq0QJ8wRQIhAOaVpjNZixE5cx6BU_oumwsUgCiP68XmRc8SWQZWI9tzAiA7t4nm3d5Jj3DaqZFKZFBjvgtzM3l-bkoTK8T9_-6TWw==&redirect_counter=1&rm=sn-4g5ezd7l&req_id=f2ee6a02b4e836e2&cms_redirect=yes&ipbypass=yes&mh=bp&mip=2a01:4f8:121:131a::2&mm=31&mn=sn-4g5edne6&ms=au&mt=1619435805&mv=m&mvi=2&pl=42&lsparams=ipbypass,mh,mip,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRAIgcrd3kgJY1QIf_sUuHeKKmaBlZjCQ3eJcLGTDwtHq0i0CICwrgWRX1ygR7aINZhDHo2hhuIEwp8FFyZx37v-6u7gK
Cache-Control: private, max-age=900
Cross-Origin-Resource-Policy: cross-origin
Connection: close
Content-Length: 0
Expires: Mon, 26 Apr 2021 11:19:21 GMT

GET
DATA 200
OK truncated
/ Frame 22B1 207 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 665b69584118d73ab9a780b92de980b1df9d4b1924a0a6c24516f0705ea2bf9d

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H/1.1 200
OK analytics.js Show response
cdn.innity.net/ Frame D321 173 B
523 B 7ms
7ms Script
application/javascript 23.38.48.217
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.innity.net/analytics.js
Requested by: Host: www.thesundaily.my
URL: https://www.thesundaily.my/home/astrazeneca-is-safe-to-be-given-to-senior-citizens-adham-YL7793054?_hsmi=88974744&_hsenc=p2ANqtz-_G5s6CORBttERc_beHteVqqnJIJh5EriMR00fz0Cexxf2lQpsFfBisijUxttE-tNX9yfHTn7fBQWbcOnOkY3_eCosMOOPpTIuaIKsiuCzrvP7v03c
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 23.38.48.217 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-38-48-217.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: d86f773cc0628268e605173f2d589ee2ec9ecfd150e454514240eb2bfcb1fb82

Request headers

Referer: https://www.thesundaily.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 26 Apr 2021 11:19:21 GMT
Content-Encoding: gzip
Last-Modified: Wed, 09 Dec 2015 07:32:50 GMT
Server: Apache
ETag: "ad-5267218ef0c80-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=86400
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 152
Expires: Tue, 27 Apr 2021 11:19:21 GMT

GET
H2 200 4UabrENHsxJlGDuGo1OIlLV154tzCwY.woff2
fonts.gstatic.com/s/googlesans/v27/ Frame 22B1 21 KB
21 KB 8ms
7ms Font
font/woff2 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v27/4UabrENHsxJlGDuGo1OIlLV154tzCwY.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a14d1a7f7fa4b8ccbabe55b417ddc660997ef1cb5290f94c7f4f39c69bb640fc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://5f7a3c227877733a11b3d8ac75a2ccaf.safeframe.googlesyndication.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 22 Apr 2021 13:31:17 GMT
x-content-type-options: nosniff
last-modified: Wed, 11 Nov 2020 20:26:11 GMT
server: sffe
age: 337684
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21520
x-xss-protection: 0
expires: Fri, 22 Apr 2022 13:31:17 GMT

GET
H2 200 4UaGrENHsxJlGDuGo1OIlL3Owp4.woff2
fonts.gstatic.com/s/googlesans/v27/ Frame 22B1 21 KB
21 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v27/4UaGrENHsxJlGDuGo1OIlL3Owp4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1cf04407e728ea1ebf82dc1c6b45d12632cb3202ff8f4556f380b16e57484f27

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://5f7a3c227877733a11b3d8ac75a2ccaf.safeframe.googlesyndication.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Apr 2021 21:23:56 GMT
x-content-type-options: nosniff
last-modified: Wed, 11 Nov 2020 20:26:16 GMT
server: sffe
age: 482125
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21552
x-xss-protection: 0
expires: Wed, 20 Apr 2022 21:23:56 GMT

GET
H3-29 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 6238 22 KB
8 KB 7ms
7ms Document
text/html 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/Enqz_20U.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://5f7a3c227877733a11b3d8ac75a2ccaf.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://5f7a3c227877733a11b3d8ac75a2ccaf.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 8395
date: Mon, 26 Apr 2021 11:10:33 GMT
expires: Tue, 26 Apr 2022 11:10:33 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 528
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H/1.1 200
OK global.js Show response
cdn.innity.net/ 1 KB
741 B 8ms
8ms Script
application/javascript 23.38.48.217
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.innity.net/global.js
Requested by: Host: as.innity.com
URL: https://as.innity.com/synd/?cb=1619435960123&ver=1&pub=1f9b616faddedc02339603f3b37d196c&zone=65042&output=js&flash=0&url=www.thesundaily.my&width=300&height=250&cat=CAREERS_LEARNING,BUSINESS_FINANCE,HEALTH_FITNESS&vpw=1600&vph=1200&auction=1256647-5698fba
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 23.38.48.217 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-38-48-217.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: f3517c5a69a80ca8b695cd91cf0b503c3ea5cca71305a3018b5d953cff331983

Request headers

Referer: https://www.thesundaily.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Date: Mon, 26 Apr 2021 11:19:21 GMT
Content-Encoding: gzip
Last-Modified: Tue, 25 Jun 2019 10:05:06 GMT
Server: Apache
ETag: "423-58c2310229880-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=86400
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 369
Expires: Tue, 27 Apr 2021 11:19:21 GMT

GET
H/1.1 200
OK hjtkt1t9m63l Show response
hal9000.redintelligence.net/zone/ Frame E158 11 KB
4 KB 40ms
12ms Script
text/html 138.201.84.253
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal9000.redintelligence.net/zone/hjtkt1t9m63l?subid=&gdpr=-1&gdpr_consent=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCeiZEuKGGYKyQEZSY7_UPysuGyAuP4PiGU_Woi6TKDPAuEAEg9Ov2K2CV-vCBjAfIAQmpAuia16jxS7Q-qAMBqgTsAU_QVRmRyhsmS9I132uzAlHccjrM3q_8nJKBkhFSVc-Mhk4Rl4F4nHtfUsRWyV3mrablYuAHgyKB8zBFpTCGYp7falA3-Ky6dTh10FkaUksNGZ61RX-Oy_s0dZtGBKA8Smbbw0G2dyjrCDEC1XOMWq3PL9AZELUlqLhhim2ren9hm0fOx1sLQ4va38bm76ywrqiYORUSoYfmNPmCdW4UsXkjfi1w1r0UIzfNwXFBDGQymROChupEysULTHFutxsIbtcLf8Ov_TxtRih9JYWQIOYIq06ye-LrsgEKPY_-xmhQJrE6b2Fm5cHBvGQ3wAS78ajAzwHgBAOQBgGgBk2AB-vn6F6oB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7NUbqAfulrECqAemvhuoB-zVG6gH89EbqAeW2BvYBwDSCAkIgOGAUBABGB3yCBthZHgtc3Vic3luLTY4NTYzNDk5MjY1MDYxOTWACgOYCwHICwGADAGwE8Ka2grQEwDYEwPYFAE%26ae%3D1%26num%3D1%26cid%3DCAASPeRoY1OtUsWcxFyvYdKn-JN2vTKS0UOxx9kJDW36Ty_wzUfB5os68RJABmPK_zabef4jns5BClC6KmXHCEY%26sig%3DAOD64_1BTZuc-Xa-Amn2EZJMhHw9_SZAHw%26client%3Dca-pub-1738284215641521%26dbm_c%3DAKAmf-BmcqaMappX0zMGQt4F0vzl8MRkDzTAXd6bGTRJao97RaF-qdEoIa2uBfDuwqf3XJMIfJ0ROPtSJTfu2R2SzoJMuzc2urAI9N1F11h1MoRMxx1OLRnhQ1trUa9SU_OeqWXpwwVY3MHL7AWpA-CCoUwgP2EUgQ%26cry%3D1%26dbm_d%3DAKAmf-DKAU4H1mklmwwyyKQNI5Kxrnw6dXmAzNQyA4YWsAGvOBbcWD1TiVlK8qaUzr_JHzSty1D2claXAkf75Sr5G53f_4LSoEFjBq5b5Y5LIKASQp9ome4MaLAYwVtEC-fhgM99gWgKdyfzmIwhNbMw8JuKp9Oeu7aNPkUtYNGj-StpWXXVCboK2D1dxcYoCJI-P8HmFrL-O-1Msfts5y4yJpf9_fk67dFteTI4HAvVOkGkERTU9gWvTjxzd8VR4pWTe2TVY-SlIua1b7sEKujQK-8kg68r5wE3OLGZx8fSZ_x4NWAGzgZ_ZCD_e83gJKgFeL_vGFpO9NRarBkXoMKxkJd_7ih8kNqaZ3Hxr7DODVbUhHuIr_517W-4npJ0nQXg58t3ArPuU1Zzaer3yiwIzzU3GAwFjrE5DOGESiBHmPEEtrdFZeRzh1HAiLJoiHJEnHKSkfTLB4CEZ0P5gTkuWgNR_CKRidlzDy-m93Ehkp1Y1hPSCXj7g40izFqa2DOeJWV8WSJRn-CYCQooZ2i7oWuiAdUg4L91FQBbqG6zwReEAs0uLCryS923Nsze6m4QoM-UZyRHwdXK3AZHbxnV-IwDgiSqLITQcdwE4KqT1uYdQcMhAZzSW-EInvyYvLyCs2oawpDNNp62z52hsoh9M1zStZCiOC3Pa6KvyLz7hEh0yfat8Zo8KSQfYSptVOoPXKKUVXSQ-060mpN8ebmapvwvzMqwSiSzzY9mokFlS6cDYuxVYRg%26adurl%3D
Requested by: Host: 5f7a3c227877733a11b3d8ac75a2ccaf.safeframe.googlesyndication.com
URL: https://5f7a3c227877733a11b3d8ac75a2ccaf.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.84.253 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: Apache /
Resource Hash: 91b4d29118d69239440d34498b38aa60450e1fc30edbf33d2b3d2ff7c7454b0b

Request headers

Referer: https://5f7a3c227877733a11b3d8ac75a2ccaf.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 26 Apr 2021 11:19:21 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 4207
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8

GET
H/1.1 200
OK /
optimize.innity.com/ Frame D321 43 B
452 B 737ms
171ms Image
image/gif 119.81.3.35
SOFTLAYER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://optimize.innity.com/?pubid=4428&zoneid=65639&cb=1619435961141
Requested by: Host: www.thesundaily.my
URL: https://www.thesundaily.my/home/astrazeneca-is-safe-to-be-given-to-senior-citizens-adham-YL7793054?_hsmi=88974744&_hsenc=p2ANqtz-_G5s6CORBttERc_beHteVqqnJIJh5EriMR00fz0Cexxf2lQpsFfBisijUxttE-tNX9yfHTn7fBQWbcOnOkY3_eCosMOOPpTIuaIKsiuCzrvP7v03c
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 119.81.3.35 Singapore, Singapore, ASN36351 (SOFTLAYER, US),
Reverse DNS
Software: Apache /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: https://www.thesundaily.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 26 Apr 2021 11:19:21 GMT
Last-Modified: Mon, 26 Apr 2021 11:19:21 GMT
Server: Apache
P3P: policyref=http://www.innity.com/p3p/p3p.xml,CP="CURa ADMa DEVa OUR BUS UNI COM NAV INT"
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Content-Type: image/gif
Content-Length: 43
Expires: Sat, 03 Sep 1983 02:00:00 GMT

GET
H/1.1 200
OK innity.js Show response
media.innity.net/lib/ 4 KB
1 KB 7ms
7ms Script
application/javascript 23.38.48.217
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://media.innity.net/lib/innity.js
Requested by: Host: cdn.innity.net
URL: https://cdn.innity.net/global.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 23.38.48.217 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-38-48-217.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: cea68197ad58b6802f8a1735646931eda8e76702b12d90f7df88d537f62b987a

Request headers

Referer: https://www.thesundaily.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Date: Mon, 26 Apr 2021 11:19:21 GMT
Content-Encoding: gzip
Last-Modified: Thu, 02 Nov 2017 06:07:08 GMT
Server: Apache
ETag: "116f-55cf9cc509b00-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=86400
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1073
Expires: Tue, 27 Apr 2021 11:19:21 GMT

GET
H/1.1 200
OK proxy_270196.js Show response
media.innity.net/adnetwork/house/pub_4428/ 2 KB
1 KB 17ms
7ms Script
application/javascript 23.38.48.217
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://media.innity.net/adnetwork/house/pub_4428/proxy_270196.js?ord=[timestamp]
Requested by: Host: cdn.innity.net
URL: https://cdn.innity.net/global.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 23.38.48.217 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-38-48-217.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: c72ca73eb5a5b8f767965f27e756f0d0f04514ffcb7a8847000338fd71856551

Request headers

Referer: https://www.thesundaily.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Date: Mon, 26 Apr 2021 11:19:21 GMT
Content-Encoding: gzip
Last-Modified: Sat, 06 Jun 2020 12:07:10 GMT
Server: Apache
ETag: "9f6-5a76937a51f3e-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=1800
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1082
Expires: Mon, 26 Apr 2021 11:49:21 GMT

GET
H3-29 200 Ru4asw80RDg-wKj4k1IJyVIDrNjFP7NKP7NQDOdNnzM.js Show response
pagead2.googlesyndication.com/bg/ Frame 6238 14 KB
6 KB 8ms
5ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Ru4asw80RDg-wKj4k1IJyVIDrNjFP7NKP7NQDOdNnzM.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

46ee1ab30f3444383ec0a8f8935209c95203acd8c53fb34a3fb3500ce74d9f33

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 25 Apr 2021 14:10:02 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Thu, 08 Apr 2021 09:18:00 GMT
server: sffe
age: 76159
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5687
x-xss-protection: 0
expires: Mon, 25 Apr 2022 14:10:02 GMT

GET
H3-29 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame B900 133 KB
47 KB 23ms
23ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: media.innity.net
URL: https://media.innity.net/adnetwork/house/pub_4428/proxy_270196.js?ord=[timestamp]

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6d0b74f2a3e089cde650f0972d1a568843c275718277a2c167af9011ebf91ff5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.thesundaily.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Apr 2021 11:19:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 48209
x-xss-protection: 0
server: cafe
etag: 2341374986041078434
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Mon, 26 Apr 2021 11:19:21 GMT

GET
H/1.1 200
OK analytics.js Show response
cdn.innity.net/ 173 B
523 B 7ms
7ms Script
application/javascript 23.38.48.217
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.innity.net/analytics.js
Requested by: Host: www.thesundaily.my
URL: https://www.thesundaily.my/home/astrazeneca-is-safe-to-be-given-to-senior-citizens-adham-YL7793054?_hsmi=88974744&_hsenc=p2ANqtz-_G5s6CORBttERc_beHteVqqnJIJh5EriMR00fz0Cexxf2lQpsFfBisijUxttE-tNX9yfHTn7fBQWbcOnOkY3_eCosMOOPpTIuaIKsiuCzrvP7v03c
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 23.38.48.217 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-38-48-217.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: d86f773cc0628268e605173f2d589ee2ec9ecfd150e454514240eb2bfcb1fb82

Request headers

Referer: https://www.thesundaily.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 26 Apr 2021 11:19:21 GMT
Content-Encoding: gzip
Last-Modified: Wed, 09 Dec 2015 07:32:50 GMT
Server: Apache
ETag: "ad-5267218ef0c80-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=86400
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 152
Expires: Tue, 27 Apr 2021 11:19:21 GMT

GET
H3-29 200 show_ads_impl_with_ama_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20210422/r20190131/ 223 KB
83 KB 29ms
28ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20210422/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-6999968698827395&plah=www.thesundaily.my&amaexp=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4d3858fd6875118f687ea5fd972b3e88f1cbec0b84539bfe33585b6ea282af27

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.thesundaily.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Apr 2021 11:19:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 84531
x-xss-protection: 0
server: cafe
etag: 18044138429448666955
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Mon, 26 Apr 2021 11:19:21 GMT

GET
H3-29 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20210422/r20190131/ Frame EE7F 10 KB
5 KB 8ms
7ms Document
text/html 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20210422/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

a5cb642ef22434a24612329870579fbb272cb9fa7475360035596ea56fb0431a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/html/r20210422/r20190131/zrt_lookup.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.thesundaily.my/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUn-x4tpVQ_df4hxllfSxOfRbWx8TKL0pMltEvDCgkhj5vFDGZ0KAB5i2yoxRf0
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.thesundaily.my/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Sun, 25 Apr 2021 19:34:12 GMT
expires: Sun, 09 May 2021 19:34:12 GMT
content-type: text/html; charset=UTF-8
etag: 10446291943670460780
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4644
x-xss-protection: 0
age: 56709
cache-control: public, max-age=1209600
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 133 KB
47 KB 24ms
23ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6d0b74f2a3e089cde650f0972d1a568843c275718277a2c167af9011ebf91ff5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.thesundaily.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Apr 2021 11:19:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 48209
x-xss-protection: 0
server: cafe
etag: 2341374986041078434
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Mon, 26 Apr 2021 11:19:21 GMT

GET
H/1.1 200
OK / Show response
as.innity.com/synd/ 2 KB
1 KB 201ms
201ms Script
text/javascript 149.129.240.178
CNNIC-ALIBABA-US-...

General

Check archive.org

Show headers Download Go to

Full URL: https://as.innity.com/synd/?cb=1619435961200&ver=1&pub=1f9b616faddedc02339603f3b37d196c&zone=65046&output=js&flash=0&url=www.thesundaily.my&width=160&height=600&cat=BUSINESS_FINANCE,CAREERS_LEARNING,HEALTH_FITNESS&vpw=1600&vph=1200&auction=1256647-5698fba
Requested by: Host: cdn.innity.net
URL: https://cdn.innity.net/admanager.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 149.129.240.178 Jakarta, Indonesia, ASN45102 (CNNIC-ALIBABA-US-NET-AP Alibaba (US) Technology Co., Ltd., CN),
Reverse DNS
Software: Apache /
Resource Hash: 2d34b4e26846fa9a719cf422c1c3d5e27b2328a82cf7ec96cc465f0b6f24b978

Request headers

Referer: https://www.thesundaily.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Pragma: no-cache
Date: Mon, 26 Apr 2021 11:19:21 GMT
Content-Encoding: gzip
Last-Modified: Mon, 26 Apr 2021 11:19:21 GMT
Server: Apache
Vary: Accept-Encoding
P3P: policyref=http://www.innity.com/p3p/p3p.xml,CP="CURa ADMa DEVa OUR BUS UNI COM NAV INT"
Cache-Control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
Content-Type: text/javascript; charset=utf-8
Content-Length: 805
Expires: Sat, 03 Sep 1983 02:00:00 GMT

GET
H/1.1

200
OK

request.php Show response
hal900013.redintelligence.net/ Frame E158
Redirect Chain

https://hal900013.redintelligence.net/request.php?zone=hjtkt1t9m63l&nw=20&renderingType=javascript&namespace=e6697659d1&subid=&uid=d20e93b66f12f092&screenSize=1600x1200&screenSizeAvail=1600x1200&cl...
https://hal900013.redintelligence.net/request.php?zone=hjtkt1t9m63l&nw=20&renderingType=javascript&namespace=e6697659d1&subid=&uid=d20e93b66f12f092&screenSize=1600x1200&screenSizeAvail=1600x1200&cl...

613 B
936 B

95ms
73ms

Script
application/x-javascript

116.202.48.214
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal900013.redintelligence.net/request.php?zone=hjtkt1t9m63l&nw=20&renderingType=javascript&namespace=e6697659d1&subid=&uid=d20e93b66f12f092&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x18&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCeiZEuKGGYKyQEZSY7_UPysuGyAuP4PiGU_Woi6TKDPAuEAEg9Ov2K2CV-vCBjAfIAQmpAuia16jxS7Q-qAMBqgTsAU_QVRmRyhsmS9I132uzAlHccjrM3q_8nJKBkhFSVc-Mhk4Rl4F4nHtfUsRWyV3mrablYuAHgyKB8zBFpTCGYp7falA3-Ky6dTh10FkaUksNGZ61RX-Oy_s0dZtGBKA8Smbbw0G2dyjrCDEC1XOMWq3PL9AZELUlqLhhim2ren9hm0fOx1sLQ4va38bm76ywrqiYORUSoYfmNPmCdW4UsXkjfi1w1r0UIzfNwXFBDGQymROChupEysULTHFutxsIbtcLf8Ov_TxtRih9JYWQIOYIq06ye-LrsgEKPY_-xmhQJrE6b2Fm5cHBvGQ3wAS78ajAzwHgBAOQBgGgBk2AB-vn6F6oB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7NUbqAfulrECqAemvhuoB-zVG6gH89EbqAeW2BvYBwDSCAkIgOGAUBABGB3yCBthZHgtc3Vic3luLTY4NTYzNDk5MjY1MDYxOTWACgOYCwHICwGADAGwE8Ka2grQEwDYEwPYFAE%26ae%3D1%26num%3D1%26cid%3DCAASPeRoY1OtUsWcxFyvYdKn-JN2vTKS0UOxx9kJDW36Ty_wzUfB5os68RJABmPK_zabef4jns5BClC6KmXHCEY%26sig%3DAOD64_1BTZuc-Xa-Amn2EZJMhHw9_SZAHw%26client%3Dca-pub-1738284215641521%26dbm_c%3DAKAmf-BmcqaMappX0zMGQt4F0vzl8MRkDzTAXd6bGTRJao97RaF-qdEoIa2uBfDuwqf3XJMIfJ0ROPtSJTfu2R2SzoJMuzc2urAI9N1F11h1MoRMxx1OLRnhQ1trUa9SU_OeqWXpwwVY3MHL7AWpA-CCoUwgP2EUgQ%26cry%3D1%26dbm_d%3DAKAmf-DKAU4H1mklmwwyyKQNI5Kxrnw6dXmAzNQyA4YWsAGvOBbcWD1TiVlK8qaUzr_JHzSty1D2claXAkf75Sr5G53f_4LSoEFjBq5b5Y5LIKASQp9ome4MaLAYwVtEC-fhgM99gWgKdyfzmIwhNbMw8JuKp9Oeu7aNPkUtYNGj-StpWXXVCboK2D1dxcYoCJI-P8HmFrL-O-1Msfts5y4yJpf9_fk67dFteTI4HAvVOkGkERTU9gWvTjxzd8VR4pWTe2TVY-SlIua1b7sEKujQK-8kg68r5wE3OLGZx8fSZ_x4NWAGzgZ_ZCD_e83gJKgFeL_vGFpO9NRarBkXoMKxkJd_7ih8kNqaZ3Hxr7DODVbUhHuIr_517W-4npJ0nQXg58t3ArPuU1Zzaer3yiwIzzU3GAwFjrE5DOGESiBHmPEEtrdFZeRzh1HAiLJoiHJEnHKSkfTLB4CEZ0P5gTkuWgNR_CKRidlzDy-m93Ehkp1Y1hPSCXj7g40izFqa2DOeJWV8WSJRn-CYCQooZ2i7oWuiAdUg4L91FQBbqG6zwReEAs0uLCryS923Nsze6m4QoM-UZyRHwdXK3AZHbxnV-IwDgiSqLITQcdwE4KqT1uYdQcMhAZzSW-EInvyYvLyCs2oawpDNNp62z52hsoh9M1zStZCiOC3Pa6KvyLz7hEh0yfat8Zo8KSQfYSptVOoPXKKUVXSQ-060mpN8ebmapvwvzMqwSiSzzY9mokFlS6cDYuxVYRg%26adurl%3D&documentReferer=https%3A%2F%2Fwww.thesundaily.my%2F&ancestorOrigins=https%3A%2F%2Fwww.thesundaily.my&random=9689339753700&isIframe=1&container=&adPos=0x14&adPosCheck=1x15&adtagId=0&uidRedirect=1
Requested by: Host: 5f7a3c227877733a11b3d8ac75a2ccaf.safeframe.googlesyndication.com
URL: https://5f7a3c227877733a11b3d8ac75a2ccaf.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 116.202.48.214 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: Apache /
Resource Hash: 0da816bd2f79712773ea8cb28fb50e0de27b96e8e0814327192169ddfedc1411

Request headers

Referer: https://5f7a3c227877733a11b3d8ac75a2ccaf.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 26 Apr 2021 11:19:21 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
X-NEORY-SubId: 55752200112266400710584011576013
Connection: close
Content-Type: application/x-javascript; charset=utf-8
Content-Length: 330
Expires: Mon, 26 Apr 2021 12:19:21 +0200

Redirect headers

Pragma: no-cache
Date: Mon, 26 Apr 2021 11:19:21 GMT
Server: Apache
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Location: request.php?zone=hjtkt1t9m63l&nw=20&renderingType=javascript&namespace=e6697659d1&subid=&uid=d20e93b66f12f092&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x18&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCeiZEuKGGYKyQEZSY7_UPysuGyAuP4PiGU_Woi6TKDPAuEAEg9Ov2K2CV-vCBjAfIAQmpAuia16jxS7Q-qAMBqgTsAU_QVRmRyhsmS9I132uzAlHccjrM3q_8nJKBkhFSVc-Mhk4Rl4F4nHtfUsRWyV3mrablYuAHgyKB8zBFpTCGYp7falA3-Ky6dTh10FkaUksNGZ61RX-Oy_s0dZtGBKA8Smbbw0G2dyjrCDEC1XOMWq3PL9AZELUlqLhhim2ren9hm0fOx1sLQ4va38bm76ywrqiYORUSoYfmNPmCdW4UsXkjfi1w1r0UIzfNwXFBDGQymROChupEysULTHFutxsIbtcLf8Ov_TxtRih9JYWQIOYIq06ye-LrsgEKPY_-xmhQJrE6b2Fm5cHBvGQ3wAS78ajAzwHgBAOQBgGgBk2AB-vn6F6oB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7NUbqAfulrECqAemvhuoB-zVG6gH89EbqAeW2BvYBwDSCAkIgOGAUBABGB3yCBthZHgtc3Vic3luLTY4NTYzNDk5MjY1MDYxOTWACgOYCwHICwGADAGwE8Ka2grQEwDYEwPYFAE%26ae%3D1%26num%3D1%26cid%3DCAASPeRoY1OtUsWcxFyvYdKn-JN2vTKS0UOxx9kJDW36Ty_wzUfB5os68RJABmPK_zabef4jns5BClC6KmXHCEY%26sig%3DAOD64_1BTZuc-Xa-Amn2EZJMhHw9_SZAHw%26client%3Dca-pub-1738284215641521%26dbm_c%3DAKAmf-BmcqaMappX0zMGQt4F0vzl8MRkDzTAXd6bGTRJao97RaF-qdEoIa2uBfDuwqf3XJMIfJ0ROPtSJTfu2R2SzoJMuzc2urAI9N1F11h1MoRMxx1OLRnhQ1trUa9SU_OeqWXpwwVY3MHL7AWpA-CCoUwgP2EUgQ%26cry%3D1%26dbm_d%3DAKAmf-DKAU4H1mklmwwyyKQNI5Kxrnw6dXmAzNQyA4YWsAGvOBbcWD1TiVlK8qaUzr_JHzSty1D2claXAkf75Sr5G53f_4LSoEFjBq5b5Y5LIKASQp9ome4MaLAYwVtEC-fhgM99gWgKdyfzmIwhNbMw8JuKp9Oeu7aNPkUtYNGj-StpWXXVCboK2D1dxcYoCJI-P8HmFrL-O-1Msfts5y4yJpf9_fk67dFteTI4HAvVOkGkERTU9gWvTjxzd8VR4pWTe2TVY-SlIua1b7sEKujQK-8kg68r5wE3OLGZx8fSZ_x4NWAGzgZ_ZCD_e83gJKgFeL_vGFpO9NRarBkXoMKxkJd_7ih8kNqaZ3Hxr7DODVbUhHuIr_517W-4npJ0nQXg58t3ArPuU1Zzaer3yiwIzzU3GAwFjrE5DOGESiBHmPEEtrdFZeRzh1HAiLJoiHJEnHKSkfTLB4CEZ0P5gTkuWgNR_CKRidlzDy-m93Ehkp1Y1hPSCXj7g40izFqa2DOeJWV8WSJRn-CYCQooZ2i7oWuiAdUg4L91FQBbqG6zwReEAs0uLCryS923Nsze6m4QoM-UZyRHwdXK3AZHbxnV-IwDgiSqLITQcdwE4KqT1uYdQcMhAZzSW-EInvyYvLyCs2oawpDNNp62z52hsoh9M1zStZCiOC3Pa6KvyLz7hEh0yfat8Zo8KSQfYSptVOoPXKKUVXSQ-060mpN8ebmapvwvzMqwSiSzzY9mokFlS6cDYuxVYRg%26adurl%3D&documentReferer=https%3A%2F%2Fwww.thesundaily.my%2F&ancestorOrigins=https%3A%2F%2Fwww.thesundaily.my&random=9689339753700&isIframe=1&container=&adPos=0x14&adPosCheck=1x15&adtagId=0&uidRedirect=1
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 0
Expires: Mon, 26 Apr 2021 12:19:21 +0200

GET
H/1.1 200
OK /
optimize.innity.com/ 43 B
452 B 671ms
169ms Image
image/gif 119.81.3.35
SOFTLAYER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://optimize.innity.com/?pubid=4428&zoneid=65042&cb=1619435961232
Requested by: Host: www.thesundaily.my
URL: https://www.thesundaily.my/home/astrazeneca-is-safe-to-be-given-to-senior-citizens-adham-YL7793054?_hsmi=88974744&_hsenc=p2ANqtz-_G5s6CORBttERc_beHteVqqnJIJh5EriMR00fz0Cexxf2lQpsFfBisijUxttE-tNX9yfHTn7fBQWbcOnOkY3_eCosMOOPpTIuaIKsiuCzrvP7v03c
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 119.81.3.35 Singapore, Singapore, ASN36351 (SOFTLAYER, US),
Reverse DNS
Software: Apache /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: https://www.thesundaily.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 26 Apr 2021 11:19:21 GMT
Last-Modified: Mon, 26 Apr 2021 11:19:21 GMT
Server: Apache
P3P: policyref=http://www.innity.com/p3p/p3p.xml,CP="CURa ADMa DEVa OUR BUS UNI COM NAV INT"
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Content-Type: image/gif
Content-Length: 43
Expires: Sat, 03 Sep 1983 02:00:00 GMT

GET
H3-29 200 show_ads_impl_with_ama_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20210422/r20190131/ Frame B900 223 KB
83 KB 30ms
30ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20210422/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-6999968698827395&plah=www.thesundaily.my&amaexp=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4d3858fd6875118f687ea5fd972b3e88f1cbec0b84539bfe33585b6ea282af27

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.thesundaily.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Apr 2021 11:19:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 84531
x-xss-protection: 0
server: cafe
etag: 18044138429448666955
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Mon, 26 Apr 2021 11:19:21 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 12 B
278 B 17ms
15ms Script
text/javascript 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=www.thesundaily.my&callback=_gfp_s_&client=ca-pub-6999968698827395&cookie=ID%3De3d6216e8f34a7bf-22ed5eaef1c70050%3AT%3D1619435960%3AS%3DALNI_MZZAhX_12i2lcgiNsdHRzfKQXL_FQ

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210422/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-6999968698827395&plah=www.thesundaily.my&amaexp=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

daa795332e5dbcf893adf2d5f3349f02b8c1cb957ff3b5f4c11b742e33c3376f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.thesundaily.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Apr 2021 11:19:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 32
x-xss-protection: 0

GET
H3-29 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 29ms
14ms Script
application/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.thesundaily.my

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.thesundaily.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 26 Apr 2021 11:19:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 30ms
15ms Script
application/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.thesundaily.my

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.thesundaily.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 26 Apr 2021 11:19:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame D53A 77 KB
26 KB 412ms
412ms Document
text/html 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6999968698827395&output=html&h=250&slotname=9935330980&adk=3580731020&adf=3496064688&pi=t.ma~as.9935330980&w=300&lmt=1619435961&psa=0&format=300x250&url=https%3A%2F%2Fwww.thesundaily.my%2Fhome%2Fastrazeneca-is-safe-to-be-given-to-senior-citizens-adham-YL7793054%3F_hsmi%3D88974744%26_hsenc%3Dp2ANqtz-_G5s6CORBttERc_beHteVqqnJIJh5EriMR00fz0Cexxf2lQpsFfBisijUxttE-tNX9yfHTn7fBQWbcOnOkY3_eCosMOOPpTIuaIKsiuCzrvP7v03c&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1619435961184&bpp=12&bdt=1408&idt=76&shv=r20210422&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3De3d6216e8f34a7bf-22ed5eaef1c70050%3AT%3D1619435960%3AS%3DALNI_MZZAhX_12i2lcgiNsdHRzfKQXL_FQ&correlator=3256238547201&frm=20&pv=2&ga_vid=353529585.1619435960&ga_sid=1619435960&ga_hid=1243480928&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1040&ady=2951&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C21068108%2C31060839&oid=3&pvsid=3866203379239951&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=13&uci=a!d&btvi=1&fsb=1&xpc=FHWuNUYsg8&p=https%3A//www.thesundaily.my&dtd=90

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

223e376a87383d1ce050c52698780249b562cf577852eea84ebe226c393dcad6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-6999968698827395&output=html&h=250&slotname=9935330980&adk=3580731020&adf=3496064688&pi=t.ma~as.9935330980&w=300&lmt=1619435961&psa=0&format=300x250&url=https%3A%2F%2Fwww.thesundaily.my%2Fhome%2Fastrazeneca-is-safe-to-be-given-to-senior-citizens-adham-YL7793054%3F_hsmi%3D88974744%26_hsenc%3Dp2ANqtz-_G5s6CORBttERc_beHteVqqnJIJh5EriMR00fz0Cexxf2lQpsFfBisijUxttE-tNX9yfHTn7fBQWbcOnOkY3_eCosMOOPpTIuaIKsiuCzrvP7v03c&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1619435961184&bpp=12&bdt=1408&idt=76&shv=r20210422&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3De3d6216e8f34a7bf-22ed5eaef1c70050%3AT%3D1619435960%3AS%3DALNI_MZZAhX_12i2lcgiNsdHRzfKQXL_FQ&correlator=3256238547201&frm=20&pv=2&ga_vid=353529585.1619435960&ga_sid=1619435960&ga_hid=1243480928&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1040&ady=2951&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C21068108%2C31060839&oid=3&pvsid=3866203379239951&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=13&uci=a!d&btvi=1&fsb=1&xpc=FHWuNUYsg8&p=https%3A//www.thesundaily.my&dtd=90
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.thesundaily.my/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUn-x4tpVQ_df4hxllfSxOfRbWx8TKL0pMltEvDCgkhj5vFDGZ0KAB5i2yoxRf0
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.thesundaily.my/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Mon, 26 Apr 2021 11:19:21 GMT
server: cafe
content-length: 26271
x-xss-protection: 0
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 0F1B 93 KB
33 KB 400ms
399ms Document
text/html 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6999968698827395&output=html&h=600&slotname=3502211389&adk=549021246&adf=281698034&pi=t.ma~as.3502211389&w=300&lmt=1619435961&psa=0&format=300x600&url=https%3A%2F%2Fwww.thesundaily.my%2Fhome%2Fastrazeneca-is-safe-to-be-given-to-senior-citizens-adham-YL7793054%3F_hsmi%3D88974744%26_hsenc%3Dp2ANqtz-_G5s6CORBttERc_beHteVqqnJIJh5EriMR00fz0Cexxf2lQpsFfBisijUxttE-tNX9yfHTn7fBQWbcOnOkY3_eCosMOOPpTIuaIKsiuCzrvP7v03c&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1619435961197&bpp=2&bdt=1420&idt=115&shv=r20210422&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3De3d6216e8f34a7bf-22ed5eaef1c70050%3AT%3D1619435960%3AS%3DALNI_MZZAhX_12i2lcgiNsdHRzfKQXL_FQ&prev_fmts=300x250&correlator=3256238547201&frm=20&pv=1&ga_vid=353529585.1619435960&ga_sid=1619435960&ga_hid=1243480928&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1040&ady=3708&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C21068108%2C31060839&oid=3&pvsid=3866203379239951&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=14&uci=a!e&btvi=2&fsb=1&xpc=XyCO8G3lCI&p=https%3A//www.thesundaily.my&dtd=119

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

fb9b918314be38132029e20ec4868df93c0583f5276b3ef7b112d62ea2068cd5

Security Headers

Name	Value
Content-Security-Policy	child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1684394985928583253/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1684394985928583253/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CMD92Inlm_ACFbLGuwgdoxIMpw&gqi=uaGGYLKGFIGhlQeVn6G4Ag&layout=/sadbundle/%24csp%253Der3%24/1684394985928583253/index.html
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-6999968698827395&output=html&h=600&slotname=3502211389&adk=549021246&adf=281698034&pi=t.ma~as.3502211389&w=300&lmt=1619435961&psa=0&format=300x600&url=https%3A%2F%2Fwww.thesundaily.my%2Fhome%2Fastrazeneca-is-safe-to-be-given-to-senior-citizens-adham-YL7793054%3F_hsmi%3D88974744%26_hsenc%3Dp2ANqtz-_G5s6CORBttERc_beHteVqqnJIJh5EriMR00fz0Cexxf2lQpsFfBisijUxttE-tNX9yfHTn7fBQWbcOnOkY3_eCosMOOPpTIuaIKsiuCzrvP7v03c&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1619435961197&bpp=2&bdt=1420&idt=115&shv=r20210422&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3De3d6216e8f34a7bf-22ed5eaef1c70050%3AT%3D1619435960%3AS%3DALNI_MZZAhX_12i2lcgiNsdHRzfKQXL_FQ&prev_fmts=300x250&correlator=3256238547201&frm=20&pv=1&ga_vid=353529585.1619435960&ga_sid=1619435960&ga_hid=1243480928&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1040&ady=3708&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C21068108%2C31060839&oid=3&pvsid=3866203379239951&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=14&uci=a!e&btvi=2&fsb=1&xpc=XyCO8G3lCI&p=https%3A//www.thesundaily.my&dtd=119
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.thesundaily.my/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUn-x4tpVQ_df4hxllfSxOfRbWx8TKL0pMltEvDCgkhj5vFDGZ0KAB5i2yoxRf0
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.thesundaily.my/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-security-policy: child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1684394985928583253/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1684394985928583253/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CMD92Inlm_ACFbLGuwgdoxIMpw&gqi=uaGGYLKGFIGhlQeVn6G4Ag&layout=/sadbundle/%24csp%253Der3%24/1684394985928583253/index.html
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Mon, 26 Apr 2021 11:19:21 GMT
server: cafe
content-length: 33885
x-xss-protection: 0
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 cta-branding.js Show response
cdn.taboola.com/demand-formats/cta-branding/ 18 KB
6 KB 8ms
7ms Script
application/javascript 199.232.137.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/demand-formats/cta-branding/cta-branding.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20210426-7-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: bdbf16fe106d25833a5b8e1b037e9aeb75244d176fb6ffbd24e6c81a6a1883a1

Request headers

Referer: https://www.thesundaily.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: IIDHQmOaInKTagHDgZ2sRYl7a6t4vNCe
content-encoding: gzip
etag: "61dcb949061f3ccef572e2843c15b6bc"
age: 4685
x-cache: HIT
x-amz-replication-status: PENDING
content-length: 5633
x-amz-id-2: fK5zTzoL3NhLJpD0DQP3ZANACK2aDR0gQz07fhdCIZzwS4rBIuByUTitd6IeDND6KXfc+ELNGCU=
x-served-by: cache-hhn11538-HHN
last-modified: Mon, 26 Apr 2021 10:00:59 GMT
server: AmazonS3
x-timer: S1619435961.344973,VS0,VE0
date: Mon, 26 Apr 2021 11:19:21 GMT
vary: Accept-Encoding
x-amz-request-id: F95QK033FWW5CZF9
via: 1.1 varnish
cache-control: private,max-age=14400
accept-ranges: bytes
content-type: application/javascript
abp: 54
x-cache-hits: 59462

GET
H2 200 cta-branding.css
cdn.taboola.com/demand-formats/cta-branding/ 2 KB
1 KB 7ms
6ms Stylesheet
text/css 199.232.137.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/demand-formats/cta-branding/cta-branding.css
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20210426-7-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 6fe77418e833f1ddfcf701ba7b6ebbd24efd2e93bce56065e0f1e711b1d829f8

Request headers

Referer: https://www.thesundaily.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: 10qGt8O9hKdbB5IigEtXn8Bn._HPfO8j
content-encoding: gzip
etag: "10c372ee2c83a7fd12df18aebc5320c6"
age: 16228
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 719
x-amz-id-2: WKHOafpT9qf7ClanGhqGwcczB303Ax3znQ9/m3xHolnoZIR6HeT7S39m4QTumo+QVxjz+gbVzlI=
x-served-by: cache-hhn11538-HHN
last-modified: Tue, 06 Apr 2021 14:48:01 GMT
server: AmazonS3
x-timer: S1619435961.345007,VS0,VE0
date: Mon, 26 Apr 2021 11:19:21 GMT
vary: Accept-Encoding
x-amz-request-id: CR4E2RJ6SANDVYVF
via: 1.1 varnish
cache-control: private,max-age=14400
accept-ranges: bytes
content-type: text/css
abp: 54
x-cache-hits: 223396

GET
H2 200 tfa-eid.20210426-7-RELEASE.es6.js Show response
cdn.taboola.com/libtrc/ 13 KB
5 KB 10ms
10ms Script
application/javascript 199.232.137.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/tfa-eid.20210426-7-RELEASE.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/thesundaily/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 2c68f37c057dcc5f59213e9898ebf7105d08ad9f48934c2edb3b84ec51230c57

Request headers

Referer: https://www.thesundaily.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: jdZj1YKzsu_7QkxICumLPDBYkHChcnuG
content-encoding: gzip
etag: "883f65ad87e6c5aa1de64a300dfc1b21"
age: 3985
x-cache: HIT
x-amz-replication-status: PENDING
content-length: 4858
x-amz-id-2: oyqRJSoHWbW+LGKoOZy7tHPcg1VDc0OetoDOiJnR7Cl92MtmOgmyB3pSELj2pi1Yg8UmU4ay9/4=
x-served-by: cache-hhn11538-HHN
last-modified: Mon, 26 Apr 2021 10:12:55 GMT
server: AmazonS3
x-timer: S1619435961.347576,VS0,VE0
date: Mon, 26 Apr 2021 11:19:21 GMT
vary: Accept-Encoding
x-amz-request-id: GYPZD1CPJ2YHYNWP
via: 1.1 varnish
cache-control: private,max-age=14400
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
abp: 54
x-cache-hits: 43778

GET
H2 200 sha256.20210426-7-RELEASE.es6.js Show response
cdn.taboola.com/libtrc/ 6 KB
3 KB 9ms
9ms Script
application/javascript 199.232.137.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/sha256.20210426-7-RELEASE.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/thesundaily/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 1d15dcb4e39cf8635d412a35acf5bbbdaced1d2f400612e86644f9e578fe10b0

Request headers

Referer: https://www.thesundaily.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: uYajtKxyNv.DjcX07hkhki8gHslorsgF
content-encoding: gzip
etag: "ddade9d60d30db13508416298d7db5c1"
age: 3973
x-cache: HIT
x-amz-replication-status: PENDING
content-length: 2595
x-amz-id-2: aZEJU5AjNYkuhJqCARBrEXTCn/WgUhUAMNqHia2BRiT55PNe8u9fZTB8i4d+hpaDv1sV2I5uByo=
x-served-by: cache-hhn11538-HHN
last-modified: Mon, 26 Apr 2021 10:13:05 GMT
server: AmazonS3
x-timer: S1619435961.347545,VS0,VE0
date: Mon, 26 Apr 2021 11:19:21 GMT
vary: Accept-Encoding
x-amz-request-id: R6GTKSS76JXX09AR
via: 1.1 varnish
cache-control: private,max-age=14400
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
abp: 54
x-cache-hits: 41554

GET
H2 200 floating-unit.20210426-7-RELEASE.es6.js Show response
cdn.taboola.com/libtrc/ 7 KB
3 KB 8ms
8ms Script
application/javascript 199.232.137.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/floating-unit.20210426-7-RELEASE.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/thesundaily/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: d8ca14be2ee8098397d40f512a5ee4fcaa7be369976703d99aac9c61d790d3db

Request headers

Referer: https://www.thesundaily.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: eojDSXaL9kmnx8fC82ZA.lS1i6yXKEZ1
content-encoding: gzip
etag: "3ffae588dda80c3219545fc7888fdfb7"
age: 3964
x-cache: HIT
x-amz-replication-status: PENDING
content-length: 2293
x-amz-id-2: 09wvRg3iNCxBXHp57t92t1pTO3byy7i44GdwuFSKUkUO3s4pHzXB8H3ubnCV9A9/TvcXxUL/L9Q=
x-served-by: cache-hhn11538-HHN
last-modified: Mon, 26 Apr 2021 10:13:15 GMT
server: AmazonS3
x-timer: S1619435961.348809,VS0,VE0
date: Mon, 26 Apr 2021 11:19:21 GMT
vary: Accept-Encoding
x-amz-request-id: W4EKAWV3BYXAWCKH
via: 1.1 varnish
cache-control: private,max-age=14400
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
abp: 54
x-cache-hits: 2014

GET
H2 200 tb Show response
15.taboola.com/ 36 KB
10 KB 26ms
25ms XHR
text/html 199.232.137.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://15.taboola.com/tb?oid=15&pubnm=thesundaily&unitType=244&tbloc=&pageType=text&pstn=Below%20Article%20Thumbnails&uuip=Feed%20-%20Below%20Article%20Thumbnails&cisrf=&cirf=https%3A%2F%2Fwww.thesundaily.my%2Fhome%2Fastrazeneca-is-safe-to-be-given-to-senior-citizens-adham-YL7793054&encoded=1&uid=642eef7c-30f3-46e4-af7e-73046a8780cb-tuct7802738&variant=-100|1786174239&callback=TRC.videoTagCallbacks.videoCallback1&cb=1619435961346&tagid=&cntry=DE&platform=1&sesid=24e6dac2ea2b67b68f275f78d6f9701a&itemid=/home/astrazeneca-is-safe-to-be-given-to-senior-citizens-adham-yl7793054&viewid=1619435960763&geolat=&geoing=&deviceifa=&appid=&sd=v2_24e6dac2ea2b67b68f275f78d6f9701a_642eef7c-30f3-46e4-af7e-73046a8780cb-tuct7802738_1619435960_1619435960_CNawjgYQ3ZxAGLvznu-QLyABKAEwODib4wlA_4kQSOOG2ANQpuwQWABgAGixr-m1yv33zq0B&ri=4d2e71bc157aef01039567fecbde366b&appname=&cdb=&gdprApplies=true&rid=&sii=-692606540934149579&oee=true&tpubid=1052253&uis=2&fagg=1&ccpaDns=false&ccpaPrivacy=&region=BE&hasGDPRConsent=true&tcfVersion=&cmpStatus=&tnetid=&prcnt=&layer=
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20210426-7-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 6bcb26b1a89e8aa8d9e180b1c071fc30460882895fdfbd19d6a0e11e1e33d3d9

Request headers

Referer: https://www.thesundaily.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 26 Apr 2021 11:19:21 GMT
content-encoding: gzip
access-control-allow-origin: https://www.thesundaily.my
machineid: 1415
x-cache: MISS
xvid-debug: mrmr - :
x-served-by: cache-hhn11538-HHN
pragma: no-cache
server: nginx
x-timer: S1619435961.351282,VS0,VE19
vary: Accept-Encoding
content-type: text/html;charset=ISO-8859-1
via: 1.1 varnish
expires: Sat, 26 Jul 1997 05:00:00 GMT
cache-control: no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
access-control-allow-credentials: true
accept-ranges: bytes
link: <https://am-wf.taboola.com>; rel=preconnect
x-cache-hits: 0

GET
H2 200 feed-card-placeholder.20210426-7-RELEASE.es6.js Show response
cdn.taboola.com/libtrc/ 5 KB
2 KB 9ms
7ms Script
application/javascript 199.232.137.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/feed-card-placeholder.20210426-7-RELEASE.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/thesundaily/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 2121976754061ef484584734a419cd953584a21520bcc7ed1ba7371a352baa08

Request headers

Referer: https://www.thesundaily.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: 5wZ8LdJSbXcleKbiYPXHFYLPlI4yN6G5
content-encoding: gzip
etag: "6426eb608203942b94bddd1a9099f4d9"
age: 3957
x-cache: HIT
x-amz-replication-status: PENDING
content-length: 1268
x-amz-id-2: zCsFuoWZXh71R2NqupzasKnKlZkePDrEeHjX2ZRELu/FUElXh5AFMxU+eumZRUBwdkYDyAu4RnY=
x-served-by: cache-hhn11538-HHN
last-modified: Mon, 26 Apr 2021 10:13:22 GMT
server: AmazonS3
x-timer: S1619435961.360959,VS0,VE0
date: Mon, 26 Apr 2021 11:19:21 GMT
vary: Accept-Encoding
x-amz-request-id: H3VCRHM47T9YEFF0
via: 1.1 varnish
cache-control: private,max-age=14400
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
abp: 54
x-cache-hits: 28734

GET
H2 200 userx.20210426-7-RELEASE.es6.js Show response
cdn.taboola.com/libtrc/ 23 KB
8 KB 7ms
7ms Script
application/javascript 199.232.137.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/userx.20210426-7-RELEASE.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/thesundaily/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 5fc35919a40254d13d084483b211d99464c2139e77374f51b84f3aa8d7373fa1

Request headers

Referer: https://www.thesundaily.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: byTDBy0vKEWuYoH6OXsL3Re9x6ULJJ1C
content-encoding: gzip
etag: "9df28f46026ae6c62cb236fa60c260a3"
age: 3989
x-cache: HIT
x-amz-replication-status: PENDING
content-length: 7858
x-amz-id-2: bJXipwwO9uzamQD7hBgYhZ3eEiGFWiqxKJO24rZXE0VVS6r7bb5lA2F2DhQsaqLcapUvM1W7yIA=
x-served-by: cache-hhn11538-HHN
last-modified: Mon, 26 Apr 2021 10:12:50 GMT
server: AmazonS3
x-timer: S1619435961.372298,VS0,VE0
date: Mon, 26 Apr 2021 11:19:21 GMT
vary: Accept-Encoding
x-amz-request-id: NC4T0CYQ6H142YDV
via: 1.1 varnish
cache-control: private,max-age=14400
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
abp: 54
x-cache-hits: 10677

GET
H2 200 explore-more.20210426-7-RELEASE.es6.js Show response
cdn.taboola.com/libtrc/ 18 KB
7 KB 9ms
8ms Script
application/javascript 199.232.137.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/explore-more.20210426-7-RELEASE.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/thesundaily/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 15ab303b645b88aaf719253f0600400ca3b2eee2165240a24d085cbb37b6e0fd

Request headers

Referer: https://www.thesundaily.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: R7RrwJ.iqI9x0QdP0gs.OKNeXlZNXMRq
content-encoding: gzip
etag: "078727b673a7ab7c1a4ae4c4c61a1a41"
age: 3955
x-cache: HIT
x-amz-replication-status: PENDING
content-length: 6620
x-amz-id-2: L6uwJSK+PW8AQ7YfjnXGIAf56CrXj3C1MFtzTf43j4QluQuTZ7fHVpHe5Hcnup/nEcH7z8qoidY=
x-served-by: cache-hhn11538-HHN
last-modified: Mon, 26 Apr 2021 10:13:25 GMT
server: AmazonS3
x-timer: S1619435961.382440,VS0,VE0
date: Mon, 26 Apr 2021 11:19:21 GMT
vary: Accept-Encoding
x-amz-request-id: P0Q6ZD64SDECJS2V
via: 1.1 varnish
cache-control: private,max-age=14400
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
abp: 54
x-cache-hits: 7659

GET
H2 204 supply-feature
trc.taboola.com/thesundaily/log/3/ 0
249 B 19ms
16ms Image
image/gif 199.232.137.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trc.taboola.com/thesundaily/log/3/supply-feature?route=AM:AM:V&lti=deflated&ri=89e514718cd81018eea818fafd5dd26a&sd=v2_24e6dac2ea2b67b68f275f78d6f9701a_642eef7c-30f3-46e4-af7e-73046a8780cb-tuct7802738_1619435960_1619435960_CNawjgYQ3ZxAGLvznu-QLyABKAEwODib4wlA_4kQSOOG2ANQpuwQWABgAGixr-m1yv33zq0B&ui=642eef7c-30f3-46e4-af7e-73046a8780cb-tuct7802738&pi=/home/astrazeneca-is-safe-to-be-given-to-senior-citizens-adham-yl7793054&wi=-692606540934149579&pt=text&vi=1619435960763&d=%7B%22event_type%22%3A%22next_up%22%2C%22event_state%22%3A%22RENDERED%22%2C%22event_value%22%3Anull%2C%22event_msg%22%3Anull%7D&tim=13%3A19%3A21.344&id=7905&llvl=1&cv=20210426-7-RELEASE&
Requested by: Host: www.thesundaily.my
URL: https://www.thesundaily.my/home/astrazeneca-is-safe-to-be-given-to-senior-citizens-adham-YL7793054?_hsmi=88974744&_hsenc=p2ANqtz-_G5s6CORBttERc_beHteVqqnJIJh5EriMR00fz0Cexxf2lQpsFfBisijUxttE-tNX9yfHTn7fBQWbcOnOkY3_eCosMOOPpTIuaIKsiuCzrvP7v03c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.thesundaily.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 9
pragma: no-cache
date: Mon, 26 Apr 2021 11:19:21 GMT
via: 1.1 varnish
server: nginx
x-timer: S1619435961.405809,VS0,VE9
x-served-by: cache-hhn11538-HHN
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-credentials: true
accept-ranges: bytes
content-type: image/gif
x-cache-hits: 0

GET
H2 204 debug
trc-events.taboola.com/thesundaily/log/2/ 0
277 B 68ms
19ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trc-events.taboola.com/thesundaily/log/2/debug?tim=13%3A19%3A21.345&type=warn&msg=TRC.extractValidContainer%3A%20Could%20not%20find%20any%20valid%20container%20when%20trying%20to%20move%20feed&id=1935&cv=20210426-7-RELEASE&lt=deflated&pct=1
Requested by: Host: www.thesundaily.my
URL: https://www.thesundaily.my/home/astrazeneca-is-safe-to-be-given-to-senior-citizens-adham-YL7793054?_hsmi=88974744&_hsenc=p2ANqtz-_G5s6CORBttERc_beHteVqqnJIJh5EriMR00fz0Cexxf2lQpsFfBisijUxttE-tNX9yfHTn7fBQWbcOnOkY3_eCosMOOPpTIuaIKsiuCzrvP7v03c
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.thesundaily.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 26 Apr 2021 11:19:21 GMT
server: nginx
x-fastly-to-nlb-rtt: 12933
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-credentials: true
tbl-x-upstream: 10.41.14.57:10213

GET
H2 204 debug
trc-events.taboola.com/thesundaily/log/2/ 0
277 B 69ms
20ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trc-events.taboola.com/thesundaily/log/2/debug?tim=13%3A19%3A21.357&type=error&msg=Exit%20TRCRBox.loadScriptCallback(retry%3D0)%3A%20no%20items%20in%20response%20-%20thumbs-feed-01&id=7606&cv=20210426-7-RELEASE&lt=deflated&pct=1
Requested by: Host: www.thesundaily.my
URL: https://www.thesundaily.my/home/astrazeneca-is-safe-to-be-given-to-senior-citizens-adham-YL7793054?_hsmi=88974744&_hsenc=p2ANqtz-_G5s6CORBttERc_beHteVqqnJIJh5EriMR00fz0Cexxf2lQpsFfBisijUxttE-tNX9yfHTn7fBQWbcOnOkY3_eCosMOOPpTIuaIKsiuCzrvP7v03c
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.thesundaily.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 26 Apr 2021 11:19:21 GMT
server: nginx
x-fastly-to-nlb-rtt: 12933
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-credentials: true
tbl-x-upstream: 10.41.10.199:10213

GET
H2 204 debug
trc-events.taboola.com/thesundaily/log/2/ 0
277 B 69ms
21ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trc-events.taboola.com/thesundaily/log/2/debug?tim=13%3A19%3A21.359&type=error&msg=Exit%20TRCRBox.loadScriptCallback(retry%3D0)%3A%20no%20items%20in%20response%20-%20organic-thumbs-feed-01&id=8729&cv=20210426-7-RELEASE&lt=deflated&pct=1
Requested by: Host: www.thesundaily.my
URL: https://www.thesundaily.my/home/astrazeneca-is-safe-to-be-given-to-senior-citizens-adham-YL7793054?_hsmi=88974744&_hsenc=p2ANqtz-_G5s6CORBttERc_beHteVqqnJIJh5EriMR00fz0Cexxf2lQpsFfBisijUxttE-tNX9yfHTn7fBQWbcOnOkY3_eCosMOOPpTIuaIKsiuCzrvP7v03c
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.thesundaily.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 26 Apr 2021 11:19:21 GMT
server: nginx
x-fastly-to-nlb-rtt: 12933
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-credentials: true
tbl-x-upstream: 10.41.10.104:10213

GET
H2 200 f89e1763-220d-4e09-ba69-9e040548fb7a.svg
cdn.taboola.com/static/f8/ 4 KB
2 KB 7ms
7ms Image
image/svg+xml 199.232.137.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.taboola.com/static/f8/f89e1763-220d-4e09-ba69-9e040548fb7a.svg
Requested by: Host: www.thesundaily.my
URL: https://www.thesundaily.my/home/astrazeneca-is-safe-to-be-given-to-senior-citizens-adham-YL7793054?_hsmi=88974744&_hsenc=p2ANqtz-_G5s6CORBttERc_beHteVqqnJIJh5EriMR00fz0Cexxf2lQpsFfBisijUxttE-tNX9yfHTn7fBQWbcOnOkY3_eCosMOOPpTIuaIKsiuCzrvP7v03c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 39b076e4bb4fab9b8a142499cf6155f8c128464974691a04de7e764f71b72618

Request headers

Referer: https://www.thesundaily.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: cMrDKn.emLmm9kiiOOF64ulDT4DRy6LK
content-encoding: gzip
etag: "b8b410e4b18d45aa2f3d9bc09cd335fb"
age: 91
via: 1.1 varnish
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 1758
x-amz-id-2: NEmU1ZLGBivh17attqjutVeDItpvUZXBnAqIjCXHVmq+ljcnqasABW9FxsaZow932JBDe4UzNuo=
x-served-by: cache-hhn11538-HHN
last-modified: Wed, 07 Feb 2018 11:15:52 GMT
server: AmazonS3
x-timer: S1619435961.407941,VS0,VE0
date: Mon, 26 Apr 2021 11:19:21 GMT
vary: Accept-Encoding
access-control-allow-methods: GET
x-amz-request-id: 11HNEHRPNXTPWD7Z
access-control-allow-origin: *
cache-control: private,max-age=31536000
accept-ranges: bytes
content-type: image/svg+xml
access-control-allow-headers: *
abp: 54
x-cache-hits: 302

GET
H3-29 200 cookie.js Show response
partner.googleadservices.com/gampad/ Frame B900 12 B
53 B 15ms
15ms Script
text/javascript 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

daa795332e5dbcf893adf2d5f3349f02b8c1cb957ff3b5f4c11b742e33c3376f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.thesundaily.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Apr 2021 11:19:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 32
x-xss-protection: 0

GET
H3-29 200 integrator.js Show response
adservice.google.de/adsid/ Frame B900 107 B
122 B 16ms
15ms Script
application/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.thesundaily.my

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.thesundaily.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 26 Apr 2021 11:19:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 integrator.js Show response
adservice.google.com/adsid/ Frame B900 107 B
122 B 15ms
15ms Script
application/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.thesundaily.my

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.thesundaily.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 26 Apr 2021 11:19:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame C6B0 65 KB
25 KB 259ms
256ms Document
text/html 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6999968698827395&output=html&h=250&slotname=5114150528&adk=120511616&adf=2751417941&pi=t.ma~as.5114150528&w=300&psa=0&format=300x250&url=https%3A%2F%2Fwww.thesundaily.my%2Fhome%2Fastrazeneca-is-safe-to-be-given-to-senior-citizens-adham-YL7793054%3F_hsmi%3D88974744%26_hsenc%3Dp2ANqtz-_G5s6CORBttERc_beHteVqqnJIJh5EriMR00fz0Cexxf2lQpsFfBisijUxttE-tNX9yfHTn7fBQWbcOnOkY3_eCosMOOPpTIuaIKsiuCzrvP7v03c&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1619435961243&bpp=2&bdt=82&idt=203&shv=r20210422&cbv=r20190131&ptt=9&saldr=aa&cookie=ID%3De3d6216e8f34a7bf-22ed5eaef1c70050%3AT%3D1619435960%3AS%3DALNI_MZZAhX_12i2lcgiNsdHRzfKQXL_FQ&correlator=3256238547201&frm=23&ife=1&pv=1&ga_vid=353529585.1619435960&ga_sid=1619435961&ga_hid=1372567628&ga_fc=1&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1040&ady=2676&biw=1600&bih=1200&isw=300&ish=250&ifk=2991338289&scr_x=0&scr_y=0&oid=3&pvsid=3912251608612625&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.mdw51gcrxzsj&btvi=1&fsb=1&dtd=211

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

5dd9ac51379e14d0a0e5b85bf37364e87a319a06f063bbb533186e24f403b57a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-6999968698827395&output=html&h=250&slotname=5114150528&adk=120511616&adf=2751417941&pi=t.ma~as.5114150528&w=300&psa=0&format=300x250&url=https%3A%2F%2Fwww.thesundaily.my%2Fhome%2Fastrazeneca-is-safe-to-be-given-to-senior-citizens-adham-YL7793054%3F_hsmi%3D88974744%26_hsenc%3Dp2ANqtz-_G5s6CORBttERc_beHteVqqnJIJh5EriMR00fz0Cexxf2lQpsFfBisijUxttE-tNX9yfHTn7fBQWbcOnOkY3_eCosMOOPpTIuaIKsiuCzrvP7v03c&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1619435961243&bpp=2&bdt=82&idt=203&shv=r20210422&cbv=r20190131&ptt=9&saldr=aa&cookie=ID%3De3d6216e8f34a7bf-22ed5eaef1c70050%3AT%3D1619435960%3AS%3DALNI_MZZAhX_12i2lcgiNsdHRzfKQXL_FQ&correlator=3256238547201&frm=23&ife=1&pv=1&ga_vid=353529585.1619435960&ga_sid=1619435961&ga_hid=1372567628&ga_fc=1&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1040&ady=2676&biw=1600&bih=1200&isw=300&ish=250&ifk=2991338289&scr_x=0&scr_y=0&oid=3&pvsid=3912251608612625&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.mdw51gcrxzsj&btvi=1&fsb=1&dtd=211
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.thesundaily.my/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUn-x4tpVQ_df4hxllfSxOfRbWx8TKL0pMltEvDCgkhj5vFDGZ0KAB5i2yoxRf0
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.thesundaily.my/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Mon, 26 Apr 2021 11:19:21 GMT
server: cafe
content-length: 25068
x-xss-protection: 0
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame B900 9 KB
7 KB 94ms
18ms XHR
application/json 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20210422&st=env

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

51122bb56cfde240a3ea514dccdef37d62889d97f8489055a16f7fb1c4f714c4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.thesundaily.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 26 Apr 2021 11:19:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6956
x-xss-protection: 0

GET
H3-29 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ Frame B900 73 KB
28 KB 17ms
17ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4956137c69656045c048a157aaa84859657bbc7744019d26cce6b5bded84cc49

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.thesundaily.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Apr 2021 11:19:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1619017352525402"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28270
x-xss-protection: 0
expires: Mon, 26 Apr 2021 11:19:21 GMT

GET
H2 200 UnitFeedManagerDesktop.min.js Show response
vidstat.taboola.com/lite-unit/3.4.1/ 96 KB
28 KB 11ms
11ms Script
application/javascript 199.232.137.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vidstat.taboola.com/lite-unit/3.4.1/UnitFeedManagerDesktop.min.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20210426-7-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 9635d0c2ad301f4b79011b25ef35cc869b3dc344a04beabfd886d7f1fb02ed4a

Request headers

Referer: https://www.thesundaily.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Apr 2021 11:19:21 GMT
via: 1.1 a4a46c5a6cdf81ec1d08cf6e63389765.cloudfront.net (CloudFront), 1.1 varnish
age: 785698
x-cache: Miss from cloudfront, HIT
content-encoding: gzip
content-length: 28063
x-served-by: cache-hhn11538-HHN
last-modified: Sat, 17 Apr 2021 09:03:25 GMT
server: AmazonS3
x-timer: S1619435961.468486,VS0,VE0
etag: "e5fdc6c780f546f64ec48fe3656d6dcf"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000
x-amz-cf-pop: FRA53-C1
accept-ranges: bytes
access-control-allow-headers: *
x-amz-cf-id: NVGOFmxCQ6h7QZgiMT62DgGGHCk_EtbMU6CMpmoBktHqHA7tYnQUzQ==
x-cache-hits: 294440

GET
H2 204 abtests
trc.taboola.com/thesundaily/log/3/ 0
254 B 18ms
18ms Image
image/gif 199.232.137.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trc.taboola.com/thesundaily/log/3/abtests?route=AM:AM:V&lti=deflated&ri=89e514718cd81018eea818fafd5dd26a&sd=v2_24e6dac2ea2b67b68f275f78d6f9701a_642eef7c-30f3-46e4-af7e-73046a8780cb-tuct7802738_1619435960_1619435960_CNawjgYQ3ZxAGLvznu-QLyABKAEwODib4wlA_4kQSOOG2ANQpuwQWABgAGixr-m1yv33zq0B&ui=642eef7c-30f3-46e4-af7e-73046a8780cb-tuct7802738&pi=/home/astrazeneca-is-safe-to-be-given-to-senior-citizens-adham-yl7793054&wi=-692606540934149579&pt=text&vi=1619435960763&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22animated_story%22%2C%22type%22%3A%22available%22%2C%22eventTime%22%3A1619435961481%7D&tim=13%3A19%3A21.481&id=4852&llvl=1&cv=20210426-7-RELEASE&
Requested by: Host: www.thesundaily.my
URL: https://www.thesundaily.my/home/astrazeneca-is-safe-to-be-given-to-senior-citizens-adham-YL7793054?_hsmi=88974744&_hsenc=p2ANqtz-_G5s6CORBttERc_beHteVqqnJIJh5EriMR00fz0Cexxf2lQpsFfBisijUxttE-tNX9yfHTn7fBQWbcOnOkY3_eCosMOOPpTIuaIKsiuCzrvP7v03c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.thesundaily.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 9
pragma: no-cache
date: Mon, 26 Apr 2021 11:19:21 GMT
via: 1.1 varnish
server: nginx
x-timer: S1619435961.490547,VS0,VE9
x-served-by: cache-hhn11538-HHN
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-credentials: true
accept-ranges: bytes
content-type: image/gif
x-cache-hits: 0

GET
H2 200 fd55410888c000a4326410482631fecc.jpg
images.taboola.com/taboola/image/fetch/h_470,w_940,c_fill,g_xy_center,x_628,y_217/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 22 KB
22 KB 8ms
7ms Image
image/webp 199.232.137.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/h_470,w_940,c_fill,g_xy_center,x_628,y_217/http%3A//cdn.taboola.com/libtrc/static/thumbnails/fd55410888c000a4326410482631fecc.jpg
Requested by: Host: www.thesundaily.my
URL: https://www.thesundaily.my/home/astrazeneca-is-safe-to-be-given-to-senior-citizens-adham-YL7793054?_hsmi=88974744&_hsenc=p2ANqtz-_G5s6CORBttERc_beHteVqqnJIJh5EriMR00fz0Cexxf2lQpsFfBisijUxttE-tNX9yfHTn7fBQWbcOnOkY3_eCosMOOPpTIuaIKsiuCzrvP7v03c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 7828c5148962841c26e200e4571340310a92f75ce86f99522e27258f87a06e4d

Request headers

Referer: https://www.thesundaily.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 0
date: Mon, 26 Apr 2021 11:19:21 GMT
via: 1.1 varnish, 1.1 varnish
age: 2078806
edge-cache-tag: 532928972401059285837018604789701179863,367656560600555473053542349151143110466,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-ratelimit-remaining: 100
x-cache: HIT, HIT, HIT
x-debug: /taboola/image/fetch/h_470,w_940,c_fill,g_xy_center,x_628,y_217/http%3A//cdn.taboola.com/libtrc/static/thumbnails/fd55410888c000a4326410482631fecc.jpg
content-length: 22422
x-request-id: 56aca4a5a97e54be2a833f084e251cde
x-backend-name: US_DIR:3FP7YNX3LMizprTZsG7BSW--F_US_nlb105
last-modified: Sat, 13 Mar 2021 07:19:22 GMT
server: nginx
x-timer: S1619435961.497497,VS0,VE0
etag: "bc40a5caeea5bf854deddd225327a543"
x-served-by: cache-wdc5574-WDC, cache-dca12929-DCA, cache-hhn11538-HHN
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 1, 1, 13

GET
H2 200 17bf09f7d9a338a1cec6cdf5f0c0f4ed.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 12 KB
13 KB 7ms
7ms Image
image/webp 199.232.137.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/17bf09f7d9a338a1cec6cdf5f0c0f4ed.jpg
Requested by: Host: www.thesundaily.my
URL: https://www.thesundaily.my/home/astrazeneca-is-safe-to-be-given-to-senior-citizens-adham-YL7793054?_hsmi=88974744&_hsenc=p2ANqtz-_G5s6CORBttERc_beHteVqqnJIJh5EriMR00fz0Cexxf2lQpsFfBisijUxttE-tNX9yfHTn7fBQWbcOnOkY3_eCosMOOPpTIuaIKsiuCzrvP7v03c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3bb93562f6ccb8c81685e6ecd10c2a80832b13a8aebd77efd3a1f867e2ed3a3

Request headers

Referer: https://www.thesundaily.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 0
date: Mon, 26 Apr 2021 11:19:21 GMT
via: 1.1 varnish, 1.1 varnish
age: 1041247
edge-cache-tag: 492308724667659939617833024038647873204,508964270601867640353762815650541873101,29ecf9b93bbf306179626feeda1fab70
x-ratelimit-remaining: 100
expiration: expiry-date="Fri, 30 Apr 2021 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache: HIT, HIT, HIT
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/17bf09f7d9a338a1cec6cdf5f0c0f4ed.jpg
content-length: 12226
x-backend-name: US_DIR:3FP7YNX3LMizprTZsG7BSW--F_US_nlb101
last-modified: Tue, 30 Mar 2021 13:24:17 GMT
server: nginx
x-timer: S1619435961.497558,VS0,VE0
etag: "ce2ddf5c0f364f85d1fa55e313702010"
x-served-by: cache-wdc5531-WDC, cache-dca17777-DCA, cache-hhn11538-HHN
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 1, 1, 5

GET
H2 200 34ae3d8438b9f0684092dd84dd25fdb9.jpeg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 49 KB
49 KB 10ms
9ms Image
image/webp 199.232.137.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/34ae3d8438b9f0684092dd84dd25fdb9.jpeg
Requested by: Host: www.thesundaily.my
URL: https://www.thesundaily.my/home/astrazeneca-is-safe-to-be-given-to-senior-citizens-adham-YL7793054?_hsmi=88974744&_hsenc=p2ANqtz-_G5s6CORBttERc_beHteVqqnJIJh5EriMR00fz0Cexxf2lQpsFfBisijUxttE-tNX9yfHTn7fBQWbcOnOkY3_eCosMOOPpTIuaIKsiuCzrvP7v03c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: d2f12163dfde630479be6d0bfba80b919da9b9d36b84d728657c1a51f6c4709c

Request headers

Referer: https://www.thesundaily.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Mon, 26 Apr 2021 11:19:21 GMT
via: 1.1 varnish, 1.1 varnish
age: 3547157
edge-cache-tag: 501898018763052567145069362010418137997,508964270601867640353762815650541873101,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-ratelimit-remaining: 100
x-cache: HIT, MISS, HIT
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/34ae3d8438b9f0684092dd84dd25fdb9.jpeg
content-length: 49996
x-request-id: cfbd3df9fed834ecfcb1ede5af990cc1
x-backend-name: US_DIR:3FP7YNX3LMizprTZsG7BSW--F_US_nlb106
last-modified: Fri, 19 Feb 2021 15:33:21 GMT
server: nginx
x-timer: S1619435961.498094,VS0,VE1
etag: "235e94912dd1e42bcb0e1be20a45bbe5"
x-served-by: cache-wdc5571-WDC, cache-dca12929-DCA, cache-hhn11538-HHN
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 1, 0, 1

GET
H2 200 ef84fc293d41224c184dbdcfd8c83181.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_470%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 115 KB
116 KB 8ms
7ms Image
image/webp 199.232.137.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_470%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ef84fc293d41224c184dbdcfd8c83181.jpg
Requested by: Host: www.thesundaily.my
URL: https://www.thesundaily.my/home/astrazeneca-is-safe-to-be-given-to-senior-citizens-adham-YL7793054?_hsmi=88974744&_hsenc=p2ANqtz-_G5s6CORBttERc_beHteVqqnJIJh5EriMR00fz0Cexxf2lQpsFfBisijUxttE-tNX9yfHTn7fBQWbcOnOkY3_eCosMOOPpTIuaIKsiuCzrvP7v03c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: aab139a775f503ab57338ff3db93962cdc8e19c7cfc5952d14aa4916eac2edf1

Request headers

Referer: https://www.thesundaily.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 0
date: Mon, 26 Apr 2021 11:19:21 GMT
via: 1.1 varnish, 1.1 varnish
age: 2762139
edge-cache-tag: 302479151993994568927198867523656057236,609133043866078124420816096146542687237,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-ratelimit-remaining: 100
x-cache: HIT, MISS, HIT
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_470%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ef84fc293d41224c184dbdcfd8c83181.jpg
content-length: 117634
x-request-id: 4803a2ba32a3d3e3c7019d492a07f8b8
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb801
last-modified: Mon, 22 Mar 2021 19:36:32 GMT
server: nginx
x-timer: S1619435961.498210,VS0,VE0
etag: "0e0a261532af6102639124fe5f52e380"
x-served-by: cache-wdc5561-WDC, cache-dca17764-DCA, cache-hhn11538-HHN
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 1, 0, 19

GET
H2 200 765d64aac16f4029194e10272fcde12b.jpeg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//native-images.s3.amazonaws.com/ 18 KB
18 KB 10ms
10ms Image
image/webp 199.232.137.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//native-images.s3.amazonaws.com/765d64aac16f4029194e10272fcde12b.jpeg
Requested by: Host: www.thesundaily.my
URL: https://www.thesundaily.my/home/astrazeneca-is-safe-to-be-given-to-senior-citizens-adham-YL7793054?_hsmi=88974744&_hsenc=p2ANqtz-_G5s6CORBttERc_beHteVqqnJIJh5EriMR00fz0Cexxf2lQpsFfBisijUxttE-tNX9yfHTn7fBQWbcOnOkY3_eCosMOOPpTIuaIKsiuCzrvP7v03c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 2d1f79df2ded370543e7023899865279aeb5f178a1f3efe7d10c55c4cb926e7e

Request headers

Referer: https://www.thesundaily.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Mon, 26 Apr 2021 11:19:21 GMT
via: 1.1 varnish, 1.1 varnish
age: 3609818
edge-cache-tag: 416751797408842690137832944931310269848,508964270601867640353762815650541873101,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-ratelimit-remaining: 94
x-cache: HIT, HIT, HIT
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//native-images.s3.amazonaws.com/765d64aac16f4029194e10272fcde12b.jpeg
content-length: 18320
x-request-id: 02d9c3c13ceb18a4e15331483ca53af7
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb804
last-modified: Fri, 12 Mar 2021 10:03:27 GMT
server: nginx
x-timer: S1619435961.498387,VS0,VE1
etag: "3b00a1634cfbb2e03f0189f6fc70e22f"
x-served-by: cache-wdc5546-WDC, cache-dca17763-DCA, cache-hhn11538-HHN
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 1, 1, 1

GET
H2 200 1194915793__lw4qfygo.jpg
images.taboola.com/taboola/image/fetch/h_256,w_460,c_fill,g_xy_center,x_1077,y_752/http%3A//cdn.taboola.com/libtrc/static/thumbnails/GETTY_IMAGES/SKP/ 7 KB
8 KB 9ms
8ms Image
image/webp 199.232.137.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/h_256,w_460,c_fill,g_xy_center,x_1077,y_752/http%3A//cdn.taboola.com/libtrc/static/thumbnails/GETTY_IMAGES/SKP/1194915793__lw4qfygo.jpg
Requested by: Host: www.thesundaily.my
URL: https://www.thesundaily.my/home/astrazeneca-is-safe-to-be-given-to-senior-citizens-adham-YL7793054?_hsmi=88974744&_hsenc=p2ANqtz-_G5s6CORBttERc_beHteVqqnJIJh5EriMR00fz0Cexxf2lQpsFfBisijUxttE-tNX9yfHTn7fBQWbcOnOkY3_eCosMOOPpTIuaIKsiuCzrvP7v03c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 3bea6e2ca03a2314b28b243264b0b854a9af23b5c22a557e3f971ac19a65e213

Request headers

Referer: https://www.thesundaily.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 0
date: Mon, 26 Apr 2021 11:19:21 GMT
via: 1.1 varnish, 1.1 varnish
age: 2169623
edge-cache-tag: 325112913315342992146685470256746387214,623551257687285745595297091617235730693,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-ratelimit-remaining: 100
x-cache: HIT, HIT, HIT
x-debug: /taboola/image/fetch/h_256,w_460,c_fill,g_xy_center,x_1077,y_752/http%3A//cdn.taboola.com/libtrc/static/thumbnails/GETTY_IMAGES/SKP/1194915793__lw4qfygo.jpg
content-length: 7388
x-request-id: c094e3d4722ece7bc3fcae60088996c6
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb801
last-modified: Thu, 01 Apr 2021 06:54:18 GMT
server: nginx
x-timer: S1619435961.498365,VS0,VE0
etag: "8fd486d8701688048f6b3d2d52e08810"
x-served-by: cache-wdc5576-WDC, cache-dca17783-DCA, cache-hhn11538-HHN
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 1, 1, 47

GET
H2 200 tbp Show response
15.taboola.com/ 6 KB
3 KB 39ms
38ms XHR
text/html 199.232.137.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://15.taboola.com/tbp?oid=15&pubid=166277&tagid=948107&pstn=[pstn]&cb=[cb]&callback=TRC.pVideoCallbacks.videoCallback1
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20210426-7-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 0bde3f2b9c2756e302fbfaf8c77921ab61d39e32d40ad8d5e7d6e66dea760c9e

Request headers

Referer: https://www.thesundaily.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 26 Apr 2021 11:19:21 GMT
content-encoding: gzip
access-control-allow-origin: https://www.thesundaily.my
machineid: 1449
x-cache: MISS
x-cache-hits: 0
x-served-by: cache-hhn11538-HHN
pragma: no-cache
server: nginx
x-timer: S1619435961.499396,VS0,VE31
vary: Accept-Encoding
content-type: text/html;charset=ISO-8859-1
via: 1.1 varnish
cache-control: no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
access-control-allow-credentials: true
accept-ranges: bytes
expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H2 200 bee9b08157d32efe0dfdca0d1da6df9d.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_470%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 175 KB
176 KB 9ms
8ms Image
image/webp 199.232.137.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_470%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/bee9b08157d32efe0dfdca0d1da6df9d.jpg
Requested by: Host: www.thesundaily.my
URL: https://www.thesundaily.my/home/astrazeneca-is-safe-to-be-given-to-senior-citizens-adham-YL7793054?_hsmi=88974744&_hsenc=p2ANqtz-_G5s6CORBttERc_beHteVqqnJIJh5EriMR00fz0Cexxf2lQpsFfBisijUxttE-tNX9yfHTn7fBQWbcOnOkY3_eCosMOOPpTIuaIKsiuCzrvP7v03c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: c2bc847f71203f4649b74d0925d0dbe618aa5b8798e654a19b8e7c0351684435

Request headers

Referer: https://www.thesundaily.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Mon, 26 Apr 2021 11:19:21 GMT
via: 1.1 varnish, 1.1 varnish
age: 2125996
edge-cache-tag: 589829340117698354400448488692514396131,609133043866078124420816096146542687237,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-ratelimit-remaining: 99
x-cache: HIT, MISS, HIT
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_470%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/bee9b08157d32efe0dfdca0d1da6df9d.jpg
content-length: 179240
x-request-id: 00bae2da1bf92063e2bccce6438376f0
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb801
last-modified: Thu, 01 Apr 2021 08:32:30 GMT
server: nginx
x-timer: S1619435962.506265,VS0,VE1
etag: "e2e87c2b1454dfaa9b299874f7cca22d"
x-served-by: cache-wdc5558-WDC, cache-dca17761-DCA, cache-hhn11538-HHN
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 1, 0, 1

GET
H2 200 najib-2_915754_20200122202711.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_630%2Cw_1260%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//www.thesundaily.my/binrepository/480x270/0c20/480d250/none/11808/FBDR/ 28 KB
28 KB 11ms
10ms Image
image/webp 199.232.137.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_630%2Cw_1260%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//www.thesundaily.my/binrepository/480x270/0c20/480d250/none/11808/FBDR/najib-2_915754_20200122202711.jpg
Requested by: Host: www.thesundaily.my
URL: https://www.thesundaily.my/home/astrazeneca-is-safe-to-be-given-to-senior-citizens-adham-YL7793054?_hsmi=88974744&_hsenc=p2ANqtz-_G5s6CORBttERc_beHteVqqnJIJh5EriMR00fz0Cexxf2lQpsFfBisijUxttE-tNX9yfHTn7fBQWbcOnOkY3_eCosMOOPpTIuaIKsiuCzrvP7v03c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: d329255136c613ba2716bd2dbee1e83f69161682a59391e5717c0b5ab1111216

Request headers

Referer: https://www.thesundaily.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Mon, 26 Apr 2021 11:19:21 GMT
via: 1.1 varnish, 1.1 varnish
age: 358670
edge-cache-tag: 566673715759239201668593264651135656712,308988584250984091245729376248888710740,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-ratelimit-remaining: 100
x-cache: MISS, HIT, HIT
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_630%2Cw_1260%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//www.thesundaily.my/binrepository/480x270/0c20/480d250/none/11808/FBDR/najib-2_915754_20200122202711.jpg
content-length: 28218
x-request-id: 78e9db6828f8c9dd446c62e802536b45
x-backend-name: US_DIR:3FP7YNX3LMizprTZsG7BSW--F_US_nlb103
last-modified: Fri, 16 Apr 2021 21:14:23 GMT
server: nginx
x-timer: S1619435962.507102,VS0,VE1
etag: "bebc196410481f0986bfc65d349ad643"
x-served-by: cache-wdc5551-WDC, cache-dca17727-DCA, cache-hhn11538-HHN
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 1, 1

GET
H2 200 fw1110317-ptj03-08112020-pendidikan-bn202011083343-lpr_1765618_20201108145444.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_630%2Cw_1260%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//www.thesundaily.my/binrepository/480x320/1c0/480d250/none/11808/NUSJ/ 25 KB
25 KB 10ms
9ms Image
image/webp 199.232.137.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_630%2Cw_1260%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//www.thesundaily.my/binrepository/480x320/1c0/480d250/none/11808/NUSJ/fw1110317-ptj03-08112020-pendidikan-bn202011083343-lpr_1765618_20201108145444.jpg
Requested by: Host: www.thesundaily.my
URL: https://www.thesundaily.my/home/astrazeneca-is-safe-to-be-given-to-senior-citizens-adham-YL7793054?_hsmi=88974744&_hsenc=p2ANqtz-_G5s6CORBttERc_beHteVqqnJIJh5EriMR00fz0Cexxf2lQpsFfBisijUxttE-tNX9yfHTn7fBQWbcOnOkY3_eCosMOOPpTIuaIKsiuCzrvP7v03c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: f5cf9bd8acae6d7b4041d85858908a0ddf0f339ffdc4e2876d10888cd8dc20e4

Request headers

Referer: https://www.thesundaily.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Mon, 26 Apr 2021 11:19:21 GMT
via: 1.1 varnish, 1.1 varnish
age: 1743379
edge-cache-tag: 399853002075190113633699190043526361240,308988584250984091245729376248888710740,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-ratelimit-remaining: 100
x-cache: HIT, HIT, HIT
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_630%2Cw_1260%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//www.thesundaily.my/binrepository/480x320/1c0/480d250/none/11808/NUSJ/fw1110317-ptj03-08112020-pendidikan-bn202011083343-lpr_1765618_20201108145444.jpg
content-length: 25334
x-request-id: 7795b36b68275d28b286cc6aedee4f58
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb801
last-modified: Tue, 30 Mar 2021 10:14:00 GMT
server: nginx
x-timer: S1619435962.510049,VS0,VE1
etag: "b31b31cf9143689c9cb0ccf9162c43ca"
x-served-by: cache-wdc5520-WDC, cache-dca17729-DCA, cache-hhn11538-HHN
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 1, 1, 1

GET
H2 200 ptj10-23052020-kkm-bn202005221848_1170182_20200523204246.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_630%2Cw_1260%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//www.thesundaily.my/binrepository/480x320/0c35/480d250/none/11808/SCNT/ 17 KB
18 KB 11ms
10ms Image
image/webp 199.232.137.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_630%2Cw_1260%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//www.thesundaily.my/binrepository/480x320/0c35/480d250/none/11808/SCNT/ptj10-23052020-kkm-bn202005221848_1170182_20200523204246.jpg
Requested by: Host: www.thesundaily.my
URL: https://www.thesundaily.my/home/astrazeneca-is-safe-to-be-given-to-senior-citizens-adham-YL7793054?_hsmi=88974744&_hsenc=p2ANqtz-_G5s6CORBttERc_beHteVqqnJIJh5EriMR00fz0Cexxf2lQpsFfBisijUxttE-tNX9yfHTn7fBQWbcOnOkY3_eCosMOOPpTIuaIKsiuCzrvP7v03c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 59dce65cc00979aed358a2fc5ee6c45e7682cb637b0429beb7d5ab5f65a694e7

Request headers

Referer: https://www.thesundaily.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Mon, 26 Apr 2021 11:19:21 GMT
via: 1.1 varnish, 1.1 varnish
age: 1593262
edge-cache-tag: 398434841487946176361392059054513191435,308988584250984091245729376248888710740,29ecf9b93bbf306179626feeda1fab70
x-ratelimit-remaining: 100
expiration: expiry-date="Mon, 12 Apr 2021 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache: HIT, HIT, HIT
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_630%2Cw_1260%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//www.thesundaily.my/binrepository/480x320/0c35/480d250/none/11808/SCNT/ptj10-23052020-kkm-bn202005221848_1170182_20200523204246.jpg
content-length: 17382
x-backend-name: US_DIR:3FP7YNX3LMizprTZsG7BSW--F_US_nlb102
last-modified: Fri, 12 Mar 2021 16:25:05 GMT
server: nginx
x-timer: S1619435962.510375,VS0,VE1
etag: "8c7af0018584e5ad7464ae03826cd48f"
x-served-by: cache-wdc5545-WDC, cache-dca17776-DCA, cache-hhn11538-HHN
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 1, 1, 1

GET
H2 200 mahathir-perdana-putra-0309-3_1893578_20201214174642.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_630%2Cw_1260%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//www.thesundaily.my/binrepository/480x320/0c35/480d250/none/11808/HRRR/ 28 KB
28 KB 10ms
9ms Image
image/webp 199.232.137.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_630%2Cw_1260%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//www.thesundaily.my/binrepository/480x320/0c35/480d250/none/11808/HRRR/mahathir-perdana-putra-0309-3_1893578_20201214174642.jpg
Requested by: Host: www.thesundaily.my
URL: https://www.thesundaily.my/home/astrazeneca-is-safe-to-be-given-to-senior-citizens-adham-YL7793054?_hsmi=88974744&_hsenc=p2ANqtz-_G5s6CORBttERc_beHteVqqnJIJh5EriMR00fz0Cexxf2lQpsFfBisijUxttE-tNX9yfHTn7fBQWbcOnOkY3_eCosMOOPpTIuaIKsiuCzrvP7v03c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e85f7c6406871d96df2cc9db0d632c4eca3bd411876337cfd48a7cee8487da3a

Request headers

Referer: https://www.thesundaily.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Mon, 26 Apr 2021 11:19:21 GMT
via: 1.1 varnish, 1.1 varnish
age: 2779365
edge-cache-tag: 619136853955459933926636924558589556807,308988584250984091245729376248888710740,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-ratelimit-remaining: 99
x-cache: HIT, HIT, HIT
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_630%2Cw_1260%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//www.thesundaily.my/binrepository/480x320/0c35/480d250/none/11808/HRRR/mahathir-perdana-putra-0309-3_1893578_20201214174642.jpg
content-length: 28270
x-request-id: f47e8ff0db3cddbd8b751c680f88897e
x-backend-name: US_DIR:3FP7YNX3LMizprTZsG7BSW--F_US_nlb106
last-modified: Tue, 02 Mar 2021 14:12:58 GMT
server: nginx
x-timer: S1619435962.510431,VS0,VE1
etag: "0b7db5e37b5f33ecadf75140d53deb35"
x-served-by: cache-wdc5569-WDC, cache-dca17738-DCA, cache-hhn11538-HHN
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 1, 1, 1

GET
H2 200 pdrm_1130186_20200503171617.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_330%2Cw_660%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//www.thesundaily.my/binrepository/480x270/0c10/480d250/none/11808/UNPA/ 20 KB
20 KB 98ms
98ms Image
image/webp 199.232.137.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_330%2Cw_660%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//www.thesundaily.my/binrepository/480x270/0c10/480d250/none/11808/UNPA/pdrm_1130186_20200503171617.jpg
Requested by: Host: www.thesundaily.my
URL: https://www.thesundaily.my/home/astrazeneca-is-safe-to-be-given-to-senior-citizens-adham-YL7793054?_hsmi=88974744&_hsenc=p2ANqtz-_G5s6CORBttERc_beHteVqqnJIJh5EriMR00fz0Cexxf2lQpsFfBisijUxttE-tNX9yfHTn7fBQWbcOnOkY3_eCosMOOPpTIuaIKsiuCzrvP7v03c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 452059aa1ec77f24dfd1e547406588368190b5ff650971e29589f35b85fd9100

Request headers

Referer: https://www.thesundaily.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 89
date: Mon, 26 Apr 2021 11:19:21 GMT
via: 1.1 varnish, 1.1 varnish
age: 18308
edge-cache-tag: 430571527644779745697795166604690177751,388671775900320025315642327208943500211,29ecf9b93bbf306179626feeda1fab70
x-ratelimit-remaining: 98
expiration: expiry-date="Sun, 16 May 2021 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache: MISS, HIT, MISS
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_330%2Cw_660%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//www.thesundaily.my/binrepository/480x270/0c10/480d250/none/11808/UNPA/pdrm_1130186_20200503171617.jpg
content-length: 20068
x-backend-name: US_DIR:3FP7YNX3LMizprTZsG7BSW--F_US_nlb103
last-modified: Thu, 15 Apr 2021 06:02:09 GMT
server: nginx
x-timer: S1619435962.510395,VS0,VE89
etag: "216410aebe5af4bb9b3d4b26722196de"
x-served-by: cache-wdc5520-WDC, cache-dca17777-DCA, cache-hhn11538-HHN
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 1, 0

GET
H2 200 najib_842846_20191216145747.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_345%2Cw_620%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//www.thesundaily.my/binrepository/480x349/0c50/480d250/none/11808/NMMX/ 11 KB
12 KB 13ms
11ms Image
image/webp 199.232.137.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_345%2Cw_620%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//www.thesundaily.my/binrepository/480x349/0c50/480d250/none/11808/NMMX/najib_842846_20191216145747.jpg
Requested by: Host: www.thesundaily.my
URL: https://www.thesundaily.my/home/astrazeneca-is-safe-to-be-given-to-senior-citizens-adham-YL7793054?_hsmi=88974744&_hsenc=p2ANqtz-_G5s6CORBttERc_beHteVqqnJIJh5EriMR00fz0Cexxf2lQpsFfBisijUxttE-tNX9yfHTn7fBQWbcOnOkY3_eCosMOOPpTIuaIKsiuCzrvP7v03c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: b136a61bb2b470a35fd8e4ef7c893b6c8419d532e93f0ee6b811f6d0b77ee1e5

Request headers

Referer: https://www.thesundaily.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Mon, 26 Apr 2021 11:19:21 GMT
via: 1.1 varnish, 1.1 varnish
age: 2771484
edge-cache-tag: 414928369338921267966520774872511807450,392933856032853361833841845111496461250,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-ratelimit-remaining: 98
x-cache: HIT, HIT, HIT
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_345%2Cw_620%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//www.thesundaily.my/binrepository/480x349/0c50/480d250/none/11808/NMMX/najib_842846_20191216145747.jpg
content-length: 11726
x-request-id: b874c27a0c898ee6f72d1852634258c6
x-backend-name: US_DIR:3FP7YNX3LMizprTZsG7BSW--F_US_nlb102
last-modified: Wed, 24 Feb 2021 01:01:25 GMT
server: nginx
x-timer: S1619435962.520882,VS0,VE1
etag: "1cc12df49fd277df0e325dfe42331d85"
x-served-by: cache-wdc5520-WDC, cache-dca17733-DCA, cache-hhn11538-HHN
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 1, 1, 1

GET
H2 200 topshots-7740446_1372078_20200728184737.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_345%2Cw_620%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//www.thesundaily.my/binrepository/480x321/0c27/480d250/none/11808/QMDW/ 19 KB
20 KB 14ms
12ms Image
image/webp 199.232.137.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_345%2Cw_620%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//www.thesundaily.my/binrepository/480x321/0c27/480d250/none/11808/QMDW/topshots-7740446_1372078_20200728184737.jpg
Requested by: Host: www.thesundaily.my
URL: https://www.thesundaily.my/home/astrazeneca-is-safe-to-be-given-to-senior-citizens-adham-YL7793054?_hsmi=88974744&_hsenc=p2ANqtz-_G5s6CORBttERc_beHteVqqnJIJh5EriMR00fz0Cexxf2lQpsFfBisijUxttE-tNX9yfHTn7fBQWbcOnOkY3_eCosMOOPpTIuaIKsiuCzrvP7v03c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 833e9f998cf64a2a44e2bf0c106dfa136b7cc2da359be098b9832a8fc1bb1324

Request headers

Referer: https://www.thesundaily.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Mon, 26 Apr 2021 11:19:21 GMT
via: 1.1 varnish, 1.1 varnish
age: 3922474
edge-cache-tag: 450962131755231810640048284682466448181,392933856032853361833841845111496461250,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-ratelimit-remaining: 100
x-cache: HIT, HIT, HIT
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_345%2Cw_620%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//www.thesundaily.my/binrepository/480x321/0c27/480d250/none/11808/QMDW/topshots-7740446_1372078_20200728184737.jpg
content-length: 19638
x-request-id: 80e3b28b56fc27a9fd1b513a44d658ec
x-backend-name: US_DIR:3FP7YNX3LMizprTZsG7BSW--F_US_nlb104
last-modified: Fri, 19 Feb 2021 09:02:24 GMT
server: nginx
x-timer: S1619435962.521145,VS0,VE1
etag: "54a2069279b863e930aa31ce29fb1ddc"
x-served-by: cache-wdc5533-WDC, cache-dca17751-DCA, cache-hhn11538-HHN
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 1, 1, 1

GET
H2 200 adibrawi-parliament-008-t5c871dd2-m600-x5e663843_238545_20190312130513.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_345%2Cw_620%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//www.thesundaily.my/binrepository/480x321/0c1/480d250/none/11808/AWOJ/ 26 KB
27 KB 13ms
12ms Image
image/webp 199.232.137.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_345%2Cw_620%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//www.thesundaily.my/binrepository/480x321/0c1/480d250/none/11808/AWOJ/adibrawi-parliament-008-t5c871dd2-m600-x5e663843_238545_20190312130513.jpg
Requested by: Host: www.thesundaily.my
URL: https://www.thesundaily.my/home/astrazeneca-is-safe-to-be-given-to-senior-citizens-adham-YL7793054?_hsmi=88974744&_hsenc=p2ANqtz-_G5s6CORBttERc_beHteVqqnJIJh5EriMR00fz0Cexxf2lQpsFfBisijUxttE-tNX9yfHTn7fBQWbcOnOkY3_eCosMOOPpTIuaIKsiuCzrvP7v03c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: ff8b9508fd3b5b979cfe46183a8bff90f0348410d56438b49bdda07c3b65592b

Request headers

Referer: https://www.thesundaily.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Mon, 26 Apr 2021 11:19:21 GMT
via: 1.1 varnish, 1.1 varnish
age: 2162991
edge-cache-tag: 433526721858666472211234692766664491395,392933856032853361833841845111496461250,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-ratelimit-remaining: 99
x-cache: HIT, HIT, HIT
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_345%2Cw_620%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//www.thesundaily.my/binrepository/480x321/0c1/480d250/none/11808/AWOJ/adibrawi-parliament-008-t5c871dd2-m600-x5e663843_238545_20190312130513.jpg
content-length: 26710
x-request-id: 668917f512e0fe078abd7a0cafc11270
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb802
last-modified: Thu, 04 Mar 2021 11:50:19 GMT
server: nginx
x-timer: S1619435962.521120,VS0,VE1
etag: "bc9970d83c5aad6bd3d1fe3492f08ed7"
x-served-by: cache-wdc5540-WDC, cache-dca17738-DCA, cache-hhn11538-HHN
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 1, 1, 1

GET
H2 200 fd55410888c000a4326410482631fecc.jpg
images.taboola.com/taboola/image/fetch/h_523,w_940,c_fill,g_xy_center,x_628,y_217/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 24 KB
25 KB 10ms
10ms Image
image/webp 199.232.137.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/h_523,w_940,c_fill,g_xy_center,x_628,y_217/http%3A//cdn.taboola.com/libtrc/static/thumbnails/fd55410888c000a4326410482631fecc.jpg
Requested by: Host: www.thesundaily.my
URL: https://www.thesundaily.my/home/astrazeneca-is-safe-to-be-given-to-senior-citizens-adham-YL7793054?_hsmi=88974744&_hsenc=p2ANqtz-_G5s6CORBttERc_beHteVqqnJIJh5EriMR00fz0Cexxf2lQpsFfBisijUxttE-tNX9yfHTn7fBQWbcOnOkY3_eCosMOOPpTIuaIKsiuCzrvP7v03c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: b1af3428fa412d99220d691cd5f803d9c8e03acbbfdc7263d2ec80ca708e820b

Request headers

Referer: https://www.thesundaily.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 0
date: Mon, 26 Apr 2021 11:19:21 GMT
via: 1.1 varnish, 1.1 varnish
age: 1004379
edge-cache-tag: 532928972401059285837018604789701179863,402593639207563257213537935007838707908,29ecf9b93bbf306179626feeda1fab70
x-ratelimit-remaining: 100
expiration: expiry-date="Sat, 08 May 2021 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache: HIT, HIT, HIT
x-debug: /taboola/image/fetch/h_523,w_940,c_fill,g_xy_center,x_628,y_217/http%3A//cdn.taboola.com/libtrc/static/thumbnails/fd55410888c000a4326410482631fecc.jpg
content-length: 24814
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb802
last-modified: Wed, 07 Apr 2021 10:18:35 GMT
server: nginx
x-timer: S1619435962.521123,VS0,VE0
etag: "e827348e8aa6ae24d096a41557d91fbc"
x-served-by: cache-wdc5558-WDC, cache-dca17720-DCA, cache-hhn11538-HHN
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 1, 1, 3

GET
H2 200 ef84fc293d41224c184dbdcfd8c83181.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 128 KB
128 KB 8ms
8ms Image
image/webp 199.232.137.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ef84fc293d41224c184dbdcfd8c83181.jpg
Requested by: Host: www.thesundaily.my
URL: https://www.thesundaily.my/home/astrazeneca-is-safe-to-be-given-to-senior-citizens-adham-YL7793054?_hsmi=88974744&_hsenc=p2ANqtz-_G5s6CORBttERc_beHteVqqnJIJh5EriMR00fz0Cexxf2lQpsFfBisijUxttE-tNX9yfHTn7fBQWbcOnOkY3_eCosMOOPpTIuaIKsiuCzrvP7v03c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 47dd28fb8b57ab237856647805db9c3a6f5724759abc07c57750f56cbd0912ed

Request headers

Referer: https://www.thesundaily.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 0
date: Mon, 26 Apr 2021 11:19:21 GMT
via: 1.1 varnish, 1.1 varnish
age: 2784565
edge-cache-tag: 302479151993994568927198867523656057236,475000658346574341699039966618312097677,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-ratelimit-remaining: 100
x-cache: HIT, HIT, HIT
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ef84fc293d41224c184dbdcfd8c83181.jpg
content-length: 130708
x-request-id: 4f019a8a14394c5f6a2bee7acf967a7a
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb801
last-modified: Mon, 22 Mar 2021 19:17:37 GMT
server: nginx
x-timer: S1619435962.521094,VS0,VE0
etag: "9d84e931889f413f949d1971ced68f9e"
x-served-by: cache-wdc5544-WDC, cache-dca17758-DCA, cache-hhn11538-HHN
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 1, 1, 5

GET
H2 200 sultan-kedah_1716947_20201025163924.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_272%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//www.thesundaily.my/binrepository/480x343/1c19/480d250/none/11808/JNPK/ 12 KB
13 KB 99ms
95ms Image
image/webp 199.232.137.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_272%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//www.thesundaily.my/binrepository/480x343/1c19/480d250/none/11808/JNPK/sultan-kedah_1716947_20201025163924.jpg
Requested by: Host: www.thesundaily.my
URL: https://www.thesundaily.my/home/astrazeneca-is-safe-to-be-given-to-senior-citizens-adham-YL7793054?_hsmi=88974744&_hsenc=p2ANqtz-_G5s6CORBttERc_beHteVqqnJIJh5EriMR00fz0Cexxf2lQpsFfBisijUxttE-tNX9yfHTn7fBQWbcOnOkY3_eCosMOOPpTIuaIKsiuCzrvP7v03c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: b9eb8e209bc5d9b46b585366571c1ab4fc7cc261dc2c98aa7421b9b9d9d669df

Request headers

Referer: https://www.thesundaily.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 89
date: Mon, 26 Apr 2021 11:19:21 GMT
via: 1.1 varnish, 1.1 varnish
age: 785540
edge-cache-tag: 580726898906232745297356860960701863446,491862125603500554501118228743896000770,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-ratelimit-remaining: 100
x-cache: HIT, HIT, MISS
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_272%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//www.thesundaily.my/binrepository/480x343/1c19/480d250/none/11808/JNPK/sultan-kedah_1716947_20201025163924.jpg
content-length: 12656
x-request-id: b372cc35017723c2e3d8d4d7a85b4e3d
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb803
last-modified: Tue, 06 Apr 2021 14:28:41 GMT
server: nginx
x-timer: S1619435962.535444,VS0,VE89
etag: "2644ae31c82bbabe25154e3c87f9d387"
x-served-by: cache-wdc5574-WDC, cache-dca17774-DCA, cache-hhn11538-HHN
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 1, 1, 0

GET
H2 200 lge_732865_20191025211101.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_272%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//www.thesundaily.my/binrepository/480x270/0c8/480d250/none/11808/APRC/ 9 KB
10 KB 98ms
95ms Image
image/webp 199.232.137.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_272%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//www.thesundaily.my/binrepository/480x270/0c8/480d250/none/11808/APRC/lge_732865_20191025211101.jpg
Requested by: Host: www.thesundaily.my
URL: https://www.thesundaily.my/home/astrazeneca-is-safe-to-be-given-to-senior-citizens-adham-YL7793054?_hsmi=88974744&_hsenc=p2ANqtz-_G5s6CORBttERc_beHteVqqnJIJh5EriMR00fz0Cexxf2lQpsFfBisijUxttE-tNX9yfHTn7fBQWbcOnOkY3_eCosMOOPpTIuaIKsiuCzrvP7v03c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 38675a72201c391ee31f3218c979b4cc13a6d1e4ed27f5bc9c5d7adb955c584b

Request headers

Referer: https://www.thesundaily.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 89
date: Mon, 26 Apr 2021 11:19:21 GMT
via: 1.1 varnish, 1.1 varnish
age: 518695
edge-cache-tag: 407931889576179043989605452380628025936,491862125603500554501118228743896000770,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-ratelimit-remaining: 100
x-cache: MISS, HIT, MISS
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_272%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//www.thesundaily.my/binrepository/480x270/0c8/480d250/none/11808/APRC/lge_732865_20191025211101.jpg
content-length: 9506
x-request-id: 16c18de4f26bc369eb03a08ed4d20c28
x-backend-name: US_DIR:3FP7YNX3LMizprTZsG7BSW--F_US_nlb106
last-modified: Mon, 19 Apr 2021 15:29:25 GMT
server: nginx
x-timer: S1619435962.536142,VS0,VE89
etag: "658aeebf5ebd277c8fd2d8e736f2d64d"
x-served-by: cache-wdc5533-WDC, cache-dca17772-DCA, cache-hhn11538-HHN
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 1, 0

GET
H2 200 tbp Show response
15.taboola.com/ 6 KB
2 KB 37ms
37ms XHR
text/html 199.232.137.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://15.taboola.com/tbp?oid=15&pubid=166277&tagid=948107&pstn=[pstn]&cb=[cb]&callback=TRC.pVideoCallbacks.videoCallback2
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20210426-7-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: fd50e81d3978ff93922283e1ed988c115802fe75bd5afd2b15ddfed308771458

Request headers

Referer: https://www.thesundaily.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 26 Apr 2021 11:19:21 GMT
content-encoding: gzip
access-control-allow-origin: https://www.thesundaily.my
machineid: 1429
x-cache: MISS
x-cache-hits: 0
x-served-by: cache-hhn11538-HHN
pragma: no-cache
server: nginx
x-timer: S1619435962.503484,VS0,VE30
vary: Accept-Encoding
content-type: text/html;charset=ISO-8859-1
via: 1.1 varnish
cache-control: no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
access-control-allow-credentials: true
accept-ranges: bytes
expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H2 200 bee9b08157d32efe0dfdca0d1da6df9d.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_272%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 45 KB
46 KB 12ms
9ms Image
image/webp 199.232.137.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_272%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/bee9b08157d32efe0dfdca0d1da6df9d.jpg
Requested by: Host: www.thesundaily.my
URL: https://www.thesundaily.my/home/astrazeneca-is-safe-to-be-given-to-senior-citizens-adham-YL7793054?_hsmi=88974744&_hsenc=p2ANqtz-_G5s6CORBttERc_beHteVqqnJIJh5EriMR00fz0Cexxf2lQpsFfBisijUxttE-tNX9yfHTn7fBQWbcOnOkY3_eCosMOOPpTIuaIKsiuCzrvP7v03c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 142f26403a748bcfdf10028d60f79a4ccd14a2f512342a6b49ea0f3b9d55034f

Request headers

Referer: https://www.thesundaily.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Mon, 26 Apr 2021 11:19:21 GMT
via: 1.1 varnish, 1.1 varnish
age: 1305184
edge-cache-tag: 589829340117698354400448488692514396131,491862125603500554501118228743896000770,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-ratelimit-remaining: 100
x-cache: MISS, HIT, HIT
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_272%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/bee9b08157d32efe0dfdca0d1da6df9d.jpg
content-length: 46516
x-request-id: 844a9b0d49d906864b4581ef7ed58a80
x-backend-name: US_DIR:3FP7YNX3LMizprTZsG7BSW--F_US_nlb106
last-modified: Fri, 02 Apr 2021 07:08:39 GMT
server: nginx
x-timer: S1619435962.536271,VS0,VE1
etag: "d3dd14f09c77d339938f912f3402c47b"
x-served-by: cache-wdc5554-WDC, cache-dca17732-DCA, cache-hhn11538-HHN
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 1, 1

GET
H2 200 5621182aa2da79674ae2e75f7fbbaceb.jpg
images.taboola.com/taboola/image/fetch/h_272,w_380,c_fill,g_xy_center,x_520,y_280/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 28 KB
29 KB 10ms
8ms Image
image/webp 199.232.137.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/h_272,w_380,c_fill,g_xy_center,x_520,y_280/http%3A//cdn.taboola.com/libtrc/static/thumbnails/5621182aa2da79674ae2e75f7fbbaceb.jpg
Requested by: Host: www.thesundaily.my
URL: https://www.thesundaily.my/home/astrazeneca-is-safe-to-be-given-to-senior-citizens-adham-YL7793054?_hsmi=88974744&_hsenc=p2ANqtz-_G5s6CORBttERc_beHteVqqnJIJh5EriMR00fz0Cexxf2lQpsFfBisijUxttE-tNX9yfHTn7fBQWbcOnOkY3_eCosMOOPpTIuaIKsiuCzrvP7v03c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: add446458eb1c58524218a1f34a78be5f4650d153dbecf1141b9edfd64b9634c

Request headers

Referer: https://www.thesundaily.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Mon, 26 Apr 2021 11:19:21 GMT
via: 1.1 varnish, 1.1 varnish
age: 839442
edge-cache-tag: 450265650731705506805175281380931797211,441439597101933169963949462822010480825,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-ratelimit-remaining: 100
x-cache: MISS, HIT, HIT
x-debug: /taboola/image/fetch/h_272,w_380,c_fill,g_xy_center,x_520,y_280/http%3A//cdn.taboola.com/libtrc/static/thumbnails/5621182aa2da79674ae2e75f7fbbaceb.jpg
content-length: 28496
x-request-id: 3e9db29385195857c31a155a2a4675f7
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb804
last-modified: Wed, 07 Apr 2021 13:33:36 GMT
server: nginx
x-timer: S1619435962.536234,VS0,VE1
etag: "b609784366767c0fb1b1652c4ee372b1"
x-served-by: cache-wdc5534-WDC, cache-dca17740-DCA, cache-hhn11538-HHN
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 1, 1

GET
H2 200 kl14-160719-ipg-bn201907155167-t5d2d4b_672654_20190928190622.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//www.thesundaily.my/binrepository/480x357/0c43/480d250/none/11808/AUWD/ 21 KB
21 KB 11ms
9ms Image
image/webp 199.232.137.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//www.thesundaily.my/binrepository/480x357/0c43/480d250/none/11808/AUWD/kl14-160719-ipg-bn201907155167-t5d2d4b_672654_20190928190622.jpg
Requested by: Host: www.thesundaily.my
URL: https://www.thesundaily.my/home/astrazeneca-is-safe-to-be-given-to-senior-citizens-adham-YL7793054?_hsmi=88974744&_hsenc=p2ANqtz-_G5s6CORBttERc_beHteVqqnJIJh5EriMR00fz0Cexxf2lQpsFfBisijUxttE-tNX9yfHTn7fBQWbcOnOkY3_eCosMOOPpTIuaIKsiuCzrvP7v03c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 0544c66a873829a56cf2fd27d899154444f8fbbbe682d4a79d70079dd23aba49

Request headers

Referer: https://www.thesundaily.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Mon, 26 Apr 2021 11:19:21 GMT
via: 1.1 varnish, 1.1 varnish
age: 2263233
edge-cache-tag: 447710896981833839525883273523306547599,475000658346574341699039966618312097677,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-ratelimit-remaining: 99
x-cache: HIT, HIT, HIT
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//www.thesundaily.my/binrepository/480x357/0c43/480d250/none/11808/AUWD/kl14-160719-ipg-bn201907155167-t5d2d4b_672654_20190928190622.jpg
content-length: 21042
x-request-id: 3bcb30fe956fd688294fcf66f90fb58b
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb801
last-modified: Thu, 25 Mar 2021 07:32:44 GMT
server: nginx
x-timer: S1619435962.537144,VS0,VE1
etag: "089d54af67ea9f99cb38d72b284709c8"
x-served-by: cache-wdc5533-WDC, cache-dca17741-DCA, cache-hhn11538-HHN
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 1, 1, 1

GET
H2 200 fw1126436-kl25-05122020-mindef-bn202012045018-lpr_1862165_20201205185353.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//www.thesundaily.my/binrepository/480x320/1c0/480d250/none/11808/NRET/ 22 KB
23 KB 12ms
10ms Image
image/webp 199.232.137.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//www.thesundaily.my/binrepository/480x320/1c0/480d250/none/11808/NRET/fw1126436-kl25-05122020-mindef-bn202012045018-lpr_1862165_20201205185353.jpg
Requested by: Host: www.thesundaily.my
URL: https://www.thesundaily.my/home/astrazeneca-is-safe-to-be-given-to-senior-citizens-adham-YL7793054?_hsmi=88974744&_hsenc=p2ANqtz-_G5s6CORBttERc_beHteVqqnJIJh5EriMR00fz0Cexxf2lQpsFfBisijUxttE-tNX9yfHTn7fBQWbcOnOkY3_eCosMOOPpTIuaIKsiuCzrvP7v03c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 88ae211232aa79611a2b2e687cb856cb475ff34e4a4ba6bb6e9018e1553b1315

Request headers

Referer: https://www.thesundaily.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 3
date: Mon, 26 Apr 2021 11:19:21 GMT
via: 1.1 varnish, 1.1 varnish
age: 2597139
edge-cache-tag: 465656860582729271507240867523059030942,475000658346574341699039966618312097677,29ecf9b93bbf306179626feeda1fab70
x-ratelimit-remaining: 100
expiration: expiry-date="Wed, 21 Apr 2021 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache: HIT, MISS, HIT
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//www.thesundaily.my/binrepository/480x320/1c0/480d250/none/11808/NRET/fw1126436-kl25-05122020-mindef-bn202012045018-lpr_1862165_20201205185353.jpg
content-length: 23036
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb801
last-modified: Sun, 21 Mar 2021 07:39:37 GMT
server: nginx
x-timer: S1619435962.547187,VS0,VE3
etag: "f5e142652c34c18af46463ab7e2c6be3"
x-served-by: cache-wdc5540-WDC, cache-dca17757-DCA, cache-hhn11538-HHN
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 1, 0, 1

GET
H/1.1 200
OK request_content.php Show response
hal900013.redintelligence.net/ Frame 63D4 6 KB
2 KB 36ms
13ms Document
text/html 116.202.48.214
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal900013.redintelligence.net/request_content.php?s=55752200112266400710584011576013&a=abac143e
Requested by: Host: hal900013.redintelligence.net
URL: https://hal900013.redintelligence.net/request.php?zone=hjtkt1t9m63l&nw=20&renderingType=javascript&namespace=e6697659d1&subid=&uid=d20e93b66f12f092&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x18&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCeiZEuKGGYKyQEZSY7_UPysuGyAuP4PiGU_Woi6TKDPAuEAEg9Ov2K2CV-vCBjAfIAQmpAuia16jxS7Q-qAMBqgTsAU_QVRmRyhsmS9I132uzAlHccjrM3q_8nJKBkhFSVc-Mhk4Rl4F4nHtfUsRWyV3mrablYuAHgyKB8zBFpTCGYp7falA3-Ky6dTh10FkaUksNGZ61RX-Oy_s0dZtGBKA8Smbbw0G2dyjrCDEC1XOMWq3PL9AZELUlqLhhim2ren9hm0fOx1sLQ4va38bm76ywrqiYORUSoYfmNPmCdW4UsXkjfi1w1r0UIzfNwXFBDGQymROChupEysULTHFutxsIbtcLf8Ov_TxtRih9JYWQIOYIq06ye-LrsgEKPY_-xmhQJrE6b2Fm5cHBvGQ3wAS78ajAzwHgBAOQBgGgBk2AB-vn6F6oB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7NUbqAfulrECqAemvhuoB-zVG6gH89EbqAeW2BvYBwDSCAkIgOGAUBABGB3yCBthZHgtc3Vic3luLTY4NTYzNDk5MjY1MDYxOTWACgOYCwHICwGADAGwE8Ka2grQEwDYEwPYFAE%26ae%3D1%26num%3D1%26cid%3DCAASPeRoY1OtUsWcxFyvYdKn-JN2vTKS0UOxx9kJDW36Ty_wzUfB5os68RJABmPK_zabef4jns5BClC6KmXHCEY%26sig%3DAOD64_1BTZuc-Xa-Amn2EZJMhHw9_SZAHw%26client%3Dca-pub-1738284215641521%26dbm_c%3DAKAmf-BmcqaMappX0zMGQt4F0vzl8MRkDzTAXd6bGTRJao97RaF-qdEoIa2uBfDuwqf3XJMIfJ0ROPtSJTfu2R2SzoJMuzc2urAI9N1F11h1MoRMxx1OLRnhQ1trUa9SU_OeqWXpwwVY3MHL7AWpA-CCoUwgP2EUgQ%26cry%3D1%26dbm_d%3DAKAmf-DKAU4H1mklmwwyyKQNI5Kxrnw6dXmAzNQyA4YWsAGvOBbcWD1TiVlK8qaUzr_JHzSty1D2claXAkf75Sr5G53f_4LSoEFjBq5b5Y5LIKASQp9ome4MaLAYwVtEC-fhgM99gWgKdyfzmIwhNbMw8JuKp9Oeu7aNPkUtYNGj-StpWXXVCboK2D1dxcYoCJI-P8HmFrL-O-1Msfts5y4yJpf9_fk67dFteTI4HAvVOkGkERTU9gWvTjxzd8VR4pWTe2TVY-SlIua1b7sEKujQK-8kg68r5wE3OLGZx8fSZ_x4NWAGzgZ_ZCD_e83gJKgFeL_vGFpO9NRarBkXoMKxkJd_7ih8kNqaZ3Hxr7DODVbUhHuIr_517W-4npJ0nQXg58t3ArPuU1Zzaer3yiwIzzU3GAwFjrE5DOGESiBHmPEEtrdFZeRzh1HAiLJoiHJEnHKSkfTLB4CEZ0P5gTkuWgNR_CKRidlzDy-m93Ehkp1Y1hPSCXj7g40izFqa2DOeJWV8WSJRn-CYCQooZ2i7oWuiAdUg4L91FQBbqG6zwReEAs0uLCryS923Nsze6m4QoM-UZyRHwdXK3AZHbxnV-IwDgiSqLITQcdwE4KqT1uYdQcMhAZzSW-EInvyYvLyCs2oawpDNNp62z52hsoh9M1zStZCiOC3Pa6KvyLz7hEh0yfat8Zo8KSQfYSptVOoPXKKUVXSQ-060mpN8ebmapvwvzMqwSiSzzY9mokFlS6cDYuxVYRg%26adurl%3D&documentReferer=https%3A%2F%2Fwww.thesundaily.my%2F&ancestorOrigins=https%3A%2F%2Fwww.thesundaily.my&random=9689339753700&isIframe=1&container=&adPos=0x14&adPosCheck=1x15&adtagId=0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 116.202.48.214 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: Apache /
Resource Hash: 24371a0e61715c2a756e721997e3c70f5a47b5014d91797c1586ac651352389a

Request headers

Host: hal900013.redintelligence.net
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://5f7a3c227877733a11b3d8ac75a2ccaf.safeframe.googlesyndication.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: 8lcfmzhxc8d6_uid=ba33512bbc250368
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://5f7a3c227877733a11b3d8ac75a2ccaf.safeframe.googlesyndication.com/

Response headers

Date: Mon, 26 Apr 2021 11:19:21 GMT
Server: Apache
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Expires: Mon, 26 Apr 2021 12:19:21 +0200
Pragma: no-cache
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 2136
Connection: close
Content-Type: text/html; charset=utf-8

GET
DATA 200
OK truncated
/ Frame E158 206 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 76a83710f0860ebc2510d788dedea076c07e704911aa49bea988ee4326ddfbbb

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H/1.1 200
OK proxy_270194.js Show response
media.innity.net/adnetwork/house/pub_4428/ 2 KB
1 KB 10ms
9ms Script
application/javascript 23.38.48.217
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://media.innity.net/adnetwork/house/pub_4428/proxy_270194.js?ord=[timestamp]
Requested by: Host: cdn.innity.net
URL: https://cdn.innity.net/global.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 23.38.48.217 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-38-48-217.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: a838d15ccf7d04e3e6915f964bafa00bb0a759700a73bcf9af7cc1bb69fa8110

Request headers

Referer: https://www.thesundaily.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Date: Mon, 26 Apr 2021 11:19:21 GMT
Content-Encoding: gzip
Last-Modified: Sat, 06 Jun 2020 08:54:55 GMT
Server: Apache
ETag: "9f0-5a766881c8ade-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=1800
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1081
Expires: Mon, 26 Apr 2021 11:49:21 GMT

GET
H2 200 next-up-widget.20210426-7-RELEASE.es6.js Show response
cdn.taboola.com/libtrc/ 13 KB
5 KB 7ms
7ms Script
application/javascript 199.232.137.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/next-up-widget.20210426-7-RELEASE.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/thesundaily/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 0d46a19c4a0d6048d78c990bbe13bb15647880ca022f2da8d6f293e349b83e70

Request headers

Referer: https://www.thesundaily.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: rN1tAqMDNqBXZGRcx3J7MrvOGAwbF_2.
content-encoding: gzip
etag: "405cb8cd96befd38655edbd099f40152"
age: 3968
x-cache: HIT
x-amz-replication-status: PENDING
content-length: 4366
x-amz-id-2: 3t9fVuJgYmjK+CkNkQXSdmr0dLSv0LpRHKmyJcwbCMPyDxQ5NECdFL7fE018khyLLBEqJAfBRvw=
x-served-by: cache-hhn11538-HHN
last-modified: Mon, 26 Apr 2021 10:13:12 GMT
server: AmazonS3
x-timer: S1619435962.573029,VS0,VE0
date: Mon, 26 Apr 2021 11:19:21 GMT
vary: Accept-Encoding
x-amz-request-id: SYVE9S1ZC5100N03
via: 1.1 varnish
cache-control: private,max-age=14400
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
abp: 54
x-cache-hits: 1835

GET
H2 200 creative_js.js Show response
vidstat.taboola.com/vpaid/units/27_2_17/creatives/ 4 KB
2 KB 8ms
7ms Script
application/javascript 199.232.137.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vidstat.taboola.com/vpaid/units/27_2_17/creatives/creative_js.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20210426-7-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 6258018e9f890f2383a09a2be6df7792affd977d856e7247ace8341f5b5487f0

Request headers

Referer: https://www.thesundaily.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Apr 2021 11:19:21 GMT
via: 1.1 0e75d8f2d484ce463fc04f5c422aa179.cloudfront.net (CloudFront), 1.1 varnish
age: 1345936
x-amz-meta-mtime: 1580720676
x-cache: RefreshHit from cloudfront, HIT
x-amz-meta-ctime: 1580720957
x-amz-meta-mode: 33188
content-encoding: gzip
content-length: 1904
x-served-by: cache-hhn11538-HHN
last-modified: Mon, 03 Feb 2020 09:09:18 GMT
server: AmazonS3
x-timer: S1619435962.592397,VS0,VE0
etag: "d80eacb3ed43f93a2da80d76e65d19a8"
x-amz-meta-uid: 0
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, HEAD
x-amz-meta-gid: 0
access-control-allow-origin: *
cache-control: public, max-age=2592000
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
content-type: application/javascript
access-control-allow-headers: *
x-amz-cf-id: wmzh0cDjDIUcI3Wel4tio7NVrqgrg1rCz2Rz1knjAiGHpx_HwKnRPQ==
x-cache-hits: 521282

GET
H3-29 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame B900 17 KB
6 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c61a719b48533a1fa932729f4927ba1377a96c441b0d6a427096b867742b4645

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.thesundaily.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Apr 2021 11:19:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1616005470650935"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6437
x-xss-protection: 0
expires: Mon, 26 Apr 2021 11:19:21 GMT

GET
H3-29 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame B323 133 KB
47 KB 24ms
23ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: media.innity.net
URL: https://media.innity.net/adnetwork/house/pub_4428/proxy_270194.js?ord=[timestamp]

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6d0b74f2a3e089cde650f0972d1a568843c275718277a2c167af9011ebf91ff5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.thesundaily.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Apr 2021 11:19:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 48209
x-xss-protection: 0
server: cafe
etag: 2341374986041078434
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Mon, 26 Apr 2021 11:19:21 GMT

GET
H/1.1 200
OK container_576b5a051c51b1c0244bca09.js Show response
ssl-avd.innity.net/1/ Frame DB75 9 KB
4 KB 31ms
10ms Script
application/javascript 23.38.48.217
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ssl-avd.innity.net/1/container_576b5a051c51b1c0244bca09.js
Requested by: Host: info.silobreaker.com
URL: https://info.silobreaker.com/e2t/tc/VWt22z7YxmcLW3d_lfb36JTN9VZjc4S4qSWfGN50kgPk2-HwrV1-WJV7CgH74W8yj8Gf5DDZvcW3TJBTT7kqbNwMR6s8lJGK_xW9h7hwf27nzMqW5wGLkb4hf5GgW3lN5Td7tRBTkW30lvRX1N-LFjW1tW32m7Trp5GW4xr3Wn7WcQ5vW23hz6z6nGFdkW7VpsPv34ByTlW1KrtR88V7szrW39MzFN7Py845W3wb58d2vpQrZW4tlyqy4716kPW7N7-KV2vQ-5fW7qBTzn7dJ1BKW4VM3fG2FFWxyW3sfPLt74fFR8N6_-qlgnJKNxW60WBkK3dW8pZW2_vCdB2RRvxLW5F45Z61c1l3BVnybQW29v8QnW3Bf6923kQS6jN6fzWv1M0WN93c-z1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 23.38.48.217 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-38-48-217.deploy.static.akamaitechnologies.com
Software: nginx/1.18.0 /
Resource Hash: 703f61348ed36938bbbb9f8b87b9a5934df19b2e9e08e8b2783b91a036bd5552

Request headers

Referer: https://www.thesundaily.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 26 Apr 2021 11:19:21 GMT
Content-Encoding: gzip
Last-Modified: Fri, 28 Aug 2020 07:49:25 GMT
Server: nginx/1.18.0
ETag: "5f48b705-25c8-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: public, max-age=1513769
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3431
Expires: Thu, 13 May 2021 23:48:50 GMT

GET
H/1.1 200
OK container_549927e79bd1fa1a040041a9.js Show response
ssl-avd.innity.net/1/ Frame F5E4 7 KB
3 KB 29ms
10ms Script
application/javascript 23.38.48.217
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ssl-avd.innity.net/1/container_549927e79bd1fa1a040041a9.js
Requested by: Host: info.silobreaker.com
URL: https://info.silobreaker.com/e2t/tc/VWt22z7YxmcLW3d_lfb36JTN9VZjc4S4qSWfGN50kgPk2-HwrV1-WJV7CgH74W8yj8Gf5DDZvcW3TJBTT7kqbNwMR6s8lJGK_xW9h7hwf27nzMqW5wGLkb4hf5GgW3lN5Td7tRBTkW30lvRX1N-LFjW1tW32m7Trp5GW4xr3Wn7WcQ5vW23hz6z6nGFdkW7VpsPv34ByTlW1KrtR88V7szrW39MzFN7Py845W3wb58d2vpQrZW4tlyqy4716kPW7N7-KV2vQ-5fW7qBTzn7dJ1BKW4VM3fG2FFWxyW3sfPLt74fFR8N6_-qlgnJKNxW60WBkK3dW8pZW2_vCdB2RRvxLW5F45Z61c1l3BVnybQW29v8QnW3Bf6923kQS6jN6fzWv1M0WN93c-z1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 23.38.48.217 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-38-48-217.deploy.static.akamaitechnologies.com
Software: nginx/1.18.0 /
Resource Hash: 6d82e21331aeb7b154ce45f18bc4a76893c17b1e2db85c4b40397fabfc0b023e

Request headers

Referer: https://www.thesundaily.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 26 Apr 2021 11:19:21 GMT
Content-Encoding: gzip
Last-Modified: Wed, 26 Aug 2020 05:09:27 GMT
Server: nginx/1.18.0
ETag: "5f45ee87-1dd4-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: public, max-age=953120
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2863
Expires: Fri, 07 May 2021 12:04:41 GMT

GET
H2 200 st Show response
imprammp.taboola.com/ Frame 75DB 0
68 B 20ms
18ms Document
text/plain 199.232.137.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://imprammp.taboola.com/st?cipid=7991117&ttype=0&cirid=2AA9DEB79826211485392253757&cicmp=1337627&cijs=1&dast=V7XuUCFgMx4ZFo0aUEZgQx4ZFo0aUEZgUAAAAGBugHHLJgMEcsCm85nMwmi8VoOFosJoPFZDUYDJYwMYvFYjRcrUZjzWKxGE1mq-EUDLbwOd3dbdhA0-nwue71ut_vLjq6PK-7yeE0O-9q518OAAAAAA8ARC3REDu-De0RAAAAABI8I9cKFAEV_xYCFwAAAAAYAARi4RoAUBwG4rKcnXZ_AAA8FIAAAAhghACwhEKIAAAAAIwAAAAAkAAIJBaWADjcLZoAAATkNZzvop4AAAAc1Mk8bbP8____xwDkvTfJAFCkbdwY9AA8-AA8CAEAAFwM1bCgehgGuEMRFVQWMQIAAADIygdaPprUCZVF1f___78VwBUAQEBewzlvbdbNSTFrGAAAAMDYAj0sfr_ZYdf43S77_________zf7PwNAE5LywE0LsqLYU-MZuVZY-wUEAGB7NwCAtwC4mAOwAwAAALj7____zwMAADjZo2R7rcazR1nvM9jC53R312_CFqPVZLJZDmfLxWQwHA1Ho_0J4HKAEzFYLieTxWS3Gq1Gm-FuNBssUCAGE5yQ4WgzWY12q91kOZyMRrPNZIMUrVrNRpvBcDWbzHa71XAwXI5GSNGaxWwyWcxGy91msJyMBsPJcIgHVefS-bw6HxtwOZeMlnPZaC4ZbFYJAAAAAAAAAGAJU-ZNAAAAAE6DmM0mu92KG2_2TBBrtVrWAAAAANy6kQM!&excid=22&tst=1&docw=0&cs=false
Requested by: Host: info.silobreaker.com
URL: https://info.silobreaker.com/e2t/tc/VWt22z7YxmcLW3d_lfb36JTN9VZjc4S4qSWfGN50kgPk2-HwrV1-WJV7CgH74W8yj8Gf5DDZvcW3TJBTT7kqbNwMR6s8lJGK_xW9h7hwf27nzMqW5wGLkb4hf5GgW3lN5Td7tRBTkW30lvRX1N-LFjW1tW32m7Trp5GW4xr3Wn7WcQ5vW23hz6z6nGFdkW7VpsPv34ByTlW1KrtR88V7szrW39MzFN7Py845W3wb58d2vpQrZW4tlyqy4716kPW7N7-KV2vQ-5fW7qBTzn7dJ1BKW4VM3fG2FFWxyW3sfPLt74fFR8N6_-qlgnJKNxW60WBkK3dW8pZW2_vCdB2RRvxLW5F45Z61c1l3BVnybQW29v8QnW3Bf6923kQS6jN6fzWv1M0WN93c-z1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

:method: GET
:authority: imprammp.taboola.com
:scheme: https
:path: /st?cipid=7991117&ttype=0&cirid=2AA9DEB79826211485392253757&cicmp=1337627&cijs=1&dast=V7XuUCFgMx4ZFo0aUEZgQx4ZFo0aUEZgUAAAAGBugHHLJgMEcsCm85nMwmi8VoOFosJoPFZDUYDJYwMYvFYjRcrUZjzWKxGE1mq-EUDLbwOd3dbdhA0-nwue71ut_vLjq6PK-7yeE0O-9q518OAAAAAA8ARC3REDu-De0RAAAAABI8I9cKFAEV_xYCFwAAAAAYAARi4RoAUBwG4rKcnXZ_AAA8FIAAAAhghACwhEKIAAAAAIwAAAAAkAAIJBaWADjcLZoAAATkNZzvop4AAAAc1Mk8bbP8____xwDkvTfJAFCkbdwY9AA8-AA8CAEAAFwM1bCgehgGuEMRFVQWMQIAAADIygdaPprUCZVF1f___78VwBUAQEBewzlvbdbNSTFrGAAAAMDYAj0sfr_ZYdf43S77_________zf7PwNAE5LywE0LsqLYU-MZuVZY-wUEAGB7NwCAtwC4mAOwAwAAALj7____zwMAADjZo2R7rcazR1nvM9jC53R312_CFqPVZLJZDmfLxWQwHA1Ho_0J4HKAEzFYLieTxWS3Gq1Gm-FuNBssUCAGE5yQ4WgzWY12q91kOZyMRrPNZIMUrVrNRpvBcDWbzHa71XAwXI5GSNGaxWwyWcxGy91msJyMBsPJcIgHVefS-bw6HxtwOZeMlnPZaC4ZbFYJAAAAAAAAAGAJU-ZNAAAAAE6DmM0mu92KG2_2TBBrtVrWAAAAANy6kQM!&excid=22&tst=1&docw=0&cs=false
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.thesundaily.my/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.thesundaily.my/

Response headers

server: nginx
accept-ranges: bytes
date: Mon, 26 Apr 2021 11:19:21 GMT
via: 1.1 varnish
x-served-by: cache-hhn11538-HHN
x-cache: MISS
x-cache-hits: 0
x-timer: S1619435962.689495,VS0,VE9
content-length: 0

GET
H2 200 cmTagCUSTOM.js Show response
vidstat.taboola.com/vpaid/units/28_3_10/infra/ 727 KB
132 KB 12ms
10ms Script
application/javascript 199.232.137.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vidstat.taboola.com/vpaid/units/28_3_10/infra/cmTagCUSTOM.js
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/units/27_2_17/creatives/creative_js.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3-br /
Resource Hash: aa7c984cd510935c132345bc7d579dfcde68742f7b11b599b905310f7164718c

Request headers

Referer: https://www.thesundaily.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Apr 2021 11:19:21 GMT
via: 1.1 varnish
age: 1249055
x-amz-meta-mtime: 1605697226
x-cache: HIT
x-amz-meta-ctime: 1605697428
x-amz-meta-mode: 33188
content-encoding: br
content-length: 135037
x-amz-id-2: VjxBj1XdfouY88emdfOOgVqAHiza02SZVwx0PgQinFeBnGvncgkuWFaN9Q+swBuUTy4oWz91VZQ=
x-served-by: cache-hhn11538-HHN
accept-ranges: bytes
last-modified: Wed, 18 Nov 2020 11:03:50 GMT
server: AmazonS3-br
x-timer: S1619435962.690299,VS0,VE0
etag: "37b0b0415484e88063c945bde767ba70"
x-amz-meta-uid: 0
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, HEAD
x-amz-request-id: FQ2Z8D2H15BWD431
access-control-allow-origin: *
cache-control: public, max-age=2592000
x-amz-meta-gid: 0
content-type: application/javascript
access-control-allow-headers: *
x-cache-hits: 115465

GET
H2 200 cmOsUnit.css
vidstat.taboola.com/vpaid/units/28_3_10/assets/css/ 44 KB
7 KB 11ms
10ms Stylesheet
text/css 199.232.137.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vidstat.taboola.com/vpaid/units/28_3_10/assets/css/cmOsUnit.css
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/units/27_2_17/creatives/creative_js.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3-br /
Resource Hash: 4e7681cdfb27c5d0457c58c9f0fe26a68bbf6a8dc88defd3c43826adb1fe6ca8

Request headers

Referer: https://www.thesundaily.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Apr 2021 11:19:21 GMT
via: 1.1 varnish
age: 127436
x-amz-meta-mtime: 1605697226
x-cache: HIT
x-amz-meta-ctime: 1605697397
x-amz-meta-mode: 33188
content-encoding: br
content-length: 6493
x-amz-id-2: sin4OqQLKZQNB5ffyyx/8q8TmGjdtCifygYVIghUNoO5fsn8Q6wUPc8HK3I0fZsVWl8PiRMS8Ig=
x-served-by: cache-hhn11538-HHN
accept-ranges: bytes
last-modified: Wed, 18 Nov 2020 11:03:19 GMT
server: AmazonS3-br
x-timer: S1619435962.690288,VS0,VE0
etag: "083925e970a05bed26a70ecbfde9c0ca"
x-amz-meta-uid: 0
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, HEAD
x-amz-request-id: G7WNZJ429RRKGDQM
access-control-allow-origin: *
cache-control: public, max-age=2592000
x-amz-meta-gid: 0
content-type: text/css
access-control-allow-headers: *
x-cache-hits: 17238

GET
H2 200 st Show response
imprammp.taboola.com/ Frame 5AF1 0
52 B 18ms
17ms Document
text/plain 199.232.137.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://imprammp.taboola.com/st?cipid=7991117&ttype=0&cirid=FE42C649D4236770291241570006&cicmp=1337627&cijs=1&dast=V7da4CFgMx4ZFo0aUEZgQx4ZFo0aUEZgUAAAAGBugHGsYiTTa00XJEmmxmu91gMlwuh5vBbjVcwsQsFovRcLUajTWLxWI0ma2GUzDYwud0d7dhA02nw-e61-t-v7vo6PK87iaH0-y8q51_OQAAAAA8ABC1REPs-Da0RwAAAABI8IxcK1AEVPxbCFwAAAAAYAAQiIVrAEBxGIjLcnba_QEA8FAAAgAggBECwBIKIQIAAAAwAgAAAEACIJBYWALgcLdoAgAQkNdwvot6AgAAcFAn87TN8v___x8DkPfeJANAkbZxY9AD8OAD8CAEAABwMRRFNXxorLRnS1SQWsQIAAAAICsfaPloUidUFlX_____VgBXAAABeQ3nvLVZNyfFrGEAAAAAYwv0sPj9Zodd43e77P_________f7P8MAE1IygM3LciKYk-NZ-RaYe0XEACA7d0AAN4C4GIOwA4AAADg7v___z8PAAAgaY-S7bUazx5lvc9gC5_T3V2_CVuMVpPJZjmcLReTwXA0HI32J4DLAU7EYLmcTBaT3Wq0Gm2Gu9FssECBGExwQoajzWQ12q12k-VwMhrNNpMNUrRqNRttBsPVbDLb7VbDwXA5GiFFaxazyWQxGy13m8FyMhoMJ8MhHlSdS-fz6nxswOVcMlrOZaO5ZLBZJQAAAAAAAACAJUyZNwEAAAA4DWI2m-x2K2682TNBrNVqWQMAAABw60YO!&excid=22&tst=1&docw=0&cs=false
Requested by: Host: info.silobreaker.com
URL: https://info.silobreaker.com/e2t/tc/VWt22z7YxmcLW3d_lfb36JTN9VZjc4S4qSWfGN50kgPk2-HwrV1-WJV7CgH74W8yj8Gf5DDZvcW3TJBTT7kqbNwMR6s8lJGK_xW9h7hwf27nzMqW5wGLkb4hf5GgW3lN5Td7tRBTkW30lvRX1N-LFjW1tW32m7Trp5GW4xr3Wn7WcQ5vW23hz6z6nGFdkW7VpsPv34ByTlW1KrtR88V7szrW39MzFN7Py845W3wb58d2vpQrZW4tlyqy4716kPW7N7-KV2vQ-5fW7qBTzn7dJ1BKW4VM3fG2FFWxyW3sfPLt74fFR8N6_-qlgnJKNxW60WBkK3dW8pZW2_vCdB2RRvxLW5F45Z61c1l3BVnybQW29v8QnW3Bf6923kQS6jN6fzWv1M0WN93c-z1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

:method: GET
:authority: imprammp.taboola.com
:scheme: https
:path: /st?cipid=7991117&ttype=0&cirid=FE42C649D4236770291241570006&cicmp=1337627&cijs=1&dast=V7da4CFgMx4ZFo0aUEZgQx4ZFo0aUEZgUAAAAGBugHGsYiTTa00XJEmmxmu91gMlwuh5vBbjVcwsQsFovRcLUajTWLxWI0ma2GUzDYwud0d7dhA02nw-e61-t-v7vo6PK87iaH0-y8q51_OQAAAAA8ABC1REPs-Da0RwAAAABI8IxcK1AEVPxbCFwAAAAAYAAQiIVrAEBxGIjLcnba_QEA8FAAAgAggBECwBIKIQIAAAAwAgAAAEACIJBYWALgcLdoAgAQkNdwvot6AgAAcFAn87TN8v___x8DkPfeJANAkbZxY9AD8OAD8CAEAABwMRRFNXxorLRnS1SQWsQIAAAAICsfaPloUidUFlX_____VgBXAAABeQ3nvLVZNyfFrGEAAAAAYwv0sPj9Zodd43e77P_________f7P8MAE1IygM3LciKYk-NZ-RaYe0XEACA7d0AAN4C4GIOwA4AAADg7v___z8PAAAgaY-S7bUazx5lvc9gC5_T3V2_CVuMVpPJZjmcLReTwXA0HI32J4DLAU7EYLmcTBaT3Wq0Gm2Gu9FssECBGExwQoajzWQ12q12k-VwMhrNNpMNUrRqNRttBsPVbDLb7VbDwXA5GiFFaxazyWQxGy13m8FyMhoMJ8MhHlSdS-fz6nxswOVcMlrOZaO5ZLBZJQAAAAAAAACAJUyZNwEAAAA4DWI2m-x2K2682TNBrNVqWQMAAABw60YO!&excid=22&tst=1&docw=0&cs=false
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.thesundaily.my/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.thesundaily.my/

Response headers

server: nginx
accept-ranges: bytes
date: Mon, 26 Apr 2021 11:19:21 GMT
via: 1.1 varnish
x-served-by: cache-hhn11538-HHN
x-cache: MISS
x-cache-hits: 0
x-timer: S1619435962.691251,VS0,VE8
content-length: 0

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/1.6.2/ Frame 63D4 89 KB
32 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/1.6.2/jquery.min.js

Requested by

Host: hal900013.redintelligence.net
URL: https://hal900013.redintelligence.net/request_content.php?s=55752200112266400710584011576013&a=abac143e

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d16d07a0353405fcec95f7efc50a2621bc7425f9a5e8895078396fb0dc460c4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://hal900013.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 25 Apr 2021 18:06:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 61980
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 32245
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 25 Apr 2022 18:06:21 GMT

GET
H/1.1 200
OK 300x250_OMAC_2016_Launch%20(3).jpg
cdn.contentspread.net/24i/advertiser/32995/creativesup/ Frame 63D4 52 KB
52 KB 42ms
15ms Image
image/jpeg 62.138.14.19
GD-EMEA-DC-SXB1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.contentspread.net/24i/advertiser/32995/creativesup/300x250_OMAC_2016_Launch%20(3).jpg
Requested by: Host: hal900013.redintelligence.net
URL: https://hal900013.redintelligence.net/request_content.php?s=55752200112266400710584011576013&a=abac143e
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 62.138.14.19 Strasbourg, France, ASN8972 (GD-EMEA-DC-SXB1, DE),
Reverse DNS
Software: nginx /
Resource Hash: 23ef33989f2db4e8afde93e57b1534aeca826f6c70e794a9d7a418fea9a58614

Request headers

Referer: https://hal900013.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 26 Apr 2021 11:19:21 GMT
Last-Modified: Mon, 20 Jun 2016 09:16:21 GMT
Server: nginx
ETag: "5767b465-ce63"
Content-Type: image/jpeg
Connection: close
Accept-Ranges: bytes
Content-Length: 52835

GET
H2 200 980939d5a9b8656a8c601ec879506e42.png
www.thesundaily.my/base-portlet/webrsrc/theme/ 17 KB
18 KB 22ms
21ms Image
image/png 130.61.205.105
ORACLE-BMC-31898

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.thesundaily.my/base-portlet/webrsrc/theme/980939d5a9b8656a8c601ec879506e42.png
Requested by: Host: www.thesundaily.my
URL: https://www.thesundaily.my/base-portlet/webrsrc/theme/f85ec37f13f2cce80e58028ae1f51f32.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 130.61.205.105 Frankfurt am Main, Germany, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software: nginx/1.14.0 /
Resource Hash: 8116a189a195c3a28dc5c7268f3c147f938f7abb26100eae3f93e7def362775e

Request headers

:path: /base-portlet/webrsrc/theme/980939d5a9b8656a8c601ec879506e42.png
pragma: no-cache
cookie: ITR_COOKIE_DEVID=ba736116605cda1f55d7f2aecffa54bd03; ITR_COOKIE_USRID=ba736116605cda1f55d7f2aecffa54bd03; ats_referrer_history=%5B%22%22%5D; _ga_KL5X26DVW5=GS1.1.1619435960.1.0.1619435960.0; _pbjs_userid_consent_data=3524755945110770; _fbp=fb.1.1619435960277.961818600; _ga=GA1.2.353529585.1619435960; _gid=GA1.2.153671978.1619435960; _gat_gtag_UA_23981916_1=1; _hjTLDTest=1; _hjid=4e889c18-5a56-42d7-87fa-c51155533649; _hjFirstSeen=1; cto_bidid=jBbT319NS0laZU9JeXYyaDhmeiUyQjRlR2pCM0RENmJ2aCUyRjFVdlNJWjFDMDhidGxpcHNFNG5qVFlPNEwxdlpXVUUwTVFiQkhmSnExWjJSWTVzbGVNR3Zwb0tKaEElM0QlM0Q; cto_bundle=oMms9F85T2xNbiUyRjBVSU0xNVJaY2tjbndGM3lQMEx6WXJjUXRQNEZlMkk3Uk40QjNvd2phVkJTVUh6SjFTY04xcmN4V1Q1M29aRmFYUzhKa0V6aXBTcm5KMTlydExyOGUzbm9CdVBOaGREVlIyWm1NUkhORmQ2bFdqOTBPbTBjQmxVNEZ4; __gads=ID=e3d6216e8f34a7bf-22ed5eaef1c70050:T=1619435960:S=ALNI_MZZAhX_12i2lcgiNsdHRzfKQXL_FQ; trc_cookie_storage=thesundaily%253Asession-data%3Dv2_24e6dac2ea2b67b68f275f78d6f9701a_642eef7c-30f3-46e4-af7e-73046a8780cb-tuct7802738_1619435960_1619435960_CNawjgYQ3ZxAGLvznu-QLyABKAEwODib4wlA_4kQSOOG2ANQpuwQWABgAGixr-m1yv33zq0B%7Ctaboola%2520global%253Alocal-storage-keys%3D%255B%2522thesundaily%253Asession-data%2522%252C%2522taboola%2520global%253Auser-id%2522%255D%7Ctaboola%2520global%253Auser-id%3D642eef7c-30f3-46e4-af7e-73046a8780cb-tuct7802738
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.thesundaily.my
referer: https://www.thesundaily.my/base-portlet/webrsrc/theme/f85ec37f13f2cce80e58028ae1f51f32.css
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.thesundaily.my/base-portlet/webrsrc/theme/f85ec37f13f2cce80e58028ae1f51f32.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Apr 2021 11:19:21 GMT
server: nginx/1.14.0
etag: "3a173ccf"
content-type: image/png;charset=UTF-8
access-control-allow-origin: https://www.thesundaily.my
cache-control: max-age=31536000
url-regex-ignore-pattern: .+/-/.+
filter-class: com.liferay.portal.servlet.filters.header.HeaderFilter
content-length: 17663
expires: Thu, 21 Apr 2022 19:43:17 GMT

GET
H2 200 503e96730ee60c8bd591710d899bb9b1.png
www.thesundaily.my/base-portlet/webrsrc/theme/ 17 KB
17 KB 35ms
35ms Image
image/png 130.61.205.105
ORACLE-BMC-31898

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.thesundaily.my/base-portlet/webrsrc/theme/503e96730ee60c8bd591710d899bb9b1.png
Requested by: Host: www.thesundaily.my
URL: https://www.thesundaily.my/base-portlet/webrsrc/theme/f85ec37f13f2cce80e58028ae1f51f32.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 130.61.205.105 Frankfurt am Main, Germany, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software: nginx/1.14.0 /
Resource Hash: 22ae07cf2231ef7b8c676783c322d0eeedd6913e9f0910c2de8d10adf3074578

Request headers

:path: /base-portlet/webrsrc/theme/503e96730ee60c8bd591710d899bb9b1.png
pragma: no-cache
cookie: ITR_COOKIE_DEVID=ba736116605cda1f55d7f2aecffa54bd03; ITR_COOKIE_USRID=ba736116605cda1f55d7f2aecffa54bd03; ats_referrer_history=%5B%22%22%5D; _ga_KL5X26DVW5=GS1.1.1619435960.1.0.1619435960.0; _pbjs_userid_consent_data=3524755945110770; _fbp=fb.1.1619435960277.961818600; _ga=GA1.2.353529585.1619435960; _gid=GA1.2.153671978.1619435960; _gat_gtag_UA_23981916_1=1; _hjTLDTest=1; _hjid=4e889c18-5a56-42d7-87fa-c51155533649; _hjFirstSeen=1; cto_bidid=jBbT319NS0laZU9JeXYyaDhmeiUyQjRlR2pCM0RENmJ2aCUyRjFVdlNJWjFDMDhidGxpcHNFNG5qVFlPNEwxdlpXVUUwTVFiQkhmSnExWjJSWTVzbGVNR3Zwb0tKaEElM0QlM0Q; cto_bundle=oMms9F85T2xNbiUyRjBVSU0xNVJaY2tjbndGM3lQMEx6WXJjUXRQNEZlMkk3Uk40QjNvd2phVkJTVUh6SjFTY04xcmN4V1Q1M29aRmFYUzhKa0V6aXBTcm5KMTlydExyOGUzbm9CdVBOaGREVlIyWm1NUkhORmQ2bFdqOTBPbTBjQmxVNEZ4; __gads=ID=e3d6216e8f34a7bf-22ed5eaef1c70050:T=1619435960:S=ALNI_MZZAhX_12i2lcgiNsdHRzfKQXL_FQ; trc_cookie_storage=thesundaily%253Asession-data%3Dv2_24e6dac2ea2b67b68f275f78d6f9701a_642eef7c-30f3-46e4-af7e-73046a8780cb-tuct7802738_1619435960_1619435960_CNawjgYQ3ZxAGLvznu-QLyABKAEwODib4wlA_4kQSOOG2ANQpuwQWABgAGixr-m1yv33zq0B%7Ctaboola%2520global%253Alocal-storage-keys%3D%255B%2522thesundaily%253Asession-data%2522%252C%2522taboola%2520global%253Auser-id%2522%255D%7Ctaboola%2520global%253Auser-id%3D642eef7c-30f3-46e4-af7e-73046a8780cb-tuct7802738
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.thesundaily.my
referer: https://www.thesundaily.my/base-portlet/webrsrc/theme/f85ec37f13f2cce80e58028ae1f51f32.css
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.thesundaily.my/base-portlet/webrsrc/theme/f85ec37f13f2cce80e58028ae1f51f32.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Apr 2021 11:19:21 GMT
server: nginx/1.14.0
etag: "72d984ab"
content-type: image/png;charset=UTF-8
access-control-allow-origin: https://www.thesundaily.my
cache-control: max-age=31536000
url-regex-ignore-pattern: .+/-/.+
filter-class: com.liferay.portal.servlet.filters.header.HeaderFilter
content-length: 17566
expires: Thu, 21 Apr 2022 19:30:50 GMT

GET
H3-29 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/222/ Frame 473D 12 KB
5 KB 7ms
6ms Document
text/html 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6836719899bda27cd22c1551cb7fbfc33fb0bbbedaa89e4baa8715fef8202cbc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/222/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.thesundaily.my/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.thesundaily.my/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 5022
date: Mon, 26 Apr 2021 11:10:18 GMT
expires: Tue, 26 Apr 2022 11:10:18 GMT
last-modified: Wed, 20 Jan 2021 19:23:06 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 543
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 fd55410888c000a4326410482631fecc.jpg
images.taboola.com/taboola/image/fetch/h_160,w_160,c_fill,g_xy_center,x_628,y_217/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 4 KB
5 KB 9ms
6ms Image
image/webp 199.232.137.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/h_160,w_160,c_fill,g_xy_center,x_628,y_217/http%3A//cdn.taboola.com/libtrc/static/thumbnails/fd55410888c000a4326410482631fecc.jpg
Requested by: Host: www.thesundaily.my
URL: https://www.thesundaily.my/home/astrazeneca-is-safe-to-be-given-to-senior-citizens-adham-YL7793054?_hsmi=88974744&_hsenc=p2ANqtz-_G5s6CORBttERc_beHteVqqnJIJh5EriMR00fz0Cexxf2lQpsFfBisijUxttE-tNX9yfHTn7fBQWbcOnOkY3_eCosMOOPpTIuaIKsiuCzrvP7v03c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 879c64be6d51efc9aad7a25c2b5ef509c805b0e24c99faf6a0d6fb77ee1fd2d1

Request headers

Referer: https://www.thesundaily.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 0
date: Mon, 26 Apr 2021 11:19:21 GMT
via: 1.1 varnish, 1.1 varnish
age: 1889581
edge-cache-tag: 532928972401059285837018604789701179863,603137092298332670846997290452638667685,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-ratelimit-remaining: 99
x-cache: HIT, HIT, HIT
x-debug: /taboola/image/fetch/h_160,w_160,c_fill,g_xy_center,x_628,y_217/http%3A//cdn.taboola.com/libtrc/static/thumbnails/fd55410888c000a4326410482631fecc.jpg
content-length: 4520
x-request-id: 37df926ea072d4352f984c06c799424c
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb802
last-modified: Thu, 04 Mar 2021 03:28:34 GMT
server: nginx
x-timer: S1619435962.706986,VS0,VE0
etag: "9604dcbe2303de0b66c361739d187207"
x-served-by: cache-wdc5548-WDC, cache-dca17749-DCA, cache-hhn11538-HHN
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 1, 1, 15

GET
H2 200 ef84fc293d41224c184dbdcfd8c83181.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 10 KB
11 KB 9ms
6ms Image
image/webp 199.232.137.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ef84fc293d41224c184dbdcfd8c83181.jpg
Requested by: Host: www.thesundaily.my
URL: https://www.thesundaily.my/home/astrazeneca-is-safe-to-be-given-to-senior-citizens-adham-YL7793054?_hsmi=88974744&_hsenc=p2ANqtz-_G5s6CORBttERc_beHteVqqnJIJh5EriMR00fz0Cexxf2lQpsFfBisijUxttE-tNX9yfHTn7fBQWbcOnOkY3_eCosMOOPpTIuaIKsiuCzrvP7v03c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 78f26e842e4d933cdab3a944ca644710bfdd14a110d76c3bfcfeed70d3b6e88d

Request headers

Referer: https://www.thesundaily.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 0
date: Mon, 26 Apr 2021 11:19:21 GMT
via: 1.1 varnish, 1.1 varnish
age: 2771367
edge-cache-tag: 302479151993994568927198867523656057236,484438202950987515417932874384580560546,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-ratelimit-remaining: 100
x-cache: HIT, MISS, HIT
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ef84fc293d41224c184dbdcfd8c83181.jpg
content-length: 10640
x-request-id: 26ee5c54b4644d3bea891f066583a7e4
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb803
last-modified: Mon, 22 Mar 2021 20:02:27 GMT
server: nginx
x-timer: S1619435962.707097,VS0,VE0
etag: "2c204e968912406ab06c6c3773a9863e"
x-served-by: cache-wdc5547-WDC, cache-dca17735-DCA, cache-hhn11538-HHN
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 1, 0, 32

GET
H2 200 tbp Show response
15.taboola.com/ 6 KB
3 KB 34ms
31ms XHR
text/html 199.232.137.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://15.taboola.com/tbp?oid=15&pubid=166277&tagid=948107&pstn=[pstn]&cb=[cb]&callback=TRC.pVideoCallbacks.videoCallback3
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20210426-7-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: b0a066ba53ad92fbbc661ec89621d553d94b582d059979e631cd365256977178

Request headers

Referer: https://www.thesundaily.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 26 Apr 2021 11:19:21 GMT
content-encoding: gzip
access-control-allow-origin: https://www.thesundaily.my
machineid: 1447
x-cache: MISS
x-cache-hits: 0
x-served-by: cache-hhn11538-HHN
pragma: no-cache
server: nginx
x-timer: S1619435962.708274,VS0,VE25
vary: Accept-Encoding
content-type: text/html;charset=ISO-8859-1
via: 1.1 varnish
cache-control: no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
access-control-allow-credentials: true
accept-ranges: bytes
expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H2 200 bee9b08157d32efe0dfdca0d1da6df9d.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 12 KB
12 KB 10ms
8ms Image
image/webp 199.232.137.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/bee9b08157d32efe0dfdca0d1da6df9d.jpg
Requested by: Host: www.thesundaily.my
URL: https://www.thesundaily.my/home/astrazeneca-is-safe-to-be-given-to-senior-citizens-adham-YL7793054?_hsmi=88974744&_hsenc=p2ANqtz-_G5s6CORBttERc_beHteVqqnJIJh5EriMR00fz0Cexxf2lQpsFfBisijUxttE-tNX9yfHTn7fBQWbcOnOkY3_eCosMOOPpTIuaIKsiuCzrvP7v03c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e1cae5c7c04cce285bdb803cec068214f600e23908cd9c8579e02d26fb275e3b

Request headers

Referer: https://www.thesundaily.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 0
date: Mon, 26 Apr 2021 11:19:21 GMT
via: 1.1 varnish, 1.1 varnish
age: 3130362
edge-cache-tag: 589829340117698354400448488692514396131,484438202950987515417932874384580560546,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-ratelimit-remaining: 100
x-cache: HIT, HIT, HIT
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/bee9b08157d32efe0dfdca0d1da6df9d.jpg
content-length: 11972
x-request-id: 5236b087521ae331fe3af09f56c6bb1a
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb804
last-modified: Sun, 28 Feb 2021 02:37:20 GMT
server: nginx
x-timer: S1619435962.708260,VS0,VE0
etag: "a2b55feae75c4bfe785f75ff2055b62f"
x-served-by: cache-wdc5523-WDC, cache-dca17754-DCA, cache-hhn11538-HHN
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 1, 1, 2

GET
H2 200 5621182aa2da79674ae2e75f7fbbaceb.jpg
images.taboola.com/taboola/image/fetch/h_160,w_160,c_fill,g_xy_center,x_520,y_280/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 8 KB
9 KB 10ms
8ms Image
image/webp 199.232.137.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/h_160,w_160,c_fill,g_xy_center,x_520,y_280/http%3A//cdn.taboola.com/libtrc/static/thumbnails/5621182aa2da79674ae2e75f7fbbaceb.jpg
Requested by: Host: www.thesundaily.my
URL: https://www.thesundaily.my/home/astrazeneca-is-safe-to-be-given-to-senior-citizens-adham-YL7793054?_hsmi=88974744&_hsenc=p2ANqtz-_G5s6CORBttERc_beHteVqqnJIJh5EriMR00fz0Cexxf2lQpsFfBisijUxttE-tNX9yfHTn7fBQWbcOnOkY3_eCosMOOPpTIuaIKsiuCzrvP7v03c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: be2ef1644b8e69f0c6b51493bea63490492f26dd38a9f4c3f807f1d34f782110

Request headers

Referer: https://www.thesundaily.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 0
date: Mon, 26 Apr 2021 11:19:21 GMT
via: 1.1 varnish, 1.1 varnish
age: 846665
edge-cache-tag: 450265650731705506805175281380931797211,542392036355912519493659660855224201622,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-ratelimit-remaining: 100
x-cache: MISS, MISS, HIT
x-debug: /taboola/image/fetch/h_160,w_160,c_fill,g_xy_center,x_520,y_280/http%3A//cdn.taboola.com/libtrc/static/thumbnails/5621182aa2da79674ae2e75f7fbbaceb.jpg
content-length: 8384
x-request-id: 9cac021ba01c96f832ef1951f9645a2a
x-backend-name: US_DIR:3FP7YNX3LMizprTZsG7BSW--F_US_nlb105
last-modified: Wed, 07 Apr 2021 13:33:36 GMT
server: nginx
x-timer: S1619435962.708670,VS0,VE0
etag: "25dfdf2483161604ca2fb27655606663"
x-served-by: cache-wdc5544-WDC, cache-dca17782-DCA, cache-hhn11538-HHN
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 4

GET
H/1.1 200
OK /
optimize.innity.com/ 43 B
452 B 354ms
177ms Image
image/gif 119.81.3.35
SOFTLAYER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://optimize.innity.com/?pubid=4428&zoneid=65046&cb=1619435961702
Requested by: Host: www.thesundaily.my
URL: https://www.thesundaily.my/home/astrazeneca-is-safe-to-be-given-to-senior-citizens-adham-YL7793054?_hsmi=88974744&_hsenc=p2ANqtz-_G5s6CORBttERc_beHteVqqnJIJh5EriMR00fz0Cexxf2lQpsFfBisijUxttE-tNX9yfHTn7fBQWbcOnOkY3_eCosMOOPpTIuaIKsiuCzrvP7v03c
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 119.81.3.35 Singapore, Singapore, ASN36351 (SOFTLAYER, US),
Reverse DNS
Software: Apache /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: https://www.thesundaily.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 26 Apr 2021 11:19:21 GMT
Last-Modified: Mon, 26 Apr 2021 11:19:21 GMT
Server: Apache
P3P: policyref=http://www.innity.com/p3p/p3p.xml,CP="CURa ADMa DEVa OUR BUS UNI COM NAV INT"
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Content-Type: image/gif
Content-Length: 43
Expires: Sat, 03 Sep 1983 02:00:00 GMT

GET
H3-29 200 qapcore.js Show response
cdn.iterwebcms.com/_proxy_https_/mas.protecmedia.com/ 68 KB
22 KB 34ms
24ms Script
application/javascript 2606:4700:3038::6815:ea1c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.iterwebcms.com/_proxy_https_/mas.protecmedia.com/qapcore.js
Requested by: Host: cdn.iterwebcms.com
URL: https://cdn.iterwebcms.com/_proxy_https_/mas.protecmedia.com/mas-tracker-min.js
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3038::6815:ea1c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a06c5a7910eed361c70a9cb9b1cd9d46383201166baf8532e05bef33c865b488

Request headers

Referer: https://www.thesundaily.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Apr 2021 11:19:21 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 2247
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 09af80d5870000175ad4129000000001
last-modified: Mon, 14 Dec 2020 14:31:58 GMT
server: cloudflare
etag: W/"10eed-5b66d81350f0a-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=Lcx131Xa1%2BixjpGmNvMpWjs%2F2c0RnOF3tTGAlvJ5QRBJNcS49lbPqY6N7x29LsAvjvS%2BqDTkZMefzw%2B2ULI95JDk8INafk9XI5GGkbIknecBuwoUhY%2BJ81kJGXvCbcw%3D"}],"group":"cf-nel"}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=1800
cf-ray: 645f6a68ddc2175a-FRA

GET
H2 200 _ate.track.config_resp Show response
v1.addthisedge.com/live/boost/ra-5bcedaf9dfef730e/ 166 B
325 B 196ms
194ms Script
application/javascript 104.84.56.112
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://v1.addthisedge.com/live/boost/ra-5bcedaf9dfef730e/_ate.track.config_resp
Requested by: Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.84.56.112 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-84-56-112.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 4cf8b4da854cac70fb514c2d255e93904353bda1fcc7229de2f59d5971d83028

Request headers

Referer: https://www.thesundaily.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Apr 2021 11:19:21 GMT
content-encoding: gzip
etag: 659743217
vary: Accept-Encoding
content-type: application/javascript;charset=utf-8
cache-control: public, max-age=53, s-maxage=86400
content-disposition: attachment; filename=1.txt
content-length: 154

GET
DATA 200
OK truncated
/ 273 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: fe50466edcdac1192aa7a5bebb69e57134216d66dc920c3611ce267751d1643b

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
H3-29 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 16ms
14ms Script
application/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.thesundaily.my

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.thesundaily.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 26 Apr 2021 11:19:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 16ms
15ms Script
application/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.thesundaily.my

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.thesundaily.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 26 Apr 2021 11:19:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 14ms
13ms Image
image/gif 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&url=https%3A%2F%2Fwww.thesundaily.my%2Fhome%2Fastrazeneca-is-safe-to-be-given-to-senior-citizens-adham-YL7793054%3F_hsmi%3D88974744%26_hsenc%3Dp2ANqtz-_G5s6CORBttERc_beHteVqqnJIJh5EriMR00fz0Cexxf2lQpsFfBisijUxttE-tNX9yfHTn7fBQWbcOnOkY3_eCosMOOPpTIuaIKsiuCzrvP7v03c&tn=DIV&cls=template-104%20other-modules%20cookies%20cookie-message&ign=false

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.thesundaily.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 26 Apr 2021 11:19:21 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 8A54 0
16 B 16ms
16ms Document
text/html 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6999968698827395&output=html&adk=1812271804&adf=3025194257&lmt=1619435961&plat=1%3A16809992%2C2%3A32776%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.thesundaily.my%2Fhome%2Fastrazeneca-is-safe-to-be-given-to-senior-citizens-adham-YL7793054%3F_hsmi%3D88974744%26_hsenc%3Dp2ANqtz-_G5s6CORBttERc_beHteVqqnJIJh5EriMR00fz0Cexxf2lQpsFfBisijUxttE-tNX9yfHTn7fBQWbcOnOkY3_eCosMOOPpTIuaIKsiuCzrvP7v03c&ea=0&flash=0&pra=7&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1619435961742&bpp=3&bdt=1965&idt=4&shv=r20210422&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3De3d6216e8f34a7bf-22ed5eaef1c70050%3AT%3D1619435960%3AS%3DALNI_MZZAhX_12i2lcgiNsdHRzfKQXL_FQ&prev_fmts=300x250%2C300x600&nras=1&correlator=3256238547201&frm=20&pv=1&ga_vid=353529585.1619435960&ga_sid=1619435960&ga_hid=1243480928&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C21068108%2C31060839&oid=3&pvsid=3866203379239951&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=0&bc=31&ifi=15&uci=a!f&fsb=1&dtd=17

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-6999968698827395&output=html&adk=1812271804&adf=3025194257&lmt=1619435961&plat=1%3A16809992%2C2%3A32776%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.thesundaily.my%2Fhome%2Fastrazeneca-is-safe-to-be-given-to-senior-citizens-adham-YL7793054%3F_hsmi%3D88974744%26_hsenc%3Dp2ANqtz-_G5s6CORBttERc_beHteVqqnJIJh5EriMR00fz0Cexxf2lQpsFfBisijUxttE-tNX9yfHTn7fBQWbcOnOkY3_eCosMOOPpTIuaIKsiuCzrvP7v03c&ea=0&flash=0&pra=7&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1619435961742&bpp=3&bdt=1965&idt=4&shv=r20210422&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3De3d6216e8f34a7bf-22ed5eaef1c70050%3AT%3D1619435960%3AS%3DALNI_MZZAhX_12i2lcgiNsdHRzfKQXL_FQ&prev_fmts=300x250%2C300x600&nras=1&correlator=3256238547201&frm=20&pv=1&ga_vid=353529585.1619435960&ga_sid=1619435960&ga_hid=1243480928&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C21068108%2C31060839&oid=3&pvsid=3866203379239951&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=0&bc=31&ifi=15&uci=a!f&fsb=1&dtd=17
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.thesundaily.my/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUn-x4tpVQ_df4hxllfSxOfRbWx8TKL0pMltEvDCgkhj5vFDGZ0KAB5i2yoxRf0
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.thesundaily.my/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Mon, 26 Apr 2021 11:19:21 GMT
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

OPTIONS
H2 200 call
adnetwork.adasiaholdings.com/2060/ Frame 0
0 201ms
201ms Preflight 47.74.174.177
CNNIC-ALIBABA-US-...

General

Check archive.org

Show headers Download Go to

Full URL: https://adnetwork.adasiaholdings.com/2060/call?cklb=1
Protocol: H2
Server: 47.74.174.177 Singapore, Singapore, ASN45102 (CNNIC-ALIBABA-US-NET-AP Alibaba (US) Technology Co., Ltd., CN),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://www.thesundaily.my
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Mon, 26 Apr 2021 11:19:21 GMT
content-length: 0
cache-control: no-cache,no-store
pragma: no-cache
access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET, HEAD, POST
access-control-allow-origin: https://www.thesundaily.my
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 6238 0
20 B 15ms
15ms Image
image/gif 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=B1FvUuKGGYJqiOtyY7_UPoqGjmAwAAAAAOAHgBAI&bg=!TU6lTgrNAAZUuIlwVLg7ACkAdvg8WnV2w9fLmhA_Bgz57bg8AZyk94JZZ5qAkEuRVAJHne2b0k4DiAIAAAGvUgAAAI9oAQcKAHkw5Mp0KtdQnqyGoUgdWes4Zz1XieBt2JFblWEPPsebQIXupD8oyeTD_ZpemFOxYGHpQTQ8rnm2xvj7RvR6SgRPst1leoAvoe63ycIDeMEF51nSePD1XEZJ8shLnD6CVDm4Q8Cb6g7H4O9ZVqOTiFxqOPkFjGppFiK-mQJzVM3E9hwqY8JEcHYXwRDbLBOjsdRy70UQmJb2kpwYx2LdsSo_NqCURES1AWRloKAjAgJdj1-YlOrYLVa3NTcFqCzcyuAmTYKy6ywTFPq2ZxOTTNFJV1vLGaW5lbrMb2iYzpmIlMbQj6v4kZuAgRFTZqIZ8DvDOgOXnwLvKBznxWYpdYLCwMkgV3vPwenawL2hbsLsilUcVgvz_PepiKdJCVkxba67-3sWmUBgNqm1BMtbzhRkW_Vc6bz_eVNqsxrnG9pJNIDJ2nNPS7b25T77vFDRCwnMsLvwdwEA6iJ9wRFGeuiIv1d7YbkiFG41GM2jUmntF4-niQ6cDMCUAGHnKhfK4sI57jlAeMPgwhauoa0KrruDqv19kS4ZkwJOwio88Ybc33cHW2e4J7D-B_pAaV8cdt2FpstKMhJ945q9pbIoYdSkTcx9_npm2_KOrTrPW3jhoHIOWGi7iiRbalMyyOXaaHbY7X53l53nz3aXBphrL3saXYBiFWCPuf_v-fAQM8bLbjpeQ4RU6JxGx5MweJkwhzxbiRihHAvyFzNvfQSxcWB2UIz51DDHmHiqiT7fKezGRWYduXiHb_wsa4c2TwCnfBn0JfKbOlfHsq8-oVc6JDe8XUkOon1vqMdOE9aaPoo8BWO3LhVrQl3fP8BcUp79FU3X4vxc9zUeWz7FRafhFnq5HPlOJnGZnlNhtOvEb45jrccUyKdeznM3iMxhq4jeBvC633GauWtSWaA51jZAn9W91IlF4gr4LO7HrPGSzhqiR3h1S8Daw8RgWP5STI4ZdG9MTeDg_bJ_mXIjiatqUJEYWGFUclWv7SZQ1XsrnIvH

Requested by

Host: 5f7a3c227877733a11b3d8ac75a2ccaf.safeframe.googlesyndication.com
URL: https://5f7a3c227877733a11b3d8ac75a2ccaf.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 26 Apr 2021 11:19:21 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK viewability Show response
hal900013.redintelligence.net/ Frame 63D4 0
150 B 34ms
12ms Script
text/html 116.202.48.214
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal900013.redintelligence.net/viewability?s=55752200112266400710584011576013&a=b4ad462e&vb=m
Requested by: Host: hal900013.redintelligence.net
URL: https://hal900013.redintelligence.net/request_content.php?s=55752200112266400710584011576013&a=abac143e
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 116.202.48.214 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://hal900013.redintelligence.net/request_content.php?s=55752200112266400710584011576013&a=abac143e
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 26 Apr 2021 11:19:21 GMT
Server: Apache
Connection: close
Content-Length: 0
Content-Type: text/html; charset=UTF-8

GET
DATA 200
OK truncated
/ Frame 63D4 43 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/gif

GET
H3-29 200 show_ads_impl_with_ama_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20210422/r20190131/ Frame B323 223 KB
83 KB 29ms
28ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20210422/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-6999968698827395&plah=www.thesundaily.my&amaexp=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4d3858fd6875118f687ea5fd972b3e88f1cbec0b84539bfe33585b6ea282af27

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.thesundaily.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Apr 2021 11:19:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 84531
x-xss-protection: 0
server: cafe
etag: 18044138429448666955
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Mon, 26 Apr 2021 11:19:21 GMT

GET
H2 200 st Show response
imprammp.taboola.com/ Frame 2468 0
81 B 17ms
16ms Document
text/plain 199.232.137.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://imprammp.taboola.com/st?cipid=7991117&ttype=0&cirid=2780B557FB247400181887100807&cicmp=1337627&cijs=1&dast=V7idQCFgMx4ZFo0aUEZgQx4ZFo0aUEZgUAAAAGBugHHLIbDias1W5GoYx2o8FgsVvshpvBbLUcTJYwMYvFYjRcrUZjzWKxGE1mq-EUDLbwOd3dbdhA0-nwue71ut_vLjq6PK-7yeE0O-9q518OAAAAAA8ARC3REDu-De0RAAAAABI8I9cKFAEV_xYCFwAAAAAYAARi4RoAUBwG4rKcnXZ_AAA8FIAAAAhghACwhK6IAAAAAIwAAAAAkAAIJBaWADjcLZoAAATkNZz3Rp0AAAAc1Mk8bbP8____xwDkvTfJAFCkbdwY9AA8-AA8CAEAAFwMbbv1RHM0224SFZwWMQIAAADIygdaPprUCZVF1f___78VwBUAQEBew3nvX9bNSTFrGAAAAMDYAj0sfr_ZYdf43S77_________zf7PwNAE5LywE0LsqLYU-MZuVZY-wUEAGB7NwCAtwC4mAOwAwAAALj7____zwMAADDZo2R7rcazR1nvM9jC53R312_CFqPVZLJZDmfLxWQwHA1Ho_0J4HKAEzFYLieTxWS3Gq1Gm-FuNBssUCAGE5yQ4WgzWY12q91kOZyMRrPNZIMUrVrNRpvBcDWbzHa71XAwXI5GSNGaxWwyWcxGy91msJyMBsPJcIgHVefS-bw6HxtwOZeMlnPZaC4ZbFYJAAAAAAAAAGAJU-ZNAAAAAE6DmM0mu92KG2_2TBBrtVrWAAAAANy6kQM!&excid=22&tst=1&docw=0&cs=false
Requested by: Host: info.silobreaker.com
URL: https://info.silobreaker.com/e2t/tc/VWt22z7YxmcLW3d_lfb36JTN9VZjc4S4qSWfGN50kgPk2-HwrV1-WJV7CgH74W8yj8Gf5DDZvcW3TJBTT7kqbNwMR6s8lJGK_xW9h7hwf27nzMqW5wGLkb4hf5GgW3lN5Td7tRBTkW30lvRX1N-LFjW1tW32m7Trp5GW4xr3Wn7WcQ5vW23hz6z6nGFdkW7VpsPv34ByTlW1KrtR88V7szrW39MzFN7Py845W3wb58d2vpQrZW4tlyqy4716kPW7N7-KV2vQ-5fW7qBTzn7dJ1BKW4VM3fG2FFWxyW3sfPLt74fFR8N6_-qlgnJKNxW60WBkK3dW8pZW2_vCdB2RRvxLW5F45Z61c1l3BVnybQW29v8QnW3Bf6923kQS6jN6fzWv1M0WN93c-z1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

:method: GET
:authority: imprammp.taboola.com
:scheme: https
:path: /st?cipid=7991117&ttype=0&cirid=2780B557FB247400181887100807&cicmp=1337627&cijs=1&dast=V7idQCFgMx4ZFo0aUEZgQx4ZFo0aUEZgUAAAAGBugHHLIbDias1W5GoYx2o8FgsVvshpvBbLUcTJYwMYvFYjRcrUZjzWKxGE1mq-EUDLbwOd3dbdhA0-nwue71ut_vLjq6PK-7yeE0O-9q518OAAAAAA8ARC3REDu-De0RAAAAABI8I9cKFAEV_xYCFwAAAAAYAARi4RoAUBwG4rKcnXZ_AAA8FIAAAAhghACwhK6IAAAAAIwAAAAAkAAIJBaWADjcLZoAAATkNZz3Rp0AAAAc1Mk8bbP8____xwDkvTfJAFCkbdwY9AA8-AA8CAEAAFwMbbv1RHM0224SFZwWMQIAAADIygdaPprUCZVF1f___78VwBUAQEBew3nvX9bNSTFrGAAAAMDYAj0sfr_ZYdf43S77_________zf7PwNAE5LywE0LsqLYU-MZuVZY-wUEAGB7NwCAtwC4mAOwAwAAALj7____zwMAADDZo2R7rcazR1nvM9jC53R312_CFqPVZLJZDmfLxWQwHA1Ho_0J4HKAEzFYLieTxWS3Gq1Gm-FuNBssUCAGE5yQ4WgzWY12q91kOZyMRrPNZIMUrVrNRpvBcDWbzHa71XAwXI5GSNGaxWwyWcxGy91msJyMBsPJcIgHVefS-bw6HxtwOZeMlnPZaC4ZbFYJAAAAAAAAAGAJU-ZNAAAAAE6DmM0mu92KG2_2TBBrtVrWAAAAANy6kQM!&excid=22&tst=1&docw=0&cs=false
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.thesundaily.my/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.thesundaily.my/

Response headers

server: nginx
accept-ranges: bytes
date: Mon, 26 Apr 2021 11:19:21 GMT
via: 1.1 varnish
x-served-by: cache-hhn11538-HHN
x-cache: MISS
x-cache-hits: 0
x-timer: S1619435962.825959,VS0,VE9
content-length: 0

GET
H2 200 box-5e3cec51ed8e99df6977c199d27812d7.html Show response
vars.hotjar.com/ Frame 755F 1 KB
1 KB 39ms
38ms Document
text/html 13.224.111.43
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vars.hotjar.com/box-5e3cec51ed8e99df6977c199d27812d7.html
Requested by: Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-1730601.js?sv=6
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.111.43 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-111-43.mad50.r.cloudfront.net
Software: /
Resource Hash: 486762d56893f9b12fdfad41c3a76f11fc745b5436e97e596a63c22ee13d2e33

Request headers

:method: GET
:authority: vars.hotjar.com
:scheme: https
:path: /box-5e3cec51ed8e99df6977c199d27812d7.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.thesundaily.my/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.thesundaily.my/

Response headers

content-type: text/html
content-length: 684
date: Tue, 30 Mar 2021 16:10:32 GMT
accept-ranges: bytes
cache-control: max-age=31536000
content-encoding: br
etag: "4e332edbbc3b46800c87f197cc7d3bb6"
last-modified: Tue, 30 Mar 2021 14:48:51 GMT
x-robots-tag: none
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 eb28dde7b66308b26496e3a543c93412.cloudfront.net (CloudFront)
x-amz-cf-pop: MAD50-C1
x-amz-cf-id: KAEMLi4yQv8QjNexXhF8FU1DERQU6Bfah25WdTDAwGwZXi8x-xEyhA==
age: 2315329

GET
H3-29 200 css
fonts.googleapis.com/ Frame D53A 4 KB
617 B 16ms
15ms Stylesheet
text/css 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6999968698827395&output=html&h=250&slotname=9935330980&adk=3580731020&adf=3496064688&pi=t.ma~as.9935330980&w=300&lmt=1619435961&psa=0&format=300x250&url=https%3A%2F%2Fwww.thesundaily.my%2Fhome%2Fastrazeneca-is-safe-to-be-given-to-senior-citizens-adham-YL7793054%3F_hsmi%3D88974744%26_hsenc%3Dp2ANqtz-_G5s6CORBttERc_beHteVqqnJIJh5EriMR00fz0Cexxf2lQpsFfBisijUxttE-tNX9yfHTn7fBQWbcOnOkY3_eCosMOOPpTIuaIKsiuCzrvP7v03c&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1619435961184&bpp=12&bdt=1408&idt=76&shv=r20210422&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3De3d6216e8f34a7bf-22ed5eaef1c70050%3AT%3D1619435960%3AS%3DALNI_MZZAhX_12i2lcgiNsdHRzfKQXL_FQ&correlator=3256238547201&frm=20&pv=2&ga_vid=353529585.1619435960&ga_sid=1619435960&ga_hid=1243480928&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1040&ady=2951&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C21068108%2C31060839&oid=3&pvsid=3866203379239951&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=13&uci=a!d&btvi=1&fsb=1&xpc=FHWuNUYsg8&p=https%3A//www.thesundaily.my&dtd=90

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

abc1bbfb097cfaf4715fe823adb40881f8ed35a943692d5c037945c2fcc56340

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 26 Apr 2021 11:15:50 GMT
server: ESF
date: Mon, 26 Apr 2021 11:19:21 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 26 Apr 2021 11:19:21 GMT

GET
H/1.1 200
OK dc.js Show response
avd.innity.net/lib/ Frame DB75 20 KB
7 KB 26ms
7ms Script
application/javascript 23.38.48.217
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://avd.innity.net/lib/dc.js
Requested by: Host: ssl-avd.innity.net
URL: https://ssl-avd.innity.net/1/container_576b5a051c51b1c0244bca09.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 23.38.48.217 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-38-48-217.deploy.static.akamaitechnologies.com
Software: nginx/1.18.0 /
Resource Hash: 62d8d67fa30964811cfbe1465848a0b0a0436e43d90ff3c330a3ce998d521cc6

Request headers

Referer: https://www.thesundaily.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 26 Apr 2021 11:19:21 GMT
Content-Encoding: gzip
Last-Modified: Wed, 04 Nov 2020 01:29:24 GMT
Server: nginx/1.18.0
ETag: "5fa203f4-51a4-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: public, max-age=574173
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 6442
Expires: Mon, 03 May 2021 02:48:54 GMT

GET
H2

200

/ Show response
aw.dw.impact-ad.jp/c/ur/callback_dac/ Frame 9AA4
Redirect Chain

https://aw.dw.impact-ad.jp/c/u/callback_dac/?oid=d3a712103738215a
https://aw.dw.impact-ad.jp/c/ur/callback_dac/?oid=d3a712103738215a

17 B
90 B

241ms
240ms

Script
text/javascript

35.186.254.217
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://aw.dw.impact-ad.jp/c/ur/callback_dac/?oid=d3a712103738215a

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.186.254.217 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Resource Hash

6bf968a564ad4ac3c850cd69c0d02ee08e107fd9ac06719d9a847a774e77c1a9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains;

Request headers

Referer: https://www.thesundaily.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Apr 2021 11:19:22 GMT
via: 1.1 google
alt-svc: clear
content-length: 17
strict-transport-security: max-age=31536000; includeSubDomains;
content-type: text/javascript

Redirect headers

location: /c/ur/callback_dac/?oid=d3a712103738215a
date: Mon, 26 Apr 2021 11:19:21 GMT
via: 1.1 google
alt-svc: clear
content-length: 0
strict-transport-security: max-age=31536000; includeSubDomains;
content-type: text/plain; charset=utf-8

GET
H3-29 200 load_preloaded_resource_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210422/r20110914/client/ Frame D53A 1 KB
909 B 6ms
6ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210422/r20110914/client/load_preloaded_resource_fy2019.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

49aea8d1206dbb5e3c8a7d4db9274d2efa2111d8b53acb901efc378b1feca381

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Apr 2021 11:12:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 417
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 882
x-xss-protection: 0
server: cafe
etag: 11243716317595354070
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 10 May 2021 11:12:24 GMT

GET
H3-29 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210422/r20110914/ Frame D53A 17 KB
7 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210422/r20110914/abg_lite_fy2019.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e9f3358441fb5f83ee3575f81df787bbade8b416b009cbdcbd3b71c8b6f560e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Apr 2021 11:18:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 71
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7028
x-xss-protection: 0
server: cafe
etag: 3134275839577271762
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 10 May 2021 11:18:10 GMT

GET
H3-29 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210422/r20110914/client/ Frame D53A 2 KB
1 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210422/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Apr 2021 11:15:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 261
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1303
x-xss-protection: 0
server: cafe
etag: 14729628269804859526
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 10 May 2021 11:15:00 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame D53A 116 KB
35 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dc015126841eaa9b1b79ee123e13d7d07ad7fe77f22366b05c480eff59a7a25e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Apr 2021 11:19:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1619017370605640"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36032
x-xss-protection: 0
expires: Mon, 26 Apr 2021 11:19:21 GMT

GET
H3-29 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210422/r20110914/client/ Frame D53A 13 KB
6 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210422/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

439ab67fa3c312bb442bed574ea79be834dbd92f3bd7d2288b6f3fce4d0afb0c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Apr 2021 11:17:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 100
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5604
x-xss-protection: 0
server: cafe
etag: 2846967340006788112
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 10 May 2021 11:17:41 GMT

GET
H3-29 200 b42b11247d0ebeb7b44892ca7e629453.js Show response
www.gstatic.com/mysidia/ Frame D53A 25 KB
10 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/b42b11247d0ebeb7b44892ca7e629453.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a0d34b0d95e73a7ae965ab9eef15d273c1b4ab22aa7d5648e120a2763434ce84

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 25 Apr 2021 20:18:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 20 Apr 2021 07:12:01 GMT
server: sffe
age: 54057
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7776000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10497
x-xss-protection: 0
expires: Sat, 24 Jul 2021 20:18:24 GMT

GET
H2 200 endpoint
mas.protecmedia.com/ 43 B
209 B 210ms
118ms Image
image/gif 193.47.76.44
PROTEC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mas.protecmedia.com/endpoint?action_name=AstraZeneca%20is%20safe%2C%20to%20be%20given%20to%20senior%20citizens%20-%20Adham&send_image=1&idsite=076C0FICOSYDT&rec=1&r=228323&h=13&m=19&s=21&url=https%3A%2F%2Fwww.thesundaily.my%2Fhome%2Fastrazeneca-is-safe-to-be-given-to-senior-citizens-adham-YL7793054%3F_hsmi%3D88974744%26_hsenc%3Dp2ANqtz-_G5s6CORBttERc_beHteVqqnJIJh5EriMR00fz0Cexxf2lQpsFfBisijUxttE-tNX9yfHTn7fBQWbcOnOkY3_eCosMOOPpTIuaIKsiuCzrvP7v03c&_id=577991e8d2043f17&_idts=1619435962&_idvc=1&_idn=0&_refts=0&_viewts=1619435962&cookie=1&res=1600x1200&dimension1=Article&dimension2=Article%3A%20YL7793054&data=%7B%22pv_epoch%22%3A1619435961722%2C%22metadata%22%3A%5B%5D%7D&gt_ms=41&pv_id=JTdygM
Requested by: Host: www.thesundaily.my
URL: https://www.thesundaily.my/home/astrazeneca-is-safe-to-be-given-to-senior-citizens-adham-YL7793054?_hsmi=88974744&_hsenc=p2ANqtz-_G5s6CORBttERc_beHteVqqnJIJh5EriMR00fz0Cexxf2lQpsFfBisijUxttE-tNX9yfHTn7fBQWbcOnOkY3_eCosMOOPpTIuaIKsiuCzrvP7v03c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 193.47.76.44 , Spain, ASN35167 (PROTEC, ES),
Reverse DNS
Software: nginx/1.14.0 /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Referer: https://www.thesundaily.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Apr 2021 11:19:22 GMT
content-encoding: none
server: nginx/1.14.0
vary: Origin
content-type: image/gif
access-control-allow-origin: *
cache-control: no-store
access-control-allow-credentials: true
content-length: 43

GET
H2 200 PMS.js Show response
vidstat.taboola.com/PMS/2.2.1/ 51 KB
16 KB 9ms
9ms Script
application/javascript 199.232.137.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vidstat.taboola.com/PMS/2.2.1/PMS.js
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/units/28_3_10/infra/cmTagCUSTOM.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a9e402d2d19f1057cdea09b2152d8cfd35664182564595e19bb83916c1f00201

Request headers

Referer: https://www.thesundaily.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Apr 2021 11:19:21 GMT
via: 1.1 c888f786e25e6e3c7dbb7e9da462d715.cloudfront.net (CloudFront), 1.1 varnish
age: 3673709
x-amz-meta-mtime: 1542789750
x-cache: Hit from cloudfront, HIT
x-amz-meta-mode: 33188
content-encoding: gzip
content-length: 15795
x-served-by: cache-hhn11538-HHN
last-modified: Wed, 21 Nov 2018 08:42:31 GMT
server: AmazonS3
x-timer: S1619435962.914915,VS0,VE0
etag: "57a7ebef371550a9ab54a2f0f82547af"
x-amz-meta-uid: 0
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, HEAD
x-amz-meta-gid: 0
access-control-allow-origin: *
cache-control: public, max-age=2592000
x-amz-cf-pop: FRA56-C1
accept-ranges: bytes
content-type: application/javascript
access-control-allow-headers: *
x-amz-cf-id: mgdkqzBw1GOTaYomORTPdr_tmhZGYZUuQQ4kYCsx2OfRHmOT3d-7qg==
x-cache-hits: 950876

GET
H3-29 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/9536457146780412196/ Frame D53A 5 KB
5 KB 7ms
6ms Image
image/jpeg 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/9536457146780412196/downsize_200k_v1?w=400&h=209

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4cb5b0780d4ca7fc705a3cabf3d130f45db307c8cf1c0a9ad67e2ebc33ca2000

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Apr 2021 22:01:42 GMT
x-content-type-options: nosniff
age: 479859
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5491
x-xss-protection: 0
last-modified: Wed, 10 Feb 2021 10:34:19 GMT
server: sffe
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 20 Apr 2022 22:01:42 GMT

GET
DATA 200
OK truncated
/ Frame D53A 209 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 680c84bd926ff1fbdb5c45b86350864d06ee400e1e0effb974dcb217b99b1219

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3-29 200 adview
googleads.g.doubleclick.net/pagead/ Frame D53A 0
0 46ms
46ms Fetch
text/html 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CdCAeuaGGYLT5EcPc7_UPwt6ruA-fptCpYorpw6-6DaCHgOyQAhABIMP1lxFglfrwgYwHoAG_j9vCA8gBCakCCh3w4LdPtD6oAwHIA8sEqgSwA0_QVSPDxQWDelKlF9fYUZWIDhVUqpsQthi7lchOjrc9mpC70nh0q_L69Dn4pIC-8p1uZQOgaG08t78P9ga4FVLM-IHoysaB8Ud3ZQ2tfu_VwSCk_rnmStFCib-57AUgVI2EHAJQB9YTw4gzr8vvSsZ3uybMJBiLhQkDW8UKMswTvQh_7__Q4tc18lNJk4WSr4ScMKZEhY_IQceBFUTVX2NYh_iFYMA8lbC1m22Hcl5198X8hzY6voaU3_UIPVCx_yekSHg5KMpBGxOf7q60tSN7723Uzr8d5xvXQLwfCSltX1_J2ojaVEyb2UEYp3y-S2MZcoqgtrmra_KLd7FKUeXKtTHxybkLs1aXHhXk_tQtsgOBR0JOhe0-Y4cYIErkHIFQpIu03_i732uq73aO_K-UgUs1SzJNWWXiF6uOUYEQDswGjIScV4j5_ajQNya2n4XtJ_lbUOfHNqrzSZo0TScH0DQzvFM5pUdcrDZTmpFjgjP6PCJGACKqLhHsaLBm0jlmDRbZWjOBAq0PvL-yLxT_ePyJCB4OinfFEUZezt2ne7gOY6nZKC8Pn20QPtL4kcAExMiMz8kDkgUECAQYAZIFBAgFGASgBi6AB6nwpD2oB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7paxAqgHpr4bqAfs1RvYBwDyBwQQyoEQ0ggJCIDhgBAQARgfgAoByAsBuBOIJ9gTDdAVAYAXAbIXGgoYCAASFHB1Yi02OTk5OTY4Njk4ODI3Mzk1&sigh=BtTvhdB_A6o&template_id=5000

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6999968698827395&output=html&h=250&slotname=9935330980&adk=3580731020&adf=3496064688&pi=t.ma~as.9935330980&w=300&lmt=1619435961&psa=0&format=300x250&url=https%3A%2F%2Fwww.thesundaily.my%2Fhome%2Fastrazeneca-is-safe-to-be-given-to-senior-citizens-adham-YL7793054%3F_hsmi%3D88974744%26_hsenc%3Dp2ANqtz-_G5s6CORBttERc_beHteVqqnJIJh5EriMR00fz0Cexxf2lQpsFfBisijUxttE-tNX9yfHTn7fBQWbcOnOkY3_eCosMOOPpTIuaIKsiuCzrvP7v03c&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1619435961184&bpp=12&bdt=1408&idt=76&shv=r20210422&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3De3d6216e8f34a7bf-22ed5eaef1c70050%3AT%3D1619435960%3AS%3DALNI_MZZAhX_12i2lcgiNsdHRzfKQXL_FQ&correlator=3256238547201&frm=20&pv=2&ga_vid=353529585.1619435960&ga_sid=1619435960&ga_hid=1243480928&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1040&ady=2951&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C21068108%2C31060839&oid=3&pvsid=3866203379239951&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=13&uci=a!d&btvi=1&fsb=1&xpc=FHWuNUYsg8&p=https%3A//www.thesundaily.my&dtd=90
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Mon, 26 Apr 2021 11:19:21 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3-29 200 index.html Show response
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1684394985928583253/ Frame AB7D 88 KB
18 KB 7ms
7ms Document
text/html 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1684394985928583253/index.html

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6999968698827395&output=html&h=600&slotname=3502211389&adk=549021246&adf=281698034&pi=t.ma~as.3502211389&w=300&lmt=1619435961&psa=0&format=300x600&url=https%3A%2F%2Fwww.thesundaily.my%2Fhome%2Fastrazeneca-is-safe-to-be-given-to-senior-citizens-adham-YL7793054%3F_hsmi%3D88974744%26_hsenc%3Dp2ANqtz-_G5s6CORBttERc_beHteVqqnJIJh5EriMR00fz0Cexxf2lQpsFfBisijUxttE-tNX9yfHTn7fBQWbcOnOkY3_eCosMOOPpTIuaIKsiuCzrvP7v03c&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1619435961197&bpp=2&bdt=1420&idt=115&shv=r20210422&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3De3d6216e8f34a7bf-22ed5eaef1c70050%3AT%3D1619435960%3AS%3DALNI_MZZAhX_12i2lcgiNsdHRzfKQXL_FQ&prev_fmts=300x250&correlator=3256238547201&frm=20&pv=1&ga_vid=353529585.1619435960&ga_sid=1619435960&ga_hid=1243480928&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1040&ady=3708&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C21068108%2C31060839&oid=3&pvsid=3866203379239951&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=14&uci=a!e&btvi=2&fsb=1&xpc=XyCO8G3lCI&p=https%3A//www.thesundaily.my&dtd=119

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a80ae6e05c906143e0f50e66c6a938f9bb1212951017fdb90e264c10f529f397

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sadbundle/$csp%3Der3$/1684394985928583253/index.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-type: text/html
access-control-allow-origin: *
content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
date: Tue, 20 Apr 2021 22:04:37 GMT
expires: Wed, 20 Apr 2022 22:04:37 GMT
last-modified: Thu, 15 Apr 2021 14:37:29 GMT
x-content-type-options: nosniff
x-dns-prefetch-control: off
content-encoding: gzip
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
content-length: 17893
age: 479684
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210422/r20110914/ Frame 0F1B 17 KB
7 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210422/r20110914/abg_lite_fy2019.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e9f3358441fb5f83ee3575f81df787bbade8b416b009cbdcbd3b71c8b6f560e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Apr 2021 11:18:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 71
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7028
x-xss-protection: 0
server: cafe
etag: 3134275839577271762
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 10 May 2021 11:18:10 GMT

GET
H3-29 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210422/r20110914/client/ Frame 0F1B 2 KB
1 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210422/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Apr 2021 11:15:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 261
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1303
x-xss-protection: 0
server: cafe
etag: 14729628269804859526
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 10 May 2021 11:15:00 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 0F1B 116 KB
35 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dc015126841eaa9b1b79ee123e13d7d07ad7fe77f22366b05c480eff59a7a25e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Apr 2021 11:19:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1619017370605640"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36032
x-xss-protection: 0
expires: Mon, 26 Apr 2021 11:19:21 GMT

GET
H3-29 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210422/r20110914/client/ Frame 0F1B 13 KB
6 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210422/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

439ab67fa3c312bb442bed574ea79be834dbd92f3bd7d2288b6f3fce4d0afb0c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Apr 2021 11:17:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 100
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5604
x-xss-protection: 0
server: cafe
etag: 2846967340006788112
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 10 May 2021 11:17:41 GMT

GET
H2 200 st Show response
imprammp.taboola.com/ Frame 63EC 973 B
564 B 43ms
43ms Document
text/html 199.232.137.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=7993797&crid=5029295&dast=V75g8CFgOOnMIAPEMHZgSOnMIAPEMHZgUAAAAGBvQHGbOgjCjDEY3CYc6Wo9FysVksZqvRcDeEjVlQRpThiEbhMGfL0Wg5mCwmo91uMBtMpvBhLJfJoBZIWGa_76CgnJ4es8sgKrreFrvDafa8QQxNp8Pnutfrfr-76OjyvO4mh9PsvKudf6Hf7fIrPKfLw_qyuzwOt9Lz1jxsLrfo75a43Dqn7WV3i_5uzcvu9FveGqfpaX3ZPW-Fyehwu5Vl3m65GaxGcwAAAAB4AGDqfYX4AQQAiAAAAACQAAAAAKAIqPi3ELgAAAAAwAAgcGvVAIDiMBCX5ey0-wMA4KEABABAAIMEQCCypQTgYiv0BAAAAAAAAACA5f___z8GIC-_WAZgw-etB-DBB-CBqOCwiBEAAABAVj7Q8tGkTqgsqgAACNKtAK4AAALyGs55GcIAAAAExhboYfH7zQ67xu92GQAAAAAAAACA2f_ZP5qQlAduWpAVxZ7aLyAAwNovIAAAm7oBALwFwAUdQSsGg9UpxG44W-xGk81ydgAAAAB3_____3ogMlrZRg6PZeWwTGy7iW04s-xWM99wZJs5d4PFwntAcSWW4lUNdH0hwjL7fQcF5fT0mF0GUdH1ttgdTrPnID5oGJaTQTC_CVuMVpPJZjmcLReTwXA0HI32J4DLAU7EYLmcTBaT3Wq0Gm2Gu9FssECBGExwQoajzWQ12q12k-VwMhrNNpMNUrRqNRttBsPVbDLb7VbDwXA5GiFFaxazyWQxGy13m8FyMhoMJ8MhwthosnLZfBu3ZjDzrEWzlWmtsPlWbt1mMJotjLvhYGNxi14f0284mOw2wy0KBkjtRXCRTkRHl-d1NzmcZudFLNGcLNKJ7LKvjFa2kcNjWTksE9tuYhvOLLvVzDcc2WbO3WCx8NdGk5XL5tu4NYOZZy2arUxrhc23cus2g9FsYdwNBxuLW_T6mH7DwWS3Ge4bs8VytFktZ4N9Y7ZYjjar5Wyw79AZvqvP2ehMiw8emXa9u96KMvNB4TJYvD-JaTHtzg5-aevo9Pk8yoLOKLx-j16DwnPwmMbLW-1Y3j6b6eMwoYglgtNFOhG9jKeLWCJ5WqQT0ciy8i0mHsdqt3DZDIvBZrma7WYuj8Xk8sxmE4tYojRdpBO90O92-RWe0-VhfdldHodb6XlrHjaXW_R3S1xundP2srtFf7fmZXf6LW-N0_S0vuyet8JkdLjdyrNvt9wMVqOJ-o8NuJxLRsu5bDSXDDarBAAAAAAAAACwhDnzJgAAAACnQcyGk81uuQAQDl26QAI-TLYRHou79mNeBUaCCjXFjR8v0NHled1NDqfZeebNnglirVbLGgAAQAAbAAAggFs3bwFhkRw!&cmcv=&pix=undefined&cb=1619435961995&uv=2958&tms=1619435961995&abt=adh5c-1_vA!insc_vA!nrlc_vA!ntvc_vB!rft_vC!secure_protocol_vA!secure_protocol_vB!secure_vB!spa2_vA!ufm_vD&ft=0&su=3&unm=FEED_MANAGER&aure=false&agl=1&cirid=3A2D28DFBC969449131165487&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/3.4.1/UnitFeedManagerDesktop.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 0574e172e3545369b75a00ab474444ad0b84bc2c6dd4f93c302d19d5c555fecc

Request headers

:method: GET
:authority: imprammp.taboola.com
:scheme: https
:path: /st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=7993797&crid=5029295&dast=V75g8CFgOOnMIAPEMHZgSOnMIAPEMHZgUAAAAGBvQHGbOgjCjDEY3CYc6Wo9FysVksZqvRcDeEjVlQRpThiEbhMGfL0Wg5mCwmo91uMBtMpvBhLJfJoBZIWGa_76CgnJ4es8sgKrreFrvDafa8QQxNp8Pnutfrfr-76OjyvO4mh9PsvKudf6Hf7fIrPKfLw_qyuzwOt9Lz1jxsLrfo75a43Dqn7WV3i_5uzcvu9FveGqfpaX3ZPW-Fyehwu5Vl3m65GaxGcwAAAAB4AGDqfYX4AQQAiAAAAACQAAAAAKAIqPi3ELgAAAAAwAAgcGvVAIDiMBCX5ey0-wMA4KEABABAAIMEQCCypQTgYiv0BAAAAAAAAACA5f___z8GIC-_WAZgw-etB-DBB-CBqOCwiBEAAABAVj7Q8tGkTqgsqgAACNKtAK4AAALyGs55GcIAAAAExhboYfH7zQ67xu92GQAAAAAAAACA2f_ZP5qQlAduWpAVxZ7aLyAAwNovIAAAm7oBALwFwAUdQSsGg9UpxG44W-xGk81ydgAAAAB3_____3ogMlrZRg6PZeWwTGy7iW04s-xWM99wZJs5d4PFwntAcSWW4lUNdH0hwjL7fQcF5fT0mF0GUdH1ttgdTrPnID5oGJaTQTC_CVuMVpPJZjmcLReTwXA0HI32J4DLAU7EYLmcTBaT3Wq0Gm2Gu9FssECBGExwQoajzWQ12q12k-VwMhrNNpMNUrRqNRttBsPVbDLb7VbDwXA5GiFFaxazyWQxGy13m8FyMhoMJ8MhwthosnLZfBu3ZjDzrEWzlWmtsPlWbt1mMJotjLvhYGNxi14f0284mOw2wy0KBkjtRXCRTkRHl-d1NzmcZudFLNGcLNKJ7LKvjFa2kcNjWTksE9tuYhvOLLvVzDcc2WbO3WCx8NdGk5XL5tu4NYOZZy2arUxrhc23cus2g9FsYdwNBxuLW_T6mH7DwWS3Ge4bs8VytFktZ4N9Y7ZYjjar5Wyw79AZvqvP2ehMiw8emXa9u96KMvNB4TJYvD-JaTHtzg5-aevo9Pk8yoLOKLx-j16DwnPwmMbLW-1Y3j6b6eMwoYglgtNFOhG9jKeLWCJ5WqQT0ciy8i0mHsdqt3DZDIvBZrma7WYuj8Xk8sxmE4tYojRdpBO90O92-RWe0-VhfdldHodb6XlrHjaXW_R3S1xundP2srtFf7fmZXf6LW-N0_S0vuyet8JkdLjdyrNvt9wMVqOJ-o8NuJxLRsu5bDSXDDarBAAAAAAAAACwhDnzJgAAAACnQcyGk81uuQAQDl26QAI-TLYRHou79mNeBUaCCjXFjR8v0NHled1NDqfZeebNnglirVbLGgAAQAAbAAAggFs3bwFhkRw!&cmcv=&pix=undefined&cb=1619435961995&uv=2958&tms=1619435961995&abt=adh5c-1_vA!insc_vA!nrlc_vA!ntvc_vB!rft_vC!secure_protocol_vA!secure_protocol_vB!secure_vB!spa2_vA!ufm_vD&ft=0&su=3&unm=FEED_MANAGER&aure=false&agl=1&cirid=3A2D28DFBC969449131165487&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.thesundaily.my/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.thesundaily.my/

Response headers

server: nginx
content-type: text/html;charset=ISO-8859-1
content-encoding: gzip
accept-ranges: bytes
date: Mon, 26 Apr 2021 11:19:22 GMT
via: 1.1 varnish
x-served-by: cache-hhn11538-HHN
x-cache: MISS
x-cache-hits: 0
x-timer: S1619435962.002431,VS0,VE35
vary: Accept-Encoding

GET
H2 200 sync Show response
am-match.taboola.com/ Frame BDDF 973 B
1 KB 26ms
20ms Document
text/html 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://am-match.taboola.com/sync?dast=V75g8CFgOOnMIAPEMHZgSOnMIAPEMHZgUAAAAGBvQHGbOgjCjDEY3CYc6Wo9FysVksZqvRcDeEjVlQRpThiEbhMGfL0Wg5mCwmo91uMBtMpvBhLJfJoBZIWGa_76CgnJ4es8sgKrreFrvDafa8QQxNp8Pnutfrfr-76OjyvO4mh9PsvKudf6Hf7fIrPKfLw_qyuzwOt9Lz1jxsLrfo75a43Dqn7WV3i_5uzcvu9FveGqfpaX3ZPW-Fyehwu5Vl3m65GaxGcwAAAAB4AGDqfYX4AQQAiAAAAACQAAAAAKAIqPi3ELgAAAAAwAAgcGvVAIDiMBCX5ey0-wMA4KEABABAAIMEQCCypQTgYiv0BAAAAAAAAACA5f___z8GIC-_WAZgw-etB-DBB-CBqOCwiBEAAABAVj7Q8tGkTqgsqgAACNKtAK4AAALyGs55GcIAAAAExhboYfH7zQ67xu92GQAAAAAAAACA2f_ZP5qQlAduWpAVxZ7aLyAAwNovIAAAm7oBALwFwAUdQSsGg9UpxG44W-xGk81ydgAAAAB3_____3ogMlrZRg6PZeWwTGy7iW04s-xWM99wZJs5d4PFwntAcSWW4lUNdH0hwjL7fQcF5fT0mF0GUdH1ttgdTrPnID5oGJaTQTC_CVuMVpPJZjmcLReTwXA0HI32J4DLAU7EYLmcTBaT3Wq0Gm2Gu9FssECBGExwQoajzWQ12q12k-VwMhrNNpMNUrRqNRttBsPVbDLb7VbDwXA5GiFFaxazyWQxGy13m8FyMhoMJ8MhwthosnLZfBu3ZjDzrEWzlWmtsPlWbt1mMJotjLvhYGNxi14f0284mOw2wy0KBkjtRXCRTkRHl-d1NzmcZudFLNGcLNKJ7LKvjFa2kcNjWTksE9tuYhvOLLvVzDcc2WbO3WCx8NdGk5XL5tu4NYOZZy2arUxrhc23cus2g9FsYdwNBxuLW_T6mH7DwWS3Ge4bs8VytFktZ4N9Y7ZYjjar5Wyw79AZvqvP2ehMiw8emXa9u96KMvNB4TJYvD-JaTHtzg5-aevo9Pk8yoLOKLx-j16DwnPwmMbLW-1Y3j6b6eMwoYglgtNFOhG9jKeLWCJ5WqQT0ciy8i0mHsdqt3DZDIvBZrma7WYuj8Xk8sxmE4tYojRdpBO90O92-RWe0-VhfdldHodb6XlrHjaXW_R3S1xundP2srtFf7fmZXf6LW-N0_S0vuyet8JkdLjdyrNvt9wMVqOJ-o8NuJxLRsu5bDSXDDarBAAAAAAAAACwhDnzJgAAAACnQcyGk81uuQAQDl26QAI-TLYRHou79mNeBUaCCjXFjR8v0NHled1NDqfZeebNnglirVbLGgAAQAAbAAAggFs3bwFhkRw!&excid=22&docw=0&cijs=1&nlb=true
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/3.4.1/UnitFeedManagerDesktop.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: c23d2c9f5b7e41763b497c7692a53ce1e675ae659bdc34465ca28ab0303f0720

Request headers

:method: GET
:authority: am-match.taboola.com
:scheme: https
:path: /sync?dast=V75g8CFgOOnMIAPEMHZgSOnMIAPEMHZgUAAAAGBvQHGbOgjCjDEY3CYc6Wo9FysVksZqvRcDeEjVlQRpThiEbhMGfL0Wg5mCwmo91uMBtMpvBhLJfJoBZIWGa_76CgnJ4es8sgKrreFrvDafa8QQxNp8Pnutfrfr-76OjyvO4mh9PsvKudf6Hf7fIrPKfLw_qyuzwOt9Lz1jxsLrfo75a43Dqn7WV3i_5uzcvu9FveGqfpaX3ZPW-Fyehwu5Vl3m65GaxGcwAAAAB4AGDqfYX4AQQAiAAAAACQAAAAAKAIqPi3ELgAAAAAwAAgcGvVAIDiMBCX5ey0-wMA4KEABABAAIMEQCCypQTgYiv0BAAAAAAAAACA5f___z8GIC-_WAZgw-etB-DBB-CBqOCwiBEAAABAVj7Q8tGkTqgsqgAACNKtAK4AAALyGs55GcIAAAAExhboYfH7zQ67xu92GQAAAAAAAACA2f_ZP5qQlAduWpAVxZ7aLyAAwNovIAAAm7oBALwFwAUdQSsGg9UpxG44W-xGk81ydgAAAAB3_____3ogMlrZRg6PZeWwTGy7iW04s-xWM99wZJs5d4PFwntAcSWW4lUNdH0hwjL7fQcF5fT0mF0GUdH1ttgdTrPnID5oGJaTQTC_CVuMVpPJZjmcLReTwXA0HI32J4DLAU7EYLmcTBaT3Wq0Gm2Gu9FssECBGExwQoajzWQ12q12k-VwMhrNNpMNUrRqNRttBsPVbDLb7VbDwXA5GiFFaxazyWQxGy13m8FyMhoMJ8MhwthosnLZfBu3ZjDzrEWzlWmtsPlWbt1mMJotjLvhYGNxi14f0284mOw2wy0KBkjtRXCRTkRHl-d1NzmcZudFLNGcLNKJ7LKvjFa2kcNjWTksE9tuYhvOLLvVzDcc2WbO3WCx8NdGk5XL5tu4NYOZZy2arUxrhc23cus2g9FsYdwNBxuLW_T6mH7DwWS3Ge4bs8VytFktZ4N9Y7ZYjjar5Wyw79AZvqvP2ehMiw8emXa9u96KMvNB4TJYvD-JaTHtzg5-aevo9Pk8yoLOKLx-j16DwnPwmMbLW-1Y3j6b6eMwoYglgtNFOhG9jKeLWCJ5WqQT0ciy8i0mHsdqt3DZDIvBZrma7WYuj8Xk8sxmE4tYojRdpBO90O92-RWe0-VhfdldHodb6XlrHjaXW_R3S1xundP2srtFf7fmZXf6LW-N0_S0vuyet8JkdLjdyrNvt9wMVqOJ-o8NuJxLRsu5bDSXDDarBAAAAAAAAACwhDnzJgAAAACnQcyGk81uuQAQDl26QAI-TLYRHou79mNeBUaCCjXFjR8v0NHled1NDqfZeebNnglirVbLGgAAQAAbAAAggFs3bwFhkRw!&excid=22&docw=0&cijs=1&nlb=true
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.thesundaily.my/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.thesundaily.my/

Response headers

server: nginx
date: Mon, 26 Apr 2021 11:19:22 GMT
content-type: text/html;charset=ISO-8859-1
machineid: 9404

POST
H2 200 VideoBidRequestHandlerServlet Show response
wf.taboola.com/ 4 KB
3 KB 105ms
104ms XHR
application/json 199.232.137.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://wf.taboola.com/VideoBidRequestHandlerServlet?oid=15&width=700&height=393&pubid=169497&tagid=953497&crid=5029295&noaop=3&sortOrderType=0&cb=1619435961999&mimes=5,10,11,12&isvideo=0&plmd=2&mindur=1&maxdur=210&minbr=1&maxbr=10000&st=0&seq=1&pv=1220&pt=1657214258&tz=120&viewable=true&ddast=V75g8CFgOOnMIAPEMHZgSOnMIAPEMHZgUAAAAGBvQHGbOgjCjDEY3CYc6Wo9FysVksZqvRcDeEjVlQRpThiEbhMGfL0Wg5mCwmo91uMBtMpvBhLJfJoBZIWGa_76CgnJ4es8sgKrreFrvDafa8QQxNp8Pnutfrfr-76OjyvO4mh9PsvKudf6Hf7fIrPKfLw_qyuzwOt9Lz1jxsLrfo75a43Dqn7WV3i_5uzcvu9FveGqfpaX3ZPW-Fyehwu5Vl3m65GaxGcwAAAAB4AGDqfYX4AQQAiAAAAACQAAAAAKAIqPi3ELgAAAAAwAAgcGvVAIDiMBCX5ey0-wMA4KEABABAAIMEQCCypQTgYiv0BAAAAAAAAACA5f___z8GIC-_WAZgw-etB-DBB-CBqOCwiBEAAABAVj7Q8tGkTqgsqgAACNKtAK4AAALyGs55GcIAAAAExhboYfH7zQ67xu92GQAAAAAAAACA2f_ZP5qQlAduWpAVxZ7aLyAAwNovIAAAm7oBALwFwAUdQSsGg9UpxG44W-xGk81ydgAAAAB3_____3ogMlrZRg6PZeWwTGy7iW04s-xWM99wZJs5d4PFwntAcSWW4lUNdH0hwjL7fQcF5fT0mF0GUdH1ttgdTrPnID5oGJaTQTC_CVuMVpPJZjmcLReTwXA0HI32J4DLAU7EYLmcTBaT3Wq0Gm2Gu9FssECBGExwQoajzWQ12q12k-VwMhrNNpMNUrRqNRttBsPVbDLb7VbDwXA5GiFFaxazyWQxGy13m8FyMhoMJ8MhwthosnLZfBu3ZjDzrEWzlWmtsPlWbt1mMJotjLvhYGNxi14f0284mOw2wy0KBkjtRXCRTkRHl-d1NzmcZudFLNGcLNKJ7LKvjFa2kcNjWTksE9tuYhvOLLvVzDcc2WbO3WCx8NdGk5XL5tu4NYOZZy2arUxrhc23cus2g9FsYdwNBxuLW_T6mH7DwWS3Ge4bs8VytFktZ4N9Y7ZYjjar5Wyw79AZvqvP2ehMiw8emXa9u96KMvNB4TJYvD-JaTHtzg5-aevo9Pk8yoLOKLx-j16DwnPwmMbLW-1Y3j6b6eMwoYglgtNFOhG9jKeLWCJ5WqQT0ciy8i0mHsdqt3DZDIvBZrma7WYuj8Xk8sxmE4tYojRdpBO90O92-RWe0-VhfdldHodb6XlrHjaXW_R3S1xundP2srtFf7fmZXf6LW-N0_S0vuyet8JkdLjdyrNvt9wMVqOJ-o8NuJxLRsu5bDSXDDarBAAAAAAAAACwhDnzJgAAAACnQcyGk81uuQAQDl26QAI-TLYRHou79mNeBUaCCjXFjR8v0NHled1NDqfZeebNnglirVbLGgAAQAAbAAAggFs3bwFhkRw!&proto=2,3,5,6&encoded=1&pstn=1&callback=&wfv=1&amp=0&qsz=6&ft=0&pb=0&pagg=1&sd=undefined&dtagid=1530785&dpubid=168237&abtst=adh5c-1_vA!insc_vA!nrlc_vA!ntvc_vB!rft_vC!secure_protocol_vA!secure_protocol_vB!secure_vB!spa2_vA!ufm_vD&mPre=0.033&cirf=https%3A%2F%2Fwww.thesundaily.my&en=1&subu=3
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/3.4.1/UnitFeedManagerDesktop.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 6d7cb1e729787a153d5462d26a1b81c4f5281ff81f4bfcfc9fe63ec91bcf258e

Request headers

Referer: https://www.thesundaily.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type: text/plain

Response headers

date: Mon, 26 Apr 2021 11:19:22 GMT
content-encoding: gzip
access-control-allow-origin: https://www.thesundaily.my
machineid: 1472
x-cache: MISS
x-cache-hits: 0
x-served-by: cache-hhn11538-HHN
pragma: no-cache
server: nginx
x-timer: S1619435962.004277,VS0,VE96
vary: Accept-Encoding
content-type: application/json;charset=utf-8
via: 1.1 varnish
cache-control: no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
access-control-allow-credentials: true
accept-ranges: bytes
link: <http://ads.stickyadstv.com>; rel=preconnect
expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H2 200 st
am-vid-events.taboola.com/ 0
43 B 25ms
19ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://am-vid-events.taboola.com/st?cijs=convusmp&ttype=45&cisd=convusmp&cipid=7993797&crid=5029295&dast=V75g8CFgOOnMIAPEMHZgSOnMIAPEMHZgUAAAAGBvQHGbOgjCjDEY3CYc6Wo9FysVksZqvRcDeEjVlQRpThiEbhMGfL0Wg5mCwmo91uMBtMpvBhLJfJoBZIWGa_76CgnJ4es8sgKrreFrvDafa8QQxNp8Pnutfrfr-76OjyvO4mh9PsvKudf6Hf7fIrPKfLw_qyuzwOt9Lz1jxsLrfo75a43Dqn7WV3i_5uzcvu9FveGqfpaX3ZPW-Fyehwu5Vl3m65GaxGcwAAAAB4AGDqfYX4AQQAiAAAAACQAAAAAKAIqPi3ELgAAAAAwAAgcGvVAIDiMBCX5ey0-wMA4KEABABAAIMEQCCypQTgYiv0BAAAAAAAAACA5f___z8GIC-_WAZgw-etB-DBB-CBqOCwiBEAAABAVj7Q8tGkTqgsqgAACNKtAK4AAALyGs55GcIAAAAExhboYfH7zQ67xu92GQAAAAAAAACA2f_ZP5qQlAduWpAVxZ7aLyAAwNovIAAAm7oBALwFwAUdQSsGg9UpxG44W-xGk81ydgAAAAB3_____3ogMlrZRg6PZeWwTGy7iW04s-xWM99wZJs5d4PFwntAcSWW4lUNdH0hwjL7fQcF5fT0mF0GUdH1ttgdTrPnID5oGJaTQTC_CVuMVpPJZjmcLReTwXA0HI32J4DLAU7EYLmcTBaT3Wq0Gm2Gu9FssECBGExwQoajzWQ12q12k-VwMhrNNpMNUrRqNRttBsPVbDLb7VbDwXA5GiFFaxazyWQxGy13m8FyMhoMJ8MhwthosnLZfBu3ZjDzrEWzlWmtsPlWbt1mMJotjLvhYGNxi14f0284mOw2wy0KBkjtRXCRTkRHl-d1NzmcZudFLNGcLNKJ7LKvjFa2kcNjWTksE9tuYhvOLLvVzDcc2WbO3WCx8NdGk5XL5tu4NYOZZy2arUxrhc23cus2g9FsYdwNBxuLW_T6mH7DwWS3Ge4bs8VytFktZ4N9Y7ZYjjar5Wyw79AZvqvP2ehMiw8emXa9u96KMvNB4TJYvD-JaTHtzg5-aevo9Pk8yoLOKLx-j16DwnPwmMbLW-1Y3j6b6eMwoYglgtNFOhG9jKeLWCJ5WqQT0ciy8i0mHsdqt3DZDIvBZrma7WYuj8Xk8sxmE4tYojRdpBO90O92-RWe0-VhfdldHodb6XlrHjaXW_R3S1xundP2srtFf7fmZXf6LW-N0_S0vuyet8JkdLjdyrNvt9wMVqOJ-o8NuJxLRsu5bDSXDDarBAAAAAAAAACwhDnzJgAAAACnQcyGk81uuQAQDl26QAI-TLYRHou79mNeBUaCCjXFjR8v0NHled1NDqfZeebNnglirVbLGgAAQAAbAAAggFs3bwFhkRw!&cmcv=&pix=31589837&cb=1619435961995&uv=2958&tms=1619435961995&abt=adh5c-1_vA!insc_vA!nrlc_vA!ntvc_vB!rft_vC!secure_protocol_vA!secure_protocol_vB!secure_vB!spa2_vA!ufm_vD&ft=0&su=3&unm=FEED_MANAGER&debug=pn:!sqg:!torgn:1619435959460.388!ts:1619435961995&mntl=1
Requested by: Host: www.thesundaily.my
URL: https://www.thesundaily.my/home/astrazeneca-is-safe-to-be-given-to-senior-citizens-adham-YL7793054?_hsmi=88974744&_hsenc=p2ANqtz-_G5s6CORBttERc_beHteVqqnJIJh5EriMR00fz0Cexxf2lQpsFfBisijUxttE-tNX9yfHTn7fBQWbcOnOkY3_eCosMOOPpTIuaIKsiuCzrvP7v03c
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.thesundaily.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Apr 2021 11:19:22 GMT
content-length: 0
server: nginx

GET
H3-29 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame AE57 42 B
64 B 14ms
14ms Fetch
image/gif 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjss3gH0UUkLB1dinWPdcrlNsD4n4-Ipiq89bDjKkz4Quqsz36Y2z2KEuFqv8DRIq1jgcGEsfGrUKFvCTqaODNJQXNraev6hkT1S-4ILm0ss&sig=Cg0ArKJSzHNUdzhPJT_yEAE&id=lidar2&mcvt=1107&p=198,221,438,1391&mtos=1107,1107,1107,1107,1107&tos=1107,0,0,0,0&v=20210421&bin=7&avms=nio&bs=1600,1200&mc=1&app=0&itpl=3&adk=3154283803&rs=4&met=mue&la=1&cr=0&osd=1&vs=4&rst=1619435960832&dlt=0&rpt=152&isd=0&msd=0&r=v&fum=1

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.thesundaily.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 26 Apr 2021 11:19:22 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 7680 42 B
64 B 15ms
15ms Fetch
image/gif 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuWFy-03nGEmlLkDsGQSQhBMJOJsbAmi4M5SQD29O6qNClIcFU8xOIXQbbcMul95psp32PfezYbETVURA7ZTIuMz6takxkTjEbe2sjgRvU&sig=Cg0ArKJSzIzzSLzkKrZPEAE&id=lidar2&mcvt=1037&p=892,1040,1142,1340&mtos=1037,1037,1037,1037,1037&tos=1037,0,0,0,0&v=20210421&bin=7&avms=nio&bs=1600,1200&mc=1&app=0&itpl=3&adk=3079932573&rs=4&met=mue&la=0&cr=0&osd=1&vs=4&rst=1619435960833&dlt=0&rpt=160&isd=0&msd=0&r=v&fum=1

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.thesundaily.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 26 Apr 2021 11:19:22 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 adview
googleads.g.doubleclick.net/pagead/ Frame 0F1B 0
0 50ms
50ms Fetch
text/html 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=C2sLsuaGGYIC9FLKN7_UPo6WwuAqnuLCiYs-Cy8vADf6X_M7jIxABIMP1lxFglfrwgYwHoAG2wpCaA8gBCakCCh3w4LdPtD6oAwHIA0iqBLYDT9BO6oEEBqnpgxhpZiK83xV5doK5PLt79l5dqObaCQ3xEiaQQlgI_2LNUESIMWRhJqy29DhnXYO_FJEoitJqJOveGW35tbBJJVsR8v08_yFDK330lkXaSxxvvRoP0vW87OAJyrFweT6WdCg-Fne-o-7NMduKG6U1GYrcuC7sTeQg5AlifQjAyBuNL1J_4szxFIzQxe41LhMI4QzA8sUR5akEFI_coXsFCNE7cp4knW2BUI68L3rHkPAzsfdhO5grEMmJaVQ93LMMnEPbcqUlfaTQNWw3ut7p6tKr98TfWbKHqEOG9aTD8mhtIo6J9a4DZKXPDKZrOUNPtVlIFzGNTrqFBJ_jIEx5iWajzjpeVM3B7OumlfJ1wSzboaLuFmZLV2S1TH99vjHblF5NTol_owSxoRkA2byK0YgeVHhQ9ifHcZfC2E9tlsOAuSmFXBDzpplWSZqyy-lCrPqoDSPIhUcqiHmU1MOkO1xmq6jm5r_OzYT0UIh0fAL5zvgkX4Rzg0BLyflw_g6Vv2JQQbm41csAy_8FmRB5KtqB8s0PjpJxkW8a5NyaDiVzZzTlzp6ksAPZ9f5-wAS5kOKe0AOSBQQIBBgBkgUECAUYBJIFBAgFGBiSBQUIBRioAaAGLoAHsr3vZagH1ckbqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfulrECqAemvhuoB-zVG9gHAPIHBBCuyAjSCAkIgOGAEBABGB-ACgHICwHYEw2IFAHQFQGAFwGyFxoKGAgAEhRwdWItNjk5OTk2ODY5ODgyNzM5NQ&sigh=hmq-bqZ6ZQo&template_id=419

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6999968698827395&output=html&h=600&slotname=3502211389&adk=549021246&adf=281698034&pi=t.ma~as.3502211389&w=300&lmt=1619435961&psa=0&format=300x600&url=https%3A%2F%2Fwww.thesundaily.my%2Fhome%2Fastrazeneca-is-safe-to-be-given-to-senior-citizens-adham-YL7793054%3F_hsmi%3D88974744%26_hsenc%3Dp2ANqtz-_G5s6CORBttERc_beHteVqqnJIJh5EriMR00fz0Cexxf2lQpsFfBisijUxttE-tNX9yfHTn7fBQWbcOnOkY3_eCosMOOPpTIuaIKsiuCzrvP7v03c&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1619435961197&bpp=2&bdt=1420&idt=115&shv=r20210422&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3De3d6216e8f34a7bf-22ed5eaef1c70050%3AT%3D1619435960%3AS%3DALNI_MZZAhX_12i2lcgiNsdHRzfKQXL_FQ&prev_fmts=300x250&correlator=3256238547201&frm=20&pv=1&ga_vid=353529585.1619435960&ga_sid=1619435960&ga_hid=1243480928&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1040&ady=3708&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C21068108%2C31060839&oid=3&pvsid=3866203379239951&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=14&uci=a!e&btvi=2&fsb=1&xpc=XyCO8G3lCI&p=https%3A//www.thesundaily.my&dtd=119
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Mon, 26 Apr 2021 11:19:22 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3-29 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 0662 1 KB
749 B 6ms
6ms Document
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: pagead2.googlesyndication.com
:scheme: https
:path: /pagead/s/cookie_push_onload.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/

Response headers

p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Mon, 26 Apr 2021 03:14:09 GMT
expires: Tue, 27 Apr 2021 03:14:09 GMT
content-type: text/html; charset=UTF-8
etag: 48472445140208031
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 724
x-xss-protection: 0
cache-control: public, max-age=86400
age: 29113
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 2419807376670899038
tpc.googlesyndication.com/simgad/ Frame C6B0 43 KB
43 KB 8ms
7ms Image
image/png 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/2419807376670899038?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qnLbiyz08UzS3qfCvjyvXtpGAmYdQ

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6999968698827395&output=html&h=250&slotname=5114150528&adk=120511616&adf=2751417941&pi=t.ma~as.5114150528&w=300&psa=0&format=300x250&url=https%3A%2F%2Fwww.thesundaily.my%2Fhome%2Fastrazeneca-is-safe-to-be-given-to-senior-citizens-adham-YL7793054%3F_hsmi%3D88974744%26_hsenc%3Dp2ANqtz-_G5s6CORBttERc_beHteVqqnJIJh5EriMR00fz0Cexxf2lQpsFfBisijUxttE-tNX9yfHTn7fBQWbcOnOkY3_eCosMOOPpTIuaIKsiuCzrvP7v03c&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1619435961243&bpp=2&bdt=82&idt=203&shv=r20210422&cbv=r20190131&ptt=9&saldr=aa&cookie=ID%3De3d6216e8f34a7bf-22ed5eaef1c70050%3AT%3D1619435960%3AS%3DALNI_MZZAhX_12i2lcgiNsdHRzfKQXL_FQ&correlator=3256238547201&frm=23&ife=1&pv=1&ga_vid=353529585.1619435960&ga_sid=1619435961&ga_hid=1372567628&ga_fc=1&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1040&ady=2676&biw=1600&bih=1200&isw=300&ish=250&ifk=2991338289&scr_x=0&scr_y=0&oid=3&pvsid=3912251608612625&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.mdw51gcrxzsj&btvi=1&fsb=1&dtd=211

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ff35395d737f58417c911c0f32b21f1c581565227b042df486e9cdbfad6344a3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 25 Apr 2021 03:59:25 GMT
x-content-type-options: nosniff
last-modified: Thu, 04 Mar 2021 03:33:53 GMT
server: sffe
age: 112797
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43906
x-xss-protection: 0
expires: Mon, 25 Apr 2022 03:59:25 GMT

GET
H3-29 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210422/r20110914/ Frame C6B0 17 KB
7 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210422/r20110914/abg_lite_fy2019.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e9f3358441fb5f83ee3575f81df787bbade8b416b009cbdcbd3b71c8b6f560e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Apr 2021 11:18:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 72
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7028
x-xss-protection: 0
server: cafe
etag: 3134275839577271762
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 10 May 2021 11:18:10 GMT

GET
H3-29 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210422/r20110914/client/ Frame C6B0 2 KB
1 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210422/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Apr 2021 11:15:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 262
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1303
x-xss-protection: 0
server: cafe
etag: 14729628269804859526
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 10 May 2021 11:15:00 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame C6B0 116 KB
35 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dc015126841eaa9b1b79ee123e13d7d07ad7fe77f22366b05c480eff59a7a25e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Apr 2021 11:19:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1619017370605640"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36032
x-xss-protection: 0
expires: Mon, 26 Apr 2021 11:19:22 GMT

GET
H3-29 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210422/r20110914/client/ Frame C6B0 13 KB
6 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210422/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

439ab67fa3c312bb442bed574ea79be834dbd92f3bd7d2288b6f3fce4d0afb0c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Apr 2021 11:17:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 101
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5604
x-xss-protection: 0
server: cafe
etag: 2846967340006788112
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 10 May 2021 11:17:41 GMT

GET
H3-29 204 l
www.google.com/ads/measurement/ Frame C6B0 0
0 14ms
13ms Image
text/html 2a00:1450:4001:80e::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQqV6f3XM2Ja7mXPSVZKruWXZTmACU-jWtWx6LP190_fSkg18sGvonrvJdMEkzydN4UW-9K8yNc7q8OXWy50ymsSpvq2w
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6999968698827395&output=html&h=250&slotname=5114150528&adk=120511616&adf=2751417941&pi=t.ma~as.5114150528&w=300&psa=0&format=300x250&url=https%3A%2F%2Fwww.thesundaily.my%2Fhome%2Fastrazeneca-is-safe-to-be-given-to-senior-citizens-adham-YL7793054%3F_hsmi%3D88974744%26_hsenc%3Dp2ANqtz-_G5s6CORBttERc_beHteVqqnJIJh5EriMR00fz0Cexxf2lQpsFfBisijUxttE-tNX9yfHTn7fBQWbcOnOkY3_eCosMOOPpTIuaIKsiuCzrvP7v03c&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1619435961243&bpp=2&bdt=82&idt=203&shv=r20210422&cbv=r20190131&ptt=9&saldr=aa&cookie=ID%3De3d6216e8f34a7bf-22ed5eaef1c70050%3AT%3D1619435960%3AS%3DALNI_MZZAhX_12i2lcgiNsdHRzfKQXL_FQ&correlator=3256238547201&frm=23&ife=1&pv=1&ga_vid=353529585.1619435960&ga_sid=1619435961&ga_hid=1372567628&ga_fc=1&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1040&ady=2676&biw=1600&bih=1200&isw=300&ish=250&ifk=2991338289&scr_x=0&scr_y=0&oid=3&pvsid=3912251608612625&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.mdw51gcrxzsj&btvi=1&fsb=1&dtd=211
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3-29 200 one_click_handler_one_afma_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210422/r20110914/client/ Frame C6B0 25 KB
10 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210422/r20110914/client/one_click_handler_one_afma_fy2019.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef701bcdb11abe6ee6b906497f307cf8591be7b46258e201b2da192ba009e308

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Apr 2021 09:12:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 7626
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10420
x-xss-protection: 0
server: cafe
etag: 5410920360913075790
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 10 May 2021 09:12:16 GMT

GET
H3-29 200 adview
googleads.g.doubleclick.net/pagead/ Frame C6B0 0
0 52ms
51ms Fetch
text/html 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CTwjouaGGYPOjIZ2U9u8P0qetkAO4qtytYsuVxdbhDaCHgOyQAhABIMP1lxFglfrwgYwHoAGHg7_3A8gBAqgDAcgDyQSqBLkDT9Cg9ze_IYdH9XF7x3XokjIgichAeDglY-cqI1wPM31lqD0nC8F4qO8x6JgcpCmeMgVgmMd_5oQXRIW-VjxpfOLQoDr-A2NU8U9t5QCRir4hVgn4KV7klDKERug-hku6LvbLSGQpvsZi8g3g-GGVcR8feAaWV1eFe9RTevvmmBx6a8S6aRgmhIVTmjxNfz_OzeSqn6DEesSNEop1YMhHPDPebW3PtPAvvkS6-krdhfbLlPpb2zXoB8iyU6IoOtMAn-UaXKro86olvxEy1wwK2gshKw1g7sGtcsHSwhfby-72wkadZYhJOm4NnpuPWAWsFWio0Oa_N3CD3QOUk4CYQkKviFSg1DWBKY6CZd4bNsQiAhDV9n4aZW-GSmdFfwQ5d6a8gY8ETBGWCmStQ--bA-tNU2qbhIvKfUJ_Euqi7uV2bu8G5pZQ7rr4uhhKAKXbQhuTeW2YszqMI07_DTBmiREiluk4Yu2hjXcAs09N4RhFlkug_GH1k86vQAqV0eH0-3wVJY-6q1q1bpPj8UaMPdswoEahn2l5VTXpCkdYrHkeVzqBHBOYE4-VW5hiejvpsZTfSuSv_y9xwASZk-2FvwOSBQQIBBgBkgUECAUYBKAGAoAH5PSXiQGoB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7paxAqgHpr4bqAfs1RvYBwHyBwQQieAW0ggJCIDhgBAQARgfgAoByAsB2BMM0BUBgBcBshcaChgIABIUcHViLTY5OTk5Njg2OTg4MjczOTU&sigh=jakNYRsTzOI

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6999968698827395&output=html&h=250&slotname=5114150528&adk=120511616&adf=2751417941&pi=t.ma~as.5114150528&w=300&psa=0&format=300x250&url=https%3A%2F%2Fwww.thesundaily.my%2Fhome%2Fastrazeneca-is-safe-to-be-given-to-senior-citizens-adham-YL7793054%3F_hsmi%3D88974744%26_hsenc%3Dp2ANqtz-_G5s6CORBttERc_beHteVqqnJIJh5EriMR00fz0Cexxf2lQpsFfBisijUxttE-tNX9yfHTn7fBQWbcOnOkY3_eCosMOOPpTIuaIKsiuCzrvP7v03c&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1619435961243&bpp=2&bdt=82&idt=203&shv=r20210422&cbv=r20190131&ptt=9&saldr=aa&cookie=ID%3De3d6216e8f34a7bf-22ed5eaef1c70050%3AT%3D1619435960%3AS%3DALNI_MZZAhX_12i2lcgiNsdHRzfKQXL_FQ&correlator=3256238547201&frm=23&ife=1&pv=1&ga_vid=353529585.1619435960&ga_sid=1619435961&ga_hid=1372567628&ga_fc=1&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1040&ady=2676&biw=1600&bih=1200&isw=300&ish=250&ifk=2991338289&scr_x=0&scr_y=0&oid=3&pvsid=3912251608612625&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.mdw51gcrxzsj&btvi=1&fsb=1&dtd=211
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Mon, 26 Apr 2021 11:19:22 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame D53A 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: dfd4e99e921a1a541656cd1f5790a84ad08d165a770a7d9e0cb2b8106593c279

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-29 200 cookie.js Show response
partner.googleadservices.com/gampad/ Frame B323 12 B
53 B 25ms
24ms Script
text/javascript 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

daa795332e5dbcf893adf2d5f3349f02b8c1cb957ff3b5f4c11b742e33c3376f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.thesundaily.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Apr 2021 11:19:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 32
x-xss-protection: 0

GET
H3-29 200 integrator.js Show response
adservice.google.de/adsid/ Frame B323 107 B
122 B 26ms
26ms Script
application/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.thesundaily.my

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.thesundaily.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 26 Apr 2021 11:19:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 integrator.js Show response
adservice.google.com/adsid/ Frame B323 107 B
122 B 25ms
25ms Script
application/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.thesundaily.my

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.thesundaily.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 26 Apr 2021 11:19:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame BDE3 64 KB
24 KB 270ms
269ms Document
text/html 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6999968698827395&output=html&h=600&slotname=9497258750&adk=365577592&adf=2751417938&pi=t.ma~as.9497258750&w=160&psa=0&format=160x600&url=https%3A%2F%2Fwww.thesundaily.my%2Fhome%2Fastrazeneca-is-safe-to-be-given-to-senior-citizens-adham-YL7793054%3F_hsmi%3D88974744%26_hsenc%3Dp2ANqtz-_G5s6CORBttERc_beHteVqqnJIJh5EriMR00fz0Cexxf2lQpsFfBisijUxttE-tNX9yfHTn7fBQWbcOnOkY3_eCosMOOPpTIuaIKsiuCzrvP7v03c&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1619435961809&bpp=4&bdt=193&idt=225&shv=r20210422&cbv=r20190131&ptt=9&saldr=aa&cookie=ID%3De3d6216e8f34a7bf-22ed5eaef1c70050%3AT%3D1619435960%3AS%3DALNI_MZZAhX_12i2lcgiNsdHRzfKQXL_FQ&correlator=3256238547201&frm=23&ife=1&pv=1&ga_vid=353529585.1619435960&ga_sid=1619435962&ga_hid=1087719516&ga_fc=1&nhd=1&u_tz=120&u_his=4&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1110&ady=4378&biw=1600&bih=1200&isw=160&ish=600&ifk=1594691852&scr_x=0&scr_y=0&eid=44740386&oid=3&pvsid=11907315495935&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C160%2C600&vis=1&rsz=%7C%7CEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.6uytnh5uuri&btvi=1&fsb=1&dtd=232

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

2720194c3499bfaf7f0b0e0b1f86f990a308ff0cacf5b406e08a6cb038508cbf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-6999968698827395&output=html&h=600&slotname=9497258750&adk=365577592&adf=2751417938&pi=t.ma~as.9497258750&w=160&psa=0&format=160x600&url=https%3A%2F%2Fwww.thesundaily.my%2Fhome%2Fastrazeneca-is-safe-to-be-given-to-senior-citizens-adham-YL7793054%3F_hsmi%3D88974744%26_hsenc%3Dp2ANqtz-_G5s6CORBttERc_beHteVqqnJIJh5EriMR00fz0Cexxf2lQpsFfBisijUxttE-tNX9yfHTn7fBQWbcOnOkY3_eCosMOOPpTIuaIKsiuCzrvP7v03c&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1619435961809&bpp=4&bdt=193&idt=225&shv=r20210422&cbv=r20190131&ptt=9&saldr=aa&cookie=ID%3De3d6216e8f34a7bf-22ed5eaef1c70050%3AT%3D1619435960%3AS%3DALNI_MZZAhX_12i2lcgiNsdHRzfKQXL_FQ&correlator=3256238547201&frm=23&ife=1&pv=1&ga_vid=353529585.1619435960&ga_sid=1619435962&ga_hid=1087719516&ga_fc=1&nhd=1&u_tz=120&u_his=4&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1110&ady=4378&biw=1600&bih=1200&isw=160&ish=600&ifk=1594691852&scr_x=0&scr_y=0&eid=44740386&oid=3&pvsid=11907315495935&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C160%2C600&vis=1&rsz=%7C%7CEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.6uytnh5uuri&btvi=1&fsb=1&dtd=232
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.thesundaily.my/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUn-x4tpVQ_df4hxllfSxOfRbWx8TKL0pMltEvDCgkhj5vFDGZ0KAB5i2yoxRf0
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.thesundaily.my/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Mon, 26 Apr 2021 11:19:22 GMT
server: cafe
content-length: 25033
x-xss-protection: 0
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame B323 10 KB
7 KB 23ms
23ms XHR
application/json 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20210422&st=env

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b2fdbf5f3088f284b48e1a2527069ea5c4da91ef01a2c41c192b88ac88fbb385

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.thesundaily.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 26 Apr 2021 11:19:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7631
x-xss-protection: 0

GET
H3-29 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ Frame B323 73 KB
28 KB 21ms
21ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4956137c69656045c048a157aaa84859657bbc7744019d26cce6b5bded84cc49

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.thesundaily.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Apr 2021 11:19:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1619017352525402"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28270
x-xss-protection: 0
expires: Mon, 26 Apr 2021 11:19:22 GMT

GET
H/1.1 200
OK / Show response
avd.innity.com/dc/cb/ Frame DB75 59 B
546 B 719ms
173ms Script
application/javascript 119.81.192.134
SOFTLAYER

General

Check archive.org

Show headers Download Go to

Full URL: https://avd.innity.com/dc/cb/?mt=_iampt._cbUC
Requested by: Host: avd.innity.net
URL: https://avd.innity.net/lib/dc.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 119.81.192.134 Singapore, Singapore, ASN36351 (SOFTLAYER, US),
Reverse DNS
Software: Apache /
Resource Hash: fcb3bce7602791640be6490ba017ee87c6e864fa9002b60d88578b172e292552

Request headers

Referer: https://www.thesundaily.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 26 Apr 2021 11:19:22 GMT
Content-Encoding: gzip
Last-Modified: Mon, 26 Apr 2021 11:19:22 GMT
Server: Apache
Vary: Accept-Encoding
P3P: policyref=http://www.innity.com/p3p/p3p.xml,CP="CURa ADMa DEVa OUR BUS UNI COM NAV INT"
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Content-Type: application/javascript
Content-Length: 77
Expires: Wed, 04 Aug 1985 12:59:00 GMT

GET
H3-29 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 81C0 143 B
163 B 18ms
7ms Document
text/html 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

safe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/s?v=r20120211
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6999968698827395&output=html&h=600&slotname=3502211389&adk=549021246&adf=281698034&pi=t.ma~as.3502211389&w=300&lmt=1619435961&psa=0&format=300x600&url=https%3A%2F%2Fwww.thesundaily.my%2Fhome%2Fastrazeneca-is-safe-to-be-given-to-senior-citizens-adham-YL7793054%3F_hsmi%3D88974744%26_hsenc%3Dp2ANqtz-_G5s6CORBttERc_beHteVqqnJIJh5EriMR00fz0Cexxf2lQpsFfBisijUxttE-tNX9yfHTn7fBQWbcOnOkY3_eCosMOOPpTIuaIKsiuCzrvP7v03c&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1619435961197&bpp=2&bdt=1420&idt=115&shv=r20210422&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3De3d6216e8f34a7bf-22ed5eaef1c70050%3AT%3D1619435960%3AS%3DALNI_MZZAhX_12i2lcgiNsdHRzfKQXL_FQ&prev_fmts=300x250&correlator=3256238547201&frm=20&pv=1&ga_vid=353529585.1619435960&ga_sid=1619435960&ga_hid=1243480928&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1040&ady=3708&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C21068108%2C31060839&oid=3&pvsid=3866203379239951&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=14&uci=a!e&btvi=2&fsb=1&xpc=XyCO8G3lCI&p=https%3A//www.thesundaily.my&dtd=119
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUn-x4tpVQ_df4hxllfSxOfRbWx8TKL0pMltEvDCgkhj5vFDGZ0KAB5i2yoxRf0
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6999968698827395&output=html&h=600&slotname=3502211389&adk=549021246&adf=281698034&pi=t.ma~as.3502211389&w=300&lmt=1619435961&psa=0&format=300x600&url=https%3A%2F%2Fwww.thesundaily.my%2Fhome%2Fastrazeneca-is-safe-to-be-given-to-senior-citizens-adham-YL7793054%3F_hsmi%3D88974744%26_hsenc%3Dp2ANqtz-_G5s6CORBttERc_beHteVqqnJIJh5EriMR00fz0Cexxf2lQpsFfBisijUxttE-tNX9yfHTn7fBQWbcOnOkY3_eCosMOOPpTIuaIKsiuCzrvP7v03c&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1619435961197&bpp=2&bdt=1420&idt=115&shv=r20210422&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3De3d6216e8f34a7bf-22ed5eaef1c70050%3AT%3D1619435960%3AS%3DALNI_MZZAhX_12i2lcgiNsdHRzfKQXL_FQ&prev_fmts=300x250&correlator=3256238547201&frm=20&pv=1&ga_vid=353529585.1619435960&ga_sid=1619435960&ga_hid=1243480928&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1040&ady=3708&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C21068108%2C31060839&oid=3&pvsid=3866203379239951&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=14&uci=a!e&btvi=2&fsb=1&xpc=XyCO8G3lCI&p=https%3A//www.thesundaily.my&dtd=119

Response headers

content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Mon, 26 Apr 2021 10:29:19 GMT
server: safe
content-length: 145
x-xss-protection: 0
cache-control: public, max-age=3600
age: 3003
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v27/ Frame D53A 16 KB
16 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v27/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C500

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bb46ed079c3dd3c39af5051b4ada48f29f49151dad4fa218117bad2fdb5e616f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://googleads.g.doubleclick.net
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Apr 2021 00:12:11 GMT
x-content-type-options: nosniff
last-modified: Mon, 05 Apr 2021 21:10:39 GMT
server: sffe
age: 558431
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15920
x-xss-protection: 0
expires: Wed, 20 Apr 2022 00:12:11 GMT

GET
H3-29 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v27/ Frame D53A 15 KB
15 KB 7ms
6ms Font
font/woff2 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v27/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C500

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://googleads.g.doubleclick.net
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 22 Apr 2021 01:43:32 GMT
x-content-type-options: nosniff
last-modified: Mon, 05 Apr 2021 21:10:35 GMT
server: sffe
age: 380150
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15688
x-xss-protection: 0
expires: Fri, 22 Apr 2022 01:43:32 GMT

GET
DATA 200
OK truncated
/ Frame 0F1B 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 01cce5c79876479e2e522c311ba99683dc2df88b576dc1ff98b779276792a695

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

POST
H2 204 gen_csp
pagead2.googlesyndication.com/pagead/ Frame 0F1B 0
121 B 39ms
39ms Other
image/gif 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CMD92Inlm_ACFbLGuwgdoxIMpw&gqi=uaGGYLKGFIGhlQeVn6G4Ag&layout=/sadbundle/%24csp%253Der3%24/1684394985928583253/index.html

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/csp-report

Response headers

pragma: no-cache
date: Mon, 26 Apr 2021 11:19:22 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame B323 17 KB
6 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c61a719b48533a1fa932729f4927ba1377a96c441b0d6a427096b867742b4645

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.thesundaily.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Apr 2021 11:19:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1616005470650935"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6437
x-xss-protection: 0
expires: Mon, 26 Apr 2021 11:19:22 GMT

GET
H2 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 12BF 143 B
226 B 6ms
5ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/s?v=r20120211
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6999968698827395&output=html&h=250&slotname=5114150528&adk=120511616&adf=2751417941&pi=t.ma~as.5114150528&w=300&psa=0&format=300x250&url=https%3A%2F%2Fwww.thesundaily.my%2Fhome%2Fastrazeneca-is-safe-to-be-given-to-senior-citizens-adham-YL7793054%3F_hsmi%3D88974744%26_hsenc%3Dp2ANqtz-_G5s6CORBttERc_beHteVqqnJIJh5EriMR00fz0Cexxf2lQpsFfBisijUxttE-tNX9yfHTn7fBQWbcOnOkY3_eCosMOOPpTIuaIKsiuCzrvP7v03c&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1619435961243&bpp=2&bdt=82&idt=203&shv=r20210422&cbv=r20190131&ptt=9&saldr=aa&cookie=ID%3De3d6216e8f34a7bf-22ed5eaef1c70050%3AT%3D1619435960%3AS%3DALNI_MZZAhX_12i2lcgiNsdHRzfKQXL_FQ&correlator=3256238547201&frm=23&ife=1&pv=1&ga_vid=353529585.1619435960&ga_sid=1619435961&ga_hid=1372567628&ga_fc=1&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1040&ady=2676&biw=1600&bih=1200&isw=300&ish=250&ifk=2991338289&scr_x=0&scr_y=0&oid=3&pvsid=3912251608612625&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.mdw51gcrxzsj&btvi=1&fsb=1&dtd=211
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6999968698827395&output=html&h=250&slotname=5114150528&adk=120511616&adf=2751417941&pi=t.ma~as.5114150528&w=300&psa=0&format=300x250&url=https%3A%2F%2Fwww.thesundaily.my%2Fhome%2Fastrazeneca-is-safe-to-be-given-to-senior-citizens-adham-YL7793054%3F_hsmi%3D88974744%26_hsenc%3Dp2ANqtz-_G5s6CORBttERc_beHteVqqnJIJh5EriMR00fz0Cexxf2lQpsFfBisijUxttE-tNX9yfHTn7fBQWbcOnOkY3_eCosMOOPpTIuaIKsiuCzrvP7v03c&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1619435961243&bpp=2&bdt=82&idt=203&shv=r20210422&cbv=r20190131&ptt=9&saldr=aa&cookie=ID%3De3d6216e8f34a7bf-22ed5eaef1c70050%3AT%3D1619435960%3AS%3DALNI_MZZAhX_12i2lcgiNsdHRzfKQXL_FQ&correlator=3256238547201&frm=23&ife=1&pv=1&ga_vid=353529585.1619435960&ga_sid=1619435961&ga_hid=1372567628&ga_fc=1&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1040&ady=2676&biw=1600&bih=1200&isw=300&ish=250&ifk=2991338289&scr_x=0&scr_y=0&oid=3&pvsid=3912251608612625&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.mdw51gcrxzsj&btvi=1&fsb=1&dtd=211

Response headers

content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Mon, 26 Apr 2021 10:29:19 GMT
server: safe
content-length: 145
x-xss-protection: 0
cache-control: public, max-age=3600
age: 3003
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 4A6C 1 KB
864 B 5ms
5ms Document
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: pagead2.googlesyndication.com
:scheme: https
:path: /pagead/s/cookie_push_onload.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/

Response headers

p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Mon, 26 Apr 2021 03:14:09 GMT
expires: Tue, 27 Apr 2021 03:14:09 GMT
content-type: text/html; charset=UTF-8
etag: 48472445140208031
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 724
x-xss-protection: 0
cache-control: public, max-age=86400
age: 29113
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame C6B0 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 187f90f918719b7c1622dc95c566cc78ea626c8399c16e57e7ecbc40bdc43156

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 cmTagFEED_MANAGER.js Show response
vidstat.taboola.com/vpaid/units/29_5_8/infra/ 718 KB
119 KB 23ms
7ms Script
application/javascript 199.232.137.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vidstat.taboola.com/vpaid/units/29_5_8/infra/cmTagFEED_MANAGER.js
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/3.4.1/UnitFeedManagerDesktop.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3-br /
Resource Hash: c2670137364fb142d7a0220f3be02eaaf1d0ce208003941c7e1ff651860b1cab

Request headers

Origin: https://www.thesundaily.my
Referer: https://www.thesundaily.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Apr 2021 11:19:22 GMT
via: 1.1 varnish
age: 180692
x-amz-meta-mtime: 1619255178
x-cache: HIT
x-amz-meta-ctime: 1619255178
x-amz-meta-mode: 33188
content-encoding: br
content-length: 121149
x-amz-id-2: VmI4Y1nNqOT5x43xXlJnf/a02lI+0ga5tPWXfP0tPYqil+JwLwGmTRfEhs5Lxlx9KJUkS5K8Yyk=
x-served-by: cache-hhn11565-HHN
accept-ranges: bytes
last-modified: Sat, 24 Apr 2021 09:06:19 GMT
server: AmazonS3-br
x-timer: S1619435962.291909,VS0,VE0
etag: "d4658ceb234c4c3b31f9a8317c3db08c"
x-amz-meta-uid: 0
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, HEAD
x-amz-request-id: 2CDFF17XZH287YAG
access-control-allow-origin: *
cache-control: public, max-age=2592000
x-amz-meta-gid: 0
content-type: application/javascript
access-control-allow-headers: *
x-cache-hits: 239209

GET
H2 200 cmOsUnit.css
vidstat.taboola.com/vpaid/units/29_5_8/assets/css/ 60 KB
8 KB 8ms
7ms Stylesheet
text/css 199.232.137.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vidstat.taboola.com/vpaid/units/29_5_8/assets/css/cmOsUnit.css
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/3.4.1/UnitFeedManagerDesktop.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3-br /
Resource Hash: 096ea93670db54d4c83b39a992f2524583d55b1cbb3b283d71c3295283fc480c

Request headers

Referer: https://www.thesundaily.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Apr 2021 11:19:22 GMT
via: 1.1 varnish
age: 180692
x-amz-meta-mtime: 1619255195
x-cache: HIT
x-amz-meta-ctime: 1619255196
x-amz-meta-mode: 33188
content-encoding: br
content-length: 7939
x-amz-id-2: 8C851saVy4a1nbrLutwJwZpXRZLpCO2Gkbn6ArkIJgIxCblGBCz+H9/Ug6FAg6RDWEOl6ltsW40=
x-served-by: cache-hhn11538-HHN
accept-ranges: bytes
last-modified: Sat, 24 Apr 2021 09:06:37 GMT
server: AmazonS3-br
x-timer: S1619435962.278013,VS0,VE0
etag: "37a449babbcfb953b41079480969354a"
x-amz-meta-uid: 0
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, HEAD
x-amz-request-id: 2CDBNMQP3K6VSBMG
access-control-allow-origin: *
cache-control: public, max-age=2592000
x-amz-meta-gid: 0
content-type: text/css
access-control-allow-headers: *
x-cache-hits: 349517

GET
BLOB 206
Partial Content fb40fe1b-786b-49bb-9ecb-4f850c201a2f
https://www.thesundaily.my/ 1 KB
0 Media
video/mp4

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.thesundaily.my/fb40fe1b-786b-49bb-9ecb-4f850c201a2f
Requested by: Host: www.thesundaily.my
URL: https://www.thesundaily.my/home/astrazeneca-is-safe-to-be-given-to-senior-citizens-adham-YL7793054?_hsmi=88974744&_hsenc=p2ANqtz-_G5s6CORBttERc_beHteVqqnJIJh5EriMR00fz0Cexxf2lQpsFfBisijUxttE-tNX9yfHTn7fBQWbcOnOkY3_eCosMOOPpTIuaIKsiuCzrvP7v03c
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 60ddc774c7b5fd0c01d169321a444da403d60c0042f6bee01b0c96f6e1535fda

Request headers

Referer
Accept-Encoding: identity;q=1, *;q=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range: bytes=0-

Response headers

Content-Range: bytes 0-1492/1493
Content-Length: 1493
Content-Type: video/mp4

GET
BLOB 206
Partial Content 325b57b0-30fd-4098-8331-58ea7ae844b1
https://www.thesundaily.my/ 1 KB
0 Media
video/mp4

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.thesundaily.my/325b57b0-30fd-4098-8331-58ea7ae844b1
Requested by: Host: www.thesundaily.my
URL: https://www.thesundaily.my/home/astrazeneca-is-safe-to-be-given-to-senior-citizens-adham-YL7793054?_hsmi=88974744&_hsenc=p2ANqtz-_G5s6CORBttERc_beHteVqqnJIJh5EriMR00fz0Cexxf2lQpsFfBisijUxttE-tNX9yfHTn7fBQWbcOnOkY3_eCosMOOPpTIuaIKsiuCzrvP7v03c
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 60ddc774c7b5fd0c01d169321a444da403d60c0042f6bee01b0c96f6e1535fda

Request headers

Referer
Accept-Encoding: identity;q=1, *;q=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range: bytes=0-

Response headers

Content-Range: bytes 0-1492/1493
Content-Length: 1493
Content-Type: video/mp4

GET
H2 206 mwum6y3hq8kowbvts8aw.mp4
c3.taboola.com/libtrc/static/video/t_PERFORMANCE_VIDEO_DEFAULT/v1611592128/ 280 KB
281 KB 8ms
7ms Media
video/mp4 199.232.137.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://c3.taboola.com/libtrc/static/video/t_PERFORMANCE_VIDEO_DEFAULT/v1611592128/mwum6y3hq8kowbvts8aw.mp4
Requested by: Host: www.thesundaily.my
URL: https://www.thesundaily.my/home/astrazeneca-is-safe-to-be-given-to-senior-citizens-adham-YL7793054?_hsmi=88974744&_hsenc=p2ANqtz-_G5s6CORBttERc_beHteVqqnJIJh5EriMR00fz0Cexxf2lQpsFfBisijUxttE-tNX9yfHTn7fBQWbcOnOkY3_eCosMOOPpTIuaIKsiuCzrvP7v03c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 3548ef7c00a328eef90ee0f7a2389a96262e6324ab8c7a8b2b0fa66f618c5533

Request headers

Referer: https://www.thesundaily.my/
Accept-Encoding: identity;q=1, *;q=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range: bytes=0-

Response headers

x-amz-version-id: DgZFQlHZCEwNNlB..3RwfVFp_rMd7QYy
via: 1.1 varnish
etag: "fd7ee0ea87b82a8cce9d700b00749ed6"
age: 34
x-cache: HIT
Content-Range: bytes 0-286803/286804
x-amz-replication-status: COMPLETED
Content-Length: 286804
x-amz-id-2: USXMAtL0zHM/stdMlp9P8Ho4cQ7Ku55+Q1r6w3+A6UEKhyNaBJBNxJPzL1C8XqnZAeUhcymtLl8=
x-served-by: cache-hhn11538-HHN
last-modified: Mon, 25 Jan 2021 16:28:55 GMT
server: AmazonS3
x-timer: S1619435962.280009,VS0,VE1
date: Mon, 26 Apr 2021 11:19:22 GMT
x-amz-request-id: K8J0S7HCP4RMK1MG
cache-control: private,max-age=31536000
accept-ranges: bytes
content-type: video/mp4;codecs=avc1
abp: 54
x-cache-hits: 0

GET
H2 206 mwum6y3hq8kowbvts8aw.mp4
c3.taboola.com/libtrc/static/video/t_PERFORMANCE_VIDEO_DEFAULT/v1611592128/ 64 KB
0 14ms
13ms Media
video/mp4 199.232.137.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://c3.taboola.com/libtrc/static/video/t_PERFORMANCE_VIDEO_DEFAULT/v1611592128/mwum6y3hq8kowbvts8aw.mp4
Requested by: Host: www.thesundaily.my
URL: https://www.thesundaily.my/home/astrazeneca-is-safe-to-be-given-to-senior-citizens-adham-YL7793054?_hsmi=88974744&_hsenc=p2ANqtz-_G5s6CORBttERc_beHteVqqnJIJh5EriMR00fz0Cexxf2lQpsFfBisijUxttE-tNX9yfHTn7fBQWbcOnOkY3_eCosMOOPpTIuaIKsiuCzrvP7v03c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash

Request headers

Referer: https://www.thesundaily.my/
Accept-Encoding: identity;q=1, *;q=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range: bytes=0-

Response headers

x-amz-version-id: DgZFQlHZCEwNNlB..3RwfVFp_rMd7QYy
via: 1.1 varnish
etag: "fd7ee0ea87b82a8cce9d700b00749ed6"
age: 34
x-cache: HIT
Content-Range: bytes 0-286803/286804
x-amz-replication-status: COMPLETED
Content-Length: 286804
x-amz-id-2: USXMAtL0zHM/stdMlp9P8Ho4cQ7Ku55+Q1r6w3+A6UEKhyNaBJBNxJPzL1C8XqnZAeUhcymtLl8=
x-served-by: cache-hhn11538-HHN
last-modified: Mon, 25 Jan 2021 16:28:55 GMT
server: AmazonS3
x-timer: S1619435962.302667,VS0,VE1
date: Mon, 26 Apr 2021 11:19:22 GMT
x-amz-request-id: K8J0S7HCP4RMK1MG
cache-control: private,max-age=31536000
accept-ranges: bytes
content-type: video/mp4;codecs=avc1
abp: 54
x-cache-hits: 0

GET
H2 206 mwum6y3hq8kowbvts8aw.mp4
c3.taboola.com/libtrc/static/video/t_PERFORMANCE_VIDEO_DEFAULT/v1611592128/ 64 KB
0 20ms
19ms Media
video/mp4 199.232.137.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://c3.taboola.com/libtrc/static/video/t_PERFORMANCE_VIDEO_DEFAULT/v1611592128/mwum6y3hq8kowbvts8aw.mp4
Requested by: Host: www.thesundaily.my
URL: https://www.thesundaily.my/home/astrazeneca-is-safe-to-be-given-to-senior-citizens-adham-YL7793054?_hsmi=88974744&_hsenc=p2ANqtz-_G5s6CORBttERc_beHteVqqnJIJh5EriMR00fz0Cexxf2lQpsFfBisijUxttE-tNX9yfHTn7fBQWbcOnOkY3_eCosMOOPpTIuaIKsiuCzrvP7v03c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash

Request headers

Referer: https://www.thesundaily.my/
Accept-Encoding: identity;q=1, *;q=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range: bytes=0-

Response headers

x-amz-version-id: DgZFQlHZCEwNNlB..3RwfVFp_rMd7QYy
via: 1.1 varnish
etag: "fd7ee0ea87b82a8cce9d700b00749ed6"
age: 34
x-cache: HIT
Content-Range: bytes 0-286803/286804
x-amz-replication-status: COMPLETED
Content-Length: 286804
x-amz-id-2: USXMAtL0zHM/stdMlp9P8Ho4cQ7Ku55+Q1r6w3+A6UEKhyNaBJBNxJPzL1C8XqnZAeUhcymtLl8=
x-served-by: cache-hhn11538-HHN
last-modified: Mon, 25 Jan 2021 16:28:55 GMT
server: AmazonS3
x-timer: S1619435962.305094,VS0,VE1
date: Mon, 26 Apr 2021 11:19:22 GMT
x-amz-request-id: K8J0S7HCP4RMK1MG
cache-control: private,max-age=31536000
accept-ranges: bytes
content-type: video/mp4;codecs=avc1
abp: 54
x-cache-hits: 0

GET
H2 200 aip
adnetwork.adasiaholdings.com/h/ 43 B
189 B 213ms
206ms Image
image/gif 47.74.174.177
CNNIC-ALIBABA-US-...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://adnetwork.adasiaholdings.com/h/aip?uii=645246777976000366&tmstp=4557036302&ckid=0&pubid=1&systgt=%24qc%3d1311284246%3b%24ql%3dHigh%3b%24qpc%3d14532%3b%24qt%3d25_2100_337588t%3b%24dma%3d0%3b%24b%3d16890%3b%24o%3d11100%3b%24sw%3d1600%3b%24sh%3d1200&acd=1619435961993&envtype=0&opid=24ce104f-c2e2-4582-b8af-abd39f35a76c&opdt=1619435961993&siteid=399436&tgt=%24dt%3d1t&pgid=1361204&fmtid=44269&statid=3&visit=s
Requested by: Host: www.thesundaily.my
URL: https://www.thesundaily.my/home/astrazeneca-is-safe-to-be-given-to-senior-citizens-adham-YL7793054?_hsmi=88974744&_hsenc=p2ANqtz-_G5s6CORBttERc_beHteVqqnJIJh5EriMR00fz0Cexxf2lQpsFfBisijUxttE-tNX9yfHTn7fBQWbcOnOkY3_eCosMOOPpTIuaIKsiuCzrvP7v03c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 47.74.174.177 Singapore, Singapore, ASN45102 (CNNIC-ALIBABA-US-NET-AP Alibaba (US) Technology Co., Ltd., CN),
Reverse DNS
Software: /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

Referer: https://www.thesundaily.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 26 Apr 2021 11:19:22 GMT
cache-control: no-cache,no-store
content-type: image/gif
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

GET
H2 200 publishertag.prebid.js Show response
static.criteo.net/js/ld/ 80 KB
26 KB 90ms
41ms Script
text/javascript 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by: Host: anymind360.com
URL: https://anymind360.com/js/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: nginx /
Resource Hash: b27963d64b79220f6a94fafa3a3c67a2404d363b4ad53dbb83ab2187eacde46f

Request headers

Referer: https://www.thesundaily.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Apr 2021 11:19:22 GMT
content-encoding: gzip
last-modified: Thu, 18 Mar 2021 09:52:27 GMT
server: nginx
etag: W/"605322db-14013"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
timing-allow-origin: *
expires: Tue, 27 Apr 2021 11:19:22 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame 22B1 0
54 B 239ms
238ms Ping
image/gif 2a00:1450:4019:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=2~knyicwqv&c=467284438145&slotId=233642219072.5&qqid=CPnHmInlm_ACFRTMuwgdyqUBuQ&umsem=0&ape=1&ple=1
Requested by: Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/51f95e8801b2f454bb1ec0b0d582ea90.js?tag=video_mra/web_raspberry
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4019:801::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://5f7a3c227877733a11b3d8ac75a2ccaf.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Mon, 26 Apr 2021 11:19:22 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 Enabler.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame AB7D 16 KB
6 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/Enabler.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1684394985928583253/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5f0207bbbd69497c7a37284c0b6f9bdcc9f83c574a4cda737e00a390d0ed268f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 25 Apr 2021 17:09:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 65397
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5866
x-xss-protection: 0
server: cafe
etag: 544157900006238945
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Mon, 26 Apr 2021 17:09:25 GMT

GET
H3-29 200 addata.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame AB7D 22 KB
9 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1684394985928583253/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4634b94630896f1a23c5ce01f743d720847c5f4dd28fb549ed503cb2df4f8e87

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 25 Apr 2021 23:11:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 43701
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8867
x-xss-protection: 0
server: cafe
etag: 18043545750443934562
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Mon, 26 Apr 2021 23:11:01 GMT

GET
H3-29 200 Ru4asw80RDg-wKj4k1IJyVIDrNjFP7NKP7NQDOdNnzM.js Show response
pagead2.googlesyndication.com/bg/ Frame 473D 14 KB
6 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Ru4asw80RDg-wKj4k1IJyVIDrNjFP7NKP7NQDOdNnzM.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

46ee1ab30f3444383ec0a8f8935209c95203acd8c53fb34a3fb3500ce74d9f33

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 25 Apr 2021 14:10:02 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Thu, 08 Apr 2021 09:18:00 GMT
server: sffe
age: 76160
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5687
x-xss-protection: 0
expires: Mon, 25 Apr 2022 14:10:02 GMT

GET
H2 200 generic
match.adsrvr.org/track/cmf/ Frame BDDF 70 B
265 B 87ms
28ms Image
image/gif 63.33.11.43
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?gdpr=1&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1
Requested by: Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V75g8CFgOOnMIAPEMHZgSOnMIAPEMHZgUAAAAGBvQHGbOgjCjDEY3CYc6Wo9FysVksZqvRcDeEjVlQRpThiEbhMGfL0Wg5mCwmo91uMBtMpvBhLJfJoBZIWGa_76CgnJ4es8sgKrreFrvDafa8QQxNp8Pnutfrfr-76OjyvO4mh9PsvKudf6Hf7fIrPKfLw_qyuzwOt9Lz1jxsLrfo75a43Dqn7WV3i_5uzcvu9FveGqfpaX3ZPW-Fyehwu5Vl3m65GaxGcwAAAAB4AGDqfYX4AQQAiAAAAACQAAAAAKAIqPi3ELgAAAAAwAAgcGvVAIDiMBCX5ey0-wMA4KEABABAAIMEQCCypQTgYiv0BAAAAAAAAACA5f___z8GIC-_WAZgw-etB-DBB-CBqOCwiBEAAABAVj7Q8tGkTqgsqgAACNKtAK4AAALyGs55GcIAAAAExhboYfH7zQ67xu92GQAAAAAAAACA2f_ZP5qQlAduWpAVxZ7aLyAAwNovIAAAm7oBALwFwAUdQSsGg9UpxG44W-xGk81ydgAAAAB3_____3ogMlrZRg6PZeWwTGy7iW04s-xWM99wZJs5d4PFwntAcSWW4lUNdH0hwjL7fQcF5fT0mF0GUdH1ttgdTrPnID5oGJaTQTC_CVuMVpPJZjmcLReTwXA0HI32J4DLAU7EYLmcTBaT3Wq0Gm2Gu9FssECBGExwQoajzWQ12q12k-VwMhrNNpMNUrRqNRttBsPVbDLb7VbDwXA5GiFFaxazyWQxGy13m8FyMhoMJ8MhwthosnLZfBu3ZjDzrEWzlWmtsPlWbt1mMJotjLvhYGNxi14f0284mOw2wy0KBkjtRXCRTkRHl-d1NzmcZudFLNGcLNKJ7LKvjFa2kcNjWTksE9tuYhvOLLvVzDcc2WbO3WCx8NdGk5XL5tu4NYOZZy2arUxrhc23cus2g9FsYdwNBxuLW_T6mH7DwWS3Ge4bs8VytFktZ4N9Y7ZYjjar5Wyw79AZvqvP2ehMiw8emXa9u96KMvNB4TJYvD-JaTHtzg5-aevo9Pk8yoLOKLx-j16DwnPwmMbLW-1Y3j6b6eMwoYglgtNFOhG9jKeLWCJ5WqQT0ciy8i0mHsdqt3DZDIvBZrma7WYuj8Xk8sxmE4tYojRdpBO90O92-RWe0-VhfdldHodb6XlrHjaXW_R3S1xundP2srtFf7fmZXf6LW-N0_S0vuyet8JkdLjdyrNvt9wMVqOJ-o8NuJxLRsu5bDSXDDarBAAAAAAAAACwhDnzJgAAAACnQcyGk81uuQAQDl26QAI-TLYRHou79mNeBUaCCjXFjR8v0NHled1NDqfZeebNnglirVbLGgAAQAAbAAAggFs3bwFhkRw!&excid=22&docw=0&cijs=1&nlb=true
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 63.33.11.43 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-63-33-11-43.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer: https://am-match.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 26 Apr 2021 11:19:22 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H2 200 sync
taboola-supply-partners.tremorhub.com/ Frame BDDF 43 B
183 B 272ms
89ms Image
image/gif 2600:1f18:612b:4232:3a2c:3c86:af1b:2715
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://taboola-supply-partners.tremorhub.com/sync?UISTB=%3CtaboolaUserId%3E&gdpr=1&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Ftelaria-rtb-network%2F1%2Frtb-h%2F%3Fgdpr%3D1%26us_privacy%3D1---%26taboola_hm%3D%5BTVUSER_ID%5D%26orig%3Dvideo
Requested by: Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V75g8CFgOOnMIAPEMHZgSOnMIAPEMHZgUAAAAGBvQHGbOgjCjDEY3CYc6Wo9FysVksZqvRcDeEjVlQRpThiEbhMGfL0Wg5mCwmo91uMBtMpvBhLJfJoBZIWGa_76CgnJ4es8sgKrreFrvDafa8QQxNp8Pnutfrfr-76OjyvO4mh9PsvKudf6Hf7fIrPKfLw_qyuzwOt9Lz1jxsLrfo75a43Dqn7WV3i_5uzcvu9FveGqfpaX3ZPW-Fyehwu5Vl3m65GaxGcwAAAAB4AGDqfYX4AQQAiAAAAACQAAAAAKAIqPi3ELgAAAAAwAAgcGvVAIDiMBCX5ey0-wMA4KEABABAAIMEQCCypQTgYiv0BAAAAAAAAACA5f___z8GIC-_WAZgw-etB-DBB-CBqOCwiBEAAABAVj7Q8tGkTqgsqgAACNKtAK4AAALyGs55GcIAAAAExhboYfH7zQ67xu92GQAAAAAAAACA2f_ZP5qQlAduWpAVxZ7aLyAAwNovIAAAm7oBALwFwAUdQSsGg9UpxG44W-xGk81ydgAAAAB3_____3ogMlrZRg6PZeWwTGy7iW04s-xWM99wZJs5d4PFwntAcSWW4lUNdH0hwjL7fQcF5fT0mF0GUdH1ttgdTrPnID5oGJaTQTC_CVuMVpPJZjmcLReTwXA0HI32J4DLAU7EYLmcTBaT3Wq0Gm2Gu9FssECBGExwQoajzWQ12q12k-VwMhrNNpMNUrRqNRttBsPVbDLb7VbDwXA5GiFFaxazyWQxGy13m8FyMhoMJ8MhwthosnLZfBu3ZjDzrEWzlWmtsPlWbt1mMJotjLvhYGNxi14f0284mOw2wy0KBkjtRXCRTkRHl-d1NzmcZudFLNGcLNKJ7LKvjFa2kcNjWTksE9tuYhvOLLvVzDcc2WbO3WCx8NdGk5XL5tu4NYOZZy2arUxrhc23cus2g9FsYdwNBxuLW_T6mH7DwWS3Ge4bs8VytFktZ4N9Y7ZYjjar5Wyw79AZvqvP2ehMiw8emXa9u96KMvNB4TJYvD-JaTHtzg5-aevo9Pk8yoLOKLx-j16DwnPwmMbLW-1Y3j6b6eMwoYglgtNFOhG9jKeLWCJ5WqQT0ciy8i0mHsdqt3DZDIvBZrma7WYuj8Xk8sxmE4tYojRdpBO90O92-RWe0-VhfdldHodb6XlrHjaXW_R3S1xundP2srtFf7fmZXf6LW-N0_S0vuyet8JkdLjdyrNvt9wMVqOJ-o8NuJxLRsu5bDSXDDarBAAAAAAAAACwhDnzJgAAAACnQcyGk81uuQAQDl26QAI-TLYRHou79mNeBUaCCjXFjR8v0NHled1NDqfZeebNnglirVbLGgAAQAAbAAAggFs3bwFhkRw!&excid=22&docw=0&cijs=1&nlb=true
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:612b:4232:3a2c:3c86:af1b:2715 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: Apache-Coyote/1.1 /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer: https://am-match.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Apr 2021 11:19:22 GMT
server: Apache-Coyote/1.1
p3p: CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
content-type: image/gif

GET
H2 204 sync Show response
pixel.advertising.com/ups/58166/ Frame BDDF 0
125 B 55ms
16ms Script
text/plain 52.28.254.214
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://pixel.advertising.com/ups/58166/sync?gdpr=1&uid=&_origin=1&us_privacy=1---&redir=true

Requested by

Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V75g8CFgOOnMIAPEMHZgSOnMIAPEMHZgUAAAAGBvQHGbOgjCjDEY3CYc6Wo9FysVksZqvRcDeEjVlQRpThiEbhMGfL0Wg5mCwmo91uMBtMpvBhLJfJoBZIWGa_76CgnJ4es8sgKrreFrvDafa8QQxNp8Pnutfrfr-76OjyvO4mh9PsvKudf6Hf7fIrPKfLw_qyuzwOt9Lz1jxsLrfo75a43Dqn7WV3i_5uzcvu9FveGqfpaX3ZPW-Fyehwu5Vl3m65GaxGcwAAAAB4AGDqfYX4AQQAiAAAAACQAAAAAKAIqPi3ELgAAAAAwAAgcGvVAIDiMBCX5ey0-wMA4KEABABAAIMEQCCypQTgYiv0BAAAAAAAAACA5f___z8GIC-_WAZgw-etB-DBB-CBqOCwiBEAAABAVj7Q8tGkTqgsqgAACNKtAK4AAALyGs55GcIAAAAExhboYfH7zQ67xu92GQAAAAAAAACA2f_ZP5qQlAduWpAVxZ7aLyAAwNovIAAAm7oBALwFwAUdQSsGg9UpxG44W-xGk81ydgAAAAB3_____3ogMlrZRg6PZeWwTGy7iW04s-xWM99wZJs5d4PFwntAcSWW4lUNdH0hwjL7fQcF5fT0mF0GUdH1ttgdTrPnID5oGJaTQTC_CVuMVpPJZjmcLReTwXA0HI32J4DLAU7EYLmcTBaT3Wq0Gm2Gu9FssECBGExwQoajzWQ12q12k-VwMhrNNpMNUrRqNRttBsPVbDLb7VbDwXA5GiFFaxazyWQxGy13m8FyMhoMJ8MhwthosnLZfBu3ZjDzrEWzlWmtsPlWbt1mMJotjLvhYGNxi14f0284mOw2wy0KBkjtRXCRTkRHl-d1NzmcZudFLNGcLNKJ7LKvjFa2kcNjWTksE9tuYhvOLLvVzDcc2WbO3WCx8NdGk5XL5tu4NYOZZy2arUxrhc23cus2g9FsYdwNBxuLW_T6mH7DwWS3Ge4bs8VytFktZ4N9Y7ZYjjar5Wyw79AZvqvP2ehMiw8emXa9u96KMvNB4TJYvD-JaTHtzg5-aevo9Pk8yoLOKLx-j16DwnPwmMbLW-1Y3j6b6eMwoYglgtNFOhG9jKeLWCJ5WqQT0ciy8i0mHsdqt3DZDIvBZrma7WYuj8Xk8sxmE4tYojRdpBO90O92-RWe0-VhfdldHodb6XlrHjaXW_R3S1xundP2srtFf7fmZXf6LW-N0_S0vuyet8JkdLjdyrNvt9wMVqOJ-o8NuJxLRsu5bDSXDDarBAAAAAAAAACwhDnzJgAAAACnQcyGk81uuQAQDl26QAI-TLYRHou79mNeBUaCCjXFjR8v0NHled1NDqfZeebNnglirVbLGgAAQAAbAAAggFs3bwFhkRw!&excid=22&docw=0&cijs=1&nlb=true

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.28.254.214 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://am-match.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Apr 2021 11:19:22 GMT
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2

200

rtb-h Show response
sync-t1.taboola.com/sg/spotx-rtb-network/1/ Frame BDDF
Redirect Chain

https://sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3D...
https://sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3D...
https://sync-t1.taboola.com/sg/spotx-rtb-network/1/rtb-h?taboola_hm=405243d3-a681-11eb-accb-1131174c0206&orig=video&us_privacy=1---

0
226 B

39ms
18ms

Script
text/plain

141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://sync-t1.taboola.com/sg/spotx-rtb-network/1/rtb-h?taboola_hm=405243d3-a681-11eb-accb-1131174c0206&orig=video&us_privacy=1---
Requested by: Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V75g8CFgOOnMIAPEMHZgSOnMIAPEMHZgUAAAAGBvQHGbOgjCjDEY3CYc6Wo9FysVksZqvRcDeEjVlQRpThiEbhMGfL0Wg5mCwmo91uMBtMpvBhLJfJoBZIWGa_76CgnJ4es8sgKrreFrvDafa8QQxNp8Pnutfrfr-76OjyvO4mh9PsvKudf6Hf7fIrPKfLw_qyuzwOt9Lz1jxsLrfo75a43Dqn7WV3i_5uzcvu9FveGqfpaX3ZPW-Fyehwu5Vl3m65GaxGcwAAAAB4AGDqfYX4AQQAiAAAAACQAAAAAKAIqPi3ELgAAAAAwAAgcGvVAIDiMBCX5ey0-wMA4KEABABAAIMEQCCypQTgYiv0BAAAAAAAAACA5f___z8GIC-_WAZgw-etB-DBB-CBqOCwiBEAAABAVj7Q8tGkTqgsqgAACNKtAK4AAALyGs55GcIAAAAExhboYfH7zQ67xu92GQAAAAAAAACA2f_ZP5qQlAduWpAVxZ7aLyAAwNovIAAAm7oBALwFwAUdQSsGg9UpxG44W-xGk81ydgAAAAB3_____3ogMlrZRg6PZeWwTGy7iW04s-xWM99wZJs5d4PFwntAcSWW4lUNdH0hwjL7fQcF5fT0mF0GUdH1ttgdTrPnID5oGJaTQTC_CVuMVpPJZjmcLReTwXA0HI32J4DLAU7EYLmcTBaT3Wq0Gm2Gu9FssECBGExwQoajzWQ12q12k-VwMhrNNpMNUrRqNRttBsPVbDLb7VbDwXA5GiFFaxazyWQxGy13m8FyMhoMJ8MhwthosnLZfBu3ZjDzrEWzlWmtsPlWbt1mMJotjLvhYGNxi14f0284mOw2wy0KBkjtRXCRTkRHl-d1NzmcZudFLNGcLNKJ7LKvjFa2kcNjWTksE9tuYhvOLLvVzDcc2WbO3WCx8NdGk5XL5tu4NYOZZy2arUxrhc23cus2g9FsYdwNBxuLW_T6mH7DwWS3Ge4bs8VytFktZ4N9Y7ZYjjar5Wyw79AZvqvP2ehMiw8emXa9u96KMvNB4TJYvD-JaTHtzg5-aevo9Pk8yoLOKLx-j16DwnPwmMbLW-1Y3j6b6eMwoYglgtNFOhG9jKeLWCJ5WqQT0ciy8i0mHsdqt3DZDIvBZrma7WYuj8Xk8sxmE4tYojRdpBO90O92-RWe0-VhfdldHodb6XlrHjaXW_R3S1xundP2srtFf7fmZXf6LW-N0_S0vuyet8JkdLjdyrNvt9wMVqOJ-o8NuJxLRsu5bDSXDDarBAAAAAAAAACwhDnzJgAAAACnQcyGk81uuQAQDl26QAI-TLYRHou79mNeBUaCCjXFjR8v0NHled1NDqfZeebNnglirVbLGgAAQAAbAAAggFs3bwFhkRw!&excid=22&docw=0&cijs=1&nlb=true
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://am-match.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

tbl-x-upstream: 10.41.22.84:10213
date: Mon, 26 Apr 2021 11:19:22 GMT
server: nginx
x-fastly-to-nlb-rtt: 12639

Redirect headers

Date: Mon, 26 Apr 2021 11:19:22 GMT
Server: nginx
Location: https://sync-t1.taboola.com/sg/spotx-rtb-network/1/rtb-h?taboola_hm=405243d3-a681-11eb-accb-1131174c0206&orig=video&us_privacy=1---
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/plain
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials: false
X-fe: 94
Connection: keep-alive
Content-Length: 0

GET
H2 200 sync
x.bidswitch.net/ Frame BDDF 43 B
146 B 47ms
14ms Image
image/gif 52.59.128.17
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/sync?gdpr=1&us_privacy=1---&ssp=taboola
Requested by: Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V75g8CFgOOnMIAPEMHZgSOnMIAPEMHZgUAAAAGBvQHGbOgjCjDEY3CYc6Wo9FysVksZqvRcDeEjVlQRpThiEbhMGfL0Wg5mCwmo91uMBtMpvBhLJfJoBZIWGa_76CgnJ4es8sgKrreFrvDafa8QQxNp8Pnutfrfr-76OjyvO4mh9PsvKudf6Hf7fIrPKfLw_qyuzwOt9Lz1jxsLrfo75a43Dqn7WV3i_5uzcvu9FveGqfpaX3ZPW-Fyehwu5Vl3m65GaxGcwAAAAB4AGDqfYX4AQQAiAAAAACQAAAAAKAIqPi3ELgAAAAAwAAgcGvVAIDiMBCX5ey0-wMA4KEABABAAIMEQCCypQTgYiv0BAAAAAAAAACA5f___z8GIC-_WAZgw-etB-DBB-CBqOCwiBEAAABAVj7Q8tGkTqgsqgAACNKtAK4AAALyGs55GcIAAAAExhboYfH7zQ67xu92GQAAAAAAAACA2f_ZP5qQlAduWpAVxZ7aLyAAwNovIAAAm7oBALwFwAUdQSsGg9UpxG44W-xGk81ydgAAAAB3_____3ogMlrZRg6PZeWwTGy7iW04s-xWM99wZJs5d4PFwntAcSWW4lUNdH0hwjL7fQcF5fT0mF0GUdH1ttgdTrPnID5oGJaTQTC_CVuMVpPJZjmcLReTwXA0HI32J4DLAU7EYLmcTBaT3Wq0Gm2Gu9FssECBGExwQoajzWQ12q12k-VwMhrNNpMNUrRqNRttBsPVbDLb7VbDwXA5GiFFaxazyWQxGy13m8FyMhoMJ8MhwthosnLZfBu3ZjDzrEWzlWmtsPlWbt1mMJotjLvhYGNxi14f0284mOw2wy0KBkjtRXCRTkRHl-d1NzmcZudFLNGcLNKJ7LKvjFa2kcNjWTksE9tuYhvOLLvVzDcc2WbO3WCx8NdGk5XL5tu4NYOZZy2arUxrhc23cus2g9FsYdwNBxuLW_T6mH7DwWS3Ge4bs8VytFktZ4N9Y7ZYjjar5Wyw79AZvqvP2ehMiw8emXa9u96KMvNB4TJYvD-JaTHtzg5-aevo9Pk8yoLOKLx-j16DwnPwmMbLW-1Y3j6b6eMwoYglgtNFOhG9jKeLWCJ5WqQT0ciy8i0mHsdqt3DZDIvBZrma7WYuj8Xk8sxmE4tYojRdpBO90O92-RWe0-VhfdldHodb6XlrHjaXW_R3S1xundP2srtFf7fmZXf6LW-N0_S0vuyet8JkdLjdyrNvt9wMVqOJ-o8NuJxLRsu5bDSXDDarBAAAAAAAAACwhDnzJgAAAACnQcyGk81uuQAQDl26QAI-TLYRHou79mNeBUaCCjXFjR8v0NHled1NDqfZeebNnglirVbLGgAAQAAbAAAggFs3bwFhkRw!&excid=22&docw=0&cijs=1&nlb=true
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.59.128.17 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-59-128-17.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Referer: https://am-match.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Apr 2021 11:19:22 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 43
content-type: image/gif

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
165 B 16ms
15ms Script
application/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.thesundaily.my

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042001.js?31060870

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.thesundaily.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 26 Apr 2021 11:19:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
165 B 15ms
15ms Script
application/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.thesundaily.my

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042001.js?31060870

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.thesundaily.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 26 Apr 2021 11:19:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 210 KB
31 KB 537ms
537ms XHR
text/plain 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3866203379239951&correlator=3935250127463206&output=ldjh&impl=fifs&eid=31060870%2C31060825%2C31060839&vrg=2021042001&ptt=17&sc=1&sfv=1-0-38&ecs=20210426&iu_parts=56509919%2C10082020%2CThesundaily%2CClassifieds%2CIn_House_Ent_Page%2CInnity01&enc_prev_ius=%2F0%2F1%2C%2F0%2F2%2C%2F0%2F2%2C%2F0%2F2%2C%2F0%2F2%2C%2F0%2F2%2C%2F0%2F2%2C%2F0%2F2%2C%2F0%2F2%2C%2F0%2F3%2C%2F0%2F4%2C%2F0%2F5&prev_iu_szs=300x250%2C1170x240%7C970x250%2C728x90%2C336x280%7C300x250%2C728x90%7C728x250%7C336x280%7C300x250%2C300x250%2C300x250%2C300x600%7C300x250%2C970x90%7C728x90%2C300x250%2C300x450%7C300x250%2C728x90%7C363x42%7C468x60&ris=2~2~2~2~2~2~2~2~2~2~2~2&rcs=1%2C1%2C1%2C1%2C1%2C1%2C1%2C1%2C1%2C1%2C1%2C1&prev_scp=%7Cpos%3DBillboard%7Cpos%3DLeaderboard%7Cpos%3DInArticle1%7Cpos%3DMiddlebanner1%7Cpos%3DRectangle1%7Cpos%3DRectangle2%7Cpos%3DRectangle3%7Cpos%3DSticky%7C%7C%7C&eri=1&cust_params=url%3D%252Fhome%252Fastrazeneca-is-safe-to-be-given-to-senior-citizens-adham-YL7793054%26ref%3Dnull%26param%253A_hsmi%3D88974744%26param%253A_hsenc%3Dp2ANqtz-_G5s6CORBttERc_beHteVqqnJIJh5EriMR00fz0Cexxf2lQpsFfBisijUxttE-tNX9yfHTn7fBQWbcOnOkY3_eCosMOOPpTIuaIKsiuCzrvP7v03c&cookie_enabled=1&bc=31&abxe=1&lmt=1619435962&dt=1619435962405&dlt=1619435959777&idt=406&frm=20&biw=1600&bih=1200&oid=3&adxs=1040%2C221%2C241%2C-9%2C-9%2C455%2C1040%2C1040%2C-9%2C1040%2C1040%2C-9&adys=1908%2C199%2C460%2C-9%2C-9%2C2191%2C1163%2C1638%2C-9%2C893%2C1618%2C-9&adks=3514525992%2C3154283803%2C2651473827%2C1516723657%2C3677773321%2C2916017631%2C2916017630%2C846607975%2C3008151796%2C3079932573%2C1365265129%2C1710780517&ucis=d%7Ce%7Cf%7Cg%7Ch%7Ci%7Cj%7Ck%7Cl%7Cm%7Cn%7Co&ifi=16&u_tz=120&u_his=4&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.thesundaily.my%2Fhome%2Fastrazeneca-is-safe-to-be-given-to-senior-citizens-adham-YL7793054%3F_hsmi%3D88974744%26_hsenc%3Dp2ANqtz-_G5s6CORBttERc_beHteVqqnJIJh5EriMR00fz0Cexxf2lQpsFfBisijUxttE-tNX9yfHTn7fBQWbcOnOkY3_eCosMOOPpTIuaIKsiuCzrvP7v03c&vis=1&dmc=8&scr_x=0&scr_y=0&psz=300x250%7C1158x240%7C0x0%7C0x-1%7C0x-1%7C300x250%7C300x250%7C300x250%7C0x-1%7C300x250%7C0x0%7C0x-1&msz=300x-1%7C1158x240%7C728x0%7C0x-1%7C0x-1%7C300x250%7C300x250%7C300x250%7C0x-1%7C300x-1%7C300x0%7C0x-1&ga_vid=353529585.1619435960&ga_sid=1619435960&ga_hid=1243480928&ga_fc=false&fws=4%2C4%2C132%2C2%2C2%2C4%2C4%2C4%2C2%2C4%2C132%2C2&ohw=1600%2C1600%2C1600%2C0%2C0%2C1600%2C1600%2C1600%2C0%2C1600%2C1600%2C0&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042001.js?31060870

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

7771b60965da3b3f0d4708b62c550989f933380acc52672c62ee5a84889ef648

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.thesundaily.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Apr 2021 11:19:22 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2,-2,-2,-2,-2,-2,-2,-2,-2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 31142
x-xss-protection: 0
google-lineitem-id: -1,5247372210,-1,-2,-2,-1,5361828634,5353053726,-2,5363684098,-2,5356886537
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -1,138346764804,-1,-2,-2,-1,138347573896,138346064390,-2,138346948945,-2,138313656923
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.thesundaily.my
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 2 KB
853 B 483ms
482ms XHR
text/plain 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3866203379239951&correlator=3935250127463206&output=ldjh&impl=fifs&eid=31060870%2C31060825%2C31060839&vrg=2021042001&ptt=17&sc=1&sfv=1-0-38&ecs=20210426&iu_parts=21622890900%2CMY_thesundaily.my_res_article_mid1_sticky_300x250%2C336x280%2C468x60%2CMY_thesundaily.my_pc_allsite_anchor_bottom_728x90%2CMY_thesundaily.my_res_article_mid3_sticky_300x250%2CMY_thesundaily.my_res_article_mid2_sticky_300x250&enc_prev_ius=%2F0%2F1%2F%2F2%2F%2F3%2C%2F0%2F4%2C%2F0%2F5%2F%2F2%2F%2F3%2C%2F0%2F6%2F%2F2%2F%2F3&prev_iu_szs=468x60%7C336x280%7C300x250%2C728x90%2C468x60%7C336x280%7C300x250%2C468x60%7C336x280%7C300x250&eri=1&cust_params=url%3D%252Fhome%252Fastrazeneca-is-safe-to-be-given-to-senior-citizens-adham-YL7793054%26ref%3Dnull%26param%253A_hsmi%3D88974744%26param%253A_hsenc%3Dp2ANqtz-_G5s6CORBttERc_beHteVqqnJIJh5EriMR00fz0Cexxf2lQpsFfBisijUxttE-tNX9yfHTn7fBQWbcOnOkY3_eCosMOOPpTIuaIKsiuCzrvP7v03c&cookie_enabled=1&bc=31&abxe=1&lmt=1619435962&dt=1619435962418&dlt=1619435959777&idt=406&frm=20&biw=1600&bih=1200&oid=3&adxs=501%2C436%2C496%2C496&adys=1267%2C4%2C1815%2C1392&adks=1435198450%2C1029329751%2C2335323165%2C368225549&ucis=p%7Cq%7Cr%7Cs&ifi=28&u_tz=120&u_his=4&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.thesundaily.my%2Fhome%2Fastrazeneca-is-safe-to-be-given-to-senior-citizens-adham-YL7793054%3F_hsmi%3D88974744%26_hsenc%3Dp2ANqtz-_G5s6CORBttERc_beHteVqqnJIJh5EriMR00fz0Cexxf2lQpsFfBisijUxttE-tNX9yfHTn7fBQWbcOnOkY3_eCosMOOPpTIuaIKsiuCzrvP7v03c&vis=1&dmc=8&scr_x=0&scr_y=0&psz=507x0%7C1600x-1%7C517x0%7C517x0&msz=468x0%7C728x-1%7C468x0%7C468x0&ga_vid=353529585.1619435960&ga_sid=1619435960&ga_hid=1243480928&ga_fc=false&fws=132%2C128%2C132%2C132&ohw=1600%2C0%2C1600%2C1600&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042001.js?31060870

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

6b96a22e5ab3ef2bde01e7bd38bf162bca085a9e97b8c3cc09ccdc8dcb730a92

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.thesundaily.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Apr 2021 11:19:22 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2,-2,-2,-2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 326
x-xss-protection: 0
google-lineitem-id: -2,-2,-2,-2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2,-2,-2,-2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.thesundaily.my
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sync
taboola-supply-partners.tremorhub.com/ Frame 63EC 43 B
182 B 223ms
90ms Image
image/gif 2600:1f18:612b:4232:3a2c:3c86:af1b:2715
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://taboola-supply-partners.tremorhub.com/sync?UISTB=%3CtaboolaUserId%3E&gdpr=1&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Ftelaria-rtb-network%2F1%2Frtb-h%2F%3Fgdpr%3D1%26us_privacy%3D1---%26taboola_hm%3D%5BTVUSER_ID%5D%26orig%3Dvideo
Requested by: Host: imprammp.taboola.com
URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=7993797&crid=5029295&dast=V75g8CFgOOnMIAPEMHZgSOnMIAPEMHZgUAAAAGBvQHGbOgjCjDEY3CYc6Wo9FysVksZqvRcDeEjVlQRpThiEbhMGfL0Wg5mCwmo91uMBtMpvBhLJfJoBZIWGa_76CgnJ4es8sgKrreFrvDafa8QQxNp8Pnutfrfr-76OjyvO4mh9PsvKudf6Hf7fIrPKfLw_qyuzwOt9Lz1jxsLrfo75a43Dqn7WV3i_5uzcvu9FveGqfpaX3ZPW-Fyehwu5Vl3m65GaxGcwAAAAB4AGDqfYX4AQQAiAAAAACQAAAAAKAIqPi3ELgAAAAAwAAgcGvVAIDiMBCX5ey0-wMA4KEABABAAIMEQCCypQTgYiv0BAAAAAAAAACA5f___z8GIC-_WAZgw-etB-DBB-CBqOCwiBEAAABAVj7Q8tGkTqgsqgAACNKtAK4AAALyGs55GcIAAAAExhboYfH7zQ67xu92GQAAAAAAAACA2f_ZP5qQlAduWpAVxZ7aLyAAwNovIAAAm7oBALwFwAUdQSsGg9UpxG44W-xGk81ydgAAAAB3_____3ogMlrZRg6PZeWwTGy7iW04s-xWM99wZJs5d4PFwntAcSWW4lUNdH0hwjL7fQcF5fT0mF0GUdH1ttgdTrPnID5oGJaTQTC_CVuMVpPJZjmcLReTwXA0HI32J4DLAU7EYLmcTBaT3Wq0Gm2Gu9FssECBGExwQoajzWQ12q12k-VwMhrNNpMNUrRqNRttBsPVbDLb7VbDwXA5GiFFaxazyWQxGy13m8FyMhoMJ8MhwthosnLZfBu3ZjDzrEWzlWmtsPlWbt1mMJotjLvhYGNxi14f0284mOw2wy0KBkjtRXCRTkRHl-d1NzmcZudFLNGcLNKJ7LKvjFa2kcNjWTksE9tuYhvOLLvVzDcc2WbO3WCx8NdGk5XL5tu4NYOZZy2arUxrhc23cus2g9FsYdwNBxuLW_T6mH7DwWS3Ge4bs8VytFktZ4N9Y7ZYjjar5Wyw79AZvqvP2ehMiw8emXa9u96KMvNB4TJYvD-JaTHtzg5-aevo9Pk8yoLOKLx-j16DwnPwmMbLW-1Y3j6b6eMwoYglgtNFOhG9jKeLWCJ5WqQT0ciy8i0mHsdqt3DZDIvBZrma7WYuj8Xk8sxmE4tYojRdpBO90O92-RWe0-VhfdldHodb6XlrHjaXW_R3S1xundP2srtFf7fmZXf6LW-N0_S0vuyet8JkdLjdyrNvt9wMVqOJ-o8NuJxLRsu5bDSXDDarBAAAAAAAAACwhDnzJgAAAACnQcyGk81uuQAQDl26QAI-TLYRHou79mNeBUaCCjXFjR8v0NHled1NDqfZeebNnglirVbLGgAAQAAbAAAggFs3bwFhkRw!&cmcv=&pix=undefined&cb=1619435961995&uv=2958&tms=1619435961995&abt=adh5c-1_vA!insc_vA!nrlc_vA!ntvc_vB!rft_vC!secure_protocol_vA!secure_protocol_vB!secure_vB!spa2_vA!ufm_vD&ft=0&su=3&unm=FEED_MANAGER&aure=false&agl=1&cirid=3A2D28DFBC969449131165487&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:612b:4232:3a2c:3c86:af1b:2715 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: Apache-Coyote/1.1 /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer: https://imprammp.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Apr 2021 11:19:22 GMT
server: Apache-Coyote/1.1
p3p: CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
content-type: image/gif

GET
H2 200 generic
match.adsrvr.org/track/cmf/ Frame 63EC 70 B
264 B 38ms
29ms Image
image/gif 63.33.11.43
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?gdpr=1&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1
Requested by: Host: imprammp.taboola.com
URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=7993797&crid=5029295&dast=V75g8CFgOOnMIAPEMHZgSOnMIAPEMHZgUAAAAGBvQHGbOgjCjDEY3CYc6Wo9FysVksZqvRcDeEjVlQRpThiEbhMGfL0Wg5mCwmo91uMBtMpvBhLJfJoBZIWGa_76CgnJ4es8sgKrreFrvDafa8QQxNp8Pnutfrfr-76OjyvO4mh9PsvKudf6Hf7fIrPKfLw_qyuzwOt9Lz1jxsLrfo75a43Dqn7WV3i_5uzcvu9FveGqfpaX3ZPW-Fyehwu5Vl3m65GaxGcwAAAAB4AGDqfYX4AQQAiAAAAACQAAAAAKAIqPi3ELgAAAAAwAAgcGvVAIDiMBCX5ey0-wMA4KEABABAAIMEQCCypQTgYiv0BAAAAAAAAACA5f___z8GIC-_WAZgw-etB-DBB-CBqOCwiBEAAABAVj7Q8tGkTqgsqgAACNKtAK4AAALyGs55GcIAAAAExhboYfH7zQ67xu92GQAAAAAAAACA2f_ZP5qQlAduWpAVxZ7aLyAAwNovIAAAm7oBALwFwAUdQSsGg9UpxG44W-xGk81ydgAAAAB3_____3ogMlrZRg6PZeWwTGy7iW04s-xWM99wZJs5d4PFwntAcSWW4lUNdH0hwjL7fQcF5fT0mF0GUdH1ttgdTrPnID5oGJaTQTC_CVuMVpPJZjmcLReTwXA0HI32J4DLAU7EYLmcTBaT3Wq0Gm2Gu9FssECBGExwQoajzWQ12q12k-VwMhrNNpMNUrRqNRttBsPVbDLb7VbDwXA5GiFFaxazyWQxGy13m8FyMhoMJ8MhwthosnLZfBu3ZjDzrEWzlWmtsPlWbt1mMJotjLvhYGNxi14f0284mOw2wy0KBkjtRXCRTkRHl-d1NzmcZudFLNGcLNKJ7LKvjFa2kcNjWTksE9tuYhvOLLvVzDcc2WbO3WCx8NdGk5XL5tu4NYOZZy2arUxrhc23cus2g9FsYdwNBxuLW_T6mH7DwWS3Ge4bs8VytFktZ4N9Y7ZYjjar5Wyw79AZvqvP2ehMiw8emXa9u96KMvNB4TJYvD-JaTHtzg5-aevo9Pk8yoLOKLx-j16DwnPwmMbLW-1Y3j6b6eMwoYglgtNFOhG9jKeLWCJ5WqQT0ciy8i0mHsdqt3DZDIvBZrma7WYuj8Xk8sxmE4tYojRdpBO90O92-RWe0-VhfdldHodb6XlrHjaXW_R3S1xundP2srtFf7fmZXf6LW-N0_S0vuyet8JkdLjdyrNvt9wMVqOJ-o8NuJxLRsu5bDSXDDarBAAAAAAAAACwhDnzJgAAAACnQcyGk81uuQAQDl26QAI-TLYRHou79mNeBUaCCjXFjR8v0NHled1NDqfZeebNnglirVbLGgAAQAAbAAAggFs3bwFhkRw!&cmcv=&pix=undefined&cb=1619435961995&uv=2958&tms=1619435961995&abt=adh5c-1_vA!insc_vA!nrlc_vA!ntvc_vB!rft_vC!secure_protocol_vA!secure_protocol_vB!secure_vB!spa2_vA!ufm_vD&ft=0&su=3&unm=FEED_MANAGER&aure=false&agl=1&cirid=3A2D28DFBC969449131165487&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 63.33.11.43 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-63-33-11-43.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer: https://imprammp.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 26 Apr 2021 11:19:22 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H2 204 sync Show response
pixel.advertising.com/ups/58166/ Frame 63EC 0
124 B 15ms
14ms Script
text/plain 52.28.254.214
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://pixel.advertising.com/ups/58166/sync?gdpr=1&uid=&_origin=1&us_privacy=1---&redir=true

Requested by

Host: imprammp.taboola.com
URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=7993797&crid=5029295&dast=V75g8CFgOOnMIAPEMHZgSOnMIAPEMHZgUAAAAGBvQHGbOgjCjDEY3CYc6Wo9FysVksZqvRcDeEjVlQRpThiEbhMGfL0Wg5mCwmo91uMBtMpvBhLJfJoBZIWGa_76CgnJ4es8sgKrreFrvDafa8QQxNp8Pnutfrfr-76OjyvO4mh9PsvKudf6Hf7fIrPKfLw_qyuzwOt9Lz1jxsLrfo75a43Dqn7WV3i_5uzcvu9FveGqfpaX3ZPW-Fyehwu5Vl3m65GaxGcwAAAAB4AGDqfYX4AQQAiAAAAACQAAAAAKAIqPi3ELgAAAAAwAAgcGvVAIDiMBCX5ey0-wMA4KEABABAAIMEQCCypQTgYiv0BAAAAAAAAACA5f___z8GIC-_WAZgw-etB-DBB-CBqOCwiBEAAABAVj7Q8tGkTqgsqgAACNKtAK4AAALyGs55GcIAAAAExhboYfH7zQ67xu92GQAAAAAAAACA2f_ZP5qQlAduWpAVxZ7aLyAAwNovIAAAm7oBALwFwAUdQSsGg9UpxG44W-xGk81ydgAAAAB3_____3ogMlrZRg6PZeWwTGy7iW04s-xWM99wZJs5d4PFwntAcSWW4lUNdH0hwjL7fQcF5fT0mF0GUdH1ttgdTrPnID5oGJaTQTC_CVuMVpPJZjmcLReTwXA0HI32J4DLAU7EYLmcTBaT3Wq0Gm2Gu9FssECBGExwQoajzWQ12q12k-VwMhrNNpMNUrRqNRttBsPVbDLb7VbDwXA5GiFFaxazyWQxGy13m8FyMhoMJ8MhwthosnLZfBu3ZjDzrEWzlWmtsPlWbt1mMJotjLvhYGNxi14f0284mOw2wy0KBkjtRXCRTkRHl-d1NzmcZudFLNGcLNKJ7LKvjFa2kcNjWTksE9tuYhvOLLvVzDcc2WbO3WCx8NdGk5XL5tu4NYOZZy2arUxrhc23cus2g9FsYdwNBxuLW_T6mH7DwWS3Ge4bs8VytFktZ4N9Y7ZYjjar5Wyw79AZvqvP2ehMiw8emXa9u96KMvNB4TJYvD-JaTHtzg5-aevo9Pk8yoLOKLx-j16DwnPwmMbLW-1Y3j6b6eMwoYglgtNFOhG9jKeLWCJ5WqQT0ciy8i0mHsdqt3DZDIvBZrma7WYuj8Xk8sxmE4tYojRdpBO90O92-RWe0-VhfdldHodb6XlrHjaXW_R3S1xundP2srtFf7fmZXf6LW-N0_S0vuyet8JkdLjdyrNvt9wMVqOJ-o8NuJxLRsu5bDSXDDarBAAAAAAAAACwhDnzJgAAAACnQcyGk81uuQAQDl26QAI-TLYRHou79mNeBUaCCjXFjR8v0NHled1NDqfZeebNnglirVbLGgAAQAAbAAAggFs3bwFhkRw!&cmcv=&pix=undefined&cb=1619435961995&uv=2958&tms=1619435961995&abt=adh5c-1_vA!insc_vA!nrlc_vA!ntvc_vB!rft_vC!secure_protocol_vA!secure_protocol_vB!secure_vB!spa2_vA!ufm_vD&ft=0&su=3&unm=FEED_MANAGER&aure=false&agl=1&cirid=3A2D28DFBC969449131165487&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.28.254.214 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://imprammp.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Apr 2021 11:19:22 GMT
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2

200

rtb-h Show response
sync-t1.taboola.com/sg/spotx-rtb-network/1/ Frame 63EC
Redirect Chain

https://sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3D...
https://sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3D...
https://sync-t1.taboola.com/sg/spotx-rtb-network/1/rtb-h?taboola_hm=405243d3-a681-11eb-accb-1131174c0206&orig=video&us_privacy=1---

0
226 B

35ms
22ms

Script
text/plain

141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://sync-t1.taboola.com/sg/spotx-rtb-network/1/rtb-h?taboola_hm=405243d3-a681-11eb-accb-1131174c0206&orig=video&us_privacy=1---
Requested by: Host: imprammp.taboola.com
URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=7993797&crid=5029295&dast=V75g8CFgOOnMIAPEMHZgSOnMIAPEMHZgUAAAAGBvQHGbOgjCjDEY3CYc6Wo9FysVksZqvRcDeEjVlQRpThiEbhMGfL0Wg5mCwmo91uMBtMpvBhLJfJoBZIWGa_76CgnJ4es8sgKrreFrvDafa8QQxNp8Pnutfrfr-76OjyvO4mh9PsvKudf6Hf7fIrPKfLw_qyuzwOt9Lz1jxsLrfo75a43Dqn7WV3i_5uzcvu9FveGqfpaX3ZPW-Fyehwu5Vl3m65GaxGcwAAAAB4AGDqfYX4AQQAiAAAAACQAAAAAKAIqPi3ELgAAAAAwAAgcGvVAIDiMBCX5ey0-wMA4KEABABAAIMEQCCypQTgYiv0BAAAAAAAAACA5f___z8GIC-_WAZgw-etB-DBB-CBqOCwiBEAAABAVj7Q8tGkTqgsqgAACNKtAK4AAALyGs55GcIAAAAExhboYfH7zQ67xu92GQAAAAAAAACA2f_ZP5qQlAduWpAVxZ7aLyAAwNovIAAAm7oBALwFwAUdQSsGg9UpxG44W-xGk81ydgAAAAB3_____3ogMlrZRg6PZeWwTGy7iW04s-xWM99wZJs5d4PFwntAcSWW4lUNdH0hwjL7fQcF5fT0mF0GUdH1ttgdTrPnID5oGJaTQTC_CVuMVpPJZjmcLReTwXA0HI32J4DLAU7EYLmcTBaT3Wq0Gm2Gu9FssECBGExwQoajzWQ12q12k-VwMhrNNpMNUrRqNRttBsPVbDLb7VbDwXA5GiFFaxazyWQxGy13m8FyMhoMJ8MhwthosnLZfBu3ZjDzrEWzlWmtsPlWbt1mMJotjLvhYGNxi14f0284mOw2wy0KBkjtRXCRTkRHl-d1NzmcZudFLNGcLNKJ7LKvjFa2kcNjWTksE9tuYhvOLLvVzDcc2WbO3WCx8NdGk5XL5tu4NYOZZy2arUxrhc23cus2g9FsYdwNBxuLW_T6mH7DwWS3Ge4bs8VytFktZ4N9Y7ZYjjar5Wyw79AZvqvP2ehMiw8emXa9u96KMvNB4TJYvD-JaTHtzg5-aevo9Pk8yoLOKLx-j16DwnPwmMbLW-1Y3j6b6eMwoYglgtNFOhG9jKeLWCJ5WqQT0ciy8i0mHsdqt3DZDIvBZrma7WYuj8Xk8sxmE4tYojRdpBO90O92-RWe0-VhfdldHodb6XlrHjaXW_R3S1xundP2srtFf7fmZXf6LW-N0_S0vuyet8JkdLjdyrNvt9wMVqOJ-o8NuJxLRsu5bDSXDDarBAAAAAAAAACwhDnzJgAAAACnQcyGk81uuQAQDl26QAI-TLYRHou79mNeBUaCCjXFjR8v0NHled1NDqfZeebNnglirVbLGgAAQAAbAAAggFs3bwFhkRw!&cmcv=&pix=undefined&cb=1619435961995&uv=2958&tms=1619435961995&abt=adh5c-1_vA!insc_vA!nrlc_vA!ntvc_vB!rft_vC!secure_protocol_vA!secure_protocol_vB!secure_vB!spa2_vA!ufm_vD&ft=0&su=3&unm=FEED_MANAGER&aure=false&agl=1&cirid=3A2D28DFBC969449131165487&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://imprammp.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

tbl-x-upstream: 10.41.14.95:10213
date: Mon, 26 Apr 2021 11:19:22 GMT
server: nginx
x-fastly-to-nlb-rtt: 12639

Redirect headers

Date: Mon, 26 Apr 2021 11:19:22 GMT
Server: nginx
Location: https://sync-t1.taboola.com/sg/spotx-rtb-network/1/rtb-h?taboola_hm=405243d3-a681-11eb-accb-1131174c0206&orig=video&us_privacy=1---
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/plain
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials: false
X-fe: 40
Connection: keep-alive
Content-Length: 0

GET
H2 200 sync
x.bidswitch.net/ Frame 63EC 43 B
145 B 15ms
15ms Image
image/gif 52.59.128.17
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/sync?gdpr=1&us_privacy=1---&ssp=taboola
Requested by: Host: imprammp.taboola.com
URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=7993797&crid=5029295&dast=V75g8CFgOOnMIAPEMHZgSOnMIAPEMHZgUAAAAGBvQHGbOgjCjDEY3CYc6Wo9FysVksZqvRcDeEjVlQRpThiEbhMGfL0Wg5mCwmo91uMBtMpvBhLJfJoBZIWGa_76CgnJ4es8sgKrreFrvDafa8QQxNp8Pnutfrfr-76OjyvO4mh9PsvKudf6Hf7fIrPKfLw_qyuzwOt9Lz1jxsLrfo75a43Dqn7WV3i_5uzcvu9FveGqfpaX3ZPW-Fyehwu5Vl3m65GaxGcwAAAAB4AGDqfYX4AQQAiAAAAACQAAAAAKAIqPi3ELgAAAAAwAAgcGvVAIDiMBCX5ey0-wMA4KEABABAAIMEQCCypQTgYiv0BAAAAAAAAACA5f___z8GIC-_WAZgw-etB-DBB-CBqOCwiBEAAABAVj7Q8tGkTqgsqgAACNKtAK4AAALyGs55GcIAAAAExhboYfH7zQ67xu92GQAAAAAAAACA2f_ZP5qQlAduWpAVxZ7aLyAAwNovIAAAm7oBALwFwAUdQSsGg9UpxG44W-xGk81ydgAAAAB3_____3ogMlrZRg6PZeWwTGy7iW04s-xWM99wZJs5d4PFwntAcSWW4lUNdH0hwjL7fQcF5fT0mF0GUdH1ttgdTrPnID5oGJaTQTC_CVuMVpPJZjmcLReTwXA0HI32J4DLAU7EYLmcTBaT3Wq0Gm2Gu9FssECBGExwQoajzWQ12q12k-VwMhrNNpMNUrRqNRttBsPVbDLb7VbDwXA5GiFFaxazyWQxGy13m8FyMhoMJ8MhwthosnLZfBu3ZjDzrEWzlWmtsPlWbt1mMJotjLvhYGNxi14f0284mOw2wy0KBkjtRXCRTkRHl-d1NzmcZudFLNGcLNKJ7LKvjFa2kcNjWTksE9tuYhvOLLvVzDcc2WbO3WCx8NdGk5XL5tu4NYOZZy2arUxrhc23cus2g9FsYdwNBxuLW_T6mH7DwWS3Ge4bs8VytFktZ4N9Y7ZYjjar5Wyw79AZvqvP2ehMiw8emXa9u96KMvNB4TJYvD-JaTHtzg5-aevo9Pk8yoLOKLx-j16DwnPwmMbLW-1Y3j6b6eMwoYglgtNFOhG9jKeLWCJ5WqQT0ciy8i0mHsdqt3DZDIvBZrma7WYuj8Xk8sxmE4tYojRdpBO90O92-RWe0-VhfdldHodb6XlrHjaXW_R3S1xundP2srtFf7fmZXf6LW-N0_S0vuyet8JkdLjdyrNvt9wMVqOJ-o8NuJxLRsu5bDSXDDarBAAAAAAAAACwhDnzJgAAAACnQcyGk81uuQAQDl26QAI-TLYRHou79mNeBUaCCjXFjR8v0NHled1NDqfZeebNnglirVbLGgAAQAAbAAAggFs3bwFhkRw!&cmcv=&pix=undefined&cb=1619435961995&uv=2958&tms=1619435961995&abt=adh5c-1_vA!insc_vA!nrlc_vA!ntvc_vB!rft_vC!secure_protocol_vA!secure_protocol_vB!secure_vB!spa2_vA!ufm_vD&ft=0&su=3&unm=FEED_MANAGER&aure=false&agl=1&cirid=3A2D28DFBC969449131165487&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.59.128.17 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-59-128-17.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Referer: https://imprammp.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Apr 2021 11:19:22 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 43
content-type: image/gif

GET
H3-29 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/222/ Frame E764 12 KB
5 KB 6ms
6ms Document
text/html 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6836719899bda27cd22c1551cb7fbfc33fb0bbbedaa89e4baa8715fef8202cbc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/222/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.thesundaily.my/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.thesundaily.my/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 5022
date: Mon, 26 Apr 2021 11:10:18 GMT
expires: Tue, 26 Apr 2022 11:10:18 GMT
last-modified: Wed, 20 Jan 2021 19:23:06 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 544
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 content14_10_18m.js Show response
vidstat.taboola.com/ 37 KB
8 KB 9ms
9ms Script
application/javascript 199.232.137.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vidstat.taboola.com/content14_10_18m.js
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/units/29_5_8/infra/cmTagFEED_MANAGER.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ab8bbbaf028510d8b119cce741f0c2cc94816dcc113d83cac81a6aade6a76fa9

Request headers

Referer: https://www.thesundaily.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Apr 2021 11:19:22 GMT
via: 1.1 e0064d0a2437e206ed082e1fa1cdae61.cloudfront.net (CloudFront), 1.1 varnish
age: 4194414
x-cache: Hit from cloudfront, HIT
content-encoding: gzip
content-length: 7638
x-served-by: cache-hhn11538-HHN
last-modified: Sun, 14 Oct 2018 13:31:31 GMT
server: AmazonS3
x-timer: S1619435963.526202,VS0,VE0
etag: "d8d81221ec6e604811ce469d899c9c8b"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000
x-amz-cf-pop: FRA53-C1
accept-ranges: bytes
access-control-allow-headers: *
x-amz-cf-id: omj5vaGwuVO0u1DUElZ04p0xjblvLHfKzDESlIUndnM3CZOy52LCcg==
x-cache-hits: 6180481

GET
H2 200 oppsula.js Show response
vidstat.taboola.com/oppsula/1.3.8/ 15 KB
5 KB 7ms
7ms Script
application/javascript 199.232.137.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vidstat.taboola.com/oppsula/1.3.8/oppsula.js
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/units/29_5_8/infra/cmTagFEED_MANAGER.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f60c4600705d04f5c55db54f646fec728f9458c4fbba35adb4ac114077cb2391

Request headers

Referer: https://www.thesundaily.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Apr 2021 11:19:22 GMT
via: 1.1 c05282a87474a55ae2a8dd2aa77d1233.cloudfront.net (CloudFront), 1.1 varnish
age: 3700057
x-cache: Miss from cloudfront, HIT
content-encoding: gzip
content-length: 5164
x-served-by: cache-hhn11538-HHN
last-modified: Tue, 14 Apr 2020 06:07:12 GMT
server: AmazonS3
x-timer: S1619435963.527728,VS0,VE0
etag: "328b70146f77a19d2bc0172c656d921e"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000
x-amz-cf-pop: FRA6-C1
accept-ranges: bytes
access-control-allow-headers: *
x-amz-cf-id: mX0WwlTmUO4x6xuR8DDLZg909FJ4TvyaVteRGEevDZZ-WfTsdjHQoQ==
x-cache-hits: 6916892

GET
H2 200 OvaMediaPlayer.js Show response
vidstat.taboola.com/vpaid/vPlayer/player/v12.2.0/ 547 KB
112 KB 9ms
9ms Script
application/javascript 199.232.137.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vidstat.taboola.com/vpaid/vPlayer/player/v12.2.0/OvaMediaPlayer.js
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/units/29_5_8/infra/cmTagFEED_MANAGER.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3-br /
Resource Hash: c3239134fce48f892f499aa0988839cf2a122328178df94142469c426748f293

Request headers

Referer: https://www.thesundaily.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Apr 2021 11:19:22 GMT
via: 1.1 varnish
age: 106272
x-amz-meta-mtime: 1619329608
x-cache: HIT
x-amz-meta-ctime: 1619329621
x-amz-meta-mode: 33188
content-encoding: br
content-length: 114311
x-amz-id-2: qXHD7dvplhg6kgV90Zkv9U344x67yDJR6qXBtilUSWMktN8NwsMDhoWVcRB7Tent3bPlkaBazRY=
x-served-by: cache-hhn11538-HHN
accept-ranges: bytes
last-modified: Sun, 25 Apr 2021 05:47:02 GMT
server: AmazonS3-br
x-timer: S1619435963.539758,VS0,VE0
etag: "0723b5472af44b9101cb30c504eff9dd"
x-amz-meta-uid: 0
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, HEAD
x-amz-request-id: 4S0NGQEY4YVP6WKY
access-control-allow-origin: *
cache-control: public, max-age=2592000
x-amz-meta-gid: 0
content-type: application/javascript
access-control-allow-headers: *
x-cache-hits: 127745

GET
H2 200 sync Show response
am-match.taboola.com/ Frame 8C0E 973 B
1 KB 23ms
22ms Document
text/html 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://am-match.taboola.com/sync?dast=V75g8CFgOOnMIAPEMHZgSOnMIAPEMHZgUAAAAGBvQHGbOgjCjDEY3CYc6Wo9FysVksZqvRcDeEjVlQRpThiEbhMGfL0Wg5mCwmo91uMBtMpvBhLJfJoBZIWGa_76CgnJ4es8sgKrreFrvDafa8QQxNp8Pnutfrfr-76OjyvO4mh9PsvKudf6Hf7fIrPKfLw_qyuzwOt9Lz1jxsLrfo75a43Dqn7WV3i_5uzcvu9FveGqfpaX3ZPW-Fyehwu5Vl3m65GaxGcwAAAAB4AGDqfYX4AQQAiAAAAACQAAAAAKAIqPi3ELgAAAAAwAAgcGvVAIDiMBCX5ey0-wMA4KEABABAAIMEQCCypQTgYiv0BAAAAAAAAACA5f___z8GIC-_WAZgw-etB-DBB-CBqOCwiBEAAABAVj7Q8tGkTqgsqgAACNKtAK4AAALyGs55GcIAAAAExhboYfH7zQ67xu92GQAAAAAAAACA2f_ZP5qQlAduWpAVxZ7aLyAAwNovIAAAm7oBALwFwAUdQSsGg9UpxG44W-xGk81ydgAAAAB3_____3ogMlrZRg6PZeWwTGy7iW04s-xWM99wZJs5d4PFwntAcSWW4lUNdH0hwjL7fQcF5fT0mF0GUdH1ttgdTrPnID5oGJaTQTC_CVuMVpPJZjmcLReTwXA0HI32J4DLAU7EYLmcTBaT3Wq0Gm2Gu9FssECBGExwQoajzWQ12q12k-VwMhrNNpMNUrRqNRttBsPVbDLb7VbDwXA5GiFFaxazyWQxGy13m8FyMhoMJ8MhwthosnLZfBu3ZjDzrEWzlWmtsPlWbt1mMJotjLvhYGNxi14f0284mOw2wy0KBkjtRXCRTkRHl-d1NzmcZudFLNGcLNKJ7LKvjFa2kcNjWTksE9tuYhvOLLvVzDcc2WbO3WCx8NdGk5XL5tu4NYOZZy2arUxrhc23cus2g9FsYdwNBxuLW_T6mH7DwWS3Ge4bs8VytFktZ4N9Y7ZYjjar5Wyw79AZvqvP2ehMiw8emXa9u96KMvNB4TJYvD-JaTHtzg5-aevo9Pk8yoLOKLx-j16DwnPwmMbLW-1Y3j6b6eMwoYglgtNFOhG9jKeLWCJ5WqQT0ciy8i0mHsdqt3DZDIvBZrma7WYuj8Xk8sxmE4tYojRdpBO90O92-RWe0-VhfdldHodb6XlrHjaXW_R3S1xundP2srtFf7fmZXf6LW-N0_S0vuyet8JkdLjdyrNvt9wMVqOJ-o8NuJxLRsu5bDSXDDarBAAAAAAAAACwhDnzJgAAAACnQcyGk81uuQAQDl26QAI-TLYRHou79mNeBUaCCjXFjR8v0NHled1NDqfZeebNnglirVbLGgAAQAAbAAAggFs3bwFhkRw!&excid=22&docw=0&cijs=1&nlb=true
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/units/29_5_8/infra/cmTagFEED_MANAGER.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: 0574e172e3545369b75a00ab474444ad0b84bc2c6dd4f93c302d19d5c555fecc

Request headers

:method: GET
:authority: am-match.taboola.com
:scheme: https
:path: /sync?dast=V75g8CFgOOnMIAPEMHZgSOnMIAPEMHZgUAAAAGBvQHGbOgjCjDEY3CYc6Wo9FysVksZqvRcDeEjVlQRpThiEbhMGfL0Wg5mCwmo91uMBtMpvBhLJfJoBZIWGa_76CgnJ4es8sgKrreFrvDafa8QQxNp8Pnutfrfr-76OjyvO4mh9PsvKudf6Hf7fIrPKfLw_qyuzwOt9Lz1jxsLrfo75a43Dqn7WV3i_5uzcvu9FveGqfpaX3ZPW-Fyehwu5Vl3m65GaxGcwAAAAB4AGDqfYX4AQQAiAAAAACQAAAAAKAIqPi3ELgAAAAAwAAgcGvVAIDiMBCX5ey0-wMA4KEABABAAIMEQCCypQTgYiv0BAAAAAAAAACA5f___z8GIC-_WAZgw-etB-DBB-CBqOCwiBEAAABAVj7Q8tGkTqgsqgAACNKtAK4AAALyGs55GcIAAAAExhboYfH7zQ67xu92GQAAAAAAAACA2f_ZP5qQlAduWpAVxZ7aLyAAwNovIAAAm7oBALwFwAUdQSsGg9UpxG44W-xGk81ydgAAAAB3_____3ogMlrZRg6PZeWwTGy7iW04s-xWM99wZJs5d4PFwntAcSWW4lUNdH0hwjL7fQcF5fT0mF0GUdH1ttgdTrPnID5oGJaTQTC_CVuMVpPJZjmcLReTwXA0HI32J4DLAU7EYLmcTBaT3Wq0Gm2Gu9FssECBGExwQoajzWQ12q12k-VwMhrNNpMNUrRqNRttBsPVbDLb7VbDwXA5GiFFaxazyWQxGy13m8FyMhoMJ8MhwthosnLZfBu3ZjDzrEWzlWmtsPlWbt1mMJotjLvhYGNxi14f0284mOw2wy0KBkjtRXCRTkRHl-d1NzmcZudFLNGcLNKJ7LKvjFa2kcNjWTksE9tuYhvOLLvVzDcc2WbO3WCx8NdGk5XL5tu4NYOZZy2arUxrhc23cus2g9FsYdwNBxuLW_T6mH7DwWS3Ge4bs8VytFktZ4N9Y7ZYjjar5Wyw79AZvqvP2ehMiw8emXa9u96KMvNB4TJYvD-JaTHtzg5-aevo9Pk8yoLOKLx-j16DwnPwmMbLW-1Y3j6b6eMwoYglgtNFOhG9jKeLWCJ5WqQT0ciy8i0mHsdqt3DZDIvBZrma7WYuj8Xk8sxmE4tYojRdpBO90O92-RWe0-VhfdldHodb6XlrHjaXW_R3S1xundP2srtFf7fmZXf6LW-N0_S0vuyet8JkdLjdyrNvt9wMVqOJ-o8NuJxLRsu5bDSXDDarBAAAAAAAAACwhDnzJgAAAACnQcyGk81uuQAQDl26QAI-TLYRHou79mNeBUaCCjXFjR8v0NHled1NDqfZeebNnglirVbLGgAAQAAbAAAggFs3bwFhkRw!&excid=22&docw=0&cijs=1&nlb=true
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.thesundaily.my/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.thesundaily.my/

Response headers

server: nginx
date: Mon, 26 Apr 2021 11:19:22 GMT
content-type: text/html;charset=ISO-8859-1
machineid: 3401

GET
H2 200 dpixel
cms.quantserve.com/ Frame 0662 35 B
463 B 34ms
14ms Image
image/gif 2620:116:800d:21:8c6e:cf2c:8d6:9fb5
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEHdObbELQbIvqGJw7VVNpIw&google_cver=1&google_push=AQvitUI2qbf-XbzvEJ5fx0cQIjIIwYoEl8h-Vc70TWYskt4yEjhdSKR5RiIFNQTLp8FZTFCTyyphMXSDU67MfAfJE5ghcFpfycSTWA

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:8c6e:cf2c:8d6:9fb5 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 26 Apr 2021 11:19:22 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control: private, no-cache, no-store, proxy-revalidate
content-type: image/gif
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame 0662
Redirect Chain

https://rtb.openx.net/sync/dds?google_gid=CAESEEu7vkVv1iNdcc15fskK-hE&google_cver=1&google_push=AQvitUIXcyUEpBtGFbqLM2eF2iOoEwgbvkgDST0r5CepDgxNNk5FsHppeYi0Z1cDBTXo_OqrMqz4pUibNktkoy5L62G74hmg7sGyQQ
https://rtb.openx.net/sync/dds?google_gid=CAESEEu7vkVv1iNdcc15fskK-hE&google_cver=1&google_push=AQvitUIXcyUEpBtGFbqLM2eF2iOoEwgbvkgDST0r5CepDgxNNk5FsHppeYi0Z1cDBTXo_OqrMqz4pUibNktkoy5L62G74hmg7sGyQ...
https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AQvitUIXcyUEpBtGFbqLM2eF2iOoEwgbvkgDST0r5CepDgxNNk5FsHppeYi0Z1cDBTXo_OqrMqz4pUibNktkoy5L62G74hmg7sGyQQ&google_hm=jJhXFr89zLkthyqG8Gc0mQ==

170 B
188 B

17ms
16ms

Image
image/png

142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AQvitUIXcyUEpBtGFbqLM2eF2iOoEwgbvkgDST0r5CepDgxNNk5FsHppeYi0Z1cDBTXo_OqrMqz4pUibNktkoy5L62G74hmg7sGyQQ&google_hm=jJhXFr89zLkthyqG8Gc0mQ==

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 26 Apr 2021 11:19:22 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 26 Apr 2021 11:19:22 GMT
via: 1.1 google
server: Cowboy
access-control-allow-origin: null
vary: Origin
p3p: CP="CUR ADM OUR NOR STA NID"
location: https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AQvitUIXcyUEpBtGFbqLM2eF2iOoEwgbvkgDST0r5CepDgxNNk5FsHppeYi0Z1cDBTXo_OqrMqz4pUibNktkoy5L62G74hmg7sGyQQ&google_hm=jJhXFr89zLkthyqG8Gc0mQ==
access-control-expose-headers
cache-control: private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials: true
alt-svc: clear
content-length: 0
x-request-id: rio1ilmbiu5c6nbfft0ah0mkfvcvmsk9

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame 0662
Redirect Chain

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=jOD3olP0SgOIghYk3xryHg%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...

170 B
188 B

22ms
22ms

Image
image/png

142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=jOD3olP0SgOIghYk3xryHg%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AQvitUKIR3mjeJn-EC6TQed_-_XoB4g-zPkfcYqtu9B6viM7BENlxqff7urv5l1OhcMkwHuTFSaa4AI4u-UTJeku6T6-uHdI6Jpy7Q

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 26 Apr 2021 11:19:22 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=jOD3olP0SgOIghYk3xryHg%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AQvitUKIR3mjeJn-EC6TQed_-_XoB4g-zPkfcYqtu9B6viM7BENlxqff7urv5l1OhcMkwHuTFSaa4AI4u-UTJeku6T6-uHdI6Jpy7Q
Date: Mon, 26 Apr 2021 11:19:22 GMT
P3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length: 0
Content-Type: text/html; charset=UTF-8

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame 0662
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEOl8LJVbPWFvVYBVPUdVPbo&google_cver=1&google_push=AQvitUJ4YKfDBWX85TOIT0h1B_UZwYDXknZQEo8rFhK_uue18Bj6duGj-ddkX1e1ec7inbZvklh...
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S05ZSUNYWkEtMjYtMUFVRQ==&google_push=AQvitUJ4YKfDBWX85TOIT0h1B_UZwYDXknZQEo8rFhK_uue18Bj6duGj-ddkX1e1ec7inbZvklh7YMry_qrgRxoYh9EtzQlXAzhTIA
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S05ZSUNYWkEtMjYtMUFVRQ==&google_push=AQvitUJ4YKfDBWX85TOIT0h1B_UZwYDXknZQEo8rFhK_uue18Bj6duGj-ddkX1e1ec7inbZvklh7YMry_qrgRxoYh9EtzQlXAzhTI...

170 B
188 B

21ms
20ms

Image
image/png

142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S05ZSUNYWkEtMjYtMUFVRQ==&google_push=AQvitUJ4YKfDBWX85TOIT0h1B_UZwYDXknZQEo8rFhK_uue18Bj6duGj-ddkX1e1ec7inbZvklh7YMry_qrgRxoYh9EtzQlXAzhTIA&google_tc=

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 26 Apr 2021 11:19:22 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 26 Apr 2021 11:19:22 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S05ZSUNYWkEtMjYtMUFVRQ==&google_push=AQvitUJ4YKfDBWX85TOIT0h1B_UZwYDXknZQEo8rFhK_uue18Bj6duGj-ddkX1e1ec7inbZvklh7YMry_qrgRxoYh9EtzQlXAzhTIA&google_tc=
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 418
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame 0662
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEP1dt27PLY7fuJ_GbYJMWbc&google_cver=1&googl...
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEP1dt27PLY7fuJ_GbYJMWbc&google_cver=1&googl...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YIahukBEpeGBJB7M0r2UnAAABIsAAAIB&google_push=AQvitULWwJ8BZKiXrp6s3GH8DaQQWZvc0a6DoCh0cOh2bKxTd2BAF5jvnbp_aGNeGc8fLGtiDNqzoEtmkf1dk5ejfv...

170 B
188 B

17ms
17ms

Image
image/png

142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YIahukBEpeGBJB7M0r2UnAAABIsAAAIB&google_push=AQvitULWwJ8BZKiXrp6s3GH8DaQQWZvc0a6DoCh0cOh2bKxTd2BAF5jvnbp_aGNeGc8fLGtiDNqzoEtmkf1dk5ejfv4W9Oe7eA1Kiw&google_gid=CAESEP1dt27PLY7fuJ_GbYJMWbc&google_cver=1

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 26 Apr 2021 11:19:22 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 26 Apr 2021 11:19:22 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YIahukBEpeGBJB7M0r2UnAAABIsAAAIB&google_push=AQvitULWwJ8BZKiXrp6s3GH8DaQQWZvc0a6DoCh0cOh2bKxTd2BAF5jvnbp_aGNeGc8fLGtiDNqzoEtmkf1dk5ejfv4W9Oe7eA1Kiw&google_gid=CAESEP1dt27PLY7fuJ_GbYJMWbc&google_cver=1
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: text/html; charset=iso-8859-1
Content-Length: 462
Expires: Mon, 26 Apr 2021 11:19:22 GMT

GET
H2 200 trk
ag.innovid.com/ Frame 0662 43 B
296 B 80ms
23ms Image
image/gif 2a05:d01c:1d8:8100:1c45:c4d6:f2b8:9306
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ag.innovid.com/trk?tid=11711&google_gid=CAESEPZ_ZLq2AArtMsoejooeAg8&google_cver=1&google_push=AQvitUL0dnutJepvj5zvMV5HW5Wf1ohx8KEQwe1MPe60WPAeRgFSXhvY1SUnU2ld6jhv3-yQVR513m4pk7WrjQzbnUmedc4BEK659g
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6999968698827395&output=html&h=250&slotname=9935330980&adk=3580731020&adf=3496064688&pi=t.ma~as.9935330980&w=300&lmt=1619435961&psa=0&format=300x250&url=https%3A%2F%2Fwww.thesundaily.my%2Fhome%2Fastrazeneca-is-safe-to-be-given-to-senior-citizens-adham-YL7793054%3F_hsmi%3D88974744%26_hsenc%3Dp2ANqtz-_G5s6CORBttERc_beHteVqqnJIJh5EriMR00fz0Cexxf2lQpsFfBisijUxttE-tNX9yfHTn7fBQWbcOnOkY3_eCosMOOPpTIuaIKsiuCzrvP7v03c&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1619435961184&bpp=12&bdt=1408&idt=76&shv=r20210422&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3De3d6216e8f34a7bf-22ed5eaef1c70050%3AT%3D1619435960%3AS%3DALNI_MZZAhX_12i2lcgiNsdHRzfKQXL_FQ&correlator=3256238547201&frm=20&pv=2&ga_vid=353529585.1619435960&ga_sid=1619435960&ga_hid=1243480928&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1040&ady=2951&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C21068108%2C31060839&oid=3&pvsid=3866203379239951&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=13&uci=a!d&btvi=1&fsb=1&xpc=FHWuNUYsg8&p=https%3A//www.thesundaily.my&dtd=90
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a05:d01c:1d8:8100:1c45:c4d6:f2b8:9306 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 26 Apr 2021 11:19:22 GMT
cache-control: no-cache
content-type: image/gif
content-length: 43
request-time: 0
expires: -1

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame 0662
Redirect Chain

https://googlecm.hit.gemius.pl/googleredir?rid=tknhntsqez&id=ndBK6L_fzwx7rssCbe8.iLes3yi8eMbF6r2JE6Xu.b7.N7&google_gid=CAESEKnf-vR81uJIsJAtl6Joreo&google_cver=1&google_push=AQvitUJXQduM2H4d05YxY30M...
https://cm.g.doubleclick.net/pixel?google_nid=gemius_adh&google_push=AQvitUJXQduM2H4d05YxY30MfDgAPz_jzXvgFccGGMMFHXIvvHRqv2IokawfMCx3eDpCx0ezqU7FyCVXcGTDxHeL10yt43TqGj__GR0&google_hm=

170 B
188 B

34ms
31ms

Image
image/png

142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=gemius_adh&google_push=AQvitUJXQduM2H4d05YxY30MfDgAPz_jzXvgFccGGMMFHXIvvHRqv2IokawfMCx3eDpCx0ezqU7FyCVXcGTDxHeL10yt43TqGj__GR0&google_hm=

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 26 Apr 2021 11:19:22 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 26 Apr 2021 11:19:22 GMT
server: GHC
p3p: CP="NOI DSP COR NID PSAo OUR IND"
location: https://cm.g.doubleclick.net/pixel?google_nid=gemius_adh&google_push=AQvitUJXQduM2H4d05YxY30MfDgAPz_jzXvgFccGGMMFHXIvvHRqv2IokawfMCx3eDpCx0ezqU7FyCVXcGTDxHeL10yt43TqGj__GR0&google_hm=
cache-control: no-store, no-cache, must-revalidate, max-age=0
accept-ranges: none
content-length: 0
expires: Sun, 25 Apr 2021 11:19:22 GMT

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame 0662 0
59 B 15ms
14ms Image
text/html 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LVexVmzRlZqn5-oJGy3iO9CKxCFoRO7Yr5k0H-lJDsIzanQ2uRMd-g72FEn_DI-dXg6ZG31w

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Apr 2021 11:19:22 GMT
server: HTTP server (unknown)
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

POST
H2 204 bulk Show response
trc.taboola.com/thesundaily/log/3/ 0
267 B 33ms
32ms XHR
image/gif 199.232.137.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.taboola.com/thesundaily/log/3/bulk?route=AM%3AAM%3AV&lti=deflated&bulkSize=13
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20210426-7-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.thesundaily.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-vcl-time-ms: 20
pragma: no-cache
date: Mon, 26 Apr 2021 11:19:22 GMT
via: 1.1 varnish
server: nginx
x-timer: S1619435963.612507,VS0,VE20
x-served-by: cache-hhn11538-HHN
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: https://www.thesundaily.my
cache-control: no-cache
access-control-allow-credentials: true
accept-ranges: bytes
content-type: image/gif
x-cache-hits: 0

GET
H3-29 200 wkpRfPPcRT5gRuVOwfaUS9di2m_GhEf8-oTDdHI7uwk.js Show response
pagead2.googlesyndication.com/bg/ Frame E0D3 14 KB
6 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/wkpRfPPcRT5gRuVOwfaUS9di2m_GhEf8-oTDdHI7uwk.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c24a517cf3dc453e6046e54ec1f6944bd762da6fc68447fcfa84c374723bbb09

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Apr 2021 10:50:01 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Thu, 08 Apr 2021 09:18:00 GMT
server: sffe
age: 1761
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5710
x-xss-protection: 0
expires: Tue, 26 Apr 2022 10:50:01 GMT

GET
H3-29 200 535766525412827704
tpc.googlesyndication.com/daca_images/simgad/ Frame BDE3 50 KB
50 KB 8ms
7ms Image
image/png 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/daca_images/simgad/535766525412827704

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6999968698827395&output=html&h=600&slotname=9497258750&adk=365577592&adf=2751417938&pi=t.ma~as.9497258750&w=160&psa=0&format=160x600&url=https%3A%2F%2Fwww.thesundaily.my%2Fhome%2Fastrazeneca-is-safe-to-be-given-to-senior-citizens-adham-YL7793054%3F_hsmi%3D88974744%26_hsenc%3Dp2ANqtz-_G5s6CORBttERc_beHteVqqnJIJh5EriMR00fz0Cexxf2lQpsFfBisijUxttE-tNX9yfHTn7fBQWbcOnOkY3_eCosMOOPpTIuaIKsiuCzrvP7v03c&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1619435961809&bpp=4&bdt=193&idt=225&shv=r20210422&cbv=r20190131&ptt=9&saldr=aa&cookie=ID%3De3d6216e8f34a7bf-22ed5eaef1c70050%3AT%3D1619435960%3AS%3DALNI_MZZAhX_12i2lcgiNsdHRzfKQXL_FQ&correlator=3256238547201&frm=23&ife=1&pv=1&ga_vid=353529585.1619435960&ga_sid=1619435962&ga_hid=1087719516&ga_fc=1&nhd=1&u_tz=120&u_his=4&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1110&ady=4378&biw=1600&bih=1200&isw=160&ish=600&ifk=1594691852&scr_x=0&scr_y=0&eid=44740386&oid=3&pvsid=11907315495935&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C160%2C600&vis=1&rsz=%7C%7CEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.6uytnh5uuri&btvi=1&fsb=1&dtd=232

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8197fedeba49d7166f5aa0b8c1fa8712e8e98a15ac4abe84fc96198c3dd2af04

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 22 Apr 2021 10:32:25 GMT
x-content-type-options: nosniff
age: 348417
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 51532
x-xss-protection: 0
last-modified: Sun, 18 Apr 2021 07:18:47 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 22 Apr 2022 10:32:25 GMT

GET
H3-29 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210422/r20110914/ Frame BDE3 17 KB
7 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210422/r20110914/abg_lite_fy2019.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e9f3358441fb5f83ee3575f81df787bbade8b416b009cbdcbd3b71c8b6f560e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Apr 2021 11:18:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 72
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7028
x-xss-protection: 0
server: cafe
etag: 3134275839577271762
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 10 May 2021 11:18:10 GMT

GET
H3-29 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210422/r20110914/client/ Frame BDE3 2 KB
1 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210422/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Apr 2021 11:15:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 262
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1303
x-xss-protection: 0
server: cafe
etag: 14729628269804859526
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 10 May 2021 11:15:00 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame BDE3 116 KB
35 KB 16ms
14ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dc015126841eaa9b1b79ee123e13d7d07ad7fe77f22366b05c480eff59a7a25e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Apr 2021 11:19:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1619017370605640"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36032
x-xss-protection: 0
expires: Mon, 26 Apr 2021 11:19:22 GMT

GET
H3-29 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210422/r20110914/client/ Frame BDE3 13 KB
6 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210422/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

439ab67fa3c312bb442bed574ea79be834dbd92f3bd7d2288b6f3fce4d0afb0c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Apr 2021 11:17:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 101
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5604
x-xss-protection: 0
server: cafe
etag: 2846967340006788112
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 10 May 2021 11:17:41 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame BDE3 0
0 15ms
13ms Image
text/html 2a00:1450:4001:80e::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRN71tFaSZgZ_T-PUsnvfaZORhCM8fZK47SGusSQlti63RN4W7U9MEXl13E9MH5jjK1NqHGTeXIocEa1A3QFpjgE5sRvw
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6999968698827395&output=html&h=600&slotname=9497258750&adk=365577592&adf=2751417938&pi=t.ma~as.9497258750&w=160&psa=0&format=160x600&url=https%3A%2F%2Fwww.thesundaily.my%2Fhome%2Fastrazeneca-is-safe-to-be-given-to-senior-citizens-adham-YL7793054%3F_hsmi%3D88974744%26_hsenc%3Dp2ANqtz-_G5s6CORBttERc_beHteVqqnJIJh5EriMR00fz0Cexxf2lQpsFfBisijUxttE-tNX9yfHTn7fBQWbcOnOkY3_eCosMOOPpTIuaIKsiuCzrvP7v03c&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1619435961809&bpp=4&bdt=193&idt=225&shv=r20210422&cbv=r20190131&ptt=9&saldr=aa&cookie=ID%3De3d6216e8f34a7bf-22ed5eaef1c70050%3AT%3D1619435960%3AS%3DALNI_MZZAhX_12i2lcgiNsdHRzfKQXL_FQ&correlator=3256238547201&frm=23&ife=1&pv=1&ga_vid=353529585.1619435960&ga_sid=1619435962&ga_hid=1087719516&ga_fc=1&nhd=1&u_tz=120&u_his=4&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1110&ady=4378&biw=1600&bih=1200&isw=160&ish=600&ifk=1594691852&scr_x=0&scr_y=0&eid=44740386&oid=3&pvsid=11907315495935&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C160%2C600&vis=1&rsz=%7C%7CEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.6uytnh5uuri&btvi=1&fsb=1&dtd=232
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3-29 200 one_click_handler_one_afma_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210422/r20110914/client/ Frame BDE3 25 KB
10 KB 8ms
6ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210422/r20110914/client/one_click_handler_one_afma_fy2019.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef701bcdb11abe6ee6b906497f307cf8591be7b46258e201b2da192ba009e308

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Apr 2021 09:12:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 7626
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10420
x-xss-protection: 0
server: cafe
etag: 5410920360913075790
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 10 May 2021 09:12:16 GMT

GET
H3-29 200 adview
googleads.g.doubleclick.net/pagead/ Frame BDE3 0
0 45ms
44ms Fetch
text/html 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CZ6sluqGGYODkA6GblQewi6eoCNvv-r1i08ug1eEN3tkeEAEgw_WXEWCV-vCBjAegAbK9vs0ByAECqAMByAPJBKoEugNP0MMUMMFH0LIc-pZDbxpBTZs6qzQ9rCp2WoJz9dvJVSwA15mem2WdyNWD46O2fJcXbE4lHm4ZRoO9c5BjfgyN8D3jGj0EXxeE3iex9hLIQtetBkOIwPkLZKf8x59Kh18lg-XIAGtToZ7VK1Behtq1gZblXfRpCjvjs1GtKPAkVsCI_-Cjj7mFZYLKda9dPtZ7wzTvj187QMfEo1M4UyYTBcaY6Px2bUL-9xZGjP89kbKdgI2oatceIOq8lylcPWjVWuWhT_fjEPTXgwxWz_-KF7jq3Be_xVg1IynRQkxkmJu-XCBpESwQFU37dOkvb9U4ykA5zwsI9ETsu1-rR2fUhjGWlP6IxmnVuucqhodTi9PHL_zVYCVkLWwU-a5fGdKCw2lRkvWpPiTtj_U0oNpFDzU1kECG1p2eEytHRSBHwPffMo6aP3bJ6kFU_u6XuixXcThY0OT4cWK2zkP_LPwG_Odvu76dCCFtO1BgXQzQ8tYkoOKCVZ4RTeeFRtjPoIMj0eU8TH3OSTv_etOry-6qMqXYnp-VxrrUKVeG6WZgUEJH9B0cTZ1kkPSiGPQyoPNmuGiykPu4lv6TwATJz7TTuwOSBQQIBBgBkgUECAUYBKAGAoAH17XrkQKoB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7paxAqgHpr4bqAfs1RvYBwHyBwQQ0JcB0ggJCIDhgBAQARgfgAoByAsB2BMM0BUBgBcBshcaChgIABIUcHViLTY5OTk5Njg2OTg4MjczOTU&sigh=_MBW9ztGAfw

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6999968698827395&output=html&h=600&slotname=9497258750&adk=365577592&adf=2751417938&pi=t.ma~as.9497258750&w=160&psa=0&format=160x600&url=https%3A%2F%2Fwww.thesundaily.my%2Fhome%2Fastrazeneca-is-safe-to-be-given-to-senior-citizens-adham-YL7793054%3F_hsmi%3D88974744%26_hsenc%3Dp2ANqtz-_G5s6CORBttERc_beHteVqqnJIJh5EriMR00fz0Cexxf2lQpsFfBisijUxttE-tNX9yfHTn7fBQWbcOnOkY3_eCosMOOPpTIuaIKsiuCzrvP7v03c&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1619435961809&bpp=4&bdt=193&idt=225&shv=r20210422&cbv=r20190131&ptt=9&saldr=aa&cookie=ID%3De3d6216e8f34a7bf-22ed5eaef1c70050%3AT%3D1619435960%3AS%3DALNI_MZZAhX_12i2lcgiNsdHRzfKQXL_FQ&correlator=3256238547201&frm=23&ife=1&pv=1&ga_vid=353529585.1619435960&ga_sid=1619435962&ga_hid=1087719516&ga_fc=1&nhd=1&u_tz=120&u_his=4&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1110&ady=4378&biw=1600&bih=1200&isw=160&ish=600&ifk=1594691852&scr_x=0&scr_y=0&eid=44740386&oid=3&pvsid=11907315495935&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C160%2C600&vis=1&rsz=%7C%7CEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.6uytnh5uuri&btvi=1&fsb=1&dtd=232
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Mon, 26 Apr 2021 11:19:22 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Mon, 26 Apr 2021 11:19:22 GMT

GET
H3-29

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 81C0
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si

0
16 B

42ms
42ms

Document
text/html

142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

safe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/si
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Mon, 26 Apr 2021 11:19:22 GMT
server: safe
content-length: 0
x-xss-protection: 0
set-cookie: DSID=NO_DATA; expires=Mon, 26-Apr-2021 12:19:22 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Mon, 26 Apr 2021 11:19:22 GMT
cache-control: private

Redirect headers

location: https://googleads.g.doubleclick.net/pagead/drt/si
cache-control: private
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Mon, 26 Apr 2021 11:19:22 GMT
server: safe
content-length: 246
x-xss-protection: 0
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 publishertag.prebid.js Show response
static.criteo.net/js/ld/ 80 KB
26 KB 71ms
27ms XHR
text/javascript 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by: Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: nginx /
Resource Hash: b27963d64b79220f6a94fafa3a3c67a2404d363b4ad53dbb83ab2187eacde46f

Request headers

Referer: https://www.thesundaily.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Apr 2021 11:19:22 GMT
content-encoding: gzip
last-modified: Thu, 18 Mar 2021 09:52:27 GMT
server: nginx
etag: W/"605322db-14013"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
timing-allow-origin: *
expires: Tue, 27 Apr 2021 11:19:22 GMT

GET
H/1.1

200
OK

/
avd.innity.com/bounce/ Frame 9AA4
Redirect Chain

https://avd.innity.com/uidsync/init/?idsr=https%3A%2F%2Favd.innity.com%2Fsync%2F%3Fpartner%3Daone%26token%3D%26type%3Dcookie&c=ID
https://avd.innity.com/bounce/?%2Fuidsync%2Finit%2F%3Fidsr%3Dhttps%253A%252F%252Favd.innity.com%252Fsync%252F%253Fpartner%253Daone%2526token%253D%2526type%253Dcookie%26c%3DID

43 B
581 B

288ms
172ms

Image
image/gif

119.81.192.134
SOFTLAYER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://avd.innity.com/bounce/?%2Fuidsync%2Finit%2F%3Fidsr%3Dhttps%253A%252F%252Favd.innity.com%252Fsync%252F%253Fpartner%253Daone%2526token%253D%2526type%253Dcookie%26c%3DID
Requested by: Host: www.thesundaily.my
URL: https://www.thesundaily.my/home/astrazeneca-is-safe-to-be-given-to-senior-citizens-adham-YL7793054?_hsmi=88974744&_hsenc=p2ANqtz-_G5s6CORBttERc_beHteVqqnJIJh5EriMR00fz0Cexxf2lQpsFfBisijUxttE-tNX9yfHTn7fBQWbcOnOkY3_eCosMOOPpTIuaIKsiuCzrvP7v03c
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 119.81.192.134 Singapore, Singapore, ASN36351 (SOFTLAYER, US),
Reverse DNS
Software: Apache /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: https://www.thesundaily.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 26 Apr 2021 11:19:23 GMT
Last-Modified: Mon, 26 Apr 2021 11:19:23 GMT
Server: Apache
P3P: policyref=http://www.innity.com/p3p/p3p.xml,CP="CURa ADMa DEVa OUR BUS UNI COM NAV INT"
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Content-Type: image/gif
Content-Length: 43
Expires: Wed, 04 Aug 1985 12:59:00 GMT

Redirect headers

Location: /bounce/?%2Fuidsync%2Finit%2F%3Fidsr%3Dhttps%253A%252F%252Favd.innity.com%252Fsync%252F%253Fpartner%253Daone%2526token%253D%2526type%253Dcookie%26c%3DID
Date: Mon, 26 Apr 2021 11:19:22 GMT
Server: Apache
Content-Length: 0
Content-Type: text/html; charset=UTF-8

GET
H/1.1

200
OK

/
avd.innity.com/bounce/ Frame 9AA4
Redirect Chain

https://avd.innity.com/uidsync/init/?idsr=https%3A%2F%2Floadus.exelator.com%2Fload%2F%3Fp%3D1381%26g%3D204%26j%3D0&c=HK&itmcb=1619435962684
https://avd.innity.com/bounce/?%2Fuidsync%2Finit%2F%3Fidsr%3Dhttps%253A%252F%252Floadus.exelator.com%252Fload%252F%253Fp%253D1381%2526g%253D204%2526j%253D0%26c%3DHK%26itmcb%3D1619435962684

43 B
581 B

184ms
176ms

Image
image/gif

119.81.192.134
SOFTLAYER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://avd.innity.com/bounce/?%2Fuidsync%2Finit%2F%3Fidsr%3Dhttps%253A%252F%252Floadus.exelator.com%252Fload%252F%253Fp%253D1381%2526g%253D204%2526j%253D0%26c%3DHK%26itmcb%3D1619435962684
Requested by: Host: www.thesundaily.my
URL: https://www.thesundaily.my/home/astrazeneca-is-safe-to-be-given-to-senior-citizens-adham-YL7793054?_hsmi=88974744&_hsenc=p2ANqtz-_G5s6CORBttERc_beHteVqqnJIJh5EriMR00fz0Cexxf2lQpsFfBisijUxttE-tNX9yfHTn7fBQWbcOnOkY3_eCosMOOPpTIuaIKsiuCzrvP7v03c
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 119.81.192.134 Singapore, Singapore, ASN36351 (SOFTLAYER, US),
Reverse DNS
Software: Apache /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: https://www.thesundaily.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 26 Apr 2021 11:19:23 GMT
Last-Modified: Mon, 26 Apr 2021 11:19:23 GMT
Server: Apache
P3P: policyref=http://www.innity.com/p3p/p3p.xml,CP="CURa ADMa DEVa OUR BUS UNI COM NAV INT"
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Content-Type: image/gif
Content-Length: 43
Expires: Wed, 04 Aug 1985 12:59:00 GMT

Redirect headers

Location: /bounce/?%2Fuidsync%2Finit%2F%3Fidsr%3Dhttps%253A%252F%252Floadus.exelator.com%252Fload%252F%253Fp%253D1381%2526g%253D204%2526j%253D0%26c%3DHK%26itmcb%3D1619435962684
Date: Mon, 26 Apr 2021 11:19:23 GMT
Server: Apache
Content-Length: 0
Content-Type: text/html; charset=UTF-8

GET
H/1.1

200
OK

/
avd.innity.com/uidsync/mapuid/ Frame 9AA4
Redirect Chain

https://avd.innity.com/uidsync/getuid/?idsr=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fssp%3Dinnity%26user_id%3D%24UID&itmcb=1619435962684
https://avd.innity.com/bounce/?%2Fuidsync%2Fgetuid%2F%3Fidsr%3Dhttps%253A%252F%252Fx.bidswitch.net%252Fsync%253Fssp%253Dinnity%2526user_id%253D%2524UID%26itmcb%3D1619435962684
https://x.bidswitch.net/sync?ssp=innity&user_id=730309ba557998ce9ce9b3a57f65aca6
https://match.adsrvr.org/track/cmf/generic?ttd_pid=bidswitch&ttd_tpi=1&ttd_puid=innity&gdpr=&gdpr_consent=
https://x.bidswitch.net/sync?dsp_id=93&user_id=18af8a2d-70bd-419a-9398-d8e481f0d7cd&expires=30&ssp=innity&gdpr=${GDPR}&gdpr_consent=${GDPR_CONSENT_21}
https://avd.innity.com/uidsync/mapuid/?pid=689&puuid=2c42101e-bbfe-48bd-ba4a-2c71f7d05af6

43 B
452 B

2011ms
173ms

Image
image/gif

119.81.192.134
SOFTLAYER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://avd.innity.com/uidsync/mapuid/?pid=689&puuid=2c42101e-bbfe-48bd-ba4a-2c71f7d05af6
Requested by: Host: www.thesundaily.my
URL: https://www.thesundaily.my/home/astrazeneca-is-safe-to-be-given-to-senior-citizens-adham-YL7793054?_hsmi=88974744&_hsenc=p2ANqtz-_G5s6CORBttERc_beHteVqqnJIJh5EriMR00fz0Cexxf2lQpsFfBisijUxttE-tNX9yfHTn7fBQWbcOnOkY3_eCosMOOPpTIuaIKsiuCzrvP7v03c
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 119.81.192.134 Singapore, Singapore, ASN36351 (SOFTLAYER, US),
Reverse DNS
Software: Apache /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: https://www.thesundaily.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 26 Apr 2021 11:19:25 GMT
Last-Modified: Mon, 26 Apr 2021 11:19:25 GMT
Server: Apache
P3P: policyref=http://www.innity.com/p3p/p3p.xml,CP="CURa ADMa DEVa OUR BUS UNI COM NAV INT"
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Content-Type: image/gif
Content-Length: 43
Expires: Wed, 04 Aug 1985 12:59:00 GMT

Redirect headers

location: //avd.innity.com/uidsync/mapuid/?pid=689&puuid=2c42101e-bbfe-48bd-ba4a-2c71f7d05af6
date: Mon, 26 Apr 2021 11:19:23 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H2 200 f539211219b796ffbb49949997c764f0.png
cdn.taboola.com/libtrc/static/thumbnails/ 254 B
685 B 10ms
8ms Image
image/png 199.232.137.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.taboola.com/libtrc/static/thumbnails/f539211219b796ffbb49949997c764f0.png
Requested by: Host: www.thesundaily.my
URL: https://www.thesundaily.my/home/astrazeneca-is-safe-to-be-given-to-senior-citizens-adham-YL7793054?_hsmi=88974744&_hsenc=p2ANqtz-_G5s6CORBttERc_beHteVqqnJIJh5EriMR00fz0Cexxf2lQpsFfBisijUxttE-tNX9yfHTn7fBQWbcOnOkY3_eCosMOOPpTIuaIKsiuCzrvP7v03c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f68019eb4b4e5933301d4ee75969e0cb94ed8333bf514630fa749eb9c3e483c9

Request headers

Referer: https://www.thesundaily.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: hL.cyLD7Q4TL5ceY.7JQwF9m5IYI8mkC
via: 1.1 varnish
etag: "dfa7b52c86e56bd67fa4002f6ed19854"
age: 13447
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 254
x-amz-id-2: 3fxKGKGG7x9smUgGRZY3/0rYOUUaxLooyKppUJbwjC3F0De0S2w7jAiA03CoGdM8qf9YzUtHXMg=
x-served-by: cache-hhn11538-HHN
last-modified: Wed, 24 Jun 2015 07:14:11 GMT
server: AmazonS3
x-amz-meta-s3cmd-attrs: uid:0/gname:root/uname:root/gid:0/mode:33188/mtime:1377415166/atime:1435052450/md5:dfa7b52c86e56bd67fa4002f6ed19854/ctime:1422381567
x-timer: S1619435963.692045,VS0,VE0
date: Mon, 26 Apr 2021 11:19:22 GMT
x-amz-request-id: BZA2MM8GAVQZA74K
cache-control: private,max-age=31536000
accept-ranges: bytes
content-type: image/png
abp: 54
x-cache-hits: 29308

GET
H2 200 dpixel
cms.quantserve.com/ Frame 4A6C 35 B
210 B 14ms
7ms Image
image/gif 2620:116:800d:21:8c6e:cf2c:8d6:9fb5
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEHdObbELQbIvqGJw7VVNpIw&google_cver=1&google_push=AQvitUJwrJB_j1244McdE_1XCbjMj0ir-QIuo973gIH3Q3TdgJBJtQV8BwVYR1s25MQfb3IEwbzGwwG3BoSZiCglkxA0VMLtS7HB

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:8c6e:cf2c:8d6:9fb5 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 26 Apr 2021 11:19:22 GMT
cache-control: private, no-cache, no-store, proxy-revalidate
content-type: image/gif
content-length: 35
strict-transport-security: max-age=86400
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame 4A6C
Redirect Chain

https://pixel.everesttech.net/1/m?url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Deverest%26google_hm%3D__EFGSURFER_USB64__%26google_push%3DAQvitUKhRvrNE-rvyCqC9tpjzy3pAmwj2uxCjFsiuJk...
https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WUlhaHV3QUFBQnRTUlVuUQ&google_push=AQvitUKhRvrNE-rvyCqC9tpjzy3pAmwj2uxCjFsiuJkQyF9FEf4XtEpnaCNBcM4albxNSECJ0ssIonK8WSNBzlB6KS5sGnCHv1SI

170 B
188 B

18ms
17ms

Image
image/png

142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WUlhaHV3QUFBQnRTUlVuUQ&google_push=AQvitUKhRvrNE-rvyCqC9tpjzy3pAmwj2uxCjFsiuJkQyF9FEf4XtEpnaCNBcM4albxNSECJ0ssIonK8WSNBzlB6KS5sGnCHv1SI

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 26 Apr 2021 11:19:23 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WUlhaHV3QUFBQnRTUlVuUQ&google_push=AQvitUKhRvrNE-rvyCqC9tpjzy3pAmwj2uxCjFsiuJkQyF9FEf4XtEpnaCNBcM4albxNSECJ0ssIonK8WSNBzlB6KS5sGnCHv1SI
Date: Mon, 26 Apr 2021 11:19:23 GMT
Server: Apache
Connection: keep-alive
Content-Length: 391
Content-Type: text/html; charset=iso-8859-1

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame 4A6C
Redirect Chain

https://id.rlcdn.com/466606.gif?cparams=google_push%3DAQvitUKel0Lmz5jrx3bP7144moJdV-v6HlgUpbCLisfMyj-xKK-vbzXqfBUEK-di_FjRApFILPa9qBmfqM7RSmcZnnvaMQWjcmHE&google_gid=CAESEH6Bie7-raFUQq_ym7b8LGc&goo...
https://id.rlcdn.com/1000.gif?memo=CK69HBoNCLrDmoQGEgUI6AcQAEIASnBnb29nbGVfcHVzaD1BUXZpdFVLZWwwTG16NWpyeDNiUDcxNDRtb0pkVi12NkhsZ1VwYkNMaXNmTXlqLXhLSy12YnpYcWZCVUVLLWRpX0ZqUkFwRklMUGE5cUJtZnFNN1JTbW...
https://cm.g.doubleclick.net/pixel?google_nid=liveramp&google_hm=WGMzMDcwNG04VmV4ZEl5MGdRQWozMHp3UFpwWGdxNkhWaEF3eDY0YmV6cW9DSmhMVQ==&google_push

170 B
188 B

18ms
17ms

Image
image/png

142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=liveramp&google_hm=WGMzMDcwNG04VmV4ZEl5MGdRQWozMHp3UFpwWGdxNkhWaEF3eDY0YmV6cW9DSmhMVQ==&google_push

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 26 Apr 2021 11:19:23 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Mon, 26 Apr 2021 11:19:23 GMT
via: 1.1 google
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://cm.g.doubleclick.net/pixel?google_nid=liveramp&google_hm=WGMzMDcwNG04VmV4ZEl5MGdRQWozMHp3UFpwWGdxNkhWaEF3eDY0YmV6cW9DSmhMVQ==&google_push
cache-control: no-cache, no-store
timing-allow-origin: *
alt-svc: clear
content-length: 0

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame 4A6C
Redirect Chain

https://rtb.openx.net/sync/dds?google_gid=CAESEEu7vkVv1iNdcc15fskK-hE&google_cver=1&google_push=AQvitUI4tEwQw5yCSGRtezWFEv0s1VNCyJ95WA7NRoidSpWR97abNy7IoGRdgmxJGcfv0ElL9xS4FWSzBqTY4G9fQ-SgGN4d_8K5
https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AQvitUI4tEwQw5yCSGRtezWFEv0s1VNCyJ95WA7NRoidSpWR97abNy7IoGRdgmxJGcfv0ElL9xS4FWSzBqTY4G9fQ-SgGN4d_8K5&google_hm=jJhXFr89zLkthyqG8Gc0mQ==

170 B
188 B

22ms
22ms

Image
image/png

142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AQvitUI4tEwQw5yCSGRtezWFEv0s1VNCyJ95WA7NRoidSpWR97abNy7IoGRdgmxJGcfv0ElL9xS4FWSzBqTY4G9fQ-SgGN4d_8K5&google_hm=jJhXFr89zLkthyqG8Gc0mQ==

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 26 Apr 2021 11:19:22 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 26 Apr 2021 11:19:21 GMT
via: 1.1 google
server: Cowboy
access-control-allow-origin: null
vary: Origin
p3p: CP="CUR ADM OUR NOR STA NID"
location: https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AQvitUI4tEwQw5yCSGRtezWFEv0s1VNCyJ95WA7NRoidSpWR97abNy7IoGRdgmxJGcfv0ElL9xS4FWSzBqTY4G9fQ-SgGN4d_8K5&google_hm=jJhXFr89zLkthyqG8Gc0mQ==
access-control-expose-headers
cache-control: private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials: true
alt-svc: clear
content-length: 0
x-request-id: 2bdlmkgolbbti34r5tlmdqhd605ql3ss

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame 4A6C
Redirect Chain

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=RGyh4xHYQlalcGkhabNmRQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...

170 B
188 B

27ms
17ms

Image
image/png

142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=RGyh4xHYQlalcGkhabNmRQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AQvitUIkUlWXeyi5wImQtwbcoY66D-PCZdjYVA48uy4AMnGMDrElqmBOYAomvwg8Uj1Ji5ru-P5oG9rZSSHr_0AeWfw4UvXvLTTA

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 26 Apr 2021 11:19:22 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=RGyh4xHYQlalcGkhabNmRQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AQvitUIkUlWXeyi5wImQtwbcoY66D-PCZdjYVA48uy4AMnGMDrElqmBOYAomvwg8Uj1Ji5ru-P5oG9rZSSHr_0AeWfw4UvXvLTTA
Date: Mon, 26 Apr 2021 11:19:21 GMT
P3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length: 0
Content-Type: text/html; charset=UTF-8

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame 4A6C
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEOl8LJVbPWFvVYBVPUdVPbo&google_cver=1&google_push=AQvitULuJzGYkN3v30-EMij6ckGQAxoMXUoLC5Pc_EUx-GxfgJzcTG-wV_u7gKoKwnx2eEddXPs...
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S05ZSUNZMUstNS0yRjUz&google_push=AQvitULuJzGYkN3v30-EMij6ckGQAxoMXUoLC5Pc_EUx-GxfgJzcTG-wV_u7gKoKwnx2eEddXPs5cjX_-JD67unK6PGYCb4E7lUc

170 B
188 B

21ms
21ms

Image
image/png

142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S05ZSUNZMUstNS0yRjUz&google_push=AQvitULuJzGYkN3v30-EMij6ckGQAxoMXUoLC5Pc_EUx-GxfgJzcTG-wV_u7gKoKwnx2eEddXPs5cjX_-JD67unK6PGYCb4E7lUc

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 26 Apr 2021 11:19:22 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S05ZSUNZMUstNS0yRjUz&google_push=AQvitULuJzGYkN3v30-EMij6ckGQAxoMXUoLC5Pc_EUx-GxfgJzcTG-wV_u7gKoKwnx2eEddXPs5cjX_-JD67unK6PGYCb4E7lUc
Cache-Control: no-cache,no-store,must-revalidate
Content-Type: text/html
content-length: 0
X-RPHost: 37b22a0c36bd84993dd2cda4a5e04b1d
Expires: 0

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame 4A6C
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEP1dt27PLY7fuJ_GbYJMWbc&google_cver=1&googl...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YIahukBEpeGBJB7M0r2UnAAABIsAAAIB&google_cver=1&google_gid=CAESEP1dt27PLY7fuJ_GbYJMWbc&google_push=AQvitUKJ6z3r8Wj8XKTd4gnRWDH-AzxPormOe...

170 B
188 B

19ms
19ms

Image
image/png

142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YIahukBEpeGBJB7M0r2UnAAABIsAAAIB&google_cver=1&google_gid=CAESEP1dt27PLY7fuJ_GbYJMWbc&google_push=AQvitUKJ6z3r8Wj8XKTd4gnRWDH-AzxPormOeE3hWqPFsWdF3F61_JhOGHkOYfjcS3A7pv38KjoD3g6HNho1BOLVMTdGzLokAggP

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 26 Apr 2021 11:19:22 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 26 Apr 2021 11:19:22 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YIahukBEpeGBJB7M0r2UnAAABIsAAAIB&google_cver=1&google_gid=CAESEP1dt27PLY7fuJ_GbYJMWbc&google_push=AQvitUKJ6z3r8Wj8XKTd4gnRWDH-AzxPormOeE3hWqPFsWdF3F61_JhOGHkOYfjcS3A7pv38KjoD3g6HNho1BOLVMTdGzLokAggP
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: text/html; charset=iso-8859-1
Content-Length: 460
Expires: Mon, 26 Apr 2021 11:19:22 GMT

GET
H3-29 204 attr
cm.g.doubleclick.net/pixel/ Frame 4A6C 0
12 B 21ms
16ms Image
text/html 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JR0ud97RLzg4UdP6sMg7mNW1J2CO0oC8pHa5oOZ5zFkrWlazb7qHgkoup46PPj80BmBUdR

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Apr 2021 11:19:22 GMT
server: HTTP server (unknown)
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H/1.1 200
OK 12988193 Show response
ads.stickyadstv.com/vast/vpaid-adapter/ 1 KB
2 KB 91ms
36ms XHR
application/xml 2.18.234.233
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.stickyadstv.com/vast/vpaid-adapter/12988193?_fw_gdpr=1&_fw_us_privacy=1---
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/vPlayer/player/v12.2.0/OvaMediaPlayer.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-233.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 962f2f3a23a1f9bab30e88e751bc326d4eb37044ad82c651710ce91fc6b41be6

Request headers

Referer: https://www.thesundaily.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

Pragma: no-cache
Date: Mon, 26 Apr 2021 11:19:22 GMT
Server: nginx
Content-Type: application/xml;charset=ISO-8859-1
Access-Control-Allow-Origin: https://www.thesundaily.my
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 1064
x-sticky-vk: 1619435962849038-361
Expires: Mon, 26 Apr 2021 11:19:22 GMT

GET
H3-29

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 12BF
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si

0
16 B

41ms
40ms

Document
text/html

142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

safe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/si
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: test_cookie=CheckForPermission; DSID=NO_DATA
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Mon, 26 Apr 2021 11:19:22 GMT
server: safe
content-length: 0
x-xss-protection: 0
set-cookie: DSID=NO_DATA; expires=Mon, 26-Apr-2021 12:19:22 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Mon, 26 Apr 2021 11:19:22 GMT
cache-control: private

Redirect headers

location: https://googleads.g.doubleclick.net/pagead/drt/si
cache-control: private
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Mon, 26 Apr 2021 11:19:22 GMT
server: safe
content-length: 246
x-xss-protection: 0
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 wkpRfPPcRT5gRuVOwfaUS9di2m_GhEf8-oTDdHI7uwk.js Show response
pagead2.googlesyndication.com/bg/ Frame B46D 14 KB
6 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/wkpRfPPcRT5gRuVOwfaUS9di2m_GhEf8-oTDdHI7uwk.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c24a517cf3dc453e6046e54ec1f6944bd762da6fc68447fcfa84c374723bbb09

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Apr 2021 10:50:01 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Thu, 08 Apr 2021 09:18:00 GMT
server: sffe
age: 1761
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5710
x-xss-protection: 0
expires: Tue, 26 Apr 2022 10:50:01 GMT

GET
H3-29 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 5844 143 B
163 B 13ms
13ms Document
text/html 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

safe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/s?v=r20120211
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6999968698827395&output=html&h=600&slotname=9497258750&adk=365577592&adf=2751417938&pi=t.ma~as.9497258750&w=160&psa=0&format=160x600&url=https%3A%2F%2Fwww.thesundaily.my%2Fhome%2Fastrazeneca-is-safe-to-be-given-to-senior-citizens-adham-YL7793054%3F_hsmi%3D88974744%26_hsenc%3Dp2ANqtz-_G5s6CORBttERc_beHteVqqnJIJh5EriMR00fz0Cexxf2lQpsFfBisijUxttE-tNX9yfHTn7fBQWbcOnOkY3_eCosMOOPpTIuaIKsiuCzrvP7v03c&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1619435961809&bpp=4&bdt=193&idt=225&shv=r20210422&cbv=r20190131&ptt=9&saldr=aa&cookie=ID%3De3d6216e8f34a7bf-22ed5eaef1c70050%3AT%3D1619435960%3AS%3DALNI_MZZAhX_12i2lcgiNsdHRzfKQXL_FQ&correlator=3256238547201&frm=23&ife=1&pv=1&ga_vid=353529585.1619435960&ga_sid=1619435962&ga_hid=1087719516&ga_fc=1&nhd=1&u_tz=120&u_his=4&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1110&ady=4378&biw=1600&bih=1200&isw=160&ish=600&ifk=1594691852&scr_x=0&scr_y=0&eid=44740386&oid=3&pvsid=11907315495935&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C160%2C600&vis=1&rsz=%7C%7CEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.6uytnh5uuri&btvi=1&fsb=1&dtd=232
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: test_cookie=CheckForPermission; DSID=NO_DATA
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6999968698827395&output=html&h=600&slotname=9497258750&adk=365577592&adf=2751417938&pi=t.ma~as.9497258750&w=160&psa=0&format=160x600&url=https%3A%2F%2Fwww.thesundaily.my%2Fhome%2Fastrazeneca-is-safe-to-be-given-to-senior-citizens-adham-YL7793054%3F_hsmi%3D88974744%26_hsenc%3Dp2ANqtz-_G5s6CORBttERc_beHteVqqnJIJh5EriMR00fz0Cexxf2lQpsFfBisijUxttE-tNX9yfHTn7fBQWbcOnOkY3_eCosMOOPpTIuaIKsiuCzrvP7v03c&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1619435961809&bpp=4&bdt=193&idt=225&shv=r20210422&cbv=r20190131&ptt=9&saldr=aa&cookie=ID%3De3d6216e8f34a7bf-22ed5eaef1c70050%3AT%3D1619435960%3AS%3DALNI_MZZAhX_12i2lcgiNsdHRzfKQXL_FQ&correlator=3256238547201&frm=23&ife=1&pv=1&ga_vid=353529585.1619435960&ga_sid=1619435962&ga_hid=1087719516&ga_fc=1&nhd=1&u_tz=120&u_his=4&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1110&ady=4378&biw=1600&bih=1200&isw=160&ish=600&ifk=1594691852&scr_x=0&scr_y=0&eid=44740386&oid=3&pvsid=11907315495935&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C160%2C600&vis=1&rsz=%7C%7CEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.6uytnh5uuri&btvi=1&fsb=1&dtd=232

Response headers

content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Mon, 26 Apr 2021 10:29:19 GMT
server: safe
content-length: 145
x-xss-protection: 0
cache-control: public, max-age=3600
age: 3003
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 26B1 1 KB
749 B 10ms
9ms Document
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: pagead2.googlesyndication.com
:scheme: https
:path: /pagead/s/cookie_push_onload.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/

Response headers

p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Mon, 26 Apr 2021 03:14:09 GMT
expires: Tue, 27 Apr 2021 03:14:09 GMT
content-type: text/html; charset=UTF-8
etag: 48472445140208031
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 724
x-xss-protection: 0
cache-control: public, max-age=86400
age: 29113
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 wkpRfPPcRT5gRuVOwfaUS9di2m_GhEf8-oTDdHI7uwk.js Show response
pagead2.googlesyndication.com/bg/ Frame AB7D 14 KB
6 KB 20ms
6ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/wkpRfPPcRT5gRuVOwfaUS9di2m_GhEf8-oTDdHI7uwk.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c24a517cf3dc453e6046e54ec1f6944bd762da6fc68447fcfa84c374723bbb09

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Apr 2021 10:50:01 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Thu, 08 Apr 2021 09:18:00 GMT
server: sffe
age: 1761
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5710
x-xss-protection: 0
expires: Tue, 26 Apr 2022 10:50:01 GMT

GET
H3-29 200 Banner_300x600_Bild-Karte-Button2.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1684394985928583253/ Frame AB7D 2 KB
2 KB 20ms
9ms Image
image/png 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1684394985928583253/Banner_300x600_Bild-Karte-Button2.png

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1e54c0803f863dc42b5c1fc1d2699d77bddc07031e984e4fc88586defe60c145

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 362447
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2080
x-xss-protection: 0
last-modified: Thu, 15 Apr 2021 14:37:29 GMT
server: sffe
date: Thu, 22 Apr 2021 06:38:35 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 22 Apr 2022 06:38:35 GMT

GET
H3-29 200 Banner_300x600_Bild-Karte3.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1684394985928583253/ Frame AB7D 16 KB
16 KB 20ms
9ms Image
image/png 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1684394985928583253/Banner_300x600_Bild-Karte3.png

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d596e004d677171f553042f2ac140af9b84907d2b28057dd38fbeb3104fb5365

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 329709
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16356
x-xss-protection: 0
last-modified: Thu, 15 Apr 2021 14:37:29 GMT
server: sffe
date: Thu, 22 Apr 2021 15:44:13 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 22 Apr 2022 15:44:13 GMT

GET
H3-29 200 Banner_300x600_Text-5_1.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1684394985928583253/ Frame AB7D 3 KB
3 KB 19ms
8ms Image
image/png 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1684394985928583253/Banner_300x600_Text-5_1.png

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

93376cb62bd17681f9dafacef1b5e4c9cf8fbe57fd0c1563af0cf96852c42824

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 112797
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2589
x-xss-protection: 0
last-modified: Thu, 15 Apr 2021 14:37:29 GMT
server: sffe
date: Sun, 25 Apr 2021 03:59:25 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 25 Apr 2022 03:59:25 GMT

GET
H3-29 200 Banner_300x600_Text-4_1.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1684394985928583253/ Frame AB7D 2 KB
2 KB 19ms
8ms Image
image/png 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1684394985928583253/Banner_300x600_Text-4_1.png

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d111ba83ff0f5a0bba37d996fdf163f0fe658e0ab7e67696fdc2d1f0c1fdba80

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 482847
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2370
x-xss-protection: 0
last-modified: Thu, 15 Apr 2021 14:37:29 GMT
server: sffe
date: Tue, 20 Apr 2021 21:11:55 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 20 Apr 2022 21:11:55 GMT

GET
H3-29 200 Banner_300x600_Text-3_1.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1684394985928583253/ Frame AB7D 4 KB
4 KB 18ms
7ms Image
image/png 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1684394985928583253/Banner_300x600_Text-3_1.png

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dcb51fdefd2e8b82620111ff01aed9d8939a98ef63c3a772cb4e2ae50552b8fd

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 326254
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4064
x-xss-protection: 0
last-modified: Thu, 15 Apr 2021 14:37:29 GMT
server: sffe
date: Thu, 22 Apr 2021 16:41:48 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 22 Apr 2022 16:41:48 GMT

GET
H3-29 200 Banner_300x600_Text-2_2.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1684394985928583253/ Frame AB7D 3 KB
3 KB 24ms
14ms Image
image/png 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1684394985928583253/Banner_300x600_Text-2_2.png

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7522af251cba19eb566f78dd9b9fef0b33dc65be8471f2189d5ac4e44c4883e6

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 450775
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3145
x-xss-protection: 0
last-modified: Thu, 15 Apr 2021 14:37:29 GMT
server: sffe
date: Wed, 21 Apr 2021 06:06:27 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 21 Apr 2022 06:06:27 GMT

GET
H3-29 200 Banner_300x600_Text-_1.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1684394985928583253/ Frame AB7D 3 KB
3 KB 24ms
14ms Image
image/png 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1684394985928583253/Banner_300x600_Text-_1.png

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d39e01527947350e160633f8532fbb5971bd468a200d15202369c621490cb25e

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 557674
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2963
x-xss-protection: 0
last-modified: Thu, 15 Apr 2021 14:37:29 GMT
server: sffe
date: Tue, 20 Apr 2021 00:24:48 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 20 Apr 2022 00:24:48 GMT

GET
H3-29 200 Banner_300x600_Bild-5.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1684394985928583253/ Frame AB7D 17 KB
17 KB 23ms
13ms Image
image/png 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1684394985928583253/Banner_300x600_Bild-5.png

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9f8c4205bb0871068048b49c0a49a49096fc609f6d37fe4e65c94719e79c7b64

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 329719
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17270
x-xss-protection: 0
last-modified: Thu, 15 Apr 2021 14:37:29 GMT
server: sffe
date: Thu, 22 Apr 2021 15:44:03 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 22 Apr 2022 15:44:03 GMT

GET
H3-29 200 Banner_300x600_Bild-4.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1684394985928583253/ Frame AB7D 16 KB
16 KB 20ms
12ms Image
image/png 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1684394985928583253/Banner_300x600_Bild-4.png

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9d59551c5c34e768063ac8a0bb30975ce77896f7caf776a94f665a6293a7bed7

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 481771
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16700
x-xss-protection: 0
last-modified: Thu, 15 Apr 2021 14:37:29 GMT
server: sffe
date: Tue, 20 Apr 2021 21:29:51 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 20 Apr 2022 21:29:51 GMT

GET
H3-29 200 Banner_300x600_Bild-3.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1684394985928583253/ Frame AB7D 17 KB
17 KB 19ms
11ms Image
image/png 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1684394985928583253/Banner_300x600_Bild-3.png

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

880fd26b23bca1530df025bbde48e48c9636e7f4a0bee177725c0b852e936b1d

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 330229
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17232
x-xss-protection: 0
last-modified: Thu, 15 Apr 2021 14:37:29 GMT
server: sffe
date: Thu, 22 Apr 2021 15:35:33 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 22 Apr 2022 15:35:33 GMT

GET
H3-29 200 Banner_300x600_Bild-2.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1684394985928583253/ Frame AB7D 18 KB
18 KB 19ms
11ms Image
image/png 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1684394985928583253/Banner_300x600_Bild-2.png

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

635eacbe2a0f9b3e99916718bed0c677833c336aab3db3fd8d6bfbe090be5e6a

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 329723
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18275
x-xss-protection: 0
last-modified: Thu, 15 Apr 2021 14:37:29 GMT
server: sffe
date: Thu, 22 Apr 2021 15:43:59 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 22 Apr 2022 15:43:59 GMT

GET
H3-29 200 Banner_300x600_Bild-.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1684394985928583253/ Frame AB7D 17 KB
17 KB 17ms
9ms Image
image/png 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1684394985928583253/Banner_300x600_Bild-.png

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0a7319cbaa465cd83d06fbda9ae5d97e09f6390bd1abec331685e343f273769f

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 326254
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17235
x-xss-protection: 0
last-modified: Thu, 15 Apr 2021 14:37:29 GMT
server: sffe
date: Thu, 22 Apr 2021 16:41:48 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 22 Apr 2022 16:41:48 GMT

GET
H3-29 200 Banner_300x600_CTA2.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1684394985928583253/ Frame AB7D 677 B
708 B 18ms
10ms Image
image/png 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1684394985928583253/Banner_300x600_CTA2.png

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6bf401c0df87666e66364ef101ecdd943adb1289b023fc496e44e6054fa04bdb

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 115284
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 677
x-xss-protection: 0
last-modified: Thu, 15 Apr 2021 14:37:29 GMT
server: sffe
date: Sun, 25 Apr 2021 03:17:58 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 25 Apr 2022 03:17:58 GMT

GET
H3-29 200 Banner_300x600_Logo.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1684394985928583253/ Frame AB7D 3 KB
3 KB 21ms
13ms Image
image/png 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1684394985928583253/Banner_300x600_Logo.png

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

31aaef47af2b3f6c583a31bb9598432e74a9b8d475cfd313b425c132e0e16083

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 308548
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3233
x-xss-protection: 0
last-modified: Thu, 15 Apr 2021 14:37:29 GMT
server: sffe
date: Thu, 22 Apr 2021 21:36:54 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 22 Apr 2022 21:36:54 GMT

GET
H3-29 200 Banner_300x600_HG_1.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1684394985928583253/ Frame AB7D 7 KB
7 KB 21ms
14ms Image
image/jpeg 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1684394985928583253/Banner_300x600_HG_1.jpg

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a5bc4000c59fcdf63ceac7b241bc3e3a7ede4aaf09bc393a10f204ca8e305823

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 450292
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6715
x-xss-protection: 0
last-modified: Thu, 15 Apr 2021 14:37:29 GMT
server: sffe
date: Wed, 21 Apr 2021 06:14:30 GMT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 21 Apr 2022 06:14:30 GMT

GET
DATA 200
OK truncated
/ Frame BDE3 220 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: fd753e8e7cc9dcf441f5822f181728fc19fe5a31e7f367a497d5f33b80360ae6

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 sync
taboola-supply-partners.tremorhub.com/ Frame 8C0E 43 B
182 B 90ms
89ms Image
image/gif 2600:1f18:612b:4232:3a2c:3c86:af1b:2715
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://taboola-supply-partners.tremorhub.com/sync?UISTB=%3CtaboolaUserId%3E&gdpr=1&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Ftelaria-rtb-network%2F1%2Frtb-h%2F%3Fgdpr%3D1%26us_privacy%3D1---%26taboola_hm%3D%5BTVUSER_ID%5D%26orig%3Dvideo
Requested by: Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V75g8CFgOOnMIAPEMHZgSOnMIAPEMHZgUAAAAGBvQHGbOgjCjDEY3CYc6Wo9FysVksZqvRcDeEjVlQRpThiEbhMGfL0Wg5mCwmo91uMBtMpvBhLJfJoBZIWGa_76CgnJ4es8sgKrreFrvDafa8QQxNp8Pnutfrfr-76OjyvO4mh9PsvKudf6Hf7fIrPKfLw_qyuzwOt9Lz1jxsLrfo75a43Dqn7WV3i_5uzcvu9FveGqfpaX3ZPW-Fyehwu5Vl3m65GaxGcwAAAAB4AGDqfYX4AQQAiAAAAACQAAAAAKAIqPi3ELgAAAAAwAAgcGvVAIDiMBCX5ey0-wMA4KEABABAAIMEQCCypQTgYiv0BAAAAAAAAACA5f___z8GIC-_WAZgw-etB-DBB-CBqOCwiBEAAABAVj7Q8tGkTqgsqgAACNKtAK4AAALyGs55GcIAAAAExhboYfH7zQ67xu92GQAAAAAAAACA2f_ZP5qQlAduWpAVxZ7aLyAAwNovIAAAm7oBALwFwAUdQSsGg9UpxG44W-xGk81ydgAAAAB3_____3ogMlrZRg6PZeWwTGy7iW04s-xWM99wZJs5d4PFwntAcSWW4lUNdH0hwjL7fQcF5fT0mF0GUdH1ttgdTrPnID5oGJaTQTC_CVuMVpPJZjmcLReTwXA0HI32J4DLAU7EYLmcTBaT3Wq0Gm2Gu9FssECBGExwQoajzWQ12q12k-VwMhrNNpMNUrRqNRttBsPVbDLb7VbDwXA5GiFFaxazyWQxGy13m8FyMhoMJ8MhwthosnLZfBu3ZjDzrEWzlWmtsPlWbt1mMJotjLvhYGNxi14f0284mOw2wy0KBkjtRXCRTkRHl-d1NzmcZudFLNGcLNKJ7LKvjFa2kcNjWTksE9tuYhvOLLvVzDcc2WbO3WCx8NdGk5XL5tu4NYOZZy2arUxrhc23cus2g9FsYdwNBxuLW_T6mH7DwWS3Ge4bs8VytFktZ4N9Y7ZYjjar5Wyw79AZvqvP2ehMiw8emXa9u96KMvNB4TJYvD-JaTHtzg5-aevo9Pk8yoLOKLx-j16DwnPwmMbLW-1Y3j6b6eMwoYglgtNFOhG9jKeLWCJ5WqQT0ciy8i0mHsdqt3DZDIvBZrma7WYuj8Xk8sxmE4tYojRdpBO90O92-RWe0-VhfdldHodb6XlrHjaXW_R3S1xundP2srtFf7fmZXf6LW-N0_S0vuyet8JkdLjdyrNvt9wMVqOJ-o8NuJxLRsu5bDSXDDarBAAAAAAAAACwhDnzJgAAAACnQcyGk81uuQAQDl26QAI-TLYRHou79mNeBUaCCjXFjR8v0NHled1NDqfZeebNnglirVbLGgAAQAAbAAAggFs3bwFhkRw!&excid=22&docw=0&cijs=1&nlb=true
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:612b:4232:3a2c:3c86:af1b:2715 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: Apache-Coyote/1.1 /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer: https://am-match.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Apr 2021 11:19:22 GMT
server: Apache-Coyote/1.1
p3p: CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
content-type: image/gif

GET
H2 200 generic
match.adsrvr.org/track/cmf/ Frame 8C0E 70 B
264 B 30ms
29ms Image
image/gif 63.33.11.43
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?gdpr=1&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1
Requested by: Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V75g8CFgOOnMIAPEMHZgSOnMIAPEMHZgUAAAAGBvQHGbOgjCjDEY3CYc6Wo9FysVksZqvRcDeEjVlQRpThiEbhMGfL0Wg5mCwmo91uMBtMpvBhLJfJoBZIWGa_76CgnJ4es8sgKrreFrvDafa8QQxNp8Pnutfrfr-76OjyvO4mh9PsvKudf6Hf7fIrPKfLw_qyuzwOt9Lz1jxsLrfo75a43Dqn7WV3i_5uzcvu9FveGqfpaX3ZPW-Fyehwu5Vl3m65GaxGcwAAAAB4AGDqfYX4AQQAiAAAAACQAAAAAKAIqPi3ELgAAAAAwAAgcGvVAIDiMBCX5ey0-wMA4KEABABAAIMEQCCypQTgYiv0BAAAAAAAAACA5f___z8GIC-_WAZgw-etB-DBB-CBqOCwiBEAAABAVj7Q8tGkTqgsqgAACNKtAK4AAALyGs55GcIAAAAExhboYfH7zQ67xu92GQAAAAAAAACA2f_ZP5qQlAduWpAVxZ7aLyAAwNovIAAAm7oBALwFwAUdQSsGg9UpxG44W-xGk81ydgAAAAB3_____3ogMlrZRg6PZeWwTGy7iW04s-xWM99wZJs5d4PFwntAcSWW4lUNdH0hwjL7fQcF5fT0mF0GUdH1ttgdTrPnID5oGJaTQTC_CVuMVpPJZjmcLReTwXA0HI32J4DLAU7EYLmcTBaT3Wq0Gm2Gu9FssECBGExwQoajzWQ12q12k-VwMhrNNpMNUrRqNRttBsPVbDLb7VbDwXA5GiFFaxazyWQxGy13m8FyMhoMJ8MhwthosnLZfBu3ZjDzrEWzlWmtsPlWbt1mMJotjLvhYGNxi14f0284mOw2wy0KBkjtRXCRTkRHl-d1NzmcZudFLNGcLNKJ7LKvjFa2kcNjWTksE9tuYhvOLLvVzDcc2WbO3WCx8NdGk5XL5tu4NYOZZy2arUxrhc23cus2g9FsYdwNBxuLW_T6mH7DwWS3Ge4bs8VytFktZ4N9Y7ZYjjar5Wyw79AZvqvP2ehMiw8emXa9u96KMvNB4TJYvD-JaTHtzg5-aevo9Pk8yoLOKLx-j16DwnPwmMbLW-1Y3j6b6eMwoYglgtNFOhG9jKeLWCJ5WqQT0ciy8i0mHsdqt3DZDIvBZrma7WYuj8Xk8sxmE4tYojRdpBO90O92-RWe0-VhfdldHodb6XlrHjaXW_R3S1xundP2srtFf7fmZXf6LW-N0_S0vuyet8JkdLjdyrNvt9wMVqOJ-o8NuJxLRsu5bDSXDDarBAAAAAAAAACwhDnzJgAAAACnQcyGk81uuQAQDl26QAI-TLYRHou79mNeBUaCCjXFjR8v0NHled1NDqfZeebNnglirVbLGgAAQAAbAAAggFs3bwFhkRw!&excid=22&docw=0&cijs=1&nlb=true
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 63.33.11.43 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-63-33-11-43.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer: https://am-match.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 26 Apr 2021 11:19:22 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H2 204 sync Show response
pixel.advertising.com/ups/58166/ Frame 8C0E 0
124 B 17ms
15ms Script
text/plain 52.28.254.214
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://pixel.advertising.com/ups/58166/sync?gdpr=1&uid=&_origin=1&us_privacy=1---&redir=true

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.28.254.214 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://am-match.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Apr 2021 11:19:22 GMT
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2

200

rtb-h Show response
sync-t1.taboola.com/sg/spotx-rtb-network/1/ Frame 8C0E
Redirect Chain

https://sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3D...
https://sync-t1.taboola.com/sg/spotx-rtb-network/1/rtb-h?taboola_hm=405243d3-a681-11eb-accb-1131174c0206&orig=video&us_privacy=1---

0
228 B

19ms
19ms

Script
text/plain

141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://sync-t1.taboola.com/sg/spotx-rtb-network/1/rtb-h?taboola_hm=405243d3-a681-11eb-accb-1131174c0206&orig=video&us_privacy=1---
Requested by: Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V75g8CFgOOnMIAPEMHZgSOnMIAPEMHZgUAAAAGBvQHGbOgjCjDEY3CYc6Wo9FysVksZqvRcDeEjVlQRpThiEbhMGfL0Wg5mCwmo91uMBtMpvBhLJfJoBZIWGa_76CgnJ4es8sgKrreFrvDafa8QQxNp8Pnutfrfr-76OjyvO4mh9PsvKudf6Hf7fIrPKfLw_qyuzwOt9Lz1jxsLrfo75a43Dqn7WV3i_5uzcvu9FveGqfpaX3ZPW-Fyehwu5Vl3m65GaxGcwAAAAB4AGDqfYX4AQQAiAAAAACQAAAAAKAIqPi3ELgAAAAAwAAgcGvVAIDiMBCX5ey0-wMA4KEABABAAIMEQCCypQTgYiv0BAAAAAAAAACA5f___z8GIC-_WAZgw-etB-DBB-CBqOCwiBEAAABAVj7Q8tGkTqgsqgAACNKtAK4AAALyGs55GcIAAAAExhboYfH7zQ67xu92GQAAAAAAAACA2f_ZP5qQlAduWpAVxZ7aLyAAwNovIAAAm7oBALwFwAUdQSsGg9UpxG44W-xGk81ydgAAAAB3_____3ogMlrZRg6PZeWwTGy7iW04s-xWM99wZJs5d4PFwntAcSWW4lUNdH0hwjL7fQcF5fT0mF0GUdH1ttgdTrPnID5oGJaTQTC_CVuMVpPJZjmcLReTwXA0HI32J4DLAU7EYLmcTBaT3Wq0Gm2Gu9FssECBGExwQoajzWQ12q12k-VwMhrNNpMNUrRqNRttBsPVbDLb7VbDwXA5GiFFaxazyWQxGy13m8FyMhoMJ8MhwthosnLZfBu3ZjDzrEWzlWmtsPlWbt1mMJotjLvhYGNxi14f0284mOw2wy0KBkjtRXCRTkRHl-d1NzmcZudFLNGcLNKJ7LKvjFa2kcNjWTksE9tuYhvOLLvVzDcc2WbO3WCx8NdGk5XL5tu4NYOZZy2arUxrhc23cus2g9FsYdwNBxuLW_T6mH7DwWS3Ge4bs8VytFktZ4N9Y7ZYjjar5Wyw79AZvqvP2ehMiw8emXa9u96KMvNB4TJYvD-JaTHtzg5-aevo9Pk8yoLOKLx-j16DwnPwmMbLW-1Y3j6b6eMwoYglgtNFOhG9jKeLWCJ5WqQT0ciy8i0mHsdqt3DZDIvBZrma7WYuj8Xk8sxmE4tYojRdpBO90O92-RWe0-VhfdldHodb6XlrHjaXW_R3S1xundP2srtFf7fmZXf6LW-N0_S0vuyet8JkdLjdyrNvt9wMVqOJ-o8NuJxLRsu5bDSXDDarBAAAAAAAAACwhDnzJgAAAACnQcyGk81uuQAQDl26QAI-TLYRHou79mNeBUaCCjXFjR8v0NHled1NDqfZeebNnglirVbLGgAAQAAbAAAggFs3bwFhkRw!&excid=22&docw=0&cijs=1&nlb=true
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://am-match.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

tbl-x-upstream: 10.41.10.199:10213
date: Mon, 26 Apr 2021 11:19:23 GMT
server: nginx
x-fastly-to-nlb-rtt: 12602

Redirect headers

Date: Mon, 26 Apr 2021 11:19:22 GMT
Server: nginx
Location: https://sync-t1.taboola.com/sg/spotx-rtb-network/1/rtb-h?taboola_hm=405243d3-a681-11eb-accb-1131174c0206&orig=video&us_privacy=1---
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/plain
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials: false
X-fe: 131
Connection: keep-alive
Content-Length: 0

GET
H2 200 sync
x.bidswitch.net/ Frame 8C0E 43 B
145 B 15ms
14ms Image
image/gif 52.59.128.17
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/sync?gdpr=1&us_privacy=1---&ssp=taboola
Requested by: Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V75g8CFgOOnMIAPEMHZgSOnMIAPEMHZgUAAAAGBvQHGbOgjCjDEY3CYc6Wo9FysVksZqvRcDeEjVlQRpThiEbhMGfL0Wg5mCwmo91uMBtMpvBhLJfJoBZIWGa_76CgnJ4es8sgKrreFrvDafa8QQxNp8Pnutfrfr-76OjyvO4mh9PsvKudf6Hf7fIrPKfLw_qyuzwOt9Lz1jxsLrfo75a43Dqn7WV3i_5uzcvu9FveGqfpaX3ZPW-Fyehwu5Vl3m65GaxGcwAAAAB4AGDqfYX4AQQAiAAAAACQAAAAAKAIqPi3ELgAAAAAwAAgcGvVAIDiMBCX5ey0-wMA4KEABABAAIMEQCCypQTgYiv0BAAAAAAAAACA5f___z8GIC-_WAZgw-etB-DBB-CBqOCwiBEAAABAVj7Q8tGkTqgsqgAACNKtAK4AAALyGs55GcIAAAAExhboYfH7zQ67xu92GQAAAAAAAACA2f_ZP5qQlAduWpAVxZ7aLyAAwNovIAAAm7oBALwFwAUdQSsGg9UpxG44W-xGk81ydgAAAAB3_____3ogMlrZRg6PZeWwTGy7iW04s-xWM99wZJs5d4PFwntAcSWW4lUNdH0hwjL7fQcF5fT0mF0GUdH1ttgdTrPnID5oGJaTQTC_CVuMVpPJZjmcLReTwXA0HI32J4DLAU7EYLmcTBaT3Wq0Gm2Gu9FssECBGExwQoajzWQ12q12k-VwMhrNNpMNUrRqNRttBsPVbDLb7VbDwXA5GiFFaxazyWQxGy13m8FyMhoMJ8MhwthosnLZfBu3ZjDzrEWzlWmtsPlWbt1mMJotjLvhYGNxi14f0284mOw2wy0KBkjtRXCRTkRHl-d1NzmcZudFLNGcLNKJ7LKvjFa2kcNjWTksE9tuYhvOLLvVzDcc2WbO3WCx8NdGk5XL5tu4NYOZZy2arUxrhc23cus2g9FsYdwNBxuLW_T6mH7DwWS3Ge4bs8VytFktZ4N9Y7ZYjjar5Wyw79AZvqvP2ehMiw8emXa9u96KMvNB4TJYvD-JaTHtzg5-aevo9Pk8yoLOKLx-j16DwnPwmMbLW-1Y3j6b6eMwoYglgtNFOhG9jKeLWCJ5WqQT0ciy8i0mHsdqt3DZDIvBZrma7WYuj8Xk8sxmE4tYojRdpBO90O92-RWe0-VhfdldHodb6XlrHjaXW_R3S1xundP2srtFf7fmZXf6LW-N0_S0vuyet8JkdLjdyrNvt9wMVqOJ-o8NuJxLRsu5bDSXDDarBAAAAAAAAACwhDnzJgAAAACnQcyGk81uuQAQDl26QAI-TLYRHou79mNeBUaCCjXFjR8v0NHled1NDqfZeebNnglirVbLGgAAQAAbAAAggFs3bwFhkRw!&excid=22&docw=0&cijs=1&nlb=true
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.59.128.17 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-59-128-17.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Referer: https://am-match.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Apr 2021 11:19:22 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 43
content-type: image/gif

POST csi
csi.gstatic.com/ Frame 22B1 0
0

GET activeview
pagead2.googlesyndication.com/pcs/ Frame 22B1 0
0

GET activeview
pagead2.googlesyndication.com/pcs/ Frame AE57 0
0

GET
H2 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012103020108001/ Frame 621F 190 KB
54 KB 8ms
6ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012103020108001/amp4ads-v0.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042001.js?31060870

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6e553b4e88ac4a1819d608fe9dcb46544ca5fb776d4e0c84d773f37b1df18211

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.thesundaily.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 451846
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 55046
x-xss-protection: 0
server: sffe
date: Wed, 21 Apr 2021 05:48:37 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "aeaf363b1ad89b36"
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 21 Apr 2022 05:48:37 GMT

GET
H2 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012103020108001/v0/ Frame 621F 12 KB
5 KB 18ms
16ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012103020108001/v0/amp-ad-exit-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042001.js?31060870

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8f9560479a05fb86854546c40ec030edc2bac692d4142391d69b16e5c033a185

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.thesundaily.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 301506
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4548
x-xss-protection: 0
server: sffe
date: Thu, 22 Apr 2021 23:34:17 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "4eb73d471ab4cb2c"
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 22 Apr 2022 23:34:17 GMT

GET
H2 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012103020108001/v0/ Frame 621F 87 KB
27 KB 13ms
12ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012103020108001/v0/amp-analytics-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042001.js?31060870

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a6f768cbb894f2690011ee62662d3ac9480d12f5088fa46be57e650fcc4d835c

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.thesundaily.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 308174
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27208
x-xss-protection: 0
server: sffe
date: Thu, 22 Apr 2021 21:43:09 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "22950e05e749846e"
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 22 Apr 2022 21:43:09 GMT

GET
H2 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012103020108001/v0/ Frame 621F 27 KB
9 KB 16ms
15ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012103020108001/v0/amp-fit-text-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042001.js?31060870

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

21d45a4ed77653b3b1ee2b47a786a4dbb936a3b19fc56e1b44c16aed35eb80ee

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.thesundaily.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 330228
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9587
x-xss-protection: 0
server: sffe
date: Thu, 22 Apr 2021 15:35:35 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "739644f32ad1483f"
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 22 Apr 2022 15:35:35 GMT

GET
H2 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012103020108001/v0/ Frame 621F 40 KB
13 KB 18ms
16ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012103020108001/v0/amp-form-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042001.js?31060870

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4c6af60796cc240ad277098308cf363c2700f5296264ec1b43b4e1362763c439

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.thesundaily.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 482508
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12827
x-xss-protection: 0
server: sffe
date: Tue, 20 Apr 2021 21:17:35 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "5cc8dcc2368726c7"
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 20 Apr 2022 21:17:35 GMT

GET
DATA 200
OK truncated
/ Frame 621F 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 370b4b01f3c34e62a8ae70a783a94bfe68c9c7373ef4d0048273067d37e82b31

Request headers

Referer: https://www.thesundaily.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-29 200 view
securepubads.g.doubleclick.net/pcs/ Frame 025B 0
0 43ms
42ms Fetch
image/gif 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuF4TECX2cRip_-emmBC4lljHOtqVnDe_7ZJCmo1u6bIGsxX8miZnzmhe4AEJUxAvs0wBjZZjFSLo_U9N8XANm3D4rFtOJO5jhGDi9STgK8J4mpPMRAYfqibXd5-eBRBksZqE1Jn8bhyOwJz3Tb6D5zJV9hzcaR56kOS8_ZjiZQrheiGRAdIm0fPtPhoX1sS4u4QMHKtiGr4H7etfhQouVdiKXh9OJhZ3htpeujzF2oeZAdqEOG6F6WfhejPnxY6Ejybxj9oyo1vtPg3RwWLp2q45Bbu8EaSB4LPQvsqr2hUgmk&sai=AMfl-YT5zSYyWAnh86sOhaExAP38rXE3EVDG7F1SFfpA3YCCQO5LNlAmSIAgSFy_PxhGJCGuhWagY2WKS-882hOpJw03QgUxGro-5Rl4g0HS4Hd_ZQOzeW4p8aJ2hJCl-lS-&sig=Cg0ArKJSzAPlH49VItQ_EAE&adurl=

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.thesundaily.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 26 Apr 2021 11:19:23 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Mon, 26 Apr 2021 11:19:23 GMT

GET
H3-29 200 14326531214700722794
tpc.googlesyndication.com/simgad/ Frame 025B 104 KB
104 KB 15ms
12ms Image
image/gif 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/14326531214700722794

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042001.js?31060870

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0e8356462c5cc694f3aed2520181479158a7fa2e4ac768842609cdec16393efa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.thesundaily.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 23 Apr 2021 00:21:21 GMT
x-content-type-options: nosniff
age: 298682
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 106598
x-xss-protection: 0
last-modified: Mon, 19 Apr 2021 09:52:58 GMT
server: sffe
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 23 Apr 2022 00:21:21 GMT

GET
H3-29 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210422/r20110914/client/ Frame 025B 2 KB
1 KB 9ms
6ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210422/r20110914/client/window_focus_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042001.js?31060870

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.thesundaily.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Apr 2021 11:15:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 263
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1303
x-xss-protection: 0
server: cafe
etag: 14729628269804859526
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 10 May 2021 11:15:00 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 025B 116 KB
35 KB 19ms
16ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042001.js?31060870

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dc015126841eaa9b1b79ee123e13d7d07ad7fe77f22366b05c480eff59a7a25e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.thesundaily.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Apr 2021 11:19:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1619017370605640"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36032
x-xss-protection: 0
expires: Mon, 26 Apr 2021 11:19:23 GMT

GET
H3-29 204 l
www.google.com/ads/measurement/ Frame 025B 0
0 18ms
15ms Image
text/html 2a00:1450:4001:80e::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTQQxnQ4r30nFfDsYZbUsXKMiqL4HSpWbLlrzil-iSTvGVk6vsQ9wJRObTk7OmIB2K2EP6E
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042001.js?31060870
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.thesundaily.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3-29 200 4275789352334312203
tpc.googlesyndication.com/simgad/ Frame 621F 38 KB
38 KB 18ms
15ms Image
image/png 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/4275789352334312203?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qncDjKseQfnfkHBiLYmiUAWf2QY2Q

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3aef12654aa0bed463410d7c3b1922e12bc1dd911d5f954a04ebd120dee7870d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.thesundaily.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 22 Apr 2021 10:36:05 GMT
x-content-type-options: nosniff
last-modified: Tue, 30 Mar 2021 11:36:21 GMT
server: sffe
age: 348198
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38496
x-xss-protection: 0
expires: Fri, 22 Apr 2022 10:36:05 GMT

GET
H3-29 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 621F 2 KB
2 KB 17ms
14ms Image
image/png 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.thesundaily.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 26 Apr 2021 03:59:16 GMT
x-content-type-options: nosniff
server: cafe
age: 26407
etag: 14819457070020093239
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2502
x-xss-protection: 0
expires: Tue, 27 Apr 2021 03:59:16 GMT

GET
H3-29 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 621F 295 B
328 B 17ms
14ms Image
image/png 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.thesundaily.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 26 Apr 2021 05:03:57 GMT
x-content-type-options: nosniff
server: cafe
age: 22526
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Tue, 27 Apr 2021 05:03:57 GMT

GET
H3-29 204 l
www.google.com/ads/measurement/ Frame 621F 0
0 18ms
15ms Image
text/html 2a00:1450:4001:80e::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRD8uJmMyNW8qQdff-OpWvRq8OiV2aMn2HEAiy6OBrKct5lEU3ZkizkfzeYT5kn5Us9X5qL
Requested by: Host: www.thesundaily.my
URL: https://www.thesundaily.my/home/astrazeneca-is-safe-to-be-given-to-senior-citizens-adham-YL7793054?_hsmi=88974744&_hsenc=p2ANqtz-_G5s6CORBttERc_beHteVqqnJIJh5EriMR00fz0Cexxf2lQpsFfBisijUxttE-tNX9yfHTn7fBQWbcOnOkY3_eCosMOOPpTIuaIKsiuCzrvP7v03c
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.thesundaily.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3-29 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 621F 0
0 46ms
45ms Image
text/html 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=C-mcSuqGGYK79HZLE7_UPrYSBoAndst6vYpPFuvW5DdLh0uCyARABIMP1lxFglfrwgYwHoAGG19e9A8gBAqkC6JrXqPFLtD7gAgCoAwHIAwiqBNEDT9B8SLfxd_zMR0jd9Kuwe7EQtRbSoQFKCM52kUem00T-S16IKFHfkExo7JtwHu_oNJhLy4K4IJSZeUZUh5kA8PFn9iJk2RJbc_hG8lOSoe3-7q8Poqt9qS3gKM8DLepWnGcou-Cg1NszdHOCea8iHImdBsxDTmCLhYGYu3uZAWzIer-ATYa_fXJIx6G2WloLFMrqey0pEcjOUI4DQ22ewkbpp6egSCAEwghpDCbaj-om5kivIU9PMdfwpfmo6kFuuYKCdZ3asjcOzQR5Ym3H8aKyheBHxprjuOt5ylZE9bfRjugb7wKiOYrhEzFDRTwaHMPZYBvOrl9jflCL_nhQ2w8wJFc8w4yrQf313LlOqyk1AjYnRhf74IkngngvL3px-cfJkp2A4DmJW3LpTrc_PczIux06AGCmcnquW0NYDK_24CxszTUntOxWAxlianUYv_xd83NGtIC-WFaXnTI8wB4GC18QmFw3d2Wiu1vZ2FovVXTzvFAG7UfichkscBI33LXRhaG2wkWjd6UVC-ebc-DBV2cB7T3RQC6logDy2MmcOoeVuUi4ZXJPSubRVuG3Q2MTY8Sv0oh64ljeSflxOTxKgncwQ2wa4AeCQDY6RoN6wASpkKKFxQPgBAGSBQQIBBgBkgUECAUYBKAGAoAH4qioQqgH1ckbqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfulrECqAemvhuoB-zVG9gHAfIHBBClhw3SCAkIgOGAUBABGB2ACgHICwHYEw2yFxoKGAgAEhRwdWItNjk5OTk2ODY5ODgyNzM5NQ&sigh=lEATcf__1WY
Requested by: Host: www.thesundaily.my
URL: https://www.thesundaily.my/home/astrazeneca-is-safe-to-be-given-to-senior-citizens-adham-YL7793054?_hsmi=88974744&_hsenc=p2ANqtz-_G5s6CORBttERc_beHteVqqnJIJh5EriMR00fz0Cexxf2lQpsFfBisijUxttE-tNX9yfHTn7fBQWbcOnOkY3_eCosMOOPpTIuaIKsiuCzrvP7v03c
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s05-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.thesundaily.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
DATA 200
OK truncated
/ Frame AB7D 43 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/gif

GET
H/1.0 204
No Content /
avd.innity.com/dc/ Frame DB75 0
91 B 170ms
170ms Image
text/html 119.81.192.134
SOFTLAYER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://avd.innity.com/dc/?cl=0&cuid=bae8086e04a808a63959553caae5975c&cb=1619435963057&douid=&sess=39120304.0.1619435963051&dur=0&ref=https%3A%2F%2Fwww.thesundaily.my%2Fhome%2Fastrazeneca-is-safe-to-be-given-to-senior-citizens-adham-YL7793054%3F_hsmi%3D88974744%26_hsenc%3Dp2ANqtz-_G5s6CORBttERc_beHteVqqnJIJh5EriMR00fz0Cexxf2lQpsFfBisijUxttE-tNX9yfHTn7fBQWbcOnOkY3_eCosMOOPpTIuaIKsiuCzrvP7v03c&srf=&pk=&pt=AstraZeneca%20is%20safe%2C%20to%20be%20given%20to%20senior%20citizens%20-%20Adham&sr=1600x1200&ul=en-US&de=UTF-8&vp=1600x1200
Requested by: Host: www.thesundaily.my
URL: https://www.thesundaily.my/home/astrazeneca-is-safe-to-be-given-to-senior-citizens-adham-YL7793054?_hsmi=88974744&_hsenc=p2ANqtz-_G5s6CORBttERc_beHteVqqnJIJh5EriMR00fz0Cexxf2lQpsFfBisijUxttE-tNX9yfHTn7fBQWbcOnOkY3_eCosMOOPpTIuaIKsiuCzrvP7v03c
Protocol: HTTP/1.0
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 119.81.192.134 Singapore, Singapore, ASN36351 (SOFTLAYER, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.thesundaily.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Connection: close
Cache-Control: no-cache
Content-Type: text/html

GET
H/1.1

200
OK

/
avd.innity.com/sync/ Frame DB75
Redirect Chain

https://ib.adnxs.com/getuid?https%3A%2F%2Favd.innity.com%2Fsync%2F%3Fpartner%3Dappnexus%26token%3D%24UID%26type%3Dcookie%26itmcb%3D1619435963058
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Favd.innity.com%252Fsync%252F%253Fpartner%253Dappnexus%2526token%253D%2524UID%2526type%253Dcookie%2526itmcb%253D1619435963058
https://avd.innity.com/sync/?partner=appnexus&token=3124726849276262110&type=cookie&itmcb=1619435963058

43 B
452 B

182ms
182ms

Image
image/gif

119.81.192.134
SOFTLAYER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://avd.innity.com/sync/?partner=appnexus&token=3124726849276262110&type=cookie&itmcb=1619435963058
Requested by: Host: www.thesundaily.my
URL: https://www.thesundaily.my/home/astrazeneca-is-safe-to-be-given-to-senior-citizens-adham-YL7793054?_hsmi=88974744&_hsenc=p2ANqtz-_G5s6CORBttERc_beHteVqqnJIJh5EriMR00fz0Cexxf2lQpsFfBisijUxttE-tNX9yfHTn7fBQWbcOnOkY3_eCosMOOPpTIuaIKsiuCzrvP7v03c
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 119.81.192.134 Singapore, Singapore, ASN36351 (SOFTLAYER, US),
Reverse DNS
Software: Apache /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: https://www.thesundaily.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 26 Apr 2021 11:19:23 GMT
Last-Modified: Mon, 26 Apr 2021 11:19:23 GMT
Server: Apache
P3P: policyref=http://www.innity.com/p3p/p3p.xml,CP="CURa ADMa DEVa OUR BUS UNI COM NAV INT"
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Content-Type: image/gif
Content-Length: 43
Expires: Wed, 04 Aug 1985 12:59:00 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 26 Apr 2021 11:19:23 GMT
X-Proxy-Origin: 89.249.64.203; 89.249.64.203; 693.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com; 37.252.173.76:80
AN-X-Request-Uuid: 698f5b76-97f8-4c46-a433-503619514b16
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://avd.innity.com/sync/?partner=appnexus&token=3124726849276262110&type=cookie&itmcb=1619435963058
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK /
avd.innity.com/sync/ Frame DB75 43 B
452 B 193ms
193ms Image
image/gif 119.81.192.134
SOFTLAYER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://avd.innity.com/sync/?partner=innity&token=bae8086e04a808a63959553caae5975c&type=cookie&itmcb=1619435963058
Requested by: Host: www.thesundaily.my
URL: https://www.thesundaily.my/home/astrazeneca-is-safe-to-be-given-to-senior-citizens-adham-YL7793054?_hsmi=88974744&_hsenc=p2ANqtz-_G5s6CORBttERc_beHteVqqnJIJh5EriMR00fz0Cexxf2lQpsFfBisijUxttE-tNX9yfHTn7fBQWbcOnOkY3_eCosMOOPpTIuaIKsiuCzrvP7v03c
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 119.81.192.134 Singapore, Singapore, ASN36351 (SOFTLAYER, US),
Reverse DNS
Software: Apache /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: https://www.thesundaily.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 26 Apr 2021 11:19:23 GMT
Last-Modified: Mon, 26 Apr 2021 11:19:23 GMT
Server: Apache
P3P: policyref=http://www.innity.com/p3p/p3p.xml,CP="CURa ADMa DEVa OUR BUS UNI COM NAV INT"
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Content-Type: image/gif
Content-Length: 43
Expires: Wed, 04 Aug 1985 12:59:00 GMT

GET
H/1.1 200
OK vpaid-adapter.min.js Show response
cdn.stickyadstv.com/mustang/ Frame 20B3 328 KB
111 KB 41ms
7ms Script
application/x-javascript 2001:4de0:ac19::1:b:2b
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/vPlayer/player/v12.2.0/OvaMediaPlayer.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2001:4de0:ac19::1:b:2b , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: /
Resource Hash: de516f330c0084178fc78cd5e6d49cba306d8380428386b088b6805c512a1561

Request headers

Referer: https://www.thesundaily.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 26 Apr 2021 11:19:23 GMT
Content-Encoding: gzip
Last-Modified: Wed, 24 Mar 2021 03:29:54 GMT
ETag: "1616556594"
X-HW: 1619435963.dop001.fr8.t,1619435963.cds010.fr8.shn,1619435963.cds010.fr8.c
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=86400
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 113077

GET activeview
pagead2.googlesyndication.com/pcs/ Frame E158 0
0

GET activeview
pagead2.googlesyndication.com/pcs/ Frame F49E 0
0

GET activeview
pagead2.googlesyndication.com/pcs/ Frame EE3E 0
0

GET activeview
pagead2.googlesyndication.com/pcs/ Frame 7680 0
0

GET
H3-29 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012103020108001/ Frame 704F 190 KB
54 KB 22ms
8ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012103020108001/amp4ads-v0.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042001.js?31060870

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6e553b4e88ac4a1819d608fe9dcb46544ca5fb776d4e0c84d773f37b1df18211

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.thesundaily.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 451846
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 55046
x-xss-protection: 0
server: sffe
date: Wed, 21 Apr 2021 05:48:37 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "aeaf363b1ad89b36"
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 21 Apr 2022 05:48:37 GMT

GET
H3-29 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012103020108001/v0/ Frame 704F 12 KB
4 KB 64ms
50ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012103020108001/v0/amp-ad-exit-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042001.js?31060870

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8f9560479a05fb86854546c40ec030edc2bac692d4142391d69b16e5c033a185

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.thesundaily.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 301506
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4548
x-xss-protection: 0
server: sffe
date: Thu, 22 Apr 2021 23:34:17 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "4eb73d471ab4cb2c"
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 22 Apr 2022 23:34:17 GMT

GET
H3-29 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012103020108001/v0/ Frame 704F 87 KB
27 KB 20ms
6ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012103020108001/v0/amp-analytics-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042001.js?31060870

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a6f768cbb894f2690011ee62662d3ac9480d12f5088fa46be57e650fcc4d835c

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.thesundaily.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 308174
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27208
x-xss-protection: 0
server: sffe
date: Thu, 22 Apr 2021 21:43:09 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "22950e05e749846e"
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 22 Apr 2022 21:43:09 GMT

GET
H3-29 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012103020108001/v0/ Frame 704F 27 KB
9 KB 71ms
57ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012103020108001/v0/amp-fit-text-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042001.js?31060870

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

21d45a4ed77653b3b1ee2b47a786a4dbb936a3b19fc56e1b44c16aed35eb80ee

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.thesundaily.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 330228
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9587
x-xss-protection: 0
server: sffe
date: Thu, 22 Apr 2021 15:35:35 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "739644f32ad1483f"
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 22 Apr 2022 15:35:35 GMT

GET
H3-29 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012103020108001/v0/ Frame 704F 40 KB
13 KB 65ms
51ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012103020108001/v0/amp-form-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042001.js?31060870

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4c6af60796cc240ad277098308cf363c2700f5296264ec1b43b4e1362763c439

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.thesundaily.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 482508
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12827
x-xss-protection: 0
server: sffe
date: Tue, 20 Apr 2021 21:17:35 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "5cc8dcc2368726c7"
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 20 Apr 2022 21:17:35 GMT

GET
H3-29 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 704F 2 KB
2 KB 9ms
9ms Image
image/png 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042001.js?31060870

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.thesundaily.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 26 Apr 2021 03:59:16 GMT
x-content-type-options: nosniff
server: cafe
age: 26407
etag: 14819457070020093239
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2502
x-xss-protection: 0
expires: Tue, 27 Apr 2021 03:59:16 GMT

GET
H3-29 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 704F 295 B
328 B 8ms
8ms Image
image/png 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042001.js?31060870

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.thesundaily.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 26 Apr 2021 05:03:57 GMT
x-content-type-options: nosniff
server: cafe
age: 22526
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Tue, 27 Apr 2021 05:03:57 GMT

GET
DATA 200
OK truncated
/ Frame 704F 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9065f4eddb9bfe01782f4f5a168b97b2474afc32b7d77c42697d1d5c974b3898

Request headers

Referer: https://www.thesundaily.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-29 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012103020108001/ Frame D975 190 KB
54 KB 17ms
11ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012103020108001/amp4ads-v0.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042001.js?31060870

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6e553b4e88ac4a1819d608fe9dcb46544ca5fb776d4e0c84d773f37b1df18211

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.thesundaily.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 451846
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 55046
x-xss-protection: 0
server: sffe
date: Wed, 21 Apr 2021 05:48:37 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "aeaf363b1ad89b36"
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 21 Apr 2022 05:48:37 GMT

GET
H3-29 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012103020108001/v0/ Frame D975 12 KB
4 KB 62ms
56ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012103020108001/v0/amp-ad-exit-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042001.js?31060870

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8f9560479a05fb86854546c40ec030edc2bac692d4142391d69b16e5c033a185

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.thesundaily.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 301506
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4548
x-xss-protection: 0
server: sffe
date: Thu, 22 Apr 2021 23:34:17 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "4eb73d471ab4cb2c"
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 22 Apr 2022 23:34:17 GMT

GET
H3-29 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012103020108001/v0/ Frame D975 87 KB
27 KB 56ms
50ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012103020108001/v0/amp-analytics-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042001.js?31060870

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a6f768cbb894f2690011ee62662d3ac9480d12f5088fa46be57e650fcc4d835c

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.thesundaily.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 308174
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27208
x-xss-protection: 0
server: sffe
date: Thu, 22 Apr 2021 21:43:09 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "22950e05e749846e"
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 22 Apr 2022 21:43:09 GMT

GET
H3-29 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012103020108001/v0/ Frame D975 27 KB
9 KB 62ms
56ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012103020108001/v0/amp-fit-text-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042001.js?31060870

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

21d45a4ed77653b3b1ee2b47a786a4dbb936a3b19fc56e1b44c16aed35eb80ee

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.thesundaily.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 330228
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9587
x-xss-protection: 0
server: sffe
date: Thu, 22 Apr 2021 15:35:35 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "739644f32ad1483f"
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 22 Apr 2022 15:35:35 GMT

GET
H3-29 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012103020108001/v0/ Frame D975 40 KB
13 KB 61ms
56ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012103020108001/v0/amp-form-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042001.js?31060870

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4c6af60796cc240ad277098308cf363c2700f5296264ec1b43b4e1362763c439

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.thesundaily.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 482508
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12827
x-xss-protection: 0
server: sffe
date: Tue, 20 Apr 2021 21:17:35 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "5cc8dcc2368726c7"
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 20 Apr 2022 21:17:35 GMT

GET
H3-29 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame D975 2 KB
2 KB 7ms
6ms Image
image/png 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042001.js?31060870

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.thesundaily.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 26 Apr 2021 03:59:16 GMT
x-content-type-options: nosniff
server: cafe
age: 26407
etag: 14819457070020093239
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2502
x-xss-protection: 0
expires: Tue, 27 Apr 2021 03:59:16 GMT

GET
H3-29 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame D975 295 B
328 B 8ms
7ms Image
image/png 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042001.js?31060870

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.thesundaily.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 26 Apr 2021 05:03:57 GMT
x-content-type-options: nosniff
server: cafe
age: 22526
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Tue, 27 Apr 2021 05:03:57 GMT

GET
DATA 200
OK truncated
/ Frame D975 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 330800dd3d37a069ca4e9c80c012def97880a0b8a0f9a22b684181fdaae5c738

Request headers

Referer: https://www.thesundaily.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-29 200 view
securepubads.g.doubleclick.net/pcs/ Frame D65F 0
0 52ms
51ms Fetch
image/gif 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsulrlCT8pATkmISIuIMvaWGcNPx_R0k8tO5b5XNBFy2zbvi7niRuK4dHe956zs6oOhbEmzEnNoiNM9Ky9va7RWpRCWhg5KfVQ6FlVriqHYZy7qCIz52z5GEACpBivFhWnahm3p_axXgthrd6wNq5lnJETq-JHxvb3QEXHYDJ5AGdiDwZPn9jM_ACeTcJ7RGdaIlZWP-buG_xxDoKkmTeV8WwBuVb2i9WlaMG53kgbgyVbaeEQwBFetRNo1ZdRBWKfgwXCPN8u6uqIWsEU55JuyxKMCJU4sS2WfyTj-fCx6O-NoM&sai=AMfl-YQYtMWdDAjB3oBPgMQqG3kiaWBHOU7dQVDzZ0OkD3VDlVjhtbq1NRDrfDEnPw_cv6EQuXTWb95VStPYRbZtfJ_-Tgg4fDzxAGPdNVTDvpya7fnjwPUxdpGbFlrW2FUt&sig=Cg0ArKJSzJBHEIIj6N8LEAE&adurl=

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.thesundaily.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 26 Apr 2021 11:19:23 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3-29 200 3700624880018903135
tpc.googlesyndication.com/simgad/ Frame D65F 825 KB
825 KB 41ms
39ms Image
image/gif 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/3700624880018903135

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042001.js?31060870

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1ae214329b13533df631d744f8f4d462b25b79b501a25b1f3efef6d5631fa484

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.thesundaily.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 25 Apr 2021 16:31:09 GMT
x-content-type-options: nosniff
age: 67694
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 845113
x-xss-protection: 0
last-modified: Thu, 22 Apr 2021 07:58:47 GMT
server: sffe
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 25 Apr 2022 16:31:09 GMT

GET
H3-29 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210422/r20110914/client/ Frame D65F 2 KB
1 KB 14ms
12ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210422/r20110914/client/window_focus_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042001.js?31060870

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.thesundaily.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Apr 2021 11:15:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 263
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1303
x-xss-protection: 0
server: cafe
etag: 14729628269804859526
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 10 May 2021 11:15:00 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame D65F 116 KB
35 KB 43ms
42ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042001.js?31060870

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dc015126841eaa9b1b79ee123e13d7d07ad7fe77f22366b05c480eff59a7a25e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.thesundaily.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Apr 2021 11:19:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1619017370605640"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36032
x-xss-protection: 0
expires: Mon, 26 Apr 2021 11:19:23 GMT

GET
H3-29 204 l
www.google.com/ads/measurement/ Frame D65F 0
0 40ms
38ms Image
text/html 2a00:1450:4001:80e::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaT6fOtaVEt-ESl9jhN5sozVwUn5N2DQVzH7d-NwJeHRHy1Nv8TzJgHLF-2eKwspC4tRIXyd
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042001.js?31060870
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.thesundaily.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3-29 200 view
securepubads.g.doubleclick.net/pcs/ Frame BF1D 0
0 54ms
50ms Fetch
image/gif 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvnFgiyEZw-Rgu-Fj531TfaUpQGMS6KG1tVLKVRtnfOkK9ebLCvG_-zBDwgZQrxjO7y1Y9HJ9upsWMwktN36cf3OyrM8Y3_lQV-693gTIbCzdNqUxaq_xK6TM1-qUJxAkYrh3DxDkKETsi56elZrvxOz-PGeA1cEuAF7vesQo-arjQQMwUde-T70NCdIKiD-o8GLuYQs5qOVhkKFydmyCDRL4VYPtjhyqwHsRbppl6-7Y78TBbhEWYjR5x1QIhVA52bAs0RUaIsiiNPJQ7fJfgdtFavqD6tRCoq1i-cIneffSKm&sai=AMfl-YTFw35qYdea_xuUEtaIHV44pdvQAYZPtFZhImEycrN_m-xqG-eWhp4zM7YFDGqG56KEkHo-I_dcVNzVELrnw8K8TLmMksy4W_lXQHnIV_3KCvuv4-Okng60v2IMQJSm&sig=Cg0ArKJSzJSogrjSZoqjEAE&adurl=

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.thesundaily.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 26 Apr 2021 11:19:23 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3-29 200 9747837730426916910
tpc.googlesyndication.com/simgad/ Frame BF1D 161 KB
162 KB 59ms
53ms Image
image/gif 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/9747837730426916910

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042001.js?31060870

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

21a126edb70e005d4ca8eb32f1e3acecac0a63488f3a1ceee905a4c1d44ef970

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.thesundaily.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 22 Apr 2021 07:19:17 GMT
x-content-type-options: nosniff
age: 360006
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 165368
x-xss-protection: 0
last-modified: Thu, 22 Apr 2021 07:07:23 GMT
server: sffe
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 22 Apr 2022 07:19:17 GMT

GET
H3-29 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210422/r20110914/client/ Frame BF1D 2 KB
1 KB 38ms
36ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210422/r20110914/client/window_focus_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042001.js?31060870

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.thesundaily.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Apr 2021 11:15:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 263
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1303
x-xss-protection: 0
server: cafe
etag: 14729628269804859526
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 10 May 2021 11:15:00 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame BF1D 116 KB
35 KB 40ms
38ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042001.js?31060870

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dc015126841eaa9b1b79ee123e13d7d07ad7fe77f22366b05c480eff59a7a25e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.thesundaily.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Apr 2021 11:19:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1619017370605640"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36032
x-xss-protection: 0
expires: Mon, 26 Apr 2021 11:19:23 GMT

GET
H3-29 204 l
www.google.com/ads/measurement/ Frame BF1D 0
0 41ms
36ms Image
text/html 2a00:1450:4001:80e::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRcjRdj61-_gm-WL2SiCkZJAjMR2RfdDCSoqDzFVHcBT7uPy4TU-sxllDK4RcYa2jwS0pDG
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042001.js?31060870
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.thesundaily.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3-29 200 view
securepubads.g.doubleclick.net/pcs/ Frame 25F2 0
0 73ms
69ms Fetch
image/gif 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstFt9jrbfS-lapz6jWQ1hsJk6QbXDc729XpfNqG2jUrbUmpr0tJKUp-DixQhq46mtbNDkbdmUHMsjEpGdxR5eNGkRwjCZ97kJnX7nB2F0_pJSyRyQMB1SJzpI8yn5LVMawK-2FmY4pttrtQ9XGdzAW17yD11PyTUn9J9Rpd98GeBk5-ZUXAWovskjFQ22jK-igxNnoPMjV4ulrF1BjJgL06WjEZ3MakHXBg8g187co99sZPIrET-qUuVKzbtsPerZPcABV51qANKGkOEbai457IRWbA2hlY7i3ghYcq1loS7rPx&sai=AMfl-YTRb1jc_2_0MQuQjTvDBKu_0NED4-yDn9vFarrMj1VqIFA8a7BOBoCy4JMFFu7T1yYlyvgEuSvVgTr08Tgmm53LxQtmirBZx3cRWB8bPNbHM5G9aubSgFl84LywYtxg&sig=Cg0ArKJSzIlG9IEDKacyEAE&adurl=

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.thesundaily.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 26 Apr 2021 11:19:23 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3-29 200 10965567870320277070
tpc.googlesyndication.com/simgad/ Frame 25F2 75 KB
75 KB 69ms
66ms Image
image/jpeg 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/10965567870320277070

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042001.js?31060870

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

35c39db048cd93a3368a6b1a6d567d2a813c6a9f3df304eb8d4ebbb662c5513b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.thesundaily.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 23 Apr 2021 00:11:29 GMT
x-content-type-options: nosniff
age: 299274
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 76597
x-xss-protection: 0
last-modified: Thu, 15 Apr 2021 18:14:48 GMT
server: sffe
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 23 Apr 2022 00:11:29 GMT

GET
H3-29 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210422/r20110914/client/ Frame 25F2 2 KB
1 KB 51ms
49ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210422/r20110914/client/window_focus_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042001.js?31060870

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.thesundaily.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Apr 2021 11:15:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 263
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1303
x-xss-protection: 0
server: cafe
etag: 14729628269804859526
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 10 May 2021 11:15:00 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 25F2 116 KB
35 KB 44ms
42ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042001.js?31060870

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dc015126841eaa9b1b79ee123e13d7d07ad7fe77f22366b05c480eff59a7a25e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.thesundaily.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Apr 2021 11:19:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1619017370605640"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36032
x-xss-protection: 0
expires: Mon, 26 Apr 2021 11:19:23 GMT

GET
H3-29 204 l
www.google.com/ads/measurement/ Frame 25F2 0
0 37ms
35ms Image
text/html 2a00:1450:4001:80e::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTywEDOFybSbcqI2InpfUbp_ACepLNsY_rP6ee-SuT5G9TSFWnSarQPurDXpmEopE2j_9xx
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042001.js?31060870
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.thesundaily.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3-29 200 11118432199244548217
tpc.googlesyndication.com/simgad/ Frame 704F 48 KB
48 KB 68ms
65ms Image
image/png 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/11118432199244548217?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qmT-oAW2sTvsKHU71YN1WWebHquHg

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

de4c40d7fc1ec3c53232e73a49237d335e623814352fa3f365b1e0dcab296d2a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.thesundaily.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 24 Apr 2021 05:56:58 GMT
x-content-type-options: nosniff
last-modified: Thu, 22 Apr 2021 10:44:17 GMT
server: sffe
age: 192145
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 48673
x-xss-protection: 0
expires: Sun, 24 Apr 2022 05:56:58 GMT

GET
H3-29 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 704F 0
0 49ms
47ms Image
text/html 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CgLJjuqGGYPf-HZLE7_UPrYSBoAmjtcGiYojK2vGHDr_hHhABIPTr9itglfrwgYwHoAGyvb7NAcgBAuACAKgDAcgDCKoE0ANP0KyP_0i2LyGyJ8TY3SSd7-3ukmWS2Ev74osYkPaKTW1oi1Px8X4SLx472ywWlvYAaN7EW9bevCWkXSWuLRZcBbkeb7oXD0XE_6uGHLjNGYlaJd1UOWXSUTNro0Ea_GUAx3yeDbYvPyErElVT1S5nZOR6Ug_n42hGKIN7Ofdk-cG6OjtQta0laY44P0IjWIMmFPWOIGpSqBA7_iiqfg9CRN2J78ePvP9BHCCyrb4BKQH5VTzGyI0BzlFE51Q9Co9BXIMkSdNP3ZCMQhoAaz_DSyZQbeunmIvXppEJlWuKRmIrlUWfDyxw0NSiRNRQ1oHG8o5nGPUCFGdthxTZjPr56ppokrmSc2QfYFLYn9TPDivHSItvPkn6l04KQi1OQtWadj0yoLsdb-AAtOyyrb1lsgxl0pfbN4SpFyBKGI8aZOKCFJGK6IyvISce8ygRN7alJmoIqr58LYQNYOXmeWJQQ2fSfwCf0qdw98wYF5AkKpdjlgdz_oEJIi2e68ZVOzYsGDQNMCGakPOv9jRniMSwxaGpB12rNT7Q3pMfMbVVFv7IIRSiVbvWQcMGYVUsxB7iv18YTPJ1GhpQoBDV1ul6pxCU9m2ECxOIhf0iZ9FSFsAEsbTq6cwD4AQBkgUECAQYAZIFBAgFGASgBgKAB9e165ECqAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-6WsQKoB6a-G6gH7NUb2AcB8gcEEM6uBtIICQiA4YBQEAEYHfIIG2FkeC1zdWJzeW4tNjg1NjM0OTkyNjUwNjE5NYAKA8gLAdgTDLIXGgoYCAASFHB1Yi0xNzM4Mjg0MjE1NjQxNTIx&sigh=zsOSTLkP_SI
Requested by: Host: www.thesundaily.my
URL: https://www.thesundaily.my/home/astrazeneca-is-safe-to-be-given-to-senior-citizens-adham-YL7793054?_hsmi=88974744&_hsenc=p2ANqtz-_G5s6CORBttERc_beHteVqqnJIJh5EriMR00fz0Cexxf2lQpsFfBisijUxttE-tNX9yfHTn7fBQWbcOnOkY3_eCosMOOPpTIuaIKsiuCzrvP7v03c
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s05-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.thesundaily.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3-29 200 2162404327191702205
tpc.googlesyndication.com/simgad/ Frame D975 32 KB
32 KB 66ms
63ms Image
image/png 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/2162404327191702205?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qnvzFwupoSgPgT1Xor8EqVx-DX7bw

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b516cbf972a8693d5245147a2effc809e3e153316ea4780f02c2c18aebc57971

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.thesundaily.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 22 Apr 2021 00:58:00 GMT
x-content-type-options: nosniff
last-modified: Tue, 11 Aug 2020 07:26:55 GMT
server: sffe
age: 382883
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 32456
x-xss-protection: 0
expires: Fri, 22 Apr 2022 00:58:00 GMT

GET
H3-29 200 adview
securepubads.g.doubleclick.net/pagead/ Frame D975 0
0 48ms
47ms Image
text/html 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CoBAnuqGGYMODHpLE7_UPrYSBoAnMzP2YX9KQlIaXDOGf94juCRABIPTr9itglfrwgYwHoAH-l8SDA8gBAqkC6JrXqPFLtD7gAgCoAwHIAwiqBNADT9CRa-Nc71LQQpWWIFXlhHOER5IqGCCVgwczhQcFNT-HupTrpV_9vsdPB_pjNQOl04KmoEaJFjVCsX8ELB9eH9RZ6BjRNiLkWMoMfqje_4CpuQvitzWLdkrRtPp4-ovwZeezd3FN6lVQXa-izYbVpr_N0TQRvP9HEMp4SafzwHx7nLuRja7ag03mvvY4Q2MM4DgvHj2f72BcqZl3NWF3Nr45hqvYMfM1Q4NiiLuiCpQ-vwiC8sF2tgZWdxsIVwodo1YfYi7sPP910FpVgX9DRbFarH1xRgQUNMGEv_V8CRA6L1kww0FZppkoHQKitmpFH_fAZUrSVMfJ8PdM7MPeNyGYs8DgizgS-mOj8MoHR8rw96EGi3d5ekPEJGptm18ugwSog-eFsOb6GnoV6hSvXKBGv60mna7C2jzPgLBtNc1dT4i4unTzxagO-DmZC1fTbJD332x9P48BgfIW1I4AzufuKPMZJGSOcJaioJSRv2o4pualdqz9aV3S8zeoLmvmMwrjDmizUAfDuuxh-LNFCqMBOSBn4tbTBc_YkqGaTpmIQeJaSKUCBoJiCZyq-uIbXb8Kf5h_Y5eE_g1YTWvAXYgbsvZLjBafnLjWriVlkRTABOKkh-2RA-AEAZIFBAgEGAGSBQQIBRgEoAYCgAfq57t8qAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-6WsQKoB6a-G6gH7NUb2AcB8gcEEJHZCtIICQiA4YBQEAEYHfIIG2FkeC1zdWJzeW4tNjg1NjM0OTkyNjUwNjE5NYAKA8gLAdgTDbIXGgoYCAASFHB1Yi0xNzM4Mjg0MjE1NjQxNTIx&sigh=WB36bMo8PKA
Requested by: Host: www.thesundaily.my
URL: https://www.thesundaily.my/home/astrazeneca-is-safe-to-be-given-to-senior-citizens-adham-YL7793054?_hsmi=88974744&_hsenc=p2ANqtz-_G5s6CORBttERc_beHteVqqnJIJh5EriMR00fz0Cexxf2lQpsFfBisijUxttE-tNX9yfHTn7fBQWbcOnOkY3_eCosMOOPpTIuaIKsiuCzrvP7v03c
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s05-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.thesundaily.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3-29 200 view
securepubads.g.doubleclick.net/pcs/ Frame 025B 0
0 46ms
43ms Fetch
image/gif 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjst-BtvzLKvyzoTH6i17udOfV5AwXoX2rUec0Jcj8AT5dWkzYnvrw4BEZj-SnVWNEDe4SxkbpV58DfWt8vz-QTBWiKSwRObFeuJxF-EBxUKMsGZZRWEGRO45YYfh4sIQiZiH0D_kK4ZzJdD5MQfB3XtvxXlOi7qF9uj-f1hkalgalrU9mP5wSnb-2S9-d6frHdo89A_YpaiSgcqOv4lSatZyhoXe6q59rE9CLM4_zVwvoz6TC-R2Gz4GjP6OVJAypDt2hakBchkOTn9OpRURmXXLnuyNnGkZ7-mjKqWOz2P1e_EUcPY&sai=AMfl-YTCqT9mKjLu5R4lFgS1NOu-M3aWVbunaayVVWWcACbcVUuySecz2ipskp0WNgFNnPr0xSWWyD-YQ9q_Bx7CjAt9IlSbFPNasR-W4QzChO99DB_Ww3xtSbOYvnzjAGnH&sig=Cg0ArKJSzGORFuHn89AvEAE&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.thesundaily.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 26 Apr 2021 11:19:23 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Mon, 26 Apr 2021 11:19:23 GMT

GET
DATA 200
OK truncated
/ Frame 025B 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e6bb016e9bf701f2d4df0b406044c96226962644a42ec6d0df121732ef2e12b2

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-29 200 Ru4asw80RDg-wKj4k1IJyVIDrNjFP7NKP7NQDOdNnzM.js Show response
pagead2.googlesyndication.com/bg/ Frame E764 14 KB
6 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Ru4asw80RDg-wKj4k1IJyVIDrNjFP7NKP7NQDOdNnzM.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

46ee1ab30f3444383ec0a8f8935209c95203acd8c53fb34a3fb3500ce74d9f33

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 25 Apr 2021 14:10:02 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Thu, 08 Apr 2021 09:18:00 GMT
server: sffe
age: 76161
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5687
x-xss-protection: 0
expires: Mon, 25 Apr 2022 14:10:02 GMT

GET
H/1.1 200
OK bandwidth-test-25ko Show response
cdn.stickyadstv.com/mustang/ Frame 20B3 25 KB
25 KB 52ms
9ms XHR
application/octet-stream 2001:4de0:ac19::1:b:2b
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.stickyadstv.com/mustang/bandwidth-test-25ko?cachebuster=1619435963415
Requested by: Host: cdn.stickyadstv.com
URL: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2001:4de0:ac19::1:b:2b , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: /
Resource Hash: 9f995b1c42942ededcce16bba381a19d3b30e0e75a36e0ea956f6a54e040dffe

Request headers

Referer: https://www.thesundaily.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 26 Apr 2021 11:19:23 GMT
Last-Modified: Wed, 24 Mar 2021 03:29:54 GMT
ETag: "1616556594"
X-HW: 1619435963.dop123.fr8.t,1619435963.cds225.fr8.shn,1619435963.cds225.fr8.c
Content-Type: application/octet-stream
Access-Control-Allow-Origin: https://www.thesundaily.my
Cache-Control: max-age=86400
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 25600

GET

user-registering
ads.stickyadstv.com/
Redirect Chain

https://ads.stickyadstv.com/auto-user-sync?gdpr=1&gdpr_consent=null
https://1f2e7.v.fwmrm.net/ad/u?_dv=2&dsp_user_mapping=true&127719=89c7a92ae37a047e7c2543e316bcf&rdU=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D1169%26userId%3d%23%7buse...
https://ads.stickyadstv.com/user-registering?dataProviderId=1169&userId=g056_6955424503347001598
https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_cm=&google_sc&google_hm=ODljN2E5MmFlMzdhMDQ3ZTdjMjU0M2UzMTZiY2Y=&gdpr=0&gdpr_consent=
https://ads.stickyadstv.com/user-registering?dataProviderId=141&userId=CAESELu00vq5qwWhl3e6ph52jqE&google_cver=1&gdpr=0&gdpr_consent=
https://match.adsrvr.org/track/cmf/generic?ttd_pid=stickyads&ttd_tpi=1&gdpr=0&gdpr_consent=&gdpr=0&gdpr_consent=
https://ads.stickyadstv.com/user-registering?dataProviderId=208&userId=18af8a2d-70bd-419a-9398-d8e481f0d7cd
https://pr-bh.ybp.yahoo.com/sync/stickyads/89c7a92ae37a047e7c2543e316bcf&gdpr=0&gdpr_consent=?
https://ads.stickyadstv.com/user-registering?dataProviderId=199&userId=y-tnlrThRE2oO3ltv5IWR5mibAKPQ4g.f2J88vz_p.~A
https://ib.adnxs.com/getuid?https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D209&gdpr=0&gdpr_consent=%26userId%3D$UID
https://ads.stickyadstv.com/user-registering?dataProviderId=209&gdpr=0&gdpr_consent=&userId=3124726849276262110
https://sync.mathtag.com/sync/img?mt_exid=44&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D183%26userId%3D%5BMM_UUID%5D&gdpr=0&gdpr_consent=
https://ads.stickyadstv.com/user-registering?dataProviderId=183&userId=b3fe6086-a1bd-4500-b9d2-c8dcb027345b&gdpr=0&gdpr_consent=
https://sync-tm.everesttech.net/upi/pid/wGbQAlJJ?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D187%26userId%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_co...
https://sync-tm.everesttech.net/ct/upi/pid/wGbQAlJJ?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D187%26userId%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr...
https://ads.stickyadstv.com/user-registering?dataProviderId=187&userId=YIahvgAAdZdozwAC&gdpr=0&gdpr_consent=&_test=YIahvgAAdZdozwAC
https://c1.adform.net/serving/cookie/match/?party=18&gdpr=0&gdpr_consent=
https://ads.stickyadstv.com/user-registering?dataProviderId=189&userId=3078880720611692555
https://pm.w55c.net/ping_match.gif?st=FREEWHEEL&rurl=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D593&userId=_wfivefivec_
https://pm.w55c.net/ping_match.gif?scc=1&st=FREEWHEEL&rurl=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D593&userId=_wfivefivec_
https://ads.stickyadstv.com/user-registering?dataProviderId=593&userId=gyFyDF9F1LAZgW5

0
0

GET
H2

200

rtb-h
match.taboola.com/sg/mediaforcebidder-network/1/ Frame E0C1
Redirect Chain

https://rtb.mfadsrvr.com/sync?ssp=taboola
https://rtb.mfadsrvr.com/ul_cb/sync?ssp=taboola
https://sync.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=902d8956-0dfd-4bde-9a44-ed5d464a74aa
https://match.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=902d8956-0dfd-4bde-9a44-ed5d464a74aa&tbid=b52d0d6d-23ae-409f-97e9-10b67c82e353-tuct780273a&query=taboola_hm%3D902d8956-0dfd-...

0
53 B

15ms
15ms

Image
text/plain

199.232.137.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=902d8956-0dfd-4bde-9a44-ed5d464a74aa&tbid=b52d0d6d-23ae-409f-97e9-10b67c82e353-tuct780273a&query=taboola_hm%3D902d8956-0dfd-4bde-9a44-ed5d464a74aa&isDirect=0
Requested by: Host: www.thesundaily.my
URL: https://www.thesundaily.my/home/astrazeneca-is-safe-to-be-given-to-senior-citizens-adham-YL7793054?_hsmi=88974744&_hsenc=p2ANqtz-_G5s6CORBttERc_beHteVqqnJIJh5EriMR00fz0Cexxf2lQpsFfBisijUxttE-tNX9yfHTn7fBQWbcOnOkY3_eCosMOOPpTIuaIKsiuCzrvP7v03c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Apr 2021 11:19:23 GMT
via: 1.1 varnish
server: nginx
x-timer: S1619435964.953994,VS0,VE8
x-cache: MISS
x-cache-hits: 0
accept-ranges: bytes
content-length: 0
x-served-by: cache-hhn11538-HHN

Redirect headers

location: https://match.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=902d8956-0dfd-4bde-9a44-ed5d464a74aa&tbid=b52d0d6d-23ae-409f-97e9-10b67c82e353-tuct780273a&query=taboola_hm%3D902d8956-0dfd-4bde-9a44-ed5d464a74aa&isDirect=0
tbl-x-upstream: 10.41.22.84:10213
date: Mon, 26 Apr 2021 11:19:23 GMT
server: nginx
x-fastly-to-nlb-rtt: 18126

GET
H2 200 sd
u.openx.net/w/1.0/ Frame E0C1 43 B
122 B 26ms
17ms Image
image/gif 35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://u.openx.net/w/1.0/sd?id=543998486&val=642eef7c-30f3-46e4-af7e-73046a8780cb-tuct7802738&gdpr=0&gdpr_consent=
Requested by: Host: www.thesundaily.my
URL: https://www.thesundaily.my/home/astrazeneca-is-safe-to-be-given-to-senior-citizens-adham-YL7793054?_hsmi=88974744&_hsenc=p2ANqtz-_G5s6CORBttERc_beHteVqqnJIJh5EriMR00fz0Cexxf2lQpsFfBisijUxttE-tNX9yfHTn7fBQWbcOnOkY3_eCosMOOPpTIuaIKsiuCzrvP7v03c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/16.205.4 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 26 Apr 2021 11:19:23 GMT
via: 1.1 google
server: OXGW/16.205.4
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: clear
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H/1.1 204
No Content sync.php
pixel.rubiconproject.com/exchange/ Frame E0C1 0
239 B 27ms
23ms Image
image/gif 69.173.144.165
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/exchange/sync.php?p=16698
Requested by: Host: www.thesundaily.my
URL: https://www.thesundaily.my/home/astrazeneca-is-safe-to-be-given-to-senior-citizens-adham-YL7793054?_hsmi=88974744&_hsenc=p2ANqtz-_G5s6CORBttERc_beHteVqqnJIJh5EriMR00fz0Cexxf2lQpsFfBisijUxttE-tNX9yfHTn7fBQWbcOnOkY3_eCosMOOPpTIuaIKsiuCzrvP7v03c
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost: 37b22a0c36bd84993dd2cda4a5e04b1d
Content-Type: image/gif

GET
H2

204

/
sync.taboola.com/sg/pulsepointrtb-network/1/rtb-h/ Frame E0C1
Redirect Chain

https://bh.contextweb.com/bh/rtset?pid=562107&ev=1&rurl=https%3A%2F%2Fsync.taboola.com/sg/pulsepointrtb-network/1/rtb-h/?taboola_hm=%%VGUID%%&orig=trc
https://sync.taboola.com/sg/pulsepointrtb-network/1/rtb-h/?taboola_hm=9fvhJO49lnlq&ev=1&orig=trc&pid=562107

0
219 B

20ms
20ms

Image
text/plain

141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.taboola.com/sg/pulsepointrtb-network/1/rtb-h/?taboola_hm=9fvhJO49lnlq&ev=1&orig=trc&pid=562107
Requested by: Host: www.thesundaily.my
URL: https://www.thesundaily.my/home/astrazeneca-is-safe-to-be-given-to-senior-citizens-adham-YL7793054?_hsmi=88974744&_hsenc=p2ANqtz-_G5s6CORBttERc_beHteVqqnJIJh5EriMR00fz0Cexxf2lQpsFfBisijUxttE-tNX9yfHTn7fBQWbcOnOkY3_eCosMOOPpTIuaIKsiuCzrvP7v03c
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

tbl-x-upstream: 10.41.22.181:10213
date: Mon, 26 Apr 2021 11:19:23 GMT
server: nginx
x-fastly-to-nlb-rtt: 18126

Redirect headers

strict-transport-security: max-age=15768000
server: Jetty(9.4.14.v20181114)
p3p: policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
content-language: en-US
location: https://sync.taboola.com/sg/pulsepointrtb-network/1/rtb-h/?taboola_hm=9fvhJO49lnlq&ev=1&orig=trc&pid=562107
cache-control: private, max-age=0, no-cache, no-store
cw-server: bh-deployment-7c488d4f5b-bknrw
expires: -1

GET
H2

200

/
sync.taboola.com/sg/appnexus-network/1/rtb-h/ Frame E0C1
Redirect Chain

https://ib.adnxs.com/getuidnb?https://sync.taboola.com/sg/appnexus-network/1/rtb-h/?taboola_hm=$UID&orig=trc
https://sync.taboola.com/sg/appnexus-network/1/rtb-h/?taboola_hm=3124726849276262110&orig=trc

0
227 B

20ms
20ms

Image
text/plain

141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.taboola.com/sg/appnexus-network/1/rtb-h/?taboola_hm=3124726849276262110&orig=trc
Requested by: Host: www.thesundaily.my
URL: https://www.thesundaily.my/home/astrazeneca-is-safe-to-be-given-to-senior-citizens-adham-YL7793054?_hsmi=88974744&_hsenc=p2ANqtz-_G5s6CORBttERc_beHteVqqnJIJh5EriMR00fz0Cexxf2lQpsFfBisijUxttE-tNX9yfHTn7fBQWbcOnOkY3_eCosMOOPpTIuaIKsiuCzrvP7v03c
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

tbl-x-upstream: 10.41.22.84:10213
date: Mon, 26 Apr 2021 11:19:23 GMT
server: nginx
x-fastly-to-nlb-rtt: 12579

Redirect headers

Pragma: no-cache
Date: Mon, 26 Apr 2021 11:19:23 GMT
X-Proxy-Origin: 89.249.64.203; 89.249.64.203; 693.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com; 37.252.173.106:80
AN-X-Request-Uuid: 6a1d9e5a-2c28-4b56-8e96-c4da0e78df97
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://sync.taboola.com/sg/appnexus-network/1/rtb-h/?taboola_hm=3124726849276262110&orig=trc
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

/
trc.taboola.com/sg/google-network/1/rtb-h/ Frame E0C1
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_cm&google_sc
https://trc.taboola.com/sg/google-network/1/rtb-h/?taboola_hm=CAESELUUJXl3r4RPBRLA-hbDma0&google_cver=1

0
239 B

16ms
15ms

Image
text/plain

199.232.137.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trc.taboola.com/sg/google-network/1/rtb-h/?taboola_hm=CAESELUUJXl3r4RPBRLA-hbDma0&google_cver=1
Requested by: Host: www.thesundaily.my
URL: https://www.thesundaily.my/home/astrazeneca-is-safe-to-be-given-to-senior-citizens-adham-YL7793054?_hsmi=88974744&_hsenc=p2ANqtz-_G5s6CORBttERc_beHteVqqnJIJh5EriMR00fz0Cexxf2lQpsFfBisijUxttE-tNX9yfHTn7fBQWbcOnOkY3_eCosMOOPpTIuaIKsiuCzrvP7v03c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 9
date: Mon, 26 Apr 2021 11:19:23 GMT
via: 1.1 varnish
server: nginx
x-timer: S1619435964.695266,VS0,VE9
x-cache: MISS
x-cache-hits: 0
accept-ranges: bytes
content-length: 0
x-served-by: cache-hhn11538-HHN

Redirect headers

pragma: no-cache
date: Mon, 26 Apr 2021 11:19:23 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://trc.taboola.com/sg/google-network/1/rtb-h/?taboola_hm=CAESELUUJXl3r4RPBRLA-hbDma0&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 304
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK Pug
simage2.pubmatic.com/AdServer/ Frame E0C1 42 B
805 B 91ms
15ms Image
image/gif 185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw&piggybackCookie=642eef7c-30f3-46e4-af7e-73046a8780cb-tuct7802738:$UID
Requested by: Host: www.thesundaily.my
URL: https://www.thesundaily.my/home/astrazeneca-is-safe-to-be-given-to-senior-citizens-adham-YL7793054?_hsmi=88974744&_hsenc=p2ANqtz-_G5s6CORBttERc_beHteVqqnJIJh5EriMR00fz0Cexxf2lQpsFfBisijUxttE-tNX9yfHTn7fBQWbcOnOkY3_eCosMOOPpTIuaIKsiuCzrvP7v03c
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 26 Apr 2021 11:19:23 GMT
X-lat: amspug016:0:596
Server: nginx
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif; charset=utf-8
Content-Length: 42

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame E0C1
Redirect Chain

https://sync.taboola.com/sg/google-network/1/rtb?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dtaboola_dbm%26google_sc%26gdpr%3D0%26gdpr_consent%3D&orig=trc
https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_sc&gdpr=0&gdpr_consent=&google_hm=b52d0d6d-23ae-409f-97e9-10b67c82e353-tuct780273a

170 B
188 B

17ms
17ms

Image
image/png

142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_sc&gdpr=0&gdpr_consent=&google_hm=b52d0d6d-23ae-409f-97e9-10b67c82e353-tuct780273a

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 26 Apr 2021 11:19:23 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_sc&gdpr=0&gdpr_consent=&google_hm=b52d0d6d-23ae-409f-97e9-10b67c82e353-tuct780273a
tbl-x-upstream: 10.40.0.195:10213
date: Mon, 26 Apr 2021 11:19:23 GMT
server: nginx
x-fastly-to-nlb-rtt: 12590

GET
H2

200

/
trc.taboola.com/sg/thetradedesk-network/1/rtb-h/ Frame E0C1
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=054f32o&ttd_tpi=1
https://match.adsrvr.org/track/cmb/generic?ttd_pid=054f32o&ttd_tpi=1
https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=18af8a2d-70bd-419a-9398-d8e481f0d7cd

0
60 B

16ms
15ms

Image
text/plain

199.232.137.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=18af8a2d-70bd-419a-9398-d8e481f0d7cd
Requested by: Host: www.thesundaily.my
URL: https://www.thesundaily.my/home/astrazeneca-is-safe-to-be-given-to-senior-citizens-adham-YL7793054?_hsmi=88974744&_hsenc=p2ANqtz-_G5s6CORBttERc_beHteVqqnJIJh5EriMR00fz0Cexxf2lQpsFfBisijUxttE-tNX9yfHTn7fBQWbcOnOkY3_eCosMOOPpTIuaIKsiuCzrvP7v03c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 9
date: Mon, 26 Apr 2021 11:19:23 GMT
via: 1.1 varnish
server: nginx
x-timer: S1619435964.911206,VS0,VE9
x-cache: MISS
x-cache-hits: 0
accept-ranges: bytes
content-length: 0
x-served-by: cache-hhn11538-HHN

Redirect headers

pragma: no-cache
date: Mon, 26 Apr 2021 11:19:23 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=18af8a2d-70bd-419a-9398-d8e481f0d7cd
cache-control: private,no-cache, must-revalidate
content-type: text/html
content-length: 239

GET
H/1.1

204
No Content

merge
ce.lijit.com/ Frame E0C1
Redirect Chain

https://ce.lijit.com/merge?pid=42&3pid=642eef7c-30f3-46e4-af7e-73046a8780cb-tuct7802738&us_privacy=&gdpr=0&gdpr_consent=
https://ce.lijit.com/merge?pid=42&3pid=642eef7c-30f3-46e4-af7e-73046a8780cb-tuct7802738&us_privacy=&gdpr=0&gdpr_consent=&dnr=1

0
433 B

24ms
23ms

Image
text/plain

72.251.249.9
VOXEL-DOT-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ce.lijit.com/merge?pid=42&3pid=642eef7c-30f3-46e4-af7e-73046a8780cb-tuct7802738&us_privacy=&gdpr=0&gdpr_consent=&dnr=1
Requested by: Host: www.thesundaily.my
URL: https://www.thesundaily.my/home/astrazeneca-is-safe-to-be-given-to-senior-citizens-adham-YL7793054?_hsmi=88974744&_hsenc=p2ANqtz-_G5s6CORBttERc_beHteVqqnJIJh5EriMR00fz0Cexxf2lQpsFfBisijUxttE-tNX9yfHTn7fBQWbcOnOkY3_eCosMOOPpTIuaIKsiuCzrvP7v03c
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 72.251.249.9 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software: nginx / raptor
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 26 Apr 2021 11:19:23 GMT
Server: nginx
X-Powered-By: raptor
P3P: CP="CUR ADM OUR NOR STA NID"
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod: ad_ap3ams1
Expires: Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 26 Apr 2021 11:19:23 GMT
Server: nginx
X-Powered-By: raptor
P3P: CP="CUR ADM OUR NOR STA NID"
Location: https://ce.lijit.com/merge?pid=42&3pid=642eef7c-30f3-46e4-af7e-73046a8780cb-tuct7802738&us_privacy=&gdpr=0&gdpr_consent=&dnr=1
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod: ad_ap3ams1
Content-Length: 0
Expires: Fri, 20 Mar 2009 00:00:00 GMT

GET
H2 200 rtset
bh.contextweb.com/bh/ Frame E0C1 49 B
406 B 276ms
110ms Image
image/gif 198.148.27.139
PULSEPOINT

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bh.contextweb.com/bh/rtset?do=add&pid=553204&ev=642eef7c-30f3-46e4-af7e-73046a8780cb-tuct7802738

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

198.148.27.139 New York, United States, ASN19189 (PULSEPOINT, US),

Reverse DNS

Software

Jetty(9.4.14.v20181114) /

Resource Hash

d0409a1b73dab4e29dc40f92fb431fa9133baa23b4a1ffae4897f39068110e32

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=15768000
server: Jetty(9.4.14.v20181114)
content-language: en-US
p3p: policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cache-control: private, max-age=0, no-cache, no-store
content-type: image/gif;charset=iso-8859-1
cw-server: bh-deployment-7c488d4f5b-d2b6l
expires: -1

GET
H/1.1 200
OK /
rtb-csync.smartadserver.com/redir/ Frame E0C1 43 B
697 B 702ms
20ms Image
image/gif 185.86.138.143
SMARTADSERVER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb-csync.smartadserver.com/redir/?partnerid=107&partneruserid=642eef7c-30f3-46e4-af7e-73046a8780cb-tuct7802738&gdpr=0&gdpr_consent=
Requested by: Host: www.thesundaily.my
URL: https://www.thesundaily.my/home/astrazeneca-is-safe-to-be-given-to-senior-citizens-adham-YL7793054?_hsmi=88974744&_hsenc=p2ANqtz-_G5s6CORBttERc_beHteVqqnJIJh5EriMR00fz0Cexxf2lQpsFfBisijUxttE-tNX9yfHTn7fBQWbcOnOkY3_eCosMOOPpTIuaIKsiuCzrvP7v03c
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.138.143 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 26 Apr 2021 11:19:24 GMT
cache-control: no-cache,no-store
content-type: image/gif
transfer-encoding: chunked
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

GET
H2 204 put
e1.emxdgt.com/ Frame E0C1 0
59 B 1701ms
30ms Image
text/html 18.195.155.181
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://e1.emxdgt.com/put?d=d41&uid=642eef7c-30f3-46e4-af7e-73046a8780cb-tuct7802738
Requested by: Host: www.thesundaily.my
URL: https://www.thesundaily.my/home/astrazeneca-is-safe-to-be-given-to-senior-citizens-adham-YL7793054?_hsmi=88974744&_hsenc=p2ANqtz-_G5s6CORBttERc_beHteVqqnJIJh5EriMR00fz0Cexxf2lQpsFfBisijUxttE-tNX9yfHTn7fBQWbcOnOkY3_eCosMOOPpTIuaIKsiuCzrvP7v03c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.195.155.181 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Apr 2021 11:19:24 GMT
content-length: 0
content-type: text/html

GET
H2

200

/
sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/ Frame E0C1
Redirect Chain

https://dis.criteo.com/dis/usersync.aspx?r=29&p=282&cp=taboolaortb&cu=1&url=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fcriteortb-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D%40%40CRITEO_USERID%40%40
https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=c1a416c1-af50-42e2-8c66-28de4abb8457

0
228 B

21ms
21ms

Image
text/plain

141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=c1a416c1-af50-42e2-8c66-28de4abb8457
Requested by: Host: www.thesundaily.my
URL: https://www.thesundaily.my/home/astrazeneca-is-safe-to-be-given-to-senior-citizens-adham-YL7793054?_hsmi=88974744&_hsenc=p2ANqtz-_G5s6CORBttERc_beHteVqqnJIJh5EriMR00fz0Cexxf2lQpsFfBisijUxttE-tNX9yfHTn7fBQWbcOnOkY3_eCosMOOPpTIuaIKsiuCzrvP7v03c
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

tbl-x-upstream: 10.41.12.133:10213
date: Mon, 26 Apr 2021 11:19:24 GMT
server: nginx
x-fastly-to-nlb-rtt: 16035

Redirect headers

pragma: no-cache
x-errorlevel: 0
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
location: https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=c1a416c1-af50-42e2-8c66-28de4abb8457
cache-control: no-cache
date: Mon, 26 Apr 2021 11:19:23 GMT
server-processing-duration-in-ticks: 4122
content-type: text/html; charset=utf-8
content-length: 222
expires: Mon, 26 Apr 2021 00:00:00 GMT

GET

/
loadus.exelator.com/load/ Frame E0C1
Redirect Chain

https://id5-sync.com/s/464/9.gif?puid=642eef7c-30f3-46e4-af7e-73046a8780cb-tuct7802738&gdpr=0&gdpr_consent=&callback=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fid5-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D...
https://id5-sync.com/c/464/464/7/1.gif?puid=642eef7c-30f3-46e4-af7e-73046a8780cb-tuct7802738&gdpr=1&gdpr_consent=
https://ice.360yield.com/match?publisher_dsp_id=79&dsp_callback=1&external_user_id=ID5-ZHMOl9xlmBjOhKVgy0RpGwly2pcuhg-z8GQzjME0gg&r=https%3A%2F%2Fid5-sync.com%2Fcq%2F464%2F124%2F6%2F2.gif%3Fpuid%3D...
https://ice.360yield.com/ul_cb/match?publisher_dsp_id=79&dsp_callback=1&external_user_id=ID5-ZHMOl9xlmBjOhKVgy0RpGwly2pcuhg-z8GQzjME0gg&r=https%3A%2F%2Fid5-sync.com%2Fcq%2F464%2F124%2F6%2F2.gif%3Fp...
https://id5-sync.com/cq/464/124/6/2.gif?puid=b7cb156b-35af-4029-9a51-2ab7bb709734&gdpr=1&gdpr_consent=&gdpr=1&gdpr_consent=
https://rtb.gumgum.com/getuid/id5?r=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F441%2F5%2F3.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_consent=
https://id5-sync.com/c/464/441/5/3.gif?puid=e_c6f0f640-d3e4-4d8a-93c4-c76efaa1a6f1&gdpr=1&gdpr_consent=
https://cookie-matching.mediarithmics.com/v1/get_user_agent_id?dom_token=id517&sd=Y2FzY2FkZXNSZW1haW5pbmc9NCZjYXNjYWRlc0RvbmU9NCZpbml0aWF0aW5nUGFydG5lcj00NjQmZm9ybWF0PWdpZiY
https://cookie-matching.mediarithmics.com/v1/get_or_create?sd=Y2FzY2FkZXNSZW1haW5pbmc9NCZjYXNjYWRlc0RvbmU9NCZpbml0aWF0aW5nUGFydG5lcj00NjQmZm9ybWF0PWdpZiY&domid=1033
https://cm.g.doubleclick.net/pixel?google_nid=medr&google_cm&key=GOO&sd=Y2FzY2FkZXNSZW1haW5pbmc9NCZjYXNjYWRlc0RvbmU9NCZpbml0aWF0aW5nUGFydG5lcj00NjQmZm9ybWF0PWdpZiY&action=GET_ID&opid=goo&etid=&domi...
https://cookie-matching.mediarithmics.com/input?key=GOO&key=GOO&sd=Y2FzY2FkZXNSZW1haW5pbmc9NCZjYXNjYWRlc0RvbmU9NCZpbml0aWF0aW5nUGFydG5lcj00NjQmZm9ybWF0PWdpZiY&action=GET_ID&opid=goo&etid=&domid=103...
https://ib.adnxs.com/getuid?https://cookie-matching.mediarithmics.com/input?key=APX&apx_uid=$UID&opid=apx&ops=&utidl=tech:goo:CAESEE6FlY97YJX51xPmAyfdnEU&sd=Y2FzY2FkZXNSZW1haW5pbmc9NCZjYXNjYWRlc0Rv...
https://cookie-matching.mediarithmics.com/input?key=APX&apx_uid=3124726849276262110&opid=apx&ops=&utidl=tech:goo:CAESEE6FlY97YJX51xPmAyfdnEU&sd=Y2FzY2FkZXNSZW1haW5pbmc9NCZjYXNjYWRlc0RvbmU9NCZpbml0a...
https://id5-sync.com/qp/18.gif?puid=vec%3A17134053203&sd=Y2FzY2FkZXNSZW1haW5pbmc9NCZjYXNjYWRlc0RvbmU9NCZpbml0aWF0aW5nUGFydG5lcj00NjQmZm9ybWF0PWdpZiY
https://sync.crwdcntrl.net/map/c=13953/tp=IDFI/gdpr=1/gdpr_consent=?https://id5-sync.com/c/464/19/3/5.gif?puid=${profile_id}&gdpr=1&gdpr_consent=
https://sync.crwdcntrl.net/map/ct=y/c=13953/tp=IDFI/gdpr=1/gdpr_consent=?https://id5-sync.com/c/464/19/3/5.gif?puid=${profile_id}&gdpr=1&gdpr_consent=
https://id5-sync.com/c/464/19/3/5.gif?puid=769ff3ce7fe246262629c1d1d4cef3ce&gdpr=1&gdpr_consent=
https://ads.creative-serving.com/id5_cm?callback=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F101%2F2%2F6.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D1%26gdpr_consent%3D
https://ads.creative-serving.com/ul_cb/id5_cm?callback=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F101%2F2%2F6.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D1%26gdpr_consent%3D
https://id5-sync.com/c/464/101/2/6.gif?puid=3842729f-8980-4d8c-aaba-4d4d4e670a2b&gdpr=1&gdpr_consent=
https://loadus.exelator.com/load/?p=1082&g=204&j=r&gdpr=1&gdpr_consent=&ru=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F103%2F1%2F7.gif%3Fpuid%3D%25%25UID%25%25%26gdpr%3D1%26gdpr_consent%3D

0
0

GET
H2

204

rtb-h
sync.taboola.com/sg/appierrtb-network/1/ Frame E0C1
Redirect Chain

https://s.c.appier.net/taboola
https://sync.taboola.com/sg/appierrtb-network/1/rtb-h?taboola_hm=cZ_DtKotCkqvubgcvKGGYA

0
219 B

21ms
21ms

Image
text/plain

141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.taboola.com/sg/appierrtb-network/1/rtb-h?taboola_hm=cZ_DtKotCkqvubgcvKGGYA
Requested by: Host: www.thesundaily.my
URL: https://www.thesundaily.my/home/astrazeneca-is-safe-to-be-given-to-senior-citizens-adham-YL7793054?_hsmi=88974744&_hsenc=p2ANqtz-_G5s6CORBttERc_beHteVqqnJIJh5EriMR00fz0Cexxf2lQpsFfBisijUxttE-tNX9yfHTn7fBQWbcOnOkY3_eCosMOOPpTIuaIKsiuCzrvP7v03c
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

tbl-x-upstream: 10.41.10.199:10213
date: Mon, 26 Apr 2021 11:19:24 GMT
server: nginx
x-fastly-to-nlb-rtt: 15843

Redirect headers

location: https://sync.taboola.com/sg/appierrtb-network/1/rtb-h?taboola_hm=cZ_DtKotCkqvubgcvKGGYA
date: Mon, 26 Apr 2021 11:19:24 GMT
cache-control: no-store
server: nginx
content-type: text/html; charset=utf-8
content-length: 110
p3p: CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"

GET
H/1.1 200
OK cookiesync
bttrack.com/pixel/ Frame E0C1 35 B
380 B 1007ms
98ms Image
image/gif 192.132.33.46
BIDTELLECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bttrack.com/pixel/cookiesync?source=14b8c562-d12b-418b-b680-ad517d5839ec
Requested by: Host: www.thesundaily.my
URL: https://www.thesundaily.my/home/astrazeneca-is-safe-to-be-given-to-senior-citizens-adham-YL7793054?_hsmi=88974744&_hsenc=p2ANqtz-_G5s6CORBttERc_beHteVqqnJIJh5EriMR00fz0Cexxf2lQpsFfBisijUxttE-tNX9yfHTn7fBQWbcOnOkY3_eCosMOOPpTIuaIKsiuCzrvP7v03c
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 192.132.33.46 , United States, ASN18568 (BIDTELLECT, US),
Reverse DNS: 46.bidtellect.com
Software: Microsoft-IIS/8.5 /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

X-ServerName: Track003-dc3
Pragma: no-cache
Date: Mon, 26 Apr 2021 11:19:14 GMT
X-AspNetMvc-Version: 5.2
Server: Microsoft-IIS/8.5
X-AspNet-Version: 4.0.30319
P3P: CP="CAO DSP COR ADMo DEVo PSAo PSDo HISo IVAo IVDo OUR IND OTC"
Cache-Control: private,no-cache
Content-Type: image/gif
Content-Length: 35
Expires: -1

GET
H2

200

rtb-h
sync-t1.taboola.com/sg/bidswitch-network/1/ Frame E0C1
Redirect Chain

https://x.bidswitch.net/sync?ssp=taboola&gdpr=0&gdpr_consent=
https://x.bidswitch.net/ul_cb/sync?ssp=taboola&gdpr=0&gdpr_consent=
https://c1.adform.net/serving/cookie/match/?party=24&bidswitch_ssp_id=taboola
https://c1.adform.net/serving/cookie/match/?CC=1&party=24&bidswitch_ssp_id=taboola
https://x.bidswitch.net/sync?dsp_id=70&user_id=5891697160456001480&ssp=taboola
https://sync-t1.taboola.com/sg/bidswitch-network/1/rtb-h?taboola_hm=2c42101e-bbfe-48bd-ba4a-2c71f7d05af6

0
228 B

19ms
18ms

Image
text/plain

141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync-t1.taboola.com/sg/bidswitch-network/1/rtb-h?taboola_hm=2c42101e-bbfe-48bd-ba4a-2c71f7d05af6
Requested by: Host: www.thesundaily.my
URL: https://www.thesundaily.my/home/astrazeneca-is-safe-to-be-given-to-senior-citizens-adham-YL7793054?_hsmi=88974744&_hsenc=p2ANqtz-_G5s6CORBttERc_beHteVqqnJIJh5EriMR00fz0Cexxf2lQpsFfBisijUxttE-tNX9yfHTn7fBQWbcOnOkY3_eCosMOOPpTIuaIKsiuCzrvP7v03c
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

tbl-x-upstream: 10.41.10.199:10213
date: Mon, 26 Apr 2021 11:19:24 GMT
server: nginx
x-fastly-to-nlb-rtt: 16099

Redirect headers

location: //sync-t1.taboola.com/sg/bidswitch-network/1/rtb-h?taboola_hm=2c42101e-bbfe-48bd-ba4a-2c71f7d05af6
date: Mon, 26 Apr 2021 11:19:24 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H2

200

rtb-h
match.taboola.com/sg/mediaforcebidder-network/1/ Frame F618
Redirect Chain

https://rtb.mfadsrvr.com/sync?ssp=taboola
https://sync.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=902d8956-0dfd-4bde-9a44-ed5d464a74aa
https://match.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=902d8956-0dfd-4bde-9a44-ed5d464a74aa&tbid=b52d0d6d-23ae-409f-97e9-10b67c82e353-tuct780273a&query=taboola_hm%3D902d8956-0dfd-...

0
76 B

38ms
38ms

Image
text/plain

199.232.137.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=902d8956-0dfd-4bde-9a44-ed5d464a74aa&tbid=b52d0d6d-23ae-409f-97e9-10b67c82e353-tuct780273a&query=taboola_hm%3D902d8956-0dfd-4bde-9a44-ed5d464a74aa&isDirect=0
Requested by: Host: www.thesundaily.my
URL: https://www.thesundaily.my/home/astrazeneca-is-safe-to-be-given-to-senior-citizens-adham-YL7793054?_hsmi=88974744&_hsenc=p2ANqtz-_G5s6CORBttERc_beHteVqqnJIJh5EriMR00fz0Cexxf2lQpsFfBisijUxttE-tNX9yfHTn7fBQWbcOnOkY3_eCosMOOPpTIuaIKsiuCzrvP7v03c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Apr 2021 11:19:24 GMT
via: 1.1 varnish
server: nginx
x-timer: S1619435964.020398,VS0,VE8
x-cache: MISS
x-cache-hits: 0
accept-ranges: bytes
content-length: 0
x-served-by: cache-hhn11538-HHN

Redirect headers

location: https://match.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=902d8956-0dfd-4bde-9a44-ed5d464a74aa&tbid=b52d0d6d-23ae-409f-97e9-10b67c82e353-tuct780273a&query=taboola_hm%3D902d8956-0dfd-4bde-9a44-ed5d464a74aa&isDirect=0
tbl-x-upstream: 10.41.14.127:10213
date: Mon, 26 Apr 2021 11:19:23 GMT
server: nginx
x-fastly-to-nlb-rtt: 16818

GET
H2 200 sd
u.openx.net/w/1.0/ Frame F618 43 B
106 B 16ms
16ms Image
image/gif 35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://u.openx.net/w/1.0/sd?id=543998486&val=642eef7c-30f3-46e4-af7e-73046a8780cb-tuct7802738&gdpr=0&gdpr_consent=
Requested by: Host: www.thesundaily.my
URL: https://www.thesundaily.my/home/astrazeneca-is-safe-to-be-given-to-senior-citizens-adham-YL7793054?_hsmi=88974744&_hsenc=p2ANqtz-_G5s6CORBttERc_beHteVqqnJIJh5EriMR00fz0Cexxf2lQpsFfBisijUxttE-tNX9yfHTn7fBQWbcOnOkY3_eCosMOOPpTIuaIKsiuCzrvP7v03c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/16.205.4 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 26 Apr 2021 11:19:23 GMT
via: 1.1 google
server: OXGW/16.205.4
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: clear
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H/1.1 204
No Content sync.php
pixel.rubiconproject.com/exchange/ Frame F618 0
239 B 24ms
23ms Image
image/gif 69.173.144.165
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/exchange/sync.php?p=16698
Requested by: Host: www.thesundaily.my
URL: https://www.thesundaily.my/home/astrazeneca-is-safe-to-be-given-to-senior-citizens-adham-YL7793054?_hsmi=88974744&_hsenc=p2ANqtz-_G5s6CORBttERc_beHteVqqnJIJh5EriMR00fz0Cexxf2lQpsFfBisijUxttE-tNX9yfHTn7fBQWbcOnOkY3_eCosMOOPpTIuaIKsiuCzrvP7v03c
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost: 37b22a0c36bd84993dd2cda4a5e04b1d
Content-Type: image/gif

GET
H2

204

/
sync.taboola.com/sg/pulsepointrtb-network/1/rtb-h/ Frame F618
Redirect Chain

https://bh.contextweb.com/bh/rtset?pid=562107&ev=1&rurl=https%3A%2F%2Fsync.taboola.com/sg/pulsepointrtb-network/1/rtb-h/?taboola_hm=%%VGUID%%&orig=trc
https://sync.taboola.com/sg/pulsepointrtb-network/1/rtb-h/?taboola_hm=TJtWtYOsvWag&ev=1&orig=trc&pid=562107

0
218 B

19ms
19ms

Image
text/plain

141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.taboola.com/sg/pulsepointrtb-network/1/rtb-h/?taboola_hm=TJtWtYOsvWag&ev=1&orig=trc&pid=562107
Requested by: Host: www.thesundaily.my
URL: https://www.thesundaily.my/home/astrazeneca-is-safe-to-be-given-to-senior-citizens-adham-YL7793054?_hsmi=88974744&_hsenc=p2ANqtz-_G5s6CORBttERc_beHteVqqnJIJh5EriMR00fz0Cexxf2lQpsFfBisijUxttE-tNX9yfHTn7fBQWbcOnOkY3_eCosMOOPpTIuaIKsiuCzrvP7v03c
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

tbl-x-upstream: 10.41.14.95:10213
date: Mon, 26 Apr 2021 11:19:24 GMT
server: nginx
x-fastly-to-nlb-rtt: 16390

Redirect headers

strict-transport-security: max-age=15768000
server: Jetty(9.4.14.v20181114)
p3p: policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
content-language: en-US
location: https://sync.taboola.com/sg/pulsepointrtb-network/1/rtb-h/?taboola_hm=TJtWtYOsvWag&ev=1&orig=trc&pid=562107
cache-control: private, max-age=0, no-cache, no-store
cw-server: bh-deployment-7c488d4f5b-bknrw
expires: -1

GET
H2

200

/
sync.taboola.com/sg/appnexus-network/1/rtb-h/ Frame F618
Redirect Chain

https://ib.adnxs.com/getuidnb?https://sync.taboola.com/sg/appnexus-network/1/rtb-h/?taboola_hm=$UID&orig=trc
https://sync.taboola.com/sg/appnexus-network/1/rtb-h/?taboola_hm=3124726849276262110&orig=trc

0
228 B

63ms
63ms

Image
text/plain

141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.taboola.com/sg/appnexus-network/1/rtb-h/?taboola_hm=3124726849276262110&orig=trc
Requested by: Host: www.thesundaily.my
URL: https://www.thesundaily.my/home/astrazeneca-is-safe-to-be-given-to-senior-citizens-adham-YL7793054?_hsmi=88974744&_hsenc=p2ANqtz-_G5s6CORBttERc_beHteVqqnJIJh5EriMR00fz0Cexxf2lQpsFfBisijUxttE-tNX9yfHTn7fBQWbcOnOkY3_eCosMOOPpTIuaIKsiuCzrvP7v03c
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

tbl-x-upstream: 10.41.10.199:10213
date: Mon, 26 Apr 2021 11:19:24 GMT
server: nginx
x-fastly-to-nlb-rtt: 16390

Redirect headers

Pragma: no-cache
Date: Mon, 26 Apr 2021 11:19:24 GMT
X-Proxy-Origin: 89.249.64.203; 89.249.64.203; 693.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com; 37.252.172.153:80
AN-X-Request-Uuid: e7136f1a-8b09-4f91-8a28-30ad5f347c3a
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://sync.taboola.com/sg/appnexus-network/1/rtb-h/?taboola_hm=3124726849276262110&orig=trc
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

/
trc.taboola.com/sg/google-network/1/rtb-h/ Frame F618
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_cm&google_sc
https://trc.taboola.com/sg/google-network/1/rtb-h/?taboola_hm=CAESELUUJXl3r4RPBRLA-hbDma0&google_cver=1

0
56 B

16ms
16ms

Image
text/plain

199.232.137.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trc.taboola.com/sg/google-network/1/rtb-h/?taboola_hm=CAESELUUJXl3r4RPBRLA-hbDma0&google_cver=1
Requested by: Host: www.thesundaily.my
URL: https://www.thesundaily.my/home/astrazeneca-is-safe-to-be-given-to-senior-citizens-adham-YL7793054?_hsmi=88974744&_hsenc=p2ANqtz-_G5s6CORBttERc_beHteVqqnJIJh5EriMR00fz0Cexxf2lQpsFfBisijUxttE-tNX9yfHTn7fBQWbcOnOkY3_eCosMOOPpTIuaIKsiuCzrvP7v03c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 9
date: Mon, 26 Apr 2021 11:19:23 GMT
via: 1.1 varnish
server: nginx
x-timer: S1619435964.695538,VS0,VE9
x-cache: MISS
x-cache-hits: 0
accept-ranges: bytes
content-length: 0
x-served-by: cache-hhn11538-HHN

Redirect headers

pragma: no-cache
date: Mon, 26 Apr 2021 11:19:23 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://trc.taboola.com/sg/google-network/1/rtb-h/?taboola_hm=CAESELUUJXl3r4RPBRLA-hbDma0&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 304
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK Pug
simage2.pubmatic.com/AdServer/ Frame F618 42 B
805 B 15ms
14ms Image
image/gif 185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw&piggybackCookie=642eef7c-30f3-46e4-af7e-73046a8780cb-tuct7802738:$UID
Requested by: Host: www.thesundaily.my
URL: https://www.thesundaily.my/home/astrazeneca-is-safe-to-be-given-to-senior-citizens-adham-YL7793054?_hsmi=88974744&_hsenc=p2ANqtz-_G5s6CORBttERc_beHteVqqnJIJh5EriMR00fz0Cexxf2lQpsFfBisijUxttE-tNX9yfHTn7fBQWbcOnOkY3_eCosMOOPpTIuaIKsiuCzrvP7v03c
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 26 Apr 2021 11:19:23 GMT
X-lat: amspug010:0:346
Server: nginx
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif; charset=utf-8
Content-Length: 42

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame F618
Redirect Chain

https://sync.taboola.com/sg/google-network/1/rtb?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dtaboola_dbm%26google_sc%26gdpr%3D0%26gdpr_consent%3D&orig=trc
https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_sc&gdpr=0&gdpr_consent=&google_hm=b52d0d6d-23ae-409f-97e9-10b67c82e353-tuct780273a

170 B
188 B

18ms
17ms

Image
image/png

142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_sc&gdpr=0&gdpr_consent=&google_hm=b52d0d6d-23ae-409f-97e9-10b67c82e353-tuct780273a

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 26 Apr 2021 11:19:24 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_sc&gdpr=0&gdpr_consent=&google_hm=b52d0d6d-23ae-409f-97e9-10b67c82e353-tuct780273a
tbl-x-upstream: 10.41.12.133:10213
date: Mon, 26 Apr 2021 11:19:24 GMT
server: nginx
x-fastly-to-nlb-rtt: 16280

GET
H2

200

/
trc.taboola.com/sg/thetradedesk-network/1/rtb-h/ Frame F618
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=054f32o&ttd_tpi=1
https://match.adsrvr.org/track/cmb/generic?ttd_pid=054f32o&ttd_tpi=1
https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=18af8a2d-70bd-419a-9398-d8e481f0d7cd

0
54 B

16ms
16ms

Image
text/plain

199.232.137.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=18af8a2d-70bd-419a-9398-d8e481f0d7cd
Requested by: Host: www.thesundaily.my
URL: https://www.thesundaily.my/home/astrazeneca-is-safe-to-be-given-to-senior-citizens-adham-YL7793054?_hsmi=88974744&_hsenc=p2ANqtz-_G5s6CORBttERc_beHteVqqnJIJh5EriMR00fz0Cexxf2lQpsFfBisijUxttE-tNX9yfHTn7fBQWbcOnOkY3_eCosMOOPpTIuaIKsiuCzrvP7v03c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 9
date: Mon, 26 Apr 2021 11:19:23 GMT
via: 1.1 varnish
server: nginx
x-timer: S1619435964.911108,VS0,VE9
x-cache: MISS
x-cache-hits: 0
accept-ranges: bytes
content-length: 0
x-served-by: cache-hhn11538-HHN

Redirect headers

pragma: no-cache
date: Mon, 26 Apr 2021 11:19:23 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=18af8a2d-70bd-419a-9398-d8e481f0d7cd
cache-control: private,no-cache, must-revalidate
content-type: text/html
content-length: 239

GET
H/1.1 200
OK merge
ce.lijit.com/ Frame F618 43 B
687 B 21ms
19ms Image
image/gif 72.251.249.9
VOXEL-DOT-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ce.lijit.com/merge?pid=42&3pid=642eef7c-30f3-46e4-af7e-73046a8780cb-tuct7802738&us_privacy=&gdpr=0&gdpr_consent=
Requested by: Host: www.thesundaily.my
URL: https://www.thesundaily.my/home/astrazeneca-is-safe-to-be-given-to-senior-citizens-adham-YL7793054?_hsmi=88974744&_hsenc=p2ANqtz-_G5s6CORBttERc_beHteVqqnJIJh5EriMR00fz0Cexxf2lQpsFfBisijUxttE-tNX9yfHTn7fBQWbcOnOkY3_eCosMOOPpTIuaIKsiuCzrvP7v03c
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 72.251.249.9 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software: nginx / raptor
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 26 Apr 2021 11:19:24 GMT
Server: nginx
X-Powered-By: raptor
P3P: CP="CUR ADM OUR NOR STA NID"
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod: ad_ap3ams1
Content-Type: image/gif
Content-Length: 43
Expires: Fri, 20 Mar 2009 00:00:00 GMT

GET
H2 200 rtset
bh.contextweb.com/bh/ Frame F618 49 B
333 B 99ms
98ms Image
image/gif 198.148.27.139
PULSEPOINT

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bh.contextweb.com/bh/rtset?do=add&pid=553204&ev=642eef7c-30f3-46e4-af7e-73046a8780cb-tuct7802738

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

198.148.27.139 New York, United States, ASN19189 (PULSEPOINT, US),

Reverse DNS

Software

Jetty(9.4.14.v20181114) /

Resource Hash

d0409a1b73dab4e29dc40f92fb431fa9133baa23b4a1ffae4897f39068110e32

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=15768000
server: Jetty(9.4.14.v20181114)
content-language: en-US
p3p: policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cache-control: private, max-age=0, no-cache, no-store
content-type: image/gif;charset=iso-8859-1
cw-server: bh-deployment-7c488d4f5b-bknrw
expires: -1

GET
H/1.1 200
OK /
rtb-csync.smartadserver.com/redir/ Frame F618 43 B
697 B 120ms
20ms Image
image/gif 185.86.138.143
SMARTADSERVER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb-csync.smartadserver.com/redir/?partnerid=107&partneruserid=642eef7c-30f3-46e4-af7e-73046a8780cb-tuct7802738&gdpr=0&gdpr_consent=
Requested by: Host: www.thesundaily.my
URL: https://www.thesundaily.my/home/astrazeneca-is-safe-to-be-given-to-senior-citizens-adham-YL7793054?_hsmi=88974744&_hsenc=p2ANqtz-_G5s6CORBttERc_beHteVqqnJIJh5EriMR00fz0Cexxf2lQpsFfBisijUxttE-tNX9yfHTn7fBQWbcOnOkY3_eCosMOOPpTIuaIKsiuCzrvP7v03c
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.138.143 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 26 Apr 2021 11:19:23 GMT
cache-control: no-cache,no-store
content-type: image/gif
transfer-encoding: chunked
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

GET
H2 204 put
e1.emxdgt.com/ Frame F618 0
22 B 1150ms
31ms Image
text/html 18.195.155.181
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://e1.emxdgt.com/put?d=d41&uid=642eef7c-30f3-46e4-af7e-73046a8780cb-tuct7802738
Requested by: Host: www.thesundaily.my
URL: https://www.thesundaily.my/home/astrazeneca-is-safe-to-be-given-to-senior-citizens-adham-YL7793054?_hsmi=88974744&_hsenc=p2ANqtz-_G5s6CORBttERc_beHteVqqnJIJh5EriMR00fz0Cexxf2lQpsFfBisijUxttE-tNX9yfHTn7fBQWbcOnOkY3_eCosMOOPpTIuaIKsiuCzrvP7v03c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.195.155.181 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Apr 2021 11:19:24 GMT
content-length: 0
content-type: text/html

GET
H2

200

/
sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/ Frame F618
Redirect Chain

https://dis.criteo.com/dis/usersync.aspx?r=29&p=282&cp=taboolaortb&cu=1&url=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fcriteortb-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D%40%40CRITEO_USERID%40%40
https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=6d5a19bf-39a2-47ef-bcee-d34dba1fa51b

0
228 B

19ms
19ms

Image
text/plain

141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=6d5a19bf-39a2-47ef-bcee-d34dba1fa51b
Requested by: Host: www.thesundaily.my
URL: https://www.thesundaily.my/home/astrazeneca-is-safe-to-be-given-to-senior-citizens-adham-YL7793054?_hsmi=88974744&_hsenc=p2ANqtz-_G5s6CORBttERc_beHteVqqnJIJh5EriMR00fz0Cexxf2lQpsFfBisijUxttE-tNX9yfHTn7fBQWbcOnOkY3_eCosMOOPpTIuaIKsiuCzrvP7v03c
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

tbl-x-upstream: 10.41.10.104:10213
date: Mon, 26 Apr 2021 11:19:24 GMT
server: nginx
x-fastly-to-nlb-rtt: 16035

Redirect headers

pragma: no-cache
x-errorlevel: 0
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
location: https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=6d5a19bf-39a2-47ef-bcee-d34dba1fa51b
cache-control: no-cache
date: Mon, 26 Apr 2021 11:19:23 GMT
server-processing-duration-in-ticks: 3635
content-type: text/html; charset=utf-8
content-length: 222
expires: Mon, 26 Apr 2021 00:00:00 GMT

GET

/
loadus.exelator.com/load/ Frame F618
Redirect Chain

https://id5-sync.com/s/464/9.gif?puid=642eef7c-30f3-46e4-af7e-73046a8780cb-tuct7802738&gdpr=0&gdpr_consent=&callback=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fid5-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D...
https://ice.360yield.com/match?publisher_dsp_id=79&dsp_callback=1&external_user_id=ID5-ZHMOl9xlmBjOhKVgy0RpGwly2pcuhg-z8GQzjME0gg&r=https%3A%2F%2Fid5-sync.com%2Fcq%2F464%2F124%2F6%2F2.gif%3Fpuid%3D...
https://ice.360yield.com/ul_cb/match?publisher_dsp_id=79&dsp_callback=1&external_user_id=ID5-ZHMOl9xlmBjOhKVgy0RpGwly2pcuhg-z8GQzjME0gg&r=https%3A%2F%2Fid5-sync.com%2Fcq%2F464%2F124%2F6%2F2.gif%3Fp...
https://id5-sync.com/cq/464/124/6/2.gif?puid=b7cb156b-35af-4029-9a51-2ab7bb709734&gdpr=1&gdpr_consent=&gdpr=1&gdpr_consent=
https://rtb.gumgum.com/getuid/id5?r=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F441%2F5%2F3.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_consent=
https://id5-sync.com/c/464/441/5/3.gif?puid=e_9ffbbe72-1772-4a9b-bb50-ebeb710bd466&gdpr=1&gdpr_consent=
https://cookie-matching.mediarithmics.com/v1/get_user_agent_id?dom_token=id517&sd=Y2FzY2FkZXNSZW1haW5pbmc9NCZjYXNjYWRlc0RvbmU9NCZpbml0aWF0aW5nUGFydG5lcj00NjQmZm9ybWF0PWdpZiY
https://cookie-matching.mediarithmics.com/v1/get_or_create?sd=Y2FzY2FkZXNSZW1haW5pbmc9NCZjYXNjYWRlc0RvbmU9NCZpbml0aWF0aW5nUGFydG5lcj00NjQmZm9ybWF0PWdpZiY&domid=1033
https://cm.g.doubleclick.net/pixel?google_nid=medr&google_cm&key=GOO&sd=Y2FzY2FkZXNSZW1haW5pbmc9NCZjYXNjYWRlc0RvbmU9NCZpbml0aWF0aW5nUGFydG5lcj00NjQmZm9ybWF0PWdpZiY&action=GET_ID&opid=goo&etid=&domi...
https://cookie-matching.mediarithmics.com/input?key=GOO&key=GOO&sd=Y2FzY2FkZXNSZW1haW5pbmc9NCZjYXNjYWRlc0RvbmU9NCZpbml0aWF0aW5nUGFydG5lcj00NjQmZm9ybWF0PWdpZiY&action=GET_ID&opid=goo&etid=&domid=103...
https://ib.adnxs.com/getuid?https://cookie-matching.mediarithmics.com/input?key=APX&apx_uid=$UID&opid=apx&ops=&utidl=tech:goo:CAESEE6FlY97YJX51xPmAyfdnEU&sd=Y2FzY2FkZXNSZW1haW5pbmc9NCZjYXNjYWRlc0Rv...
https://cookie-matching.mediarithmics.com/input?key=APX&apx_uid=3124726849276262110&opid=apx&ops=&utidl=tech:goo:CAESEE6FlY97YJX51xPmAyfdnEU&sd=Y2FzY2FkZXNSZW1haW5pbmc9NCZjYXNjYWRlc0RvbmU9NCZpbml0a...
https://id5-sync.com/qp/18.gif?puid=vec%3A17134053203&sd=Y2FzY2FkZXNSZW1haW5pbmc9NCZjYXNjYWRlc0RvbmU9NCZpbml0aWF0aW5nUGFydG5lcj00NjQmZm9ybWF0PWdpZiY
https://sync.crwdcntrl.net/map/c=13953/tp=IDFI/gdpr=1/gdpr_consent=?https://id5-sync.com/c/464/19/3/5.gif?puid=${profile_id}&gdpr=1&gdpr_consent=
https://sync.crwdcntrl.net/map/ct=y/c=13953/tp=IDFI/gdpr=1/gdpr_consent=?https://id5-sync.com/c/464/19/3/5.gif?puid=${profile_id}&gdpr=1&gdpr_consent=
https://id5-sync.com/c/464/19/3/5.gif?puid=769ff3ce7fe246262629c1d1d4cef3ce&gdpr=1&gdpr_consent=
https://ads.creative-serving.com/id5_cm?callback=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F101%2F2%2F6.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D1%26gdpr_consent%3D
https://ads.creative-serving.com/ul_cb/id5_cm?callback=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F101%2F2%2F6.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D1%26gdpr_consent%3D
https://id5-sync.com/c/464/101/2/6.gif?puid=5a7cc394-2165-4d83-b4b7-d8725509b285&gdpr=1&gdpr_consent=
https://loadus.exelator.com/load/?p=1082&g=204&j=r&gdpr=1&gdpr_consent=&ru=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F103%2F1%2F7.gif%3Fpuid%3D%25%25UID%25%25%26gdpr%3D1%26gdpr_consent%3D
https://loadus.exelator.com/load/?p=1082&g=204&j=r&gdpr=1&gdpr_consent=&ru=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F103%2F1%2F7.gif%3Fpuid%3D%25%25UID%25%25%26gdpr%3D1%26gdpr_consent%3D&xl8blockcheck=1

0
0

GET
H2

204

rtb-h
sync.taboola.com/sg/appierrtb-network/1/ Frame F618
Redirect Chain

https://s.c.appier.net/taboola
https://sync.taboola.com/sg/appierrtb-network/1/rtb-h?taboola_hm=RJNftNHaAk64qRBVvKGGYA

0
218 B

19ms
19ms

Image
text/plain

141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.taboola.com/sg/appierrtb-network/1/rtb-h?taboola_hm=RJNftNHaAk64qRBVvKGGYA
Requested by: Host: www.thesundaily.my
URL: https://www.thesundaily.my/home/astrazeneca-is-safe-to-be-given-to-senior-citizens-adham-YL7793054?_hsmi=88974744&_hsenc=p2ANqtz-_G5s6CORBttERc_beHteVqqnJIJh5EriMR00fz0Cexxf2lQpsFfBisijUxttE-tNX9yfHTn7fBQWbcOnOkY3_eCosMOOPpTIuaIKsiuCzrvP7v03c
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

tbl-x-upstream: 10.40.0.134:10213
date: Mon, 26 Apr 2021 11:19:24 GMT
server: nginx
x-fastly-to-nlb-rtt: 15843

Redirect headers

location: https://sync.taboola.com/sg/appierrtb-network/1/rtb-h?taboola_hm=RJNftNHaAk64qRBVvKGGYA
date: Mon, 26 Apr 2021 11:19:24 GMT
cache-control: no-store
server: nginx
content-type: text/html; charset=utf-8
content-length: 110
p3p: CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"

GET
H/1.1 200
OK cookiesync
bttrack.com/pixel/ Frame F618 35 B
380 B 686ms
97ms Image
image/gif 192.132.33.46
BIDTELLECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bttrack.com/pixel/cookiesync?source=14b8c562-d12b-418b-b680-ad517d5839ec
Requested by: Host: www.thesundaily.my
URL: https://www.thesundaily.my/home/astrazeneca-is-safe-to-be-given-to-senior-citizens-adham-YL7793054?_hsmi=88974744&_hsenc=p2ANqtz-_G5s6CORBttERc_beHteVqqnJIJh5EriMR00fz0Cexxf2lQpsFfBisijUxttE-tNX9yfHTn7fBQWbcOnOkY3_eCosMOOPpTIuaIKsiuCzrvP7v03c
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 192.132.33.46 , United States, ASN18568 (BIDTELLECT, US),
Reverse DNS: 46.bidtellect.com
Software: Microsoft-IIS/8.5 /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

X-ServerName: Track004-dc3
Pragma: no-cache
Date: Mon, 26 Apr 2021 11:19:14 GMT
X-AspNetMvc-Version: 5.2
Server: Microsoft-IIS/8.5
X-AspNet-Version: 4.0.30319
P3P: CP="CAO DSP COR ADMo DEVo PSAo PSDo HISo IVAo IVDo OUR IND OTC"
Cache-Control: private,no-cache
Content-Type: image/gif
Content-Length: 35
Expires: -1

GET
H2

200

rtb-h
sync-t1.taboola.com/sg/bidswitch-network/1/ Frame F618
Redirect Chain

https://x.bidswitch.net/sync?ssp=taboola&gdpr=0&gdpr_consent=
https://x.bidswitch.net/ul_cb/sync?ssp=taboola&gdpr=0&gdpr_consent=
https://c1.adform.net/serving/cookie/match/?party=24&bidswitch_ssp_id=taboola
https://c1.adform.net/serving/cookie/match/?CC=1&party=24&bidswitch_ssp_id=taboola
https://x.bidswitch.net/sync?dsp_id=70&user_id=7798176862863764396&ssp=taboola
https://sync-t1.taboola.com/sg/bidswitch-network/1/rtb-h?taboola_hm=2c42101e-bbfe-48bd-ba4a-2c71f7d05af6

0
227 B

19ms
19ms

Image
text/plain

141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync-t1.taboola.com/sg/bidswitch-network/1/rtb-h?taboola_hm=2c42101e-bbfe-48bd-ba4a-2c71f7d05af6
Requested by: Host: www.thesundaily.my
URL: https://www.thesundaily.my/home/astrazeneca-is-safe-to-be-given-to-senior-citizens-adham-YL7793054?_hsmi=88974744&_hsenc=p2ANqtz-_G5s6CORBttERc_beHteVqqnJIJh5EriMR00fz0Cexxf2lQpsFfBisijUxttE-tNX9yfHTn7fBQWbcOnOkY3_eCosMOOPpTIuaIKsiuCzrvP7v03c
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

tbl-x-upstream: 10.41.14.57:10213
date: Mon, 26 Apr 2021 11:19:24 GMT
server: nginx
x-fastly-to-nlb-rtt: 16099

Redirect headers

location: //sync-t1.taboola.com/sg/bidswitch-network/1/rtb-h?taboola_hm=2c42101e-bbfe-48bd-ba4a-2c71f7d05af6
date: Mon, 26 Apr 2021 11:19:24 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H3-29

200

si
googleads.g.doubleclick.net/pagead/drt/ Frame 621F
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si

0
0

47ms
45ms

Image
text/html

142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://googleads.g.doubleclick.net/pagead/drt/si
Requested by: Host: www.thesundaily.my
URL: https://www.thesundaily.my/home/astrazeneca-is-safe-to-be-given-to-senior-citizens-adham-YL7793054?_hsmi=88974744&_hsenc=p2ANqtz-_G5s6CORBttERc_beHteVqqnJIJh5EriMR00fz0Cexxf2lQpsFfBisijUxttE-tNX9yfHTn7fBQWbcOnOkY3_eCosMOOPpTIuaIKsiuCzrvP7v03c
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s05-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Redirect headers

date: Mon, 26 Apr 2021 11:19:23 GMT
x-content-type-options: nosniff
server: safe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/drt/si
cache-control: private
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 246
x-xss-protection: 0

GET
H2 200 dpixel
cms.quantserve.com/ Frame 26B1 35 B
210 B 15ms
6ms Image
image/gif 2620:116:800d:21:8c6e:cf2c:8d6:9fb5
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEHdObbELQbIvqGJw7VVNpIw&google_cver=1&google_push=AQvitUIEoOcHzRgdjBuaWfv347QQrCfgT_dRhr3fMZgaw5V9f1OX8Mv6-vj8Zr8w-oFN6ZArQaCj_K-iU-3XGBBsYxxn-ypOMUY

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:8c6e:cf2c:8d6:9fb5 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 26 Apr 2021 11:19:23 GMT
cache-control: private, no-cache, no-store, proxy-revalidate
content-type: image/gif
content-length: 35
strict-transport-security: max-age=86400
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame 26B1
Redirect Chain

https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAQvitUKTKD00...
https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAQvitUKTKD00...
https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMTA0MjYxMTE5MjUyMTk4MjI5MzQ5NTM0MA%3D%3D&google_push=AQvitUKTKD00kC4jw-12cU3DU-QsaM18AG0zNnSgNlTCeT7lc-yutz2Rd4d3xGQ7KvQ9GU...

170 B
188 B

16ms
16ms

Image
image/png

142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMTA0MjYxMTE5MjUyMTk4MjI5MzQ5NTM0MA%3D%3D&google_push=AQvitUKTKD00kC4jw-12cU3DU-QsaM18AG0zNnSgNlTCeT7lc-yutz2Rd4d3xGQ7KvQ9GUObstWoyiu3WrSWMYocAS3Q6TE0VqA

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 26 Apr 2021 11:19:25 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMTA0MjYxMTE5MjUyMTk4MjI5MzQ5NTM0MA%3D%3D&google_push=AQvitUKTKD00kC4jw-12cU3DU-QsaM18AG0zNnSgNlTCeT7lc-yutz2Rd4d3xGQ7KvQ9GUObstWoyiu3WrSWMYocAS3Q6TE0VqA
Pragma: no-cache
Date: Mon, 26 Apr 2021 11:19:25 GMT
Cache-Control: no-cache
Connection: keep-alive
Content-Length: 0

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame 26B1
Redirect Chain

https://rtb.openx.net/sync/dds?google_gid=CAESEEu7vkVv1iNdcc15fskK-hE&google_cver=1&google_push=AQvitUIGy_6TLJHA3nSdK8bJtEPOuMI00MPlDjr1qYcxTubwj5CCbc3xhhOtMDsloqH6LJUQhgX7r5YvySdJulWiRMaBNNH9Hw
https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AQvitUIGy_6TLJHA3nSdK8bJtEPOuMI00MPlDjr1qYcxTubwj5CCbc3xhhOtMDsloqH6LJUQhgX7r5YvySdJulWiRMaBNNH9Hw&google_hm=jJhXFr89zLkthyqG8Gc0mQ==

170 B
188 B

19ms
18ms

Image
image/png

142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AQvitUIGy_6TLJHA3nSdK8bJtEPOuMI00MPlDjr1qYcxTubwj5CCbc3xhhOtMDsloqH6LJUQhgX7r5YvySdJulWiRMaBNNH9Hw&google_hm=jJhXFr89zLkthyqG8Gc0mQ==

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 26 Apr 2021 11:19:23 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 26 Apr 2021 11:19:22 GMT
via: 1.1 google
server: Cowboy
access-control-allow-origin: null
vary: Origin
p3p: CP="CUR ADM OUR NOR STA NID"
location: https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AQvitUIGy_6TLJHA3nSdK8bJtEPOuMI00MPlDjr1qYcxTubwj5CCbc3xhhOtMDsloqH6LJUQhgX7r5YvySdJulWiRMaBNNH9Hw&google_hm=jJhXFr89zLkthyqG8Gc0mQ==
access-control-expose-headers
cache-control: private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials: true
alt-svc: clear
content-length: 0
x-request-id: 9btl3e6sbshpckqf82a1nfm8ggi7pld0

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame 26B1
Redirect Chain

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=RGyh4xHYQlalcGkhabNmRQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...

170 B
188 B

19ms
18ms

Image
image/png

142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=RGyh4xHYQlalcGkhabNmRQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AQvitUJDpLni-uMcewFc18CrXLcDCjJjWZYZooV9A1N3DylMK4gDoIPjDYU-mSzhdfC_lqhnXJ4A1JhYvIK0uXGYFV0H_WpcVQA

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 26 Apr 2021 11:19:23 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=RGyh4xHYQlalcGkhabNmRQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AQvitUJDpLni-uMcewFc18CrXLcDCjJjWZYZooV9A1N3DylMK4gDoIPjDYU-mSzhdfC_lqhnXJ4A1JhYvIK0uXGYFV0H_WpcVQA
Date: Mon, 26 Apr 2021 11:19:22 GMT
P3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length: 0
Content-Type: text/html; charset=UTF-8

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame 26B1
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEOl8LJVbPWFvVYBVPUdVPbo&google_cver=1&google_push=AQvitUJbYaDhnNY7YQWtszsS2fEHXGm-4-bBfDwWlbn4_0lac_JruLuE-4fRe0FvK9aFgL8nEzb...
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S05ZSUNZUEMtMVktM1ZCVA==&google_push=AQvitUJbYaDhnNY7YQWtszsS2fEHXGm-4-bBfDwWlbn4_0lac_JruLuE-4fRe0FvK9aFgL8nEzbfk6S2jE6OtgpJlxJhaDRWvkM

170 B
188 B

17ms
16ms

Image
image/png

142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S05ZSUNZUEMtMVktM1ZCVA==&google_push=AQvitUJbYaDhnNY7YQWtszsS2fEHXGm-4-bBfDwWlbn4_0lac_JruLuE-4fRe0FvK9aFgL8nEzbfk6S2jE6OtgpJlxJhaDRWvkM

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 26 Apr 2021 11:19:23 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S05ZSUNZUEMtMVktM1ZCVA==&google_push=AQvitUJbYaDhnNY7YQWtszsS2fEHXGm-4-bBfDwWlbn4_0lac_JruLuE-4fRe0FvK9aFgL8nEzbfk6S2jE6OtgpJlxJhaDRWvkM
Cache-Control: no-cache,no-store,must-revalidate
Content-Type: text/html
content-length: 0
X-RPHost: 37b22a0c36bd84993dd2cda4a5e04b1d
Expires: 0

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame 26B1
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEP1dt27PLY7fuJ_GbYJMWbc&google_cver=1&googl...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YIahukBEpeGBJB7M0r2UnAAABIsAAAIB&google_gid=CAESEP1dt27PLY7fuJ_GbYJMWbc&google_cver=1&google_push=AQvitUITqbHHpeuf4kpYplFkDkH2RTwQZ2WQk...

170 B
188 B

26ms
25ms

Image
image/png

142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YIahukBEpeGBJB7M0r2UnAAABIsAAAIB&google_gid=CAESEP1dt27PLY7fuJ_GbYJMWbc&google_cver=1&google_push=AQvitUITqbHHpeuf4kpYplFkDkH2RTwQZ2WQkJKp0tby9-to1DnGsVyM1dKLRu-Tww9UyVSNP_21XcLsmijHyaoOaE1bTf8i-6c

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 26 Apr 2021 11:19:23 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 26 Apr 2021 11:19:23 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YIahukBEpeGBJB7M0r2UnAAABIsAAAIB&google_gid=CAESEP1dt27PLY7fuJ_GbYJMWbc&google_cver=1&google_push=AQvitUITqbHHpeuf4kpYplFkDkH2RTwQZ2WQkJKp0tby9-to1DnGsVyM1dKLRu-Tww9UyVSNP_21XcLsmijHyaoOaE1bTf8i-6c
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: text/html; charset=iso-8859-1
Content-Length: 459
Expires: Mon, 26 Apr 2021 11:19:23 GMT

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame 26B1
Redirect Chain

https://googlecm.hit.gemius.pl/googleredir?rid=tknhntsqez&id=ndBK6L_fzwx7rssCbe8.iLes3yi8eMbF6r2JE6Xu.b7.N7&google_gid=CAESEKnf-vR81uJIsJAtl6Joreo&google_cver=1&google_push=AQvitUKc8BRuiMpCl_V9OI1P...
https://cm.g.doubleclick.net/pixel?google_nid=gemius_adh&google_push=AQvitUKc8BRuiMpCl_V9OI1PaiJnldjDd_IbDQqo6RDSHWF_uYbNCR-y_Mhi7wtvVME2taZg5Fxd0_yVigfFeSNlc8aSDJWr7nL5&google_hm=

170 B
188 B

26ms
25ms

Image
image/png

142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=gemius_adh&google_push=AQvitUKc8BRuiMpCl_V9OI1PaiJnldjDd_IbDQqo6RDSHWF_uYbNCR-y_Mhi7wtvVME2taZg5Fxd0_yVigfFeSNlc8aSDJWr7nL5&google_hm=

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 26 Apr 2021 11:19:23 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 26 Apr 2021 11:19:23 GMT
server: GHC
p3p: CP="NOI DSP COR NID PSAo OUR IND"
location: https://cm.g.doubleclick.net/pixel?google_nid=gemius_adh&google_push=AQvitUKc8BRuiMpCl_V9OI1PaiJnldjDd_IbDQqo6RDSHWF_uYbNCR-y_Mhi7wtvVME2taZg5Fxd0_yVigfFeSNlc8aSDJWr7nL5&google_hm=
cache-control: no-store, no-cache, must-revalidate, max-age=0
accept-ranges: none
content-length: 0
expires: Sun, 25 Apr 2021 11:19:23 GMT

GET
H3-29 204 attr
cm.g.doubleclick.net/pixel/ Frame 26B1 0
12 B 21ms
16ms Image
text/html 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13IqBe-CAmIMWaHystSsl87yNB-4DL7oyIBPUQPlPGd-N-n2YrPEy0SVcnEV-6WfxafsM7BxlQ

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Apr 2021 11:19:23 GMT
server: HTTP server (unknown)
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3-29 200 view
securepubads.g.doubleclick.net/pcs/ Frame BF1D 0
0 70ms
68ms Fetch
image/gif 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssS3Q6WYOIXqMLIRMe9i3pJDzRE_NTKPZWqwh6c5DsyY223hLDzOpDO5rHLvthk5EKpUoxeSJrDBSFlZynG6BKu9xb0mk79aGlTQpejIsi0y2SmaCaa01xLP8pzN4BQHstQVGj8HoNS4eC-91_nNPqsNJDs04di5z-G0WC2P9C88ZvrO2S5mMzf2uQvKPjDPp7oCNZC5tztVFS98laBbjc8g2wj-Fg6tT8w07vsTYaEN26m_NU-I1PBsEuudNAXrIxznsErW1rs-sE7tFTNlfT314DmSjc_misBO7cz4gyY0C_C7nA&sai=AMfl-YSIgVw8RtwyNyfPIF8OF230JZ5yEy4f6GmxKP21KrKfd9BFSnli_AVlnkSU5_cxabxA_LXp8ku-5drj0r-4PU-zh98utnLE0yqMfsg5DxYL2k21ZYPaBSxOqA5SCY7c&sig=Cg0ArKJSzKMrhqeYKD0mEAE&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.thesundaily.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 26 Apr 2021 11:19:23 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Mon, 26 Apr 2021 11:19:23 GMT

GET
DATA 200
OK truncated
/ Frame BF1D 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8bae0548dad5194d491030c404133770e76d0907b7187ac34b3f00d7352db429

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-29 200 view
securepubads.g.doubleclick.net/pcs/ Frame D65F 0
0 55ms
55ms Fetch
image/gif 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjss0f2ITqWBO2yiKKeyKZnN909AvNMTrYvs8R-PYF60w-gAYX6a8LASh5TxswbsNQYX4v0JHyF_l6bgB7C76-QGNEJqlMBc_uyyvUVoEZccgwBEbwpBOdqxoRiDKiHM950784pZR1KiM9STdVGWzDuizXg-slBRzUOH_o8YtTepES-ZgD_ZvkbWqW88wGloiuc--lhc_xktAh3tSsXm20HZO7QN9z3ZOflUCIacEuHO8EGQIbRZhLgk1zAYpSmwanBNZ8LYi3Lx1uIkMUTruX3xRvmD8Lqe0TFAzb3QWDXhhKcifIpU&sai=AMfl-YScYAGCE7vswxcDJD6WdgTooT9dNORSNYDi2A75rND4IiOpLFWKXGwzz61CqMk825xeA9-S2sHXffVvHTQGzTUueIsYLwZXbJF2Df_JHXT6hm5yh4qAc9tW29xcKJbl&sig=Cg0ArKJSzC9yccudoHyeEAE&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.thesundaily.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 26 Apr 2021 11:19:23 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Mon, 26 Apr 2021 11:19:23 GMT

GET
DATA 200
OK truncated
/ Frame D65F 218 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c15407f63dcc83d175a7ef6d70a4402507175b44fc4db9d4a52f91a1cb24a833

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 pd Show response
eu-u.openx.net/w/1.0/ Frame D11B 1007 B
865 B 46ms
39ms Document
text/html 35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=569ad57e-43c9-460e-9a8f-667f824c03af&gdpr=1
Requested by: Host: anymind360.com
URL: https://anymind360.com/js/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/16.205.4 /
Resource Hash: 8917570ec80016263eb0e8e0c84710a059db5869f85e9a7401eb9024c172edd6

Request headers

:method: GET
:authority: eu-u.openx.net
:scheme: https
:path: /w/1.0/pd?plm=10&ph=569ad57e-43c9-460e-9a8f-667f824c03af&gdpr=1
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.thesundaily.my/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: i=8062e273-bf3c-4a60-9125-aed947593dde|1619435962
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.thesundaily.my/

Response headers

vary: Accept, Accept-Encoding
set-cookie: i=8062e273-bf3c-4a60-9125-aed947593dde|1619435962; Version=1; Expires=Tue, 26-Apr-2022 11:19:23 GMT; Max-Age=31536000; Secure; Domain=.openx.net; Path=/; SameSite=None pd=v2|1619435963|mOgegqnskin0vNomiygu; Version=1; Expires=Tue, 11-May-2021 11:19:23 GMT; Max-Age=1296000; Secure; Domain=.openx.net; Path=/; SameSite=None
server: OXGW/16.205.4
p3p: CP="CUR ADM OUR NOR STA NID"
date: Mon, 26 Apr 2021 11:19:23 GMT
content-type: text/html
content-length: 547
content-encoding: gzip
via: 1.1 google
alt-svc: clear

GET
H/1.1 200
OK usync.html Show response
eus.rubiconproject.com/ Frame 6FE6 281 B
554 B 3051ms
7ms Document
text/html 184.30.212.16
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html
Requested by: Host: anymind360.com
URL: https://anymind360.com/js/prebid.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 184.30.212.16 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-212-16.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Host: eus.rubiconproject.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://www.thesundaily.my/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.thesundaily.my/

Response headers

Server: Apache/2.2.15 (CentOS)
Last-Modified: Tue, 23 Feb 2021 20:47:52 GMT
ETag: "402b0-119-5bc0708346e00"
Accept-Ranges: bytes
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Mon, 26 Apr 2021 11:19:26 GMT
Connection: keep-alive
Vary: Accept-Encoding

GET
H/1.1 200
OK ixmatch.html Show response
js-sec.indexww.com/um/ Frame 43B5 2 KB
1 KB 3140ms
8ms Document
text/html 184.30.20.241
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://js-sec.indexww.com/um/ixmatch.html
Requested by: Host: anymind360.com
URL: https://anymind360.com/js/prebid.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.30.20.241 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-20-241.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 7eca7977c6ade416c20775a7fd7cfa2291c5752cd1225d5c4342b057c37a000c

Request headers

Host: js-sec.indexww.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://www.thesundaily.my/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.thesundaily.my/

Response headers

Server: Apache
Last-Modified: Thu, 11 Feb 2021 16:12:45 GMT
ETag: "e20015-90b-5bb11ca420f07"
Accept-Ranges: bytes
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: text/html; charset=UTF-8
Vary: Accept-Encoding
Content-Encoding: gzip
Date: Mon, 26 Apr 2021 11:19:26 GMT
Content-Length: 1151
Connection: keep-alive

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame 26A8 52 KB
17 KB 4574ms
9ms Document
text/html 184.30.20.185
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html
Requested by: Host: anymind360.com
URL: https://anymind360.com/js/prebid.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.30.20.185 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-20-185.deploy.static.akamaitechnologies.com
Software: nginx/1.13.10 /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Host: acdn.adnxs.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://www.thesundaily.my/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: uuid2=3124726849276262110
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.thesundaily.my/

Response headers

Last-Modified: Wed, 02 Dec 2020 20:56:47 GMT
ETag: "5fc7ff8f-cf34"
Server: nginx/1.13.10
Access-Control-Allow-Origin: *
Content-Type: text/html
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 17053
Cache-Control: max-age=86402
Expires: Tue, 27 Apr 2021 11:19:30 GMT
Date: Mon, 26 Apr 2021 11:19:28 GMT
Connection: keep-alive

GET
H/1.1 200
OK showad.js Show response
ads.pubmatic.com/AdServer/js/ Frame 0F3C 38 KB
14 KB 4823ms
9ms Document
text/html 184.30.20.198
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/showad.js
Requested by: Host: anymind360.com
URL: https://anymind360.com/js/prebid.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.30.20.198 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-20-198.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 82f1fbe95dbd4e1128a973db542bf50ab7ac8fbf35bfefca2e782b0a0572e564

Request headers

Host: ads.pubmatic.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://www.thesundaily.my/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: KTPCACOOKIE=YES; KADUSERCOOKIE=446CA1E3-11D8-4256-A570-692169B36645; KRTBCOOKIE_1235=23226-642eef7c-30f3-46e4-af7e-73046a8780cb-tuct7802738:$UID; PugT=1619435963; PUBMDCID=3
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.thesundaily.my/

Response headers

Last-Modified: Wed, 14 Apr 2021 09:18:30 GMT
ETag: "13006b6-98c2-5bfeb3aef82b4"
Server: Apache/2.2.15 (CentOS)
Accept-Ranges: bytes
Content-Encoding: gzip
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length: 14060
Content-Type: text/html; charset=UTF-8
Cache-Control: public, max-age=66233
Expires: Tue, 27 Apr 2021 05:43:21 GMT
Date: Mon, 26 Apr 2021 11:19:28 GMT
Connection: keep-alive
Vary: Accept-Encoding

GET
H3-29 200 4275789352334312203
tpc.googlesyndication.com/simgad/ Frame 621F 38 KB
38 KB 44ms
41ms Image
image/png 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/4275789352334312203?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qncDjKseQfnfkHBiLYmiUAWf2QY2Q

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012103020108001/amp4ads-v0.mjs

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3aef12654aa0bed463410d7c3b1922e12bc1dd911d5f954a04ebd120dee7870d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.thesundaily.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 22 Apr 2021 10:36:05 GMT
x-content-type-options: nosniff
last-modified: Tue, 30 Mar 2021 11:36:21 GMT
server: sffe
age: 348198
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38496
x-xss-protection: 0
expires: Fri, 22 Apr 2022 10:36:05 GMT

GET
H3-29 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 621F 2 KB
2 KB 44ms
41ms Image
image/png 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012103020108001/amp4ads-v0.mjs

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.thesundaily.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 26 Apr 2021 03:59:16 GMT
x-content-type-options: nosniff
server: cafe
age: 26407
etag: 14819457070020093239
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2502
x-xss-protection: 0
expires: Tue, 27 Apr 2021 03:59:16 GMT

GET
H3-29 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 621F 295 B
328 B 45ms
44ms Image
image/png 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012103020108001/amp4ads-v0.mjs

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.thesundaily.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 26 Apr 2021 05:03:57 GMT
x-content-type-options: nosniff
server: cafe
age: 22526
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Tue, 27 Apr 2021 05:03:57 GMT

GET
H3-29 200 view
securepubads.g.doubleclick.net/pcs/ Frame 25F2 0
0 45ms
44ms Fetch
image/gif 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssgeaX0HNo5p-eXknVIwMgtvQ_KHUWa2JBpP1j6wNoMHooJA4Sn1gN10qpqogHZ1CZJQQOxPxIzOcHRPSjEP_fKsWMW9cSR_66ucs1lPY0pwU961MZLdQpMVs7AgbXrD1wzcRIeCk5f1JAxV8kB7zbonRK6X4SpbdMPB0Gpux_BHNgSaisFykOleqGUHAq49PskvKg3OriLRMQaazJ1foRnFW6Ng8RwRzY-Oxx6tiiss_yNqLaNf5sQkWObGrQ4DJc0yTatd0XA8nJKL9Hq4lPnAP31qyD2Eo9XmQFAJ1bOyUpzorQ&sai=AMfl-YQN1KLWxL4cxsanlAyYyON8NAd42vHery5jxoYBo93ngWoMBeDYzPIsvv60gIopUyRq25_OJl7yr573tl5IINU5yixWvqhYdw59ob9mUriY3uyQFcykCVs5Vzo8OL_9&sig=Cg0ArKJSzOaRWUzw_sAREAE&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.thesundaily.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 26 Apr 2021 11:19:23 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Mon, 26 Apr 2021 11:19:23 GMT

GET
DATA 200
OK truncated
/ Frame 25F2 217 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3893ba895c523df93e7238315c8abd6a28128886894e288fffd3c7f7692ea159

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-29

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 5844
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si

0
16 B

40ms
40ms

Document
text/html

142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

safe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/si
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: DSID=NO_DATA; IDE=AHWqTUkv5YQ0PK0w32Nj7gJs9LPTpyvS8BSrXV3EyFkW42hm3i1e54SeviUFadcKVnQ
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Mon, 26 Apr 2021 11:19:23 GMT
server: safe
content-length: 0
x-xss-protection: 0
set-cookie: DSID=NO_DATA; expires=Mon, 26-Apr-2021 12:19:23 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Mon, 26 Apr 2021 11:19:23 GMT
cache-control: private

Redirect headers

location: https://googleads.g.doubleclick.net/pagead/drt/si
cache-control: private
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Mon, 26 Apr 2021 11:19:23 GMT
server: safe
content-length: 246
x-xss-protection: 0
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 wkpRfPPcRT5gRuVOwfaUS9di2m_GhEf8-oTDdHI7uwk.js Show response
pagead2.googlesyndication.com/bg/ Frame E34D 14 KB
6 KB 9ms
7ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/wkpRfPPcRT5gRuVOwfaUS9di2m_GhEf8-oTDdHI7uwk.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c24a517cf3dc453e6046e54ec1f6944bd762da6fc68447fcfa84c374723bbb09

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Apr 2021 10:50:01 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Thu, 08 Apr 2021 09:18:00 GMT
server: sffe
age: 1762
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5710
x-xss-protection: 0
expires: Tue, 26 Apr 2022 10:50:01 GMT

GET
H3-29

200

si
googleads.g.doubleclick.net/pagead/drt/ Frame 704F
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si

0
0

40ms
40ms

Image
text/html

142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://googleads.g.doubleclick.net/pagead/drt/si
Requested by: Host: www.thesundaily.my
URL: https://www.thesundaily.my/home/astrazeneca-is-safe-to-be-given-to-senior-citizens-adham-YL7793054?_hsmi=88974744&_hsenc=p2ANqtz-_G5s6CORBttERc_beHteVqqnJIJh5EriMR00fz0Cexxf2lQpsFfBisijUxttE-tNX9yfHTn7fBQWbcOnOkY3_eCosMOOPpTIuaIKsiuCzrvP7v03c
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s05-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Redirect headers

date: Mon, 26 Apr 2021 11:19:23 GMT
x-content-type-options: nosniff
server: safe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/drt/si
cache-control: private
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 246
x-xss-protection: 0

GET
H3-29

200

si
googleads.g.doubleclick.net/pagead/drt/ Frame D975
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si

0
0

40ms
39ms

Image
text/html

142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://googleads.g.doubleclick.net/pagead/drt/si
Requested by: Host: www.thesundaily.my
URL: https://www.thesundaily.my/home/astrazeneca-is-safe-to-be-given-to-senior-citizens-adham-YL7793054?_hsmi=88974744&_hsenc=p2ANqtz-_G5s6CORBttERc_beHteVqqnJIJh5EriMR00fz0Cexxf2lQpsFfBisijUxttE-tNX9yfHTn7fBQWbcOnOkY3_eCosMOOPpTIuaIKsiuCzrvP7v03c
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s05-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Redirect headers

date: Mon, 26 Apr 2021 11:19:23 GMT
x-content-type-options: nosniff
server: safe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/drt/si
cache-control: private
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 246
x-xss-protection: 0

GET
H3-29 200 11118432199244548217
tpc.googlesyndication.com/simgad/ Frame 704F 48 KB
48 KB 7ms
6ms Image
image/png 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/11118432199244548217?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qmT-oAW2sTvsKHU71YN1WWebHquHg

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012103020108001/amp4ads-v0.mjs

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

de4c40d7fc1ec3c53232e73a49237d335e623814352fa3f365b1e0dcab296d2a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.thesundaily.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 24 Apr 2021 05:56:58 GMT
x-content-type-options: nosniff
last-modified: Thu, 22 Apr 2021 10:44:17 GMT
server: sffe
age: 192145
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 48673
x-xss-protection: 0
expires: Sun, 24 Apr 2022 05:56:58 GMT

GET
H3-29 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 704F 2 KB
2 KB 8ms
6ms Image
image/png 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012103020108001/amp4ads-v0.mjs

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.thesundaily.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 26 Apr 2021 03:59:16 GMT
x-content-type-options: nosniff
server: cafe
age: 26407
etag: 14819457070020093239
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2502
x-xss-protection: 0
expires: Tue, 27 Apr 2021 03:59:16 GMT

GET
H3-29 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 704F 295 B
328 B 8ms
7ms Image
image/png 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012103020108001/amp4ads-v0.mjs

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.thesundaily.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 26 Apr 2021 05:03:57 GMT
x-content-type-options: nosniff
server: cafe
age: 22526
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Tue, 27 Apr 2021 05:03:57 GMT

GET
H3-29 200 2162404327191702205
tpc.googlesyndication.com/simgad/ Frame D975 32 KB
32 KB 9ms
7ms Image
image/png 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/2162404327191702205?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qnvzFwupoSgPgT1Xor8EqVx-DX7bw

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012103020108001/amp4ads-v0.mjs

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b516cbf972a8693d5245147a2effc809e3e153316ea4780f02c2c18aebc57971

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.thesundaily.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 22 Apr 2021 00:58:00 GMT
x-content-type-options: nosniff
last-modified: Tue, 11 Aug 2020 07:26:55 GMT
server: sffe
age: 382883
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 32456
x-xss-protection: 0
expires: Fri, 22 Apr 2022 00:58:00 GMT

GET
H3-29 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame D975 2 KB
2 KB 7ms
7ms Image
image/png 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012103020108001/amp4ads-v0.mjs

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.thesundaily.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 26 Apr 2021 03:59:16 GMT
x-content-type-options: nosniff
server: cafe
age: 26407
etag: 14819457070020093239
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2502
x-xss-protection: 0
expires: Tue, 27 Apr 2021 03:59:16 GMT

GET
H3-29 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame D975 295 B
328 B 8ms
7ms Image
image/png 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012103020108001/amp4ads-v0.mjs

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.thesundaily.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 26 Apr 2021 05:03:57 GMT
x-content-type-options: nosniff
server: cafe
age: 22526
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Tue, 27 Apr 2021 05:03:57 GMT

GET
H/1.1 200
OK / Show response
ads.stickyadstv.com/additional-scripts/ Frame 20B3 301 B
857 B 86ms
38ms XHR
text/xml 2.18.234.233
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.stickyadstv.com/additional-scripts/?zoneId=12988193&loc=https%3A%2F%2Fwww.thesundaily.my%2Fhome%2Fastrazeneca-is-safe-to-be-given-to-senior-citizens-adham-YL7793054%3F_hsmi%3D88974744%26_hsenc%3Dp2ANqtz-_G5s6CORBttERc_beHteVqqnJIJh5EriMR00fz0Cexxf2lQpsFfBisijUxttE-tNX9yfHTn7fBQWbcOnOkY3_eCosMOOPpTIuaIKsiuCzrvP7v03c
Requested by: Host: cdn.stickyadstv.com
URL: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-233.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 64a14c1566ed5e882e60ea9d6e3722949c5767823cd23dc1244503991661dc27

Request headers

Accept: application/xml, text/xml
Referer: https://www.thesundaily.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 26 Apr 2021 11:19:23 GMT
Server: nginx
Access-Control-Allow-Origin: https://www.thesundaily.my
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 301
x-sticky-vk: 1619435963799091-335
Expires: Mon, 26 Apr 2021 11:19:23 GMT

GET
H/1.1 200
OK swfIndex.php Show response
ads.stickyadstv.com/www/delivery/ Frame 20B3 67 B
721 B 254ms
170ms XHR
application/xml 2.18.234.233
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.stickyadstv.com/www/delivery/swfIndex.php?zoneId=12988193&_fw_gdpr=1&_fw_us_privacy=1---&vav=db743b12ecaaa41d71e4341c02c82730&vaviv=b622d1010c8324a1e218b67b3b4c675f&reqType=AdsSetup&protocolVersion=2.0&mustangVersion=1.11.8.1&focus=true&componentId=vpaid-adapter&loc=https%3A%2F%2Fwww.thesundaily.my%2Fhome%2Fastrazeneca-is-safe-to-be-given-to-senior-citizens-adham-YL7793054%3F_hsmi%3D88974744%26_hsenc%3Dp2ANqtz-_G5s6CORBttERc_beHteVqqnJIJh5EriMR00fz0Cexxf2lQpsFfBisijUxttE-tNX9yfHTn7fBQWbcOnOkY3_eCosMOOPpTIuaIKsiuCzrvP7v03c&playerSize=700x393&supportsFlash=false&supportsJavascript=true
Requested by: Host: cdn.stickyadstv.com
URL: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-233.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 291437ea71e62b1c35d4ec5d3c5ad02cfa930343b41b1472fba70243089c8bbe

Request headers

Accept: application/xml, text/xml
Referer: https://www.thesundaily.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 26 Apr 2021 11:19:24 GMT
Server: nginx
Content-Type: application/xml;charset=UTF-8
Access-Control-Allow-Origin: https://www.thesundaily.my
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 67
x-sticky-vk: 1619435963978014-420
Expires: Mon, 26 Apr 2021 11:19:24 GMT

GET
H2 200 c709bb6e-8617-e7de-fa24-70c4dc29c36a
pr-bh.ybp.yahoo.com/sync/openx/ Frame D11B 43 B
836 B 774ms
32ms Image
image/gif 2a00:1288:110:c305::8000
YAHOO-IRD

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pr-bh.ybp.yahoo.com/sync/openx/c709bb6e-8617-e7de-fa24-70c4dc29c36a?gdpr=1

Requested by

Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=569ad57e-43c9-460e-9a8f-667f824c03af&gdpr=1

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1288:110:c305::8000 , United Kingdom, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

Software

ATS /

Resource Hash

48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Apr 2021 11:19:24 GMT
referrer-policy: strict-origin-when-cross-origin
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=31536000
content-type: image/gif
x-xss-protection: 1; mode=block
content-length: 43
x-content-type-options: nosniff
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2

200

sd
eu-u.openx.net/w/1.0/ Frame D11B
Redirect Chain

https://pm.w55c.net/ping_match.gif?ei=OPENX&rurl=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537072979%26val%3D_wfivefivec_
https://pm.w55c.net/ping_match.gif?scc=1&ei=OPENX&rurl=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537072979%26val%3D_wfivefivec_
https://eu-u.openx.net/w/1.0/sd?id=537072979&val=TsNNFTQ11LAZgW5

43 B
106 B

16ms
15ms

Image
image/gif

35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eu-u.openx.net/w/1.0/sd?id=537072979&val=TsNNFTQ11LAZgW5
Requested by: Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=569ad57e-43c9-460e-9a8f-667f824c03af&gdpr=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/16.205.4 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 26 Apr 2021 11:19:27 GMT
via: 1.1 google
server: OXGW/16.205.4
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: clear
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 26 Apr 2021 11:19:26 GMT
Server: PingMatch/v2.0.30-639-g719035a#rel-ec2-master i-080424a23a22eec76@eu-central-1a@dxedge-app-eu-central-1-prod-asg
P3P: policyref="https://cts.w55c.net/ct/p3p_policy_ref.xml", CP="UNI PUR COM INT STA OTC STP OUR CUR TAIo COR DSP NOI"
Location: https://eu-u.openx.net/w/1.0/sd?id=537072979&val=TsNNFTQ11LAZgW5
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

sd
us-u.openx.net/w/1.0/ Frame D11B
Redirect Chain

https://x.bidswitch.net/sync?ssp=openx
https://dsp.nrich.ai/bidswitch/sync?bidswitch_ssp_id=openx&bsw_custom_parameter=2c42101e-bbfe-48bd-ba4a-2c71f7d05af6&gdpr=&gdpr_consent=&gdpr_pd=&us_privacy=
https://x.bidswitch.net/sync?dsp_id=283&user_id=f3b1e256-60a9-4232-a642-f5442629e8ff&expires=1&user_group=5&ssp=openx&bsw_param=2c42101e-bbfe-48bd-ba4a-2c71f7d05af6
https://us-u.openx.net/w/1.0/sd?id=537072968&val=2c42101e-bbfe-48bd-ba4a-2c71f7d05af6

43 B
106 B

16ms
16ms

Image
image/gif

35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072968&val=2c42101e-bbfe-48bd-ba4a-2c71f7d05af6
Requested by: Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=569ad57e-43c9-460e-9a8f-667f824c03af&gdpr=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/16.205.4 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 26 Apr 2021 11:19:24 GMT
via: 1.1 google
server: OXGW/16.205.4
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: clear
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location: //us-u.openx.net/w/1.0/sd?id=537072968&val=2c42101e-bbfe-48bd-ba4a-2c71f7d05af6
date: Mon, 26 Apr 2021 11:19:24 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H/1.1

200
OK

adx
match.prod.bidr.io/cookie-sync/ Frame D11B
Redirect Chain

https://match.prod.bidr.io/cookie-sync/ox
https://match.prod.bidr.io/cookie-sync/ox?_bee_ppp=1
https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFHTXFVN0JEVU1BQUNwc21wNVNodw&bee_sync_partners=pm%2Csas%2Cpp%2Cox&bee_sync_current_partner=adx&bee_sync_initiator=ox&b...
https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=pm%2Csas%2Cpp%2Cox&bee_sync_current_partner=adx&bee_sync_initiator=ox&bee_sync_hop_count=1

43 B
430 B

32ms
31ms

Image
image/gif

52.215.139.246
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=pm%2Csas%2Cpp%2Cox&bee_sync_current_partner=adx&bee_sync_initiator=ox&bee_sync_hop_count=1

Requested by

Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=569ad57e-43c9-460e-9a8f-667f824c03af&gdpr=1

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.215.139.246 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains

Request headers

Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
Date: Mon, 26 Apr 2021 11:19:27 GMT
Server: nginx
strict-transport-security: max-age=2592000; includeSubDomains
p3p: CP="This is not a P3P policy! See https://beeswax.com/privacy for more info."
cache-control: no-cache, must-revalidate
Connection: keep-alive
content-type: image/gif
Content-Length: 43
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 26 Apr 2021 11:19:27 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=pm%2Csas%2Cpp%2Cox&bee_sync_current_partner=adx&bee_sync_initiator=ox&bee_sync_hop_count=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 360
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

sd
eu-u.openx.net/w/1.0/ Frame D11B
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=5&redir=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D536872786%26val%3D%5BMM_UUID%5D
https://eu-u.openx.net/w/1.0/sd?id=536872786&val=b3fe6086-a1bd-4500-b9d2-c8dcb027345b

43 B
106 B

16ms
16ms

Image
image/gif

35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eu-u.openx.net/w/1.0/sd?id=536872786&val=b3fe6086-a1bd-4500-b9d2-c8dcb027345b
Requested by: Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=569ad57e-43c9-460e-9a8f-667f824c03af&gdpr=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/16.205.4 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 26 Apr 2021 11:19:25 GMT
via: 1.1 google
server: OXGW/16.205.4
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: clear
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Date: Mon, 26 Apr 2021 11:20:43 GMT
Server: MT3 3660 495c301 master cdg-pixel-x26
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://eu-u.openx.net/w/1.0/sd?id=536872786&val=b3fe6086-a1bd-4500-b9d2-c8dcb027345b
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=360
Content-Length: 0
Expires: Mon, 26 Apr 2021 11:20:42 GMT

GET
H2

200

sd
us-u.openx.net/w/1.0/ Frame D11B
Redirect Chain

https://pixel.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=1
https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=1&val=HwmNDkgI11kEAdAIH1yYDxEJhQAEWIxbS1_ldA4h

43 B
106 B

18ms
16ms

Image
image/gif

35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=1&val=HwmNDkgI11kEAdAIH1yYDxEJhQAEWIxbS1_ldA4h
Requested by: Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=569ad57e-43c9-460e-9a8f-667f824c03af&gdpr=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/16.205.4 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 26 Apr 2021 11:19:24 GMT
via: 1.1 google
server: OXGW/16.205.4
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: clear
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 26 Apr 2021 11:19:24 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location: https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=1&val=HwmNDkgI11kEAdAIH1yYDxEJhQAEWIxbS1_ldA4h
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 0
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2

200

sd
eu-u.openx.net/w/1.0/ Frame D11B
Redirect Chain

https://c1.adform.net/serving/cookie/match?party=22
https://c1.adform.net/serving/cookie/match?CC=1&party=22
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=3078880720611692555

43 B
106 B

16ms
15ms

Image
image/gif

35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eu-u.openx.net/w/1.0/sd?id=537113484&val=3078880720611692555
Requested by: Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=569ad57e-43c9-460e-9a8f-667f824c03af&gdpr=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/16.205.4 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 26 Apr 2021 11:19:24 GMT
via: 1.1 google
server: OXGW/16.205.4
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: clear
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 26 Apr 2021 11:19:24 GMT
server: nginx
location: https://eu-u.openx.net/w/1.0/sd?id=537113484&val=3078880720611692555
access-control-max-age: 86400
access-control-allow-methods: GET
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H2 200 openx
match.adsrvr.org/track/cmf/ Frame D11B 70 B
264 B 48ms
46ms Image
image/gif 63.33.11.43
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/openx?oxid=53cedd2a-16bb-7597-cbf3-6631237e0e23&gdpr=1
Requested by: Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=569ad57e-43c9-460e-9a8f-667f824c03af&gdpr=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 63.33.11.43 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-63-33-11-43.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 26 Apr 2021 11:19:24 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H3-29 200 pixel
cm.g.doubleclick.net/ Frame D11B 170 B
188 B 19ms
17ms Image
image/png 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=N2ZhMTBlZTAtZGZjYy0yYjMzLWRlMTMtM2M4OGU5OWNjMDQz

Requested by

Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=569ad57e-43c9-460e-9a8f-667f824c03af&gdpr=1

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 26 Apr 2021 11:19:24 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

sd
us-u.openx.net/w/1.0/ Frame D11B
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEKt8Vc2C8GRcIfboiEHOX0E&google_cver=1

43 B
106 B

16ms
16ms

Image
image/gif

35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEKt8Vc2C8GRcIfboiEHOX0E&google_cver=1
Requested by: Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=569ad57e-43c9-460e-9a8f-667f824c03af&gdpr=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/16.205.4 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 26 Apr 2021 11:19:24 GMT
via: 1.1 google
server: OXGW/16.205.4
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: clear
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 26 Apr 2021 11:19:24 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEKt8Vc2C8GRcIfboiEHOX0E&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29

200

pixel
cm.g.doubleclick.net/
Redirect Chain

https://ads.stickyadstv.com/user-matching?id=11&_fw_gdpr=0&_fw_gdpr_consent=
https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_hm=ODljN2E5MmFlMzdhMDQ3ZTdjMjU0M2UzMTZiY2Y=&gdpr=0&gdpr_consent=

170 B
188 B

17ms
17ms

Image
image/png

142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_hm=ODljN2E5MmFlMzdhMDQ3ZTdjMjU0M2UzMTZiY2Y=&gdpr=0&gdpr_consent=

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.thesundaily.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 26 Apr 2021 11:19:24 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 26 Apr 2021 11:19:24 GMT
Server: nginx
Access-Control-Allow-Origin: *
Location: https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_hm=ODljN2E5MmFlMzdhMDQ3ZTdjMjU0M2UzMTZiY2Y=&gdpr=0&gdpr_consent=
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0
x-sticky-vk: 1619435964604023-379
Expires: Mon, 26 Apr 2021 11:19:24 GMT

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/
Redirect Chain

https://ads.stickyadstv.com/user-matching?id=2545&_fw_gdpr=0&_fw_gdpr_consent=
https://s.amazon-adsystem.com/ecm3?id=89c7a92ae37a047e7c2543e316bcf&ex=freewheel.tv&gdpr=0&gdpr_consent=

43 B
344 B

312ms
104ms

Image
image/gif

52.94.232.32
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.amazon-adsystem.com/ecm3?id=89c7a92ae37a047e7c2543e316bcf&ex=freewheel.tv&gdpr=0&gdpr_consent=
Requested by: Host: www.thesundaily.my
URL: https://www.thesundaily.my/home/astrazeneca-is-safe-to-be-given-to-senior-citizens-adham-YL7793054?_hsmi=88974744&_hsenc=p2ANqtz-_G5s6CORBttERc_beHteVqqnJIJh5EriMR00fz0Cexxf2lQpsFfBisijUxttE-tNX9yfHTn7fBQWbcOnOkY3_eCosMOOPpTIuaIKsiuCzrvP7v03c
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.94.232.32 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Server /
Resource Hash: c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Request headers

Referer: https://www.thesundaily.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 26 Apr 2021 11:19:24 GMT
Server: Server
Vary: User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 26 Apr 2021 11:19:24 GMT
Server: nginx
Access-Control-Allow-Origin: *
Location: https://s.amazon-adsystem.com/ecm3?id=89c7a92ae37a047e7c2543e316bcf&ex=freewheel.tv&gdpr=0&gdpr_consent=
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0
x-sticky-vk: 1619435964545079-425
Expires: Mon, 26 Apr 2021 11:19:24 GMT

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame B900 0
20 B 16ms
15ms Image
image/gif 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=222&t=2&li=gda_r20210422&jk=3912251608612625&bg=!jI-lj8vNAAZUuIlwVLg7ACkAdvg8Whv8bkWwIVp3NGw1IEcpwM8NHAM6Fk_oYEOFTF_R_j-my6w9dQIAAAQ6UgAAAFRoAQeZAkOBCR3ruTylCQQmq1NyCL5MHpZga32mNjS8C1qEA4rC3HAXT8Z3UP2csyQ1Glk5NltK_EsU7cYuRvoxVSVz1Sqtc5seIMfvOejuzN2hOqUfN6kYE9YdPyWoViV_nXNiMKt_JsxDVEloiHhK-HzWrW47GeeAy9OouLOIIFw1q-wcnBIRUZoydLf-LKlswBlHXdfBeoXt1WaIJgFRbR4r5yoWG33nYX9kPC0v1YnTAfTVOB2Nkrx8B75SUojwf16wQA4d5vSw4z3MbW6WTMTVZszOBmdd32NX83bZ8YWniOIV5EN77SOHLtwyZKey5cjLp0NcGpr1M96m3n3ThVvtK8GzzyAWNLYaRVxIODWDqnejIEkZR8u8CBwHFAAOuQtS_o4vGLARWDC4spyub7yBvPNRvyAD4FtebdJizYH2f6sofKmdM_n-4eskjF_BgHO3Jcmph_ODtTGfyN0GQt59thhgi8068HGfUkRwnDy_LPmtU2j0pm_VacPt1smC9TOqrjgwLyoKZGf7AcvU3zrI-ClQ6DVN-UriAdtG4kFOSGcsPcgaDHtJF3FQkJSELfEYGeP15Cg0vO_yrXfVdXwJFh8P65Ljh18IDPgZ4e2TnwmUkiBd3loMBHFr8-LpaK1zrTUNZXMlRFqzheJmKwsAb95wa-mqYTwdFm5aWZCZ1P846hHtwkpJjvCn-Ll9ybeaUdmcE_bi_XY7JTleTzzSWutWKGmUH7JhGJKxEPfDlg1mM1ZJ-gDGoxIf8cZEznAci37IPeM

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.thesundaily.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 26 Apr 2021 11:19:24 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 025B 42 B
64 B 15ms
14ms Fetch
image/gif 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuYAO5MIDddA7QraXZLFFsxdxr9GFJyEOkUrcWnNQbJb-hlw1fsMeOOVpDFTZfmB45C59Lnfult4nuMgCy5m9cGd3g_20LzDkUQJoCdcbI&sig=Cg0ArKJSzGGpXS6Mi-F2EAE&id=lidar2&mcvt=1000&p=199,221,439,1391&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20210421&bin=7&avms=nio&bs=1600,1200&mc=1&app=0&itpl=3&adk=3154283803&rs=4&met=mue&la=1&cr=0&osd=1&vs=4&rst=1619435963039&dlt=0&rpt=423&isd=0&msd=0&r=v&fum=1

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.thesundaily.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 26 Apr 2021 11:19:24 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame B323 0
20 B 17ms
17ms Image
image/gif 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=222&t=2&li=gda_r20210422&jk=11907315495935&bg=!xMelx4PNAAZUuIlwVLg7ACkAdvg8Wp1MZs6GwHHbeYTPmT2K99Xv_bTVOsjPXv4FxGuKbwk06INYxgIAAAGNUgAAAAtoAQcKAHFUlqdTE-xpN2YMyD22kUOvU9-8RyRf-sP-7Fd_ud4jhAE3KsKR2ERhvwMd3UjAINC_vjUkf0XgU2xiSEFeEdjqRxbqucWtDkn8yfHSrlwXbQaTiBJcla-HpmVqVA6UDXiMmlx3qx7iS1S_L6nG5LvqhZkCW2AoBJySFHFE1yb7IXvQwRRGyYviGPSk-pokJdZdlmvFrnm35oxs2oMUCSV9yVIciLSBxfZ4VZDfXgGYNLxf1NQmjIApjKEPH7O-9QBSleqLGWxWIopA-2veklgnmLysmC56v3EUtF0rkLmbk1GnUrx7B8A1uQbAt7SO_MT15_g1osqhPAHlectYyqDKH1i-GZrQM1Mvo1eCQRhk8PNxS1wA2S2L7Jd9qrFKc6aJAvRxkdxrLYHvDtyiOnPJ2BpOR7-ueV5lDVdKypZ00JH6lAU-ENfYYXQKqL2N67r-RtMSP8H-NUPQCmgtEx1Yw10hcORoHWon_4eJxOoBbULoiWGrgLWtVOg9cvB6ynj8D1_ihhXFKbpNJwfSZDZ0nsVoJUXLytMHvYmE-C28STALe4fJx3z-OcMLVqtcpqHbIWq5QhVpRP_-roDC7fZzTYDIcTw-RFXp-wleuXnf5C1X1p8SSYxyOMpFokEVuLZxtJwd5atYwdNUK2J3JMyHF0zGYEjNh9W9z1mOhr5bTAYW6gnTA-eSrQ6p-NpP1CUBXezYFKX6LMzn3so67Zn1QMnittoo2dV1ofk4N26qbcIeHC9V9tOKyBBmoJrwLJPbwO1bF3Jw6BkAc4WEw5wgYhU81gGJdHYFglRCjJ4dw0DmgOtutAJrYaMYqMH7PG-pzbc1yi-IXtiVyT6P4tE3qRhBphWJZ5zaUHKHMoSWZkQKlKGPT-bJ8qnywcDcPMAxA0RZw-i7iMr1BygM0-I_IPOoXBg8tmPKhwh-zvdQFjVDnAMM7mgl4xJR-nfgtA

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.thesundaily.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 26 Apr 2021 11:19:24 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 25F2 42 B
64 B 14ms
14ms Fetch
image/gif 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjss3dyHWa_hCHaXY1S-XVOeHf9KXoRDIjYdbPfgQPg4oq8IMkscfrD4qXyFoRVVvm-SG8kX5g6OJS-ojJWBLUKnzjC9Wm5MuK58WJbJBgkQ&sig=Cg0ArKJSzPvetQFncG_lEAE&id=lidar2&mcvt=1001&p=893,1040,1143,1340&mtos=1001,1001,1001,1001,1001&tos=1001,0,0,0,0&v=20210421&bin=7&avms=nio&bs=1600,1200&mc=1&app=0&itpl=3&adk=3079932573&rs=4&met=mue&la=0&cr=0&osd=1&vs=4&rst=1619435963229&dlt=0&rpt=509&isd=0&msd=0&r=v&fum=1

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.thesundaily.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 26 Apr 2021 11:19:24 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 activeview
pagead2.googlesyndication.com/pcs/ Frame 704F 42 B
64 B 17ms
16ms Image
image/gif 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvmoZ9iLJKoeip6fpAvB4HOJBQor5BwOWzgtLPhAKb6HaBJ9dRbyOpNQ1td5p4p2isQEWO9jo1EhDi7uMx_ZcaKwUh4ut_Urcq7j3UWBP6pKiBNW740-a07WAkAgA&sai=AMfl-YRwjctEtXXKlnhymY8UjHlcomPG1SHKyq4LpMsDzSQUPZ4-VdKLM8ic4FutJgN0Jaq8mt2iZLBKJPZo1lfEecRDK6nrPMGPTUY91iJxgquadCJQdwZQ0kkuIpViE3SN&sig=Cg0ArKJSzMrW8AAyP323EAE&cid=CAASPeRo40k_XEJ8OZfgFhiuCsIuZYy_WXeR2IsrGua1-9Cdg4puki1NGAW7r-Ewymofz46aSo431BYrFhv_mzo&id=ampim&o=241,460&d=728,90&ss=1600,1200&bs=1600,1200&mcvt=1000&mtos=0,0,1000,1000,1000&tos=0,0,1000,0,0&tfs=341&tls=1341&g=100&h=100&tt=1341&r=v&avms=ampa&adk=2651473827

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.thesundaily.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 26 Apr 2021 11:19:25 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 VideoBidRequestHandlerServlet Show response
wf.taboola.com/ 4 KB
3 KB 99ms
99ms XHR
application/json 199.232.137.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://wf.taboola.com/VideoBidRequestHandlerServlet?oid=15&width=700&height=393&pubid=169497&tagid=953497&crid=5029295&noaop=3&sortOrderType=0&cb=1619435965273&mimes=5,10,11,12&isvideo=0&plmd=2&mindur=1&maxdur=210&minbr=1&maxbr=10000&st=0&seq=2&pv=1056001&pt=-70368120&tz=120&viewable=true&ddast=V75g8CFgOOnMIAPEMHZgSOnMIAPEMHZgUAAAAGBvQHGbOgjCjDEY3CYc6Wo9FysVksZqvRcDeEjVlQRpThiEbhMGfL0Wg5mCwmo91uMBtMpvBhLJfJoBZIWGa_76CgnJ4es8sgKrreFrvDafa8QQxNp8Pnutfrfr-76OjyvO4mh9PsvKudf6Hf7fIrPKfLw_qyuzwOt9Lz1jxsLrfo75a43Dqn7WV3i_5uzcvu9FveGqfpaX3ZPW-Fyehwu5Vl3m65GaxGcwAAAAB4AGDqfYX4AQQAiAAAAACQAAAAAKAIqPi3ELgAAAAAwAAgcGvVAIDiMBCX5ey0-wMA4KEABABAAIMEQCCypQTgYiv0BAAAAAAAAACA5f___z8GIC-_WAZgw-etB-DBB-CBqOCwiBEAAABAVj7Q8tGkTqgsqgAACNKtAK4AAALyGs55GcIAAAAExhboYfH7zQ67xu92GQAAAAAAAACA2f_ZP5qQlAduWpAVxZ7aLyAAwNovIAAAm7oBALwFwAUdQSsGg9UpxG44W-xGk81ydgAAAAB3_____3ogMlrZRg6PZeWwTGy7iW04s-xWM99wZJs5d4PFwntAcSWW4lUNdH0hwjL7fQcF5fT0mF0GUdH1ttgdTrPnID5oGJaTQTC_CVuMVpPJZjmcLReTwXA0HI32J4DLAU7EYLmcTBaT3Wq0Gm2Gu9FssECBGExwQoajzWQ12q12k-VwMhrNNpMNUrRqNRttBsPVbDLb7VbDwXA5GiFFaxazyWQxGy13m8FyMhoMJ8MhwthosnLZfBu3ZjDzrEWzlWmtsPlWbt1mMJotjLvhYGNxi14f0284mOw2wy0KBkjtRXCRTkRHl-d1NzmcZudFLNGcLNKJ7LKvjFa2kcNjWTksE9tuYhvOLLvVzDcc2WbO3WCx8NdGk5XL5tu4NYOZZy2arUxrhc23cus2g9FsYdwNBxuLW_T6mH7DwWS3Ge4bs8VytFktZ4N9Y7ZYjjar5Wyw79AZvqvP2ehMiw8emXa9u96KMvNB4TJYvD-JaTHtzg5-aevo9Pk8yoLOKLx-j16DwnPwmMbLW-1Y3j6b6eMwoYglgtNFOhG9jKeLWCJ5WqQT0ciy8i0mHsdqt3DZDIvBZrma7WYuj8Xk8sxmE4tYojRdpBO90O92-RWe0-VhfdldHodb6XlrHjaXW_R3S1xundP2srtFf7fmZXf6LW-N0_S0vuyet8JkdLjdyrNvt9wMVqOJ-o8NuJxLRsu5bDSXDDarBAAAAAAAAACwhDnzJgAAAACnQcyGk81uuQAQDl26QAI-TLYRHou79mNeBUaCCjXFjR8v0NHled1NDqfZeebNnglirVbLGgAAQAAbAAAggFs3bwFhkRw!&proto=2,3,5,6&encoded=1&pstn=1&callback=&wfv=1&amp=0&qsz=6&ft=0&pb=0&pagg=1&sd=undefined&dtagid=1530785&dpubid=168237&abtst=adh5c-1_vA!insc_vA!nrlc_vA!ntvc_vB!rft_vC!secure_protocol_vA!secure_protocol_vB!secure_vB!spa2_vA!ufm_vG&mPre=0.033&cirf=https%3A%2F%2Fwww.thesundaily.my&en=1&subu=3
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/vPlayer/player/v12.2.0/OvaMediaPlayer.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: f3abf7db25ff57d73d77dc21953e05abe163a769a5b50a585b0011daf3728e9e

Request headers

Referer: https://www.thesundaily.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type: text/plain

Response headers

date: Mon, 26 Apr 2021 11:19:25 GMT
content-encoding: gzip
access-control-allow-origin: https://www.thesundaily.my
machineid: 1437
x-cache: MISS
x-cache-hits: 0
x-served-by: cache-hhn11538-HHN
pragma: no-cache
server: nginx
x-timer: S1619435965.279223,VS0,VE92
vary: Accept-Encoding
content-type: application/json;charset=utf-8
via: 1.1 varnish
cache-control: no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
access-control-allow-credentials: true
accept-ranges: bytes
link: <http://ads.stickyadstv.com>; rel=preconnect
expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H/1.1 200
OK 12988193 Show response
ads.stickyadstv.com/vast/vpaid-adapter/ 1 KB
2 KB 54ms
44ms XHR
application/xml 2.18.234.233
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.stickyadstv.com/vast/vpaid-adapter/12988193?_fw_gdpr=1&_fw_us_privacy=1---
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/vPlayer/player/v12.2.0/OvaMediaPlayer.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-233.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 5d791c4797263270b7749f9dd93b2ccf8419c643d8aee58cd65e9b94527cc753

Request headers

Referer: https://www.thesundaily.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

Pragma: no-cache
Date: Mon, 26 Apr 2021 11:19:25 GMT
Server: nginx
Content-Type: application/xml;charset=ISO-8859-1
Access-Control-Allow-Origin: https://www.thesundaily.my
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 1064
x-sticky-vk: 1619435965400002-418
Expires: Mon, 26 Apr 2021 11:19:25 GMT

GET
H/1.1 200
OK vpaid-adapter.min.js Show response
cdn.stickyadstv.com/mustang/ Frame A2F0 328 KB
111 KB 20ms
8ms Script
application/x-javascript 2001:4de0:ac19::1:b:2b
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/vPlayer/player/v12.2.0/OvaMediaPlayer.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2001:4de0:ac19::1:b:2b , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: /
Resource Hash: de516f330c0084178fc78cd5e6d49cba306d8380428386b088b6805c512a1561

Request headers

Referer: https://www.thesundaily.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 26 Apr 2021 11:19:25 GMT
Content-Encoding: gzip
Last-Modified: Wed, 24 Mar 2021 03:29:54 GMT
ETag: "1616556594"
X-HW: 1619435965.dop097.fr8.shc,1619435965.dop097.fr8.t,1619435965.cds006.fr8.c
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=86400
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 113077

GET auto-user-sync
ads.stickyadstv.com/ Frame A2F0 0
0

GET
H/1.1

400
Request failed due to privacy signals

getuid
ib.adnxs.com/
Redirect Chain

https://ads.stickyadstv.com/auto-user-sync?gdpr=1&gdpr_consent=null
https://ib.adnxs.com/getuid?https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D209&gdpr=1&gdpr_consent=null%26userId%3D$UID&gdpr=1&gdpr_consent=null

0
0

15ms
14ms

Image
text/html

37.252.172.45
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ib.adnxs.com/getuid?https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D209&gdpr=1&gdpr_consent=null%26userId%3D$UID&gdpr=1&gdpr_consent=null
Requested by: Host: www.thesundaily.my
URL: https://www.thesundaily.my/home/astrazeneca-is-safe-to-be-given-to-senior-citizens-adham-YL7793054?_hsmi=88974744&_hsenc=p2ANqtz-_G5s6CORBttERc_beHteVqqnJIJh5EriMR00fz0Cexxf2lQpsFfBisijUxttE-tNX9yfHTn7fBQWbcOnOkY3_eCosMOOPpTIuaIKsiuCzrvP7v03c
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 37.252.172.45 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.thesundaily.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Redirect headers

Pragma: no-cache
Date: Mon, 26 Apr 2021 11:19:25 GMT
Server: nginx
Access-Control-Allow-Origin: *
Location: https://ib.adnxs.com/getuid?https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D209&gdpr=1&gdpr_consent=null%26userId%3D$UID&gdpr=1&gdpr_consent=null
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0
x-sticky-vk: 1619435965513074-342
Expires: Mon, 26 Apr 2021 11:19:25 GMT

GET
H/1.1 200
OK / Show response
ads.stickyadstv.com/additional-scripts/ Frame A2F0 301 B
857 B 65ms
36ms XHR
text/xml 2.18.234.233
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.stickyadstv.com/additional-scripts/?zoneId=12988193&loc=https%3A%2F%2Fwww.thesundaily.my%2Fhome%2Fastrazeneca-is-safe-to-be-given-to-senior-citizens-adham-YL7793054%3F_hsmi%3D88974744%26_hsenc%3Dp2ANqtz-_G5s6CORBttERc_beHteVqqnJIJh5EriMR00fz0Cexxf2lQpsFfBisijUxttE-tNX9yfHTn7fBQWbcOnOkY3_eCosMOOPpTIuaIKsiuCzrvP7v03c
Requested by: Host: cdn.stickyadstv.com
URL: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-233.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 64a14c1566ed5e882e60ea9d6e3722949c5767823cd23dc1244503991661dc27

Request headers

Accept: application/xml, text/xml
Referer: https://www.thesundaily.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 26 Apr 2021 11:19:25 GMT
Server: nginx
Access-Control-Allow-Origin: https://www.thesundaily.my
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 301
x-sticky-vk: 1619435965490063-399
Expires: Mon, 26 Apr 2021 11:19:25 GMT

GET
H/1.1 200
OK swfIndex.php Show response
ads.stickyadstv.com/www/delivery/ Frame A2F0 67 B
721 B 201ms
137ms XHR
application/xml 2.18.234.233
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.stickyadstv.com/www/delivery/swfIndex.php?zoneId=12988193&_fw_gdpr=1&_fw_us_privacy=1---&vav=e3526415e24c9a125415894735210f4b&vaviv=10f800fd768b6aaf6b6ef3e41ffb69df&reqType=AdsSetup&protocolVersion=2.0&mustangVersion=1.11.8.1&focus=true&componentId=vpaid-adapter&loc=https%3A%2F%2Fwww.thesundaily.my%2Fhome%2Fastrazeneca-is-safe-to-be-given-to-senior-citizens-adham-YL7793054%3F_hsmi%3D88974744%26_hsenc%3Dp2ANqtz-_G5s6CORBttERc_beHteVqqnJIJh5EriMR00fz0Cexxf2lQpsFfBisijUxttE-tNX9yfHTn7fBQWbcOnOkY3_eCosMOOPpTIuaIKsiuCzrvP7v03c&playerSize=700x393&supportsFlash=false&supportsJavascript=true
Requested by: Host: cdn.stickyadstv.com
URL: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-233.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 291437ea71e62b1c35d4ec5d3c5ad02cfa930343b41b1472fba70243089c8bbe

Request headers

Accept: application/xml, text/xml
Referer: https://www.thesundaily.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 26 Apr 2021 11:19:25 GMT
Server: nginx
Content-Type: application/xml;charset=UTF-8
Access-Control-Allow-Origin: https://www.thesundaily.my
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 67
x-sticky-vk: 1619435965569022-333
Expires: Mon, 26 Apr 2021 11:19:25 GMT

GET user-matching
ads.stickyadstv.com/ Frame A2F0 0
0

GET
H3-29

200

pixel
cm.g.doubleclick.net/
Redirect Chain

https://ads.stickyadstv.com/user-matching?id=11&_fw_gdpr=0&_fw_gdpr_consent=
https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_hm=ODljN2E5MmFlMzdhMDQ3ZTdjMjU0M2UzMTZiY2Y=&gdpr=0&gdpr_consent=

170 B
188 B

16ms
16ms

Image
image/png

142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_hm=ODljN2E5MmFlMzdhMDQ3ZTdjMjU0M2UzMTZiY2Y=&gdpr=0&gdpr_consent=

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.thesundaily.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 26 Apr 2021 11:19:25 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 26 Apr 2021 11:19:25 GMT
Server: nginx
Access-Control-Allow-Origin: *
Location: https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_hm=ODljN2E5MmFlMzdhMDQ3ZTdjMjU0M2UzMTZiY2Y=&gdpr=0&gdpr_consent=
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0
x-sticky-vk: 1619435965613070-371
Expires: Mon, 26 Apr 2021 11:19:25 GMT

GET user-matching
ads.stickyadstv.com/ Frame A2F0 0
0

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/
Redirect Chain

https://ads.stickyadstv.com/user-matching?id=2545&_fw_gdpr=0&_fw_gdpr_consent=
https://s.amazon-adsystem.com/ecm3?id=89c7a92ae37a047e7c2543e316bcf&ex=freewheel.tv&gdpr=0&gdpr_consent=

43 B
344 B

104ms
104ms

Image
image/gif

52.94.232.32
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.amazon-adsystem.com/ecm3?id=89c7a92ae37a047e7c2543e316bcf&ex=freewheel.tv&gdpr=0&gdpr_consent=
Requested by: Host: www.thesundaily.my
URL: https://www.thesundaily.my/home/astrazeneca-is-safe-to-be-given-to-senior-citizens-adham-YL7793054?_hsmi=88974744&_hsenc=p2ANqtz-_G5s6CORBttERc_beHteVqqnJIJh5EriMR00fz0Cexxf2lQpsFfBisijUxttE-tNX9yfHTn7fBQWbcOnOkY3_eCosMOOPpTIuaIKsiuCzrvP7v03c
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.94.232.32 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Server /
Resource Hash: c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Request headers

Referer: https://www.thesundaily.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 26 Apr 2021 11:19:25 GMT
Server: Server
Vary: User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 26 Apr 2021 11:19:25 GMT
Server: nginx
Access-Control-Allow-Origin: *
Location: https://s.amazon-adsystem.com/ecm3?id=89c7a92ae37a047e7c2543e316bcf&ex=freewheel.tv&gdpr=0&gdpr_consent=
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0
x-sticky-vk: 1619435965718019-415
Expires: Mon, 26 Apr 2021 11:19:25 GMT

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame 6FE6 31 KB
9 KB 8ms
7ms Script
text/html 184.30.212.16
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 184.30.212.16 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-212-16.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: ed2d993c35cd51826ee304739d91e554bd9faa1b120602fc4b3baa15941a9e35

Request headers

Referer: https://eus.rubiconproject.com/usync.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 26 Apr 2021 11:19:26 GMT
Content-Encoding: gzip
Last-Modified: Mon, 19 Apr 2021 20:34:13 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=68146
Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Content-Length: 9242
Expires: Tue, 27 Apr 2021 06:15:12 GMT

GET
H/1.1 200
OK khaos.jpg
token.rubiconproject.com/ Frame 6FE6 284 B
536 B 1126ms
30ms Image
image/jpg 69.173.144.138
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://token.rubiconproject.com/khaos.jpg?
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: 492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length: 284
X-RPHost: 37b22a0c36bd84993dd2cda4a5e04b1d
Content-Type: image/jpg

GET
H/1.1 200
OK Cookie set usermatch Show response
ssum-sec.casalemedia.com/ Frame ECD0 2 KB
3 KB 52ms
52ms Document
text/html 184.30.20.241
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.thesundaily.my/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Requested by: Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.30.20.241 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-20-241.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 9a4eb81c24e7206a77f33b3980fbc2438e0c4347beb5859e233289732459b705

Request headers

Host: ssum-sec.casalemedia.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://js-sec.indexww.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: CMID=YIahukBEpeGBJB7M0r2UnAAA; CMPS=3274; CMPRO=1163; CMST=YIahumCGobsA
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://js-sec.indexww.com/

Response headers

Server: Apache
Content-Type: text/html
Dropped-Udsids: 241|45|230|39|47|41|206|152
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Vary: Is-Traffic-Usersync
Content-Length: 1721
Expires: Mon, 26 Apr 2021 11:19:26 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Mon, 26 Apr 2021 11:19:26 GMT
Connection: keep-alive
Set-Cookie: CMID=YIahukBEpeGBJB7M0r2UnAAA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Tue, 26 Apr 2022 11:19:26 GMT CMPS=3274;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Sun, 25 Jul 2021 11:19:26 GMT CMPRO=1163;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Sun, 25 Jul 2021 11:19:26 GMT CMRUM3=276086a1be0b40&f16086a1be05a0&986086a1be05a00&2f6086a1be05a0&e66086a1be27600&ce6086a1be05a00&2d6086a1be05a0&296086a1be05a00;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Tue, 26 Apr 2022 11:19:26 GMT CMST=YIahumCGob4A;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Tue, 27 Apr 2021 11:19:26 GMT

GET
H/1.1

200
OK

dcm
s.amazon-adsystem.com/ Frame ECD0
Redirect Chain

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YIahukBEpeGBJB7M0r2UnAAABIsAAAIB
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YIahukBEpeGBJB7M0r2UnAAABIsAAAIB&dcc=t

43 B
433 B

105ms
105ms

Image
image/gif

52.94.232.32
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YIahukBEpeGBJB7M0r2UnAAABIsAAAIB&dcc=t
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.thesundaily.my/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.94.232.32 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Server /
Resource Hash: c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 26 Apr 2021 11:19:26 GMT
Server: Server
Vary: User-Agent
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 26 Apr 2021 11:19:26 GMT
Server: Server
Vary: User-Agent
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location: https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YIahukBEpeGBJB7M0r2UnAAABIsAAAIB&dcc=t
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1

200
OK

crum
dsum-sec.casalemedia.com/ Frame ECD0
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YIahukBEpeGBJB7M0r2UnAAA
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEFY9dvIjWLqxdenGmIHMMFo&google_cver=1

43 B
1 KB

18ms
17ms

Image
image/gif

184.30.20.241
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEFY9dvIjWLqxdenGmIHMMFo&google_cver=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.thesundaily.my/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.30.20.241 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-20-241.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 26 Apr 2021 11:19:27 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Mon, 26 Apr 2021 11:19:27 GMT

Redirect headers

pragma: no-cache
date: Mon, 26 Apr 2021 11:19:27 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEFY9dvIjWLqxdenGmIHMMFo&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 314
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

usermatchredir
ssum-sec.casalemedia.com/ Frame ECD0
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YIahukBEpeGBJB7M0r2UnAAABIsAAAIB
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&google_gid=CAESEDmObYsS3ZtHXdUhu_P_5Jo&google_cver=1

43 B
315 B

14ms
14ms

Image
image/gif

184.30.20.241
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssum-sec.casalemedia.com/usermatchredir?s=184023&google_gid=CAESEDmObYsS3ZtHXdUhu_P_5Jo&google_cver=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.thesundaily.my/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.30.20.241 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-20-241.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 26 Apr 2021 11:19:26 GMT
Server: Apache
Vary: Is-Traffic-Usersync
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Length: 43
Expires: Mon, 26 Apr 2021 11:19:26 GMT

Redirect headers

pragma: no-cache
date: Mon, 26 Apr 2021 11:19:26 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ssum-sec.casalemedia.com/usermatchredir?s=184023&google_gid=CAESEDmObYsS3ZtHXdUhu_P_5Jo&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 314
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 casale
match.adsrvr.org/track/cmf/ Frame ECD0 70 B
264 B 31ms
29ms Image
image/gif 63.33.11.43
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/casale?cm_callback_url=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum&cm_dsp_id=39&cm_user_id=YIahukBEpeGBJB7M0r2UnAAA&gdpr=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.thesundaily.my/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 63.33.11.43 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-63-33-11-43.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 26 Apr 2021 11:19:26 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H/1.1

200
OK

crum
dsum-sec.casalemedia.com/ Frame ECD0
Redirect Chain

https://pm.w55c.net/ping_match.gif?ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_&gdpr=1
https://pm.w55c.net/ping_match.gif?scc=1&ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_&gdpr=1
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=S0DxRsvo1LAZgW5&gdpr=1

43 B
1 KB

41ms
14ms

Image
image/gif

184.30.20.241
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=S0DxRsvo1LAZgW5&gdpr=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.thesundaily.my/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.30.20.241 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-20-241.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 26 Apr 2021 11:19:27 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Mon, 26 Apr 2021 11:19:27 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 26 Apr 2021 11:19:26 GMT
Server: PingMatch/v2.0.30-639-g719035a#rel-ec2-master i-013d87c18de960209@eu-central-1b@dxedge-app-eu-central-1-prod-asg
P3P: policyref="https://cts.w55c.net/ct/p3p_policy_ref.xml", CP="UNI PUR COM INT STA OTC STP OUR CUR TAIo COR DSP NOI"
Location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=S0DxRsvo1LAZgW5&gdpr=1
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK bridge
cm.adgrx.com/ Frame ECD0 43 B
408 B 1077ms
13ms Image
image/gif 173.231.181.122
VOXEL-DOT-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.adgrx.com/bridge?AG_PID=casale&AG_SETCOOKIE
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.thesundaily.my/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 173.231.181.122 , United States, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software: Cowboy /
Resource Hash: 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 26 Apr 2021 11:19:27 GMT
server: Cowboy
P3P: CP="NOI OTC OTP OUR NOR"
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate, proxy-revalidate
Connection: keep-alive
Content-Type: image/gif
X-RealServer-NX: ams-delivery-3
Content-Length: 43
Expires: Thu, 23 Sep 2004 17:42:04 GMT

GET
H2

200

YIahukBEpeGBJB7M0r2UnAAABIsAAAIB
pr-bh.ybp.yahoo.com/sync/casale/ Frame ECD0
Redirect Chain

https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=YIahukBEpeGBJB7M0r2UnAAABIsAAAIB
https://pr-bh.ybp.yahoo.com/sync/casale/YIahukBEpeGBJB7M0r2UnAAABIsAAAIB

43 B
645 B

32ms
32ms

Image
image/gif

2a00:1288:110:c305::8000
YAHOO-IRD

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pr-bh.ybp.yahoo.com/sync/casale/YIahukBEpeGBJB7M0r2UnAAABIsAAAIB

Requested by

Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.thesundaily.my/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1288:110:c305::8000 , United Kingdom, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

Software

ATS /

Resource Hash

48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Apr 2021 11:19:27 GMT
referrer-policy: strict-origin-when-cross-origin
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=31536000
content-type: image/gif
x-xss-protection: 1; mode=block
content-length: 43
x-content-type-options: nosniff
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Date: Mon, 26 Apr 2021 11:19:27 GMT
Server: ATS/7.1.2.128
Age: 0
Strict-Transport-Security: max-age=31536000
P3P: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location: https://pr-bh.ybp.yahoo.com/sync/casale/YIahukBEpeGBJB7M0r2UnAAABIsAAAIB
Connection: keep-alive
Content-Length: 0

GET
H/1.1

200
OK

crum
dsum-sec.casalemedia.com/ Frame ECD0
Redirect Chain

https://sync.extend.tv/r.gif?exchange=index
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=152&external_user_id=36697381-8cfb-4f74-8a8c-ea9782e7c40d

43 B
1 KB

49ms
49ms

Image
image/gif

184.30.20.241
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=152&external_user_id=36697381-8cfb-4f74-8a8c-ea9782e7c40d
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.thesundaily.my/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.30.20.241 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-20-241.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 26 Apr 2021 11:19:28 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Mon, 26 Apr 2021 11:19:28 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 26 Apr 2021 11:19:28 GMT
Access-Control-Allow-Origin: *
Content-Type: text/html; charset=utf-8
Location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=152&external_user_id=36697381-8cfb-4f74-8a8c-ea9782e7c40d
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Connection: keep-alive
Content-Length: 132
Expires: Tue, 29 May 1984 15:00:00 GMT

GET
H/1.1 200
OK htw-pixel.gif
js-sec.indexww.com/ht/ Frame ECD0 43 B
425 B 8ms
7ms Image
image/gif 184.30.20.241
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://js-sec.indexww.com/ht/htw-pixel.gif?YIahukBEpeGBJB7M0r2UnAAA%261163
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.thesundaily.my/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.30.20.241 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-20-241.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 26 Apr 2021 11:19:26 GMT
Last-Modified: Tue, 24 Jan 2017 19:36:04 GMT
Server: Apache
ETag: "902a3d-2b-546dc3a097100"
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=2848
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: image/gif
Content-Length: 43
Expires: Mon, 26 Apr 2021 12:06:54 GMT

GET
H3-29 200 Banner_300x600_Bild-Karte3.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1684394985928583253/ Frame AB7D 16 KB
16 KB 7ms
6ms Image
image/png 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1684394985928583253/Banner_300x600_Bild-Karte3.png

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d596e004d677171f553042f2ac140af9b84907d2b28057dd38fbeb3104fb5365

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 329714
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16356
x-xss-protection: 0
last-modified: Thu, 15 Apr 2021 14:37:29 GMT
server: sffe
date: Thu, 22 Apr 2021 15:44:13 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 22 Apr 2022 15:44:13 GMT

POST
H2 200 OpportunityServlet Show response
am-vid-events.taboola.com/ 1 B
124 B 75ms
36ms XHR
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://am-vid-events.taboola.com/OpportunityServlet
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/vPlayer/player/v12.2.0/OvaMediaPlayer.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: 5feceb66ffc86f38d952786c6d696c79c2dbc239dd4e91b46729d73a27fb57e9

Request headers

Referer: https://www.thesundaily.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type: text/plain

Response headers

access-control-allow-origin: https://www.thesundaily.my
date: Mon, 26 Apr 2021 11:19:27 GMT
access-control-allow-credentials: true
server: nginx
content-length: 1

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame 26A8 0
749 B 15ms
15ms Script
text/html 37.252.172.45
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.45 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 26 Apr 2021 11:19:28 GMT
X-Proxy-Origin: 89.249.64.203; 89.249.64.203; 693.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com; 37.252.173.48:80
AN-X-Request-Uuid: 642e4e01-3cdf-461c-bde1-7e091d5c18d9
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 200 VideoBidRequestHandlerServlet Show response
am-wf.taboola.com/ 2 KB
1 KB 101ms
95ms XHR
application/json 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://am-wf.taboola.com/VideoBidRequestHandlerServlet?oid=15&width=700&height=393&pubid=169497&tagid=953497&crid=5029295&noaop=3&sortOrderType=0&cb=1619435968240&mimes=5,10,11,12&isvideo=0&plmd=2&mindur=1&maxdur=210&minbr=1&maxbr=10000&st=0&seq=3&pv=1056001&pt=-70368120&tz=120&viewable=true&ddast=V75g8CFgOOnMIAPEMHZgSOnMIAPEMHZgUAAAAGBvQHGbOgjCjDEY3CYc6Wo9FysVksZqvRcDeEjVlQRpThiEbhMGfL0Wg5mCwmo91uMBtMpvBhLJfJoBZIWGa_76CgnJ4es8sgKrreFrvDafa8QQxNp8Pnutfrfr-76OjyvO4mh9PsvKudf6Hf7fIrPKfLw_qyuzwOt9Lz1jxsLrfo75a43Dqn7WV3i_5uzcvu9FveGqfpaX3ZPW-Fyehwu5Vl3m65GaxGcwAAAAB4AGDqfYX4AQQAiAAAAACQAAAAAKAIqPi3ELgAAAAAwAAgcGvVAIDiMBCX5ey0-wMA4KEABABAAIMEQCCypQTgYiv0BAAAAAAAAACA5f___z8GIC-_WAZgw-etB-DBB-CBqOCwiBEAAABAVj7Q8tGkTqgsqgAACNKtAK4AAALyGs55GcIAAAAExhboYfH7zQ67xu92GQAAAAAAAACA2f_ZP5qQlAduWpAVxZ7aLyAAwNovIAAAm7oBALwFwAUdQSsGg9UpxG44W-xGk81ydgAAAAB3_____3ogMlrZRg6PZeWwTGy7iW04s-xWM99wZJs5d4PFwntAcSWW4lUNdH0hwjL7fQcF5fT0mF0GUdH1ttgdTrPnID5oGJaTQTC_CVuMVpPJZjmcLReTwXA0HI32J4DLAU7EYLmcTBaT3Wq0Gm2Gu9FssECBGExwQoajzWQ12q12k-VwMhrNNpMNUrRqNRttBsPVbDLb7VbDwXA5GiFFaxazyWQxGy13m8FyMhoMJ8MhwthosnLZfBu3ZjDzrEWzlWmtsPlWbt1mMJotjLvhYGNxi14f0284mOw2wy0KBkjtRXCRTkRHl-d1NzmcZudFLNGcLNKJ7LKvjFa2kcNjWTksE9tuYhvOLLvVzDcc2WbO3WCx8NdGk5XL5tu4NYOZZy2arUxrhc23cus2g9FsYdwNBxuLW_T6mH7DwWS3Ge4bs8VytFktZ4N9Y7ZYjjar5Wyw79AZvqvP2ehMiw8emXa9u96KMvNB4TJYvD-JaTHtzg5-aevo9Pk8yoLOKLx-j16DwnPwmMbLW-1Y3j6b6eMwoYglgtNFOhG9jKeLWCJ5WqQT0ciy8i0mHsdqt3DZDIvBZrma7WYuj8Xk8sxmE4tYojRdpBO90O92-RWe0-VhfdldHodb6XlrHjaXW_R3S1xundP2srtFf7fmZXf6LW-N0_S0vuyet8JkdLjdyrNvt9wMVqOJ-o8NuJxLRsu5bDSXDDarBAAAAAAAAACwhDnzJgAAAACnQcyGk81uuQAQDl26QAI-TLYRHou79mNeBUaCCjXFjR8v0NHled1NDqfZeebNnglirVbLGgAAQAAbAAAggFs3bwFhkRw!&proto=2,3,5,6&encoded=1&pstn=1&callback=&wfv=1&amp=0&qsz=6&ft=0&pb=0&pagg=1&sd=undefined&dtagid=1530785&dpubid=168237&abtst=adh5c-1_vA!insc_vA!nrlc_vA!ntvc_vB!rft_vC!secure_protocol_vA!secure_protocol_vB!secure_vB!spa2_vA!ufm_vG&mPre=0.033&cirf=https%3A%2F%2Fwww.thesundaily.my&en=1&subu=3
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/vPlayer/player/v12.2.0/OvaMediaPlayer.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: 9bee11a95f612b1d0c1d02920156869d71e0944c4772795db14deaaa780fac13

Request headers

Referer: https://www.thesundaily.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type: text/plain

Response headers

pragma: no-cache
date: Mon, 26 Apr 2021 11:19:28 GMT
content-encoding: gzip
server: nginx
machineid: 1480
vary: Accept-Encoding
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.thesundaily.my
cache-control: no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
access-control-allow-credentials: true
expires: Sat, 26 Jul 1997 05:00:00 GMT

POST
H2 204 visible Show response
trc.taboola.com/thesundaily/log/3/ 0
210 B 17ms
17ms XHR
image/gif 199.232.137.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.taboola.com/thesundaily/log/3/visible?route=AM%3AAM%3AV&lti=deflated
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20210426-7-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.thesundaily.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-vcl-time-ms: 10
pragma: no-cache
date: Mon, 26 Apr 2021 11:19:28 GMT
via: 1.1 varnish
server: nginx
x-timer: S1619435968.397504,VS0,VE10
x-served-by: cache-hhn11538-HHN
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: https://www.thesundaily.my
cache-control: no-cache
access-control-allow-credentials: true
accept-ranges: bytes
content-type: image/gif
x-cache-hits: 0

GET
H/1.1 200
OK PugMaster Show response
image6.pubmatic.com/AdServer/ Frame 0F3C 3 KB
4 KB 14ms
14ms Script
text/html 185.64.189.115
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=50367882&p=158497&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=&sec=1&async=1
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.115 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e937205e2ed62fb4a5b6b54d6cbcc29f173bf59a38491c188163f5673efd2b18

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 26 Apr 2021 11:19:26 GMT
P3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

GET
H/1.1

200
OK

Cookie set Pug Show response
simage2.pubmatic.com/AdServer/ Frame 78BF
Redirect Chain

https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCooki...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=

42 B
505 B

15ms
14ms

Document
image/gif

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Host: simage2.pubmatic.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://ads.pubmatic.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: KADUSERCOOKIE=446CA1E3-11D8-4256-A570-692169B36645; KRTBCOOKIE_1235=23226-642eef7c-30f3-46e4-af7e-73046a8780cb-tuct7802738:$UID; PugT=1619435963; PUBMDCID=3; chkChromeAb67Sec=1; DPSync3=1620604800%3A201_227_226_221; SyncRTB3=1620259200%3A63%7C1620000000%3A2_223%7C1620691200%3A35%7C1620604800%3A220_21_13_161_71_8_7_54_56_3%7C1621987200%3A203
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ads.pubmatic.com/

Response headers

Server: nginx
Date: Mon, 26 Apr 2021 11:19:28 GMT
Content-Type: image/gif; charset=utf-8
Content-Length: 42
Connection: keep-alive
Set-Cookie: PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Sun, 25-Jul-2021 11:19:28 GMT; path=/
X-lat: amspug013:0:351
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control: no-store, no-cache, private

Redirect headers

cache-control: no-cache
pragma: no-cache
content-type: text/html; charset=utf-8
expires: Mon, 26 Apr 2021 00:00:00 GMT
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=
server: Microsoft-IIS/10.0
x-errorlevel: 0
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
server-processing-duration-in-ticks: 3215
x-powered-by: ASP.NET
date: Mon, 26 Apr 2021 11:19:28 GMT
content-length: 205

GET
H/1.1

200
OK

Cookie set Pug Show response
image2.pubmatic.com/AdServer/ Frame 0EEE
Redirect Chain

https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=75074705950488085

42 B
767 B

57ms
14ms

Document
image/gif

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=75074705950488085
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Host: image2.pubmatic.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://ads.pubmatic.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: KADUSERCOOKIE=446CA1E3-11D8-4256-A570-692169B36645; KRTBCOOKIE_1235=23226-642eef7c-30f3-46e4-af7e-73046a8780cb-tuct7802738:$UID; PUBMDCID=3; chkChromeAb67Sec=1; DPSync3=1620604800%3A201_227_226_221; SyncRTB3=1620259200%3A63%7C1620000000%3A2_223%7C1620691200%3A35%7C1620604800%3A220_21_13_161_71_8_7_54_56_3%7C1621987200%3A203; KRTBCOOKIE_1101=23040-6955424520543533205; KRTBCOOKIE_27=16735-uid:b3fe6086-a1bd-4500-b9d2-c8dcb027345b&KRTB&16736-uid:b3fe6086-a1bd-4500-b9d2-c8dcb027345b&KRTB&23019-uid:b3fe6086-a1bd-4500-b9d2-c8dcb027345b&KRTB&23114-uid:b3fe6086-a1bd-4500-b9d2-c8dcb027345b; KRTBCOOKIE_377=6810-18af8a2d-70bd-419a-9398-d8e481f0d7cd&KRTB&22918-18af8a2d-70bd-419a-9398-d8e481f0d7cd&KRTB&23031-18af8a2d-70bd-419a-9398-d8e481f0d7cd; KRTBCOOKIE_391=22924-3078880720611692555&KRTB&23263-3078880720611692555; KRTBCOOKIE_22=14911-3276339339565175683; PugT=1619435968
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ads.pubmatic.com/

Response headers

Server: nginx
Date: Mon, 26 Apr 2021 11:19:28 GMT
Content-Type: image/gif; charset=utf-8
Content-Length: 42
Connection: keep-alive
Set-Cookie: KRTBCOOKIE_336=5844-75074705950488085; domain=pubmatic.com; SameSite=None; secure; expires=Wed, 26-May-2021 11:19:28 GMT; path=/ PugT=1619435968; domain=pubmatic.com; SameSite=None; secure; expires=Wed, 26-May-2021 11:19:28 GMT; path=/ PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Sun, 25-Jul-2021 11:19:28 GMT; path=/
X-lat: amspug020:0:421
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control: no-store, no-cache, private

Redirect headers

location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=75074705950488085
content-length: 0
p3p: CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV

GET
H/1.1

200
OK

Cookie set Pug Show response
simage2.pubmatic.com/AdServer/ Frame 7DA3
Redirect Chain

https://dsp.adfarm1.adition.com/cookie/?ssp=9
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=6955424520543533205

42 B
771 B

17ms
14ms

Document
image/gif

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=6955424520543533205
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Host: simage2.pubmatic.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://ads.pubmatic.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: KADUSERCOOKIE=446CA1E3-11D8-4256-A570-692169B36645; KRTBCOOKIE_1235=23226-642eef7c-30f3-46e4-af7e-73046a8780cb-tuct7802738:$UID; PugT=1619435963; PUBMDCID=3; chkChromeAb67Sec=1; DPSync3=1620604800%3A201_227_226_221; SyncRTB3=1620259200%3A63%7C1620000000%3A2_223%7C1620691200%3A35%7C1620604800%3A220_21_13_161_71_8_7_54_56_3%7C1621987200%3A203
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ads.pubmatic.com/

Response headers

Server: nginx
Date: Mon, 26 Apr 2021 11:19:27 GMT
Content-Type: image/gif; charset=utf-8
Content-Length: 42
Connection: keep-alive
Set-Cookie: KRTBCOOKIE_1101=23040-6955424520543533205; domain=pubmatic.com; SameSite=None; secure; expires=Wed, 26-May-2021 11:19:27 GMT; path=/ PugT=1619435967; domain=pubmatic.com; SameSite=None; secure; expires=Wed, 26-May-2021 11:19:27 GMT; path=/ PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Sun, 25-Jul-2021 11:19:27 GMT; path=/
X-lat: amspug018:0:446
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control: no-store, no-cache, private

Redirect headers

Server: nginx
Date: Mon, 26 Apr 2021 11:19:28 GMT
Transfer-Encoding: chunked
Connection: keep-alive
p3p: policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
Set-Cookie: UserID1=6955424520543533205; Max-Age=7776000; domain=.adfarm1.adition.com; Path=/; SameSite=None; Secure
Location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=6955424520543533205

GET
H/1.1

200
OK

user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 0F3C
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=RGyh4xHYQlalcGkhabNmRQ%3D%3D
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=

8 KB
8 KB

2201ms
7ms

Image
text/html

184.30.20.198
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.30.20.198 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-20-198.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 26 Apr 2021 11:19:30 GMT
Content-Encoding: gzip
Last-Modified: Wed, 21 Oct 2020 18:57:29 GMT
Server: Apache/2.2.15 (CentOS)
ETag: "1300708-1f78-5b232eb4914bb"
Vary: Accept-Encoding
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control: max-age=61577
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: text/html; charset=UTF-8
Content-Length: 2654
Expires: Tue, 27 Apr 2021 04:25:47 GMT

Redirect headers

pragma: no-cache
date: Mon, 26 Apr 2021 11:19:28 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 272
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 mw
mwzeom.zeotap.com/ Frame 0F3C 95 B
596 B 45ms
25ms Image
image/png 2606:4700:10::6816:1957
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mwzeom.zeotap.com/mw?zpartnerid=1384&env=mWeb&gdpr=0&gdpr_consent=&cid=446CA1E3-11D8-4256-A570-692169B36645
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Apr 2021 11:19:28 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
content-type: image/png
access-control-allow-origin: https://ads.pubmatic.com
access-control-allow-credentials: true
cf-ray: 645f6a9318d00eaf-FRA
access-control-allow-headers: *
content-length: 95
cf-request-id: 09af80efeb00000eaf053c6000000001

GET
H/1.1

200
OK

info2
uipglob.semasio.net/pubmatic/1/ Frame 0F3C
Redirect Chain

https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=446CA1E3-11D8-4256-A570-692169B36645&sInitiator=external&gdpr=0&gdpr_consent=
https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=446CA1E3-11D8-4256-A570-692169B36645&sInitiator=external&gdpr=0&gdpr_consent=

42 B
603 B

27ms
27ms

Image
image/gif

77.243.60.138
NETIC-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=446CA1E3-11D8-4256-A570-692169B36645&sInitiator=external&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 77.243.60.138 Aalborg, Denmark, ASN42697 (NETIC-AS, DK),
Reverse DNS
Software: /
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 26 Apr 2021 11:19:27 GMT
frontend-id: 1
p3p: policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
access-control-allow-origin: *
uip-response-status: Ok
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type: image/gif
content-length: 42
routing-server-id: -1
expires: Sat, 01 Jan 2011 12:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 26 Apr 2021 11:19:27 GMT
frontend-id: 13
location: /pubmatic/1/info2?sType=sync&sExtCookieId=446CA1E3-11D8-4256-A570-692169B36645&sInitiator=external&gdpr=0&gdpr_consent=
p3p: policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
access-control-allow-origin: *
uip-response-status: Ok
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length: 0
routing-server-id: -1
expires: Sat, 01 Jan 2011 12:00:00 GMT

GET
H/1.1

200
OK

Artemis
aud.pubmatic.com/AdServer/ Frame 0F3C
Redirect Chain

https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=446CA1E3-11D8-4256-A570-692169B36645&gdpr=
https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=446CA1E3-11D8-4256-A570-692169B36645&gdpr=&fbounce=1
https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=446CA1E3-11D8-4256-A570-692169B36645&addseg=19,36,42

7 B
147 B

2051ms
16ms

Image
text/plain

185.64.189.249
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=446CA1E3-11D8-4256-A570-692169B36645&addseg=19,36,42
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.64.189.249 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 26 Apr 2021 11:19:30 GMT
Connection: keep-alive
Content-Length: 7
Content-Type: text/plain; charset=utf-8

Redirect headers

date: Mon, 26 Apr 2021 11:19:28 GMT
via: 1.1 google
p3p: CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
location: https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=446CA1E3-11D8-4256-A570-692169B36645&addseg=19,36,42
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
content-type: text/html; charset=utf-8
alt-svc: clear
content-length: 141

GET
H/1.1

200
OK

Pug
image2.pubmatic.com/AdServer/ Frame 0F3C
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=NDQ2Q0ExRTMtMTFEOC00MjU2LUE1NzAtNjkyMTY5QjM2NjQ1&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=

42 B
505 B

227ms
14ms

Image
image/gif

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 26 Apr 2021 11:19:26 GMT
X-lat: amspug014:0:445
Server: nginx
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif; charset=utf-8
Content-Length: 42

Redirect headers

pragma: no-cache
date: Mon, 26 Apr 2021 11:19:28 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

Pug
image2.pubmatic.com/AdServer/ Frame 0F3C
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEDM2nwF7ghJBvmp_d5ZaKR4&google_cver=1

42 B
855 B

213ms
14ms

Image
image/gif

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEDM2nwF7ghJBvmp_d5ZaKR4&google_cver=1
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 26 Apr 2021 11:19:27 GMT
X-lat: amspug018:0:375
Server: nginx
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif; charset=utf-8
Content-Length: 42

Redirect headers

pragma: no-cache
date: Mon, 26 Apr 2021 11:19:28 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEDM2nwF7ghJBvmp_d5ZaKR4&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 379
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pubmatic
um.simpli.fi/ Frame 0F3C 43 B
609 B 1076ms
19ms Image
image/gif 159.253.128.188
SOFTLAYER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

159.253.128.188 Amsterdam, Netherlands, ASN36351 (SOFTLAYER, US),

Reverse DNS

bc.80.fd9f.ip4.static.sl-reverse.com

Software

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Apr 2021 11:19:29 GMT
x-content-type-options: nosniff
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 43
expires: Sun, 25 Apr 2021 11:19:29 GMT

GET
H/1.1

200
OK

Pug
simage2.pubmatic.com/AdServer/ Frame 0F3C
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA%3D%3D%26piggybackCookie%3...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:b3fe6086-a1bd-4500-b9d2-c8dcb027345b&gdpr=0&gdpr_consent=

42 B
946 B

38ms
15ms

Image
image/gif

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:b3fe6086-a1bd-4500-b9d2-c8dcb027345b&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 26 Apr 2021 11:19:27 GMT
X-lat: amspug019:0:469
Server: nginx
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif; charset=utf-8
Content-Length: 42

Redirect headers

Date: Mon, 26 Apr 2021 11:20:47 GMT
Server: MT3 3660 495c301 master cdg-pixel-x24
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:b3fe6086-a1bd-4500-b9d2-c8dcb027345b&gdpr=0&gdpr_consent=
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=360
Content-Length: 0
Expires: Mon, 26 Apr 2021 11:20:46 GMT

GET
H/1.1

200
OK

Pug
simage2.pubmatic.com/AdServer/ Frame 0F3C
Redirect Chain

https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=3078880720611692555

42 B
801 B

58ms
14ms

Image
image/gif

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=3078880720611692555
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 26 Apr 2021 11:19:27 GMT
X-lat: amspug007:0:387
Server: nginx
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif; charset=utf-8
Content-Length: 42

Redirect headers

pragma: no-cache
date: Mon, 26 Apr 2021 11:19:28 GMT
server: nginx
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=3078880720611692555
access-control-max-age: 86400
access-control-allow-methods: GET
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H/1.1

200
OK

Pug
simage2.pubmatic.com/AdServer/ Frame 0F3C
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=18af8a2d-70bd-419a-9398-d8e481f0d7cd

42 B
882 B

43ms
14ms

Image
image/gif

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=18af8a2d-70bd-419a-9398-d8e481f0d7cd
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 26 Apr 2021 11:19:27 GMT
X-lat: amspug017:0:362
Server: nginx
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif; charset=utf-8
Content-Length: 42

Redirect headers

pragma: no-cache
date: Mon, 26 Apr 2021 11:19:28 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=18af8a2d-70bd-419a-9398-d8e481f0d7cd
cache-control: private,no-cache, must-revalidate
content-type: text/html
content-length: 313

GET
H/1.1

200
OK

Pug
image2.pubmatic.com/AdServer/ Frame 0F3C
Redirect Chain

https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=3124726849276262110&gdpr=0&gdpr_consent=

42 B
769 B

238ms
14ms

Image
image/gif

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=3124726849276262110&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 26 Apr 2021 11:19:27 GMT
X-lat: amspug001:0:368
Server: nginx
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif; charset=utf-8
Content-Length: 42

Redirect headers

Pragma: no-cache
Date: Mon, 26 Apr 2021 11:19:28 GMT
X-Proxy-Origin: 89.249.64.203; 89.249.64.203; 693.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com; 37.252.173.89:80
AN-X-Request-Uuid: aa614eaf-269b-4e48-ba00-ec14d47ff6e5
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=3124726849276262110&gdpr=0&gdpr_consent=
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 446CA1E3-11D8-4256-A570-692169B36645
pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame 0F3C 43 B
192 B 38ms
34ms Image
image/gif 2a00:1288:110:c305::8000
YAHOO-IRD

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pr-bh.ybp.yahoo.com/sync/pubmatic/446CA1E3-11D8-4256-A570-692169B36645?gdpr=0&gdpr_consent=

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1288:110:c305::8000 , United Kingdom, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

Software

ATS /

Resource Hash

48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Apr 2021 11:19:28 GMT
referrer-policy: strict-origin-when-cross-origin
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=31536000
content-type: image/gif
x-xss-protection: 1; mode=block
content-length: 43
x-content-type-options: nosniff
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1

200
OK

SPug
image4.pubmatic.com/AdServer/ Frame 0F3C
Redirect Chain

https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=446CA1E3-11D8-4256-A570-692169B36645&redir=true&gdpr=0&gdpr_consent=
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-7y1l5TRE2uVVi2vRfDCqRaCX2DQ.nzA-~A&gdpr=0&gdpr_consent=

0
418 B

1065ms
15ms

Image
text/plain

185.64.189.114
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-7y1l5TRE2uVVi2vRfDCqRaCX2DQ.nzA-~A&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.114 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 26 Apr 2021 11:19:28 GMT
Cache-Control: no-store, no-cache, private
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Date: Mon, 26 Apr 2021 11:19:28 GMT
Server: ATS/7.1.2.128
Age: 0
Strict-Transport-Security: max-age=31536000
P3P: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location: https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-7y1l5TRE2uVVi2vRfDCqRaCX2DQ.nzA-~A&gdpr=0&gdpr_consent=
Connection: keep-alive
Content-Length: 0

GET
H/1.1

200
OK

Pug
simage2.pubmatic.com/AdServer/ Frame 0F3C
Redirect Chain

https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
https://pool.admedo.com/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic&bsw_custom_parameter=2c42101e-bbfe-48bd-ba4a-2c71f7d05af6
https://pool.admedo.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic&bsw_custom_parameter=2c42101e-bbfe-48bd-ba4a-2c71f7d05af6
https://x.bidswitch.net/sync?dsp_id=23&expires=14&user_id=02223ae6-ef1f-47c5-8382-ddc27e08da5b&user_group=1&ssp=pubmatic&bsw_param=2c42101e-bbfe-48bd-ba4a-2c71f7d05af6
https://x.bidswitch.net/ul_cb/sync?dsp_id=23&expires=14&user_id=02223ae6-ef1f-47c5-8382-ddc27e08da5b&user_group=1&ssp=pubmatic&bsw_param=2c42101e-bbfe-48bd-ba4a-2c71f7d05af6
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=12428329-f4e5-4cb6-aee7-6ed04bfce60a&gdpr=&gdpr_consent=&gdpr_pd=

1 B
745 B

14ms
14ms

Image
text/html

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=12428329-f4e5-4cb6-aee7-6ed04bfce60a&gdpr=&gdpr_consent=&gdpr_pd=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 26 Apr 2021 11:19:30 GMT
X-lat: amspug010:0:383
Server: nginx
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 1

Redirect headers

location: //simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=12428329-f4e5-4cb6-aee7-6ed04bfce60a&gdpr=&gdpr_consent=&gdpr_pd=
date: Mon, 26 Apr 2021 11:19:30 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H/1.1

200
OK

Pug
image2.pubmatic.com/AdServer/ Frame 0F3C
Redirect Chain

https://pixel.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=I5lpkHSYM8c4kTSWI8x8kS2ZYZ44yGjFd8_TuKBI

42 B
894 B

207ms
14ms

Image
image/gif

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=I5lpkHSYM8c4kTSWI8x8kS2ZYZ44yGjFd8_TuKBI
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 26 Apr 2021 11:19:27 GMT
X-lat: amspug003:0:388
Server: nginx
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif; charset=utf-8
Content-Length: 42

Redirect headers

pragma: no-cache
date: Mon, 26 Apr 2021 11:19:28 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location: https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=I5lpkHSYM8c4kTSWI8x8kS2ZYZ44yGjFd8_TuKBI
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 0
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H/1.1

200
OK

Pug
simage2.pubmatic.com/AdServer/ Frame 0F3C
Redirect Chain

https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent=
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=3276339339565175683&gdpr=0&gdpr_consent=&us_privacy=

1 B
727 B

41ms
14ms

Image
text/html

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=3276339339565175683&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 26 Apr 2021 11:19:28 GMT
X-lat: amspug020:0:400
Server: nginx
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 1

Redirect headers

location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=3276339339565175683&gdpr=0&gdpr_consent=&us_privacy=
pragma: no-cache
date: Mon, 26 Apr 2021 11:19:28 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 0
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame 26A8 0
749 B 15ms
15ms Script
text/html 37.252.172.45
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.45 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 26 Apr 2021 11:19:29 GMT
X-Proxy-Origin: 89.249.64.203; 89.249.64.203; 693.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com; 37.252.173.29:80
AN-X-Request-Uuid: 5f5ad20d-95d6-4e2a-81dc-0e879c1de4b0
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 7793054 Show response
www.thesundaily.my/kintra-portlet/feedback/11808/ 91 B
412 B 21ms
21ms XHR
text/html 130.61.205.105
ORACLE-BMC-31898

General

Check archive.org

Show headers Download Go to

Full URL: https://www.thesundaily.my/kintra-portlet/feedback/11808/7793054
Requested by: Host: www.thesundaily.my
URL: https://www.thesundaily.my/base-portlet/webrsrc/89666ad5dc245ccaa3c4b8b0e66c19f2.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 130.61.205.105 Frankfurt am Main, Germany, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software: nginx/1.14.0 /
Resource Hash: 6e97c82245ef57c751e6130150247af9a27f05153ea604dfa47acd9974284c44

Request headers

:path: /kintra-portlet/feedback/11808/7793054
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: cors
accept: application/json, text/javascript, */*; q=0.01
cache-control: no-cache
sec-fetch-dest: empty
:authority: www.thesundaily.my
x-requested-with: XMLHttpRequest
:scheme: https
sec-fetch-site: same-origin
referer: https://www.thesundaily.my/home/astrazeneca-is-safe-to-be-given-to-senior-citizens-adham-YL7793054?_hsmi=88974744&_hsenc=p2ANqtz-_G5s6CORBttERc_beHteVqqnJIJh5EriMR00fz0Cexxf2lQpsFfBisijUxttE-tNX9yfHTn7fBQWbcOnOkY3_eCosMOOPpTIuaIKsiuCzrvP7v03c
:method: GET
Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.thesundaily.my/home/astrazeneca-is-safe-to-be-given-to-senior-citizens-adham-YL7793054?_hsmi=88974744&_hsenc=p2ANqtz-_G5s6CORBttERc_beHteVqqnJIJh5EriMR00fz0Cexxf2lQpsFfBisijUxttE-tNX9yfHTn7fBQWbcOnOkY3_eCosMOOPpTIuaIKsiuCzrvP7v03c
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Apr 2021 11:19:30 GMT
content-encoding: gzip
server: nginx/1.14.0
vary: Accept-Encoding
content-type: text/html
cache-control: no-store, no-cache, must-revalidate
set-cookie: ITR_COOKIE_DEVID=fb7d0a9b2c7145592b5d32841e6e13110e; Expires=Sat, 31-Jan-2050 23:59:59 GMT; Path=/; ITR_COOKIE_USRID=fb7d0a9b2c7145592b5d32841e6e13110e; Expires=Sat, 31-Jan-2050 23:59:59 GMT; Path=/;
content-length: 102

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 9 KB
7 KB 17ms
17ms XHR
application/json 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021042001&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042001.js?31060870

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f9a0bfe8e1c13d3a329723ee6e63768942609d4c97cff7cca41b8d01f0747cb2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.thesundaily.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 26 Apr 2021 11:19:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6999
x-xss-protection: 0

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame 5F02 0
150 B 64ms
22ms Document
text/html 2a02:2638::1c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?topUrl=www.thesundaily.my

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

:method: GET
:authority: gum.criteo.com
:scheme: https
:path: /syncframe?topUrl=www.thesundaily.my
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.thesundaily.my/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.thesundaily.my/

Response headers

cache-control: private, max-age=0
content-type: text/html; charset=utf-8
strict-transport-security: max-age=31536000
server-processing-duration-in-ticks: 1587
date: Mon, 26 Apr 2021 11:19:30 GMT
content-length: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042001.js?31060870

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c61a719b48533a1fa932729f4927ba1377a96c441b0d6a427096b867742b4645

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.thesundaily.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Apr 2021 11:19:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1616005470650935"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6437
x-xss-protection: 0
expires: Mon, 26 Apr 2021 11:19:30 GMT

GET
H3-29 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/222/ Frame 7350 12 KB
5 KB 7ms
6ms Document
text/html 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6836719899bda27cd22c1551cb7fbfc33fb0bbbedaa89e4baa8715fef8202cbc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/222/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.thesundaily.my/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.thesundaily.my/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 5022
date: Mon, 26 Apr 2021 11:10:18 GMT
expires: Tue, 26 Apr 2022 11:10:18 GMT
last-modified: Wed, 20 Jan 2021 19:23:06 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 552
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 Ru4asw80RDg-wKj4k1IJyVIDrNjFP7NKP7NQDOdNnzM.js Show response
pagead2.googlesyndication.com/bg/ Frame 7350 14 KB
6 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Ru4asw80RDg-wKj4k1IJyVIDrNjFP7NKP7NQDOdNnzM.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

46ee1ab30f3444383ec0a8f8935209c95203acd8c53fb34a3fb3500ce74d9f33

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 25 Apr 2021 14:10:02 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Thu, 08 Apr 2021 09:18:00 GMT
server: sffe
age: 76168
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5687
x-xss-protection: 0
expires: Mon, 25 Apr 2022 14:10:02 GMT

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 16ms
15ms Image
image/gif 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=222&t=2&li=gpt_2021042001&jk=3866203379239951&bg=!e3ileDzNAAZUuIlwVLg7ACkAdvg8Wr_-ES9IejXzzqWXVeTiT8bMbU-O6Jm6JbnV8Mu2hCwcjPuWTgIAAABNUgAAAA5oAQcKAWjT6Ti6Z5oZyO-0BGQnMrc9UZYFvVCX65rq9Eo16MuqRO882jIKTmlREd2bMpjVHM8L_Sbtv0yc2iWN9RXbP40YTwhGyS_lrpi2hv1RXE6oFjY3SNO9chpln1daHE9P_Rc2tEJOnmW3onzVwqptqyxIvxGi6ZyZB0Tej8Al0TTfsvXC0mz7IZq5tVDyznEesYhbBwb3Cp1fBkyMHTVt-9jz3aHG54AVJrHMGi61JKK7Kg7XysW3Ec6HXQGVpGmBUWUxzKyzLFbg0vvUW_HYPnzdRnXbqh-n1sFuoogxDMIzUYBrmT0UKRpdBMYxsdXH6xADGjIZc0LS7LNBoYAd1_fTEXfvSmABx1kgAIShrwz4JMHc84AzvtpFEHGil0UvdurxonMrjcrlhEgP_itREzlDnSRqcHTZHrWzKRW6ddd4ljUxriaPB6T9wJDyZtGK9wMkR6NBWREphjDTTjRaUFgX_h6k8s5Fq7SZAheuQtCv7AwXhMhd8pPOEwLUMl6w7kWSdT4fknxCFGqrmpshTMAVtJNkHF7wPhbMJJUD69CGyWax25Y1cDroUtfrx5YOilrsAWlAcTh3beJ3lBXsRP4yvE19Pxdvlp1fK7Cpg6cyAOd150rCMVU6UIM-jlsXcEPbsDerqxXmYTgwGMJl6s0JTU8Em-Gsw3DAEWV9SaTpPECs06MlGnD8viE0ob8p1kdp52tAexZCOGf6tqa4DPb1GukjSXUnW-mfr-V6-Kg5VMAp4IiILUEVoNzPhMawOUQ033GIQqDdBkbcsy3EKMIrvX-l7MWfLTmw7PBjBhyb_tsXV6nsk3bFgJzDCZUlck-rCABIwFLV0Mb-iU212ug2MQlnNXwaIp8K0D_Hf80bgPaGXpoM8zxPs2fI2Km2Rvi-UxjwW1AsODMQmqDm_JrC3EFBDinL91L52M951uQxXwEuqeUpg7TlD3WRVqPZitn9Nh8x92p5QRgGJWgTuzPCW4mG-xmiNG-2VFzjVbSBpvS9jJC5mb2_XQm6v3NxDiU3Pkt8GfxXNpSbZr5UktU0CPy97wsKLK7nieVM_NWTXMgnoThfzUZxA1DZMYJoJuy6Drxh368cD85v0BqMUFESJlz5VhH50IW5jfgRLCkXSiHsklTCa9CB3rw_UHQcpcwXt5YU-CWjU9GG7R08D-OjWBw0Jujv4jHmt6j0L_f3IuhE

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.thesundaily.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 26 Apr 2021 11:19:30 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 VideoBidRequestHandlerServlet Show response
am-wf.taboola.com/ 2 KB
1 KB 100ms
100ms XHR
application/json 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://am-wf.taboola.com/VideoBidRequestHandlerServlet?oid=15&width=700&height=393&pubid=169497&tagid=953497&crid=5029295&noaop=3&sortOrderType=0&cb=1619435971241&mimes=5,10,11,12&isvideo=0&plmd=2&mindur=1&maxdur=210&minbr=1&maxbr=10000&st=0&seq=4&pv=1056001&pt=-70368120&tz=120&viewable=true&ddast=V75g8CFgOOnMIAPEMHZgSOnMIAPEMHZgUAAAAGBvQHGbOgjCjDEY3CYc6Wo9FysVksZqvRcDeEjVlQRpThiEbhMGfL0Wg5mCwmo91uMBtMpvBhLJfJoBZIWGa_76CgnJ4es8sgKrreFrvDafa8QQxNp8Pnutfrfr-76OjyvO4mh9PsvKudf6Hf7fIrPKfLw_qyuzwOt9Lz1jxsLrfo75a43Dqn7WV3i_5uzcvu9FveGqfpaX3ZPW-Fyehwu5Vl3m65GaxGcwAAAAB4AGDqfYX4AQQAiAAAAACQAAAAAKAIqPi3ELgAAAAAwAAgcGvVAIDiMBCX5ey0-wMA4KEABABAAIMEQCCypQTgYiv0BAAAAAAAAACA5f___z8GIC-_WAZgw-etB-DBB-CBqOCwiBEAAABAVj7Q8tGkTqgsqgAACNKtAK4AAALyGs55GcIAAAAExhboYfH7zQ67xu92GQAAAAAAAACA2f_ZP5qQlAduWpAVxZ7aLyAAwNovIAAAm7oBALwFwAUdQSsGg9UpxG44W-xGk81ydgAAAAB3_____3ogMlrZRg6PZeWwTGy7iW04s-xWM99wZJs5d4PFwntAcSWW4lUNdH0hwjL7fQcF5fT0mF0GUdH1ttgdTrPnID5oGJaTQTC_CVuMVpPJZjmcLReTwXA0HI32J4DLAU7EYLmcTBaT3Wq0Gm2Gu9FssECBGExwQoajzWQ12q12k-VwMhrNNpMNUrRqNRttBsPVbDLb7VbDwXA5GiFFaxazyWQxGy13m8FyMhoMJ8MhwthosnLZfBu3ZjDzrEWzlWmtsPlWbt1mMJotjLvhYGNxi14f0284mOw2wy0KBkjtRXCRTkRHl-d1NzmcZudFLNGcLNKJ7LKvjFa2kcNjWTksE9tuYhvOLLvVzDcc2WbO3WCx8NdGk5XL5tu4NYOZZy2arUxrhc23cus2g9FsYdwNBxuLW_T6mH7DwWS3Ge4bs8VytFktZ4N9Y7ZYjjar5Wyw79AZvqvP2ehMiw8emXa9u96KMvNB4TJYvD-JaTHtzg5-aevo9Pk8yoLOKLx-j16DwnPwmMbLW-1Y3j6b6eMwoYglgtNFOhG9jKeLWCJ5WqQT0ciy8i0mHsdqt3DZDIvBZrma7WYuj8Xk8sxmE4tYojRdpBO90O92-RWe0-VhfdldHodb6XlrHjaXW_R3S1xundP2srtFf7fmZXf6LW-N0_S0vuyet8JkdLjdyrNvt9wMVqOJ-o8NuJxLRsu5bDSXDDarBAAAAAAAAACwhDnzJgAAAACnQcyGk81uuQAQDl26QAI-TLYRHou79mNeBUaCCjXFjR8v0NHled1NDqfZeebNnglirVbLGgAAQAAbAAAggFs3bwFhkRw!&proto=2,3,5,6&encoded=1&pstn=1&callback=&wfv=1&amp=0&qsz=6&ft=0&pb=0&pagg=1&sd=undefined&dtagid=1530785&dpubid=168237&abtst=adh5c-1_vA!insc_vA!nrlc_vA!ntvc_vB!rft_vC!secure_protocol_vA!secure_protocol_vB!secure_vB!spa2_vA!ufm_vG&mPre=0.033&cirf=https%3A%2F%2Fwww.thesundaily.my&en=1&subu=3
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/vPlayer/player/v12.2.0/OvaMediaPlayer.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: 9bee11a95f612b1d0c1d02920156869d71e0944c4772795db14deaaa780fac13

Request headers

Referer: https://www.thesundaily.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type: text/plain

Response headers

pragma: no-cache
date: Mon, 26 Apr 2021 11:19:31 GMT
content-encoding: gzip
server: nginx
machineid: 1425
vary: Accept-Encoding
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.thesundaily.my
cache-control: no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
access-control-allow-credentials: true
expires: Sat, 26 Jul 1997 05:00:00 GMT

POST
H2 200 VideoBidRequestHandlerServlet Show response
am-wf.taboola.com/ 4 KB
3 KB 62ms
61ms XHR
application/json 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://am-wf.taboola.com/VideoBidRequestHandlerServlet?oid=15&width=700&height=393&pubid=169497&tagid=953497&crid=5029295&noaop=3&sortOrderType=0&cb=1619435974245&mimes=5,10,11,12&isvideo=0&plmd=2&mindur=1&maxdur=210&minbr=1&maxbr=10000&st=0&seq=5&pv=1056001&pt=-70368120&tz=120&viewable=true&ddast=V75g8CFgOOnMIAPEMHZgSOnMIAPEMHZgUAAAAGBvQHGbOgjCjDEY3CYc6Wo9FysVksZqvRcDeEjVlQRpThiEbhMGfL0Wg5mCwmo91uMBtMpvBhLJfJoBZIWGa_76CgnJ4es8sgKrreFrvDafa8QQxNp8Pnutfrfr-76OjyvO4mh9PsvKudf6Hf7fIrPKfLw_qyuzwOt9Lz1jxsLrfo75a43Dqn7WV3i_5uzcvu9FveGqfpaX3ZPW-Fyehwu5Vl3m65GaxGcwAAAAB4AGDqfYX4AQQAiAAAAACQAAAAAKAIqPi3ELgAAAAAwAAgcGvVAIDiMBCX5ey0-wMA4KEABABAAIMEQCCypQTgYiv0BAAAAAAAAACA5f___z8GIC-_WAZgw-etB-DBB-CBqOCwiBEAAABAVj7Q8tGkTqgsqgAACNKtAK4AAALyGs55GcIAAAAExhboYfH7zQ67xu92GQAAAAAAAACA2f_ZP5qQlAduWpAVxZ7aLyAAwNovIAAAm7oBALwFwAUdQSsGg9UpxG44W-xGk81ydgAAAAB3_____3ogMlrZRg6PZeWwTGy7iW04s-xWM99wZJs5d4PFwntAcSWW4lUNdH0hwjL7fQcF5fT0mF0GUdH1ttgdTrPnID5oGJaTQTC_CVuMVpPJZjmcLReTwXA0HI32J4DLAU7EYLmcTBaT3Wq0Gm2Gu9FssECBGExwQoajzWQ12q12k-VwMhrNNpMNUrRqNRttBsPVbDLb7VbDwXA5GiFFaxazyWQxGy13m8FyMhoMJ8MhwthosnLZfBu3ZjDzrEWzlWmtsPlWbt1mMJotjLvhYGNxi14f0284mOw2wy0KBkjtRXCRTkRHl-d1NzmcZudFLNGcLNKJ7LKvjFa2kcNjWTksE9tuYhvOLLvVzDcc2WbO3WCx8NdGk5XL5tu4NYOZZy2arUxrhc23cus2g9FsYdwNBxuLW_T6mH7DwWS3Ge4bs8VytFktZ4N9Y7ZYjjar5Wyw79AZvqvP2ehMiw8emXa9u96KMvNB4TJYvD-JaTHtzg5-aevo9Pk8yoLOKLx-j16DwnPwmMbLW-1Y3j6b6eMwoYglgtNFOhG9jKeLWCJ5WqQT0ciy8i0mHsdqt3DZDIvBZrma7WYuj8Xk8sxmE4tYojRdpBO90O92-RWe0-VhfdldHodb6XlrHjaXW_R3S1xundP2srtFf7fmZXf6LW-N0_S0vuyet8JkdLjdyrNvt9wMVqOJ-o8NuJxLRsu5bDSXDDarBAAAAAAAAACwhDnzJgAAAACnQcyGk81uuQAQDl26QAI-TLYRHou79mNeBUaCCjXFjR8v0NHled1NDqfZeebNnglirVbLGgAAQAAbAAAggFs3bwFhkRw!&proto=2,3,5,6&encoded=1&pstn=1&callback=&wfv=1&amp=0&qsz=6&ft=0&pb=0&pagg=1&sd=undefined&dtagid=1530785&dpubid=168237&abtst=adh5c-1_vA!insc_vA!nrlc_vA!ntvc_vB!rft_vC!secure_protocol_vA!secure_protocol_vB!secure_vB!spa2_vA!ufm_vG&mPre=0.033&cirf=https%3A%2F%2Fwww.thesundaily.my&en=1&subu=3
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/vPlayer/player/v12.2.0/OvaMediaPlayer.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: 1020603c2211fb0b7f7c2c5809d1c6b97db7a2d86a097816808d679c157b0c8b

Request headers

Referer: https://www.thesundaily.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type: text/plain

Response headers

pragma: no-cache
date: Mon, 26 Apr 2021 11:19:34 GMT
content-encoding: gzip
server: nginx
machineid: 1456
vary: Accept-Encoding
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.thesundaily.my
cache-control: no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
access-control-allow-credentials: true
link: <http://ads.stickyadstv.com>; rel=preconnect
expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H/1.1 200
OK 12988193 Show response
ads.stickyadstv.com/vast/vpaid-adapter/ 1 KB
2 KB 89ms
39ms XHR
application/xml 2.18.234.233
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.stickyadstv.com/vast/vpaid-adapter/12988193?_fw_gdpr=1&_fw_us_privacy=1---
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/vPlayer/player/v12.2.0/OvaMediaPlayer.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-233.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 80625dbfb7eacfdf606452db91bb24a60c4fa2c42686673c1912e6cd2dc45771

Request headers

Referer: https://www.thesundaily.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

Pragma: no-cache
Date: Mon, 26 Apr 2021 11:19:34 GMT
Server: nginx
Content-Type: application/xml;charset=ISO-8859-1
Access-Control-Allow-Origin: https://www.thesundaily.my
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 1064
x-sticky-vk: 1619435974220081-337
Expires: Mon, 26 Apr 2021 11:19:34 GMT

GET
H/1.1 200
OK vpaid-adapter.min.js Show response
cdn.stickyadstv.com/mustang/ Frame D855 328 KB
111 KB 20ms
8ms Script
application/x-javascript 2001:4de0:ac19::1:b:2b
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/vPlayer/player/v12.2.0/OvaMediaPlayer.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2001:4de0:ac19::1:b:2b , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: /
Resource Hash: de516f330c0084178fc78cd5e6d49cba306d8380428386b088b6805c512a1561

Request headers

Referer: https://www.thesundaily.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 26 Apr 2021 11:19:34 GMT
Content-Encoding: gzip
Last-Modified: Wed, 24 Mar 2021 03:29:54 GMT
ETag: "1616556594"
X-HW: 1619435974.dop015.fr8.shc,1619435974.dop015.fr8.t,1619435974.cds006.fr8.c
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=86400
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 113077

GET
H/1.1 200
OK bandwidth-test-25ko Show response
cdn.stickyadstv.com/mustang/ Frame D855 25 KB
25 KB 19ms
7ms XHR
application/octet-stream 2001:4de0:ac19::1:b:2b
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.stickyadstv.com/mustang/bandwidth-test-25ko?cachebuster=1619435974464
Requested by: Host: cdn.stickyadstv.com
URL: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2001:4de0:ac19::1:b:2b , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: /
Resource Hash: 9f995b1c42942ededcce16bba381a19d3b30e0e75a36e0ea956f6a54e040dffe

Request headers

Referer: https://www.thesundaily.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 26 Apr 2021 11:19:34 GMT
Last-Modified: Wed, 24 Mar 2021 03:29:54 GMT
ETag: "1616556594"
X-HW: 1619435974.dop123.fr8.shc,1619435974.dop123.fr8.t,1619435974.cds212.fr8.c
Content-Type: application/octet-stream
Access-Control-Allow-Origin: https://www.thesundaily.my
Cache-Control: max-age=86400
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 25600

GET

user-registering
ads.stickyadstv.com/
Redirect Chain

https://ads.stickyadstv.com/auto-user-sync?gdpr=1&gdpr_consent=null
https://1f2e7.v.fwmrm.net/ad/u?_dv=2&dsp_user_mapping=true&127719=712ef37f46499463d4476c2269e7aaf&rdU=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D1169%26userId%3d%23%7bu...
https://ads.stickyadstv.com/user-registering?dataProviderId=1169&userId=g036_6955424546296472212
https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_cm=&google_sc&google_hm=NzEyZWYzN2Y0NjQ5OTQ2M2Q0NDc2YzIyNjllN2FhZg==&gdpr=0&gdpr_consent=
https://ads.stickyadstv.com/user-registering?dataProviderId=141&userId=CAESELxv6NZ5l5pOx3Uc8YBijkU&google_cver=1&gdpr=0&gdpr_consent=
https://match.adsrvr.org/track/cmf/generic?ttd_pid=stickyads&ttd_tpi=1&gdpr=0&gdpr_consent=&gdpr=0&gdpr_consent=
https://match.adsrvr.org/track/cmb/generic?ttd_pid=stickyads&ttd_tpi=1&gdpr=0&gdpr_consent=&gdpr=0&gdpr_consent=
https://ads.stickyadstv.com/user-registering?dataProviderId=208&userId=1f33deb6-383a-46f7-982e-cbff394eba23
https://ib.adnxs.com/getuid?https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D209&gdpr=0&gdpr_consent=%26userId%3D$UID
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fads.stickyadstv.com%252Fuser-registering%253FdataProviderId%253D209%26gdpr%3D0%26gdpr_consent%3D%2526userId%253D%24UID
https://ads.stickyadstv.com/user-registering?dataProviderId=209&gdpr=0&gdpr_consent=&userId=7574884497883542956
https://pr-bh.ybp.yahoo.com/sync/stickyads/712ef37f46499463d4476c2269e7aaf&gdpr=0&gdpr_consent=?gdpr=0&gdpr_consent=
https://ads.stickyadstv.com/user-registering?dataProviderId=199&userId=y-_lK8l0VE2oOD9TSJcWiwm_uqAlFcVKloaOSbQmVe~A
https://sync.mathtag.com/sync/img?mt_exid=44&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D183%26userId%3D%5BMM_UUID%5D
https://ads.stickyadstv.com/user-registering?dataProviderId=183&userId=4fe76086-a1c6-4f00-8794-6662d8ed14a7&gdpr=0&gdpr_consent=
https://pm.w55c.net/ping_match.gif?st=FREEWHEEL&rurl=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D593&userId=_wfivefivec_&gdpr=0&gdpr_consent=
https://pm.w55c.net/ping_match.gif?scc=1&st=FREEWHEEL&rurl=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D593&userId=_wfivefivec_&gdpr=0&gdpr_consent=
https://ads.stickyadstv.com/user-registering?dataProviderId=593&userId=r8rT2d6b1LAZh45&gdpr=0&gdpr_consent=
https://sync-tm.everesttech.net/upi/pid/wGbQAlJJ?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D187%26userId%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_co...
https://sync-tm.everesttech.net/ct/upi/pid/wGbQAlJJ?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D187%26userId%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr...
https://ads.stickyadstv.com/user-registering?dataProviderId=187&userId=YIahxwAAeGtLpAA4&gdpr=0&gdpr_consent=&_test=YIahxwAAeGtLpAA4

0
0

GET
H/1.1 200
OK / Show response
ads.stickyadstv.com/additional-scripts/ Frame D855 301 B
859 B 66ms
30ms XHR
text/xml 2.18.234.233
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.stickyadstv.com/additional-scripts/?zoneId=12988193&loc=https%3A%2F%2Fwww.thesundaily.my%2Fhome%2Fastrazeneca-is-safe-to-be-given-to-senior-citizens-adham-YL7793054%3F_hsmi%3D88974744%26_hsenc%3Dp2ANqtz-_G5s6CORBttERc_beHteVqqnJIJh5EriMR00fz0Cexxf2lQpsFfBisijUxttE-tNX9yfHTn7fBQWbcOnOkY3_eCosMOOPpTIuaIKsiuCzrvP7v03c
Requested by: Host: cdn.stickyadstv.com
URL: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-233.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 64a14c1566ed5e882e60ea9d6e3722949c5767823cd23dc1244503991661dc27

Request headers

Accept: application/xml, text/xml
Referer: https://www.thesundaily.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 26 Apr 2021 11:19:34 GMT
Server: nginx
Access-Control-Allow-Origin: https://www.thesundaily.my
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 301
x-sticky-vk: 1619435974381077-390
Expires: Mon, 26 Apr 2021 11:19:34 GMT

GET
H/1.1 200
OK swfIndex.php Show response
ads.stickyadstv.com/www/delivery/ Frame D855 67 B
723 B 162ms
127ms XHR
application/xml 2.18.234.233
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.stickyadstv.com/www/delivery/swfIndex.php?zoneId=12988193&_fw_gdpr=1&_fw_us_privacy=1---&vav=7bacf18aee0a5f1a43c160b7fb62f79b&vaviv=9f1743abc78bd7b1205971c7688fd5c8&reqType=AdsSetup&protocolVersion=2.0&mustangVersion=1.11.8.1&focus=true&componentId=vpaid-adapter&loc=https%3A%2F%2Fwww.thesundaily.my%2Fhome%2Fastrazeneca-is-safe-to-be-given-to-senior-citizens-adham-YL7793054%3F_hsmi%3D88974744%26_hsenc%3Dp2ANqtz-_G5s6CORBttERc_beHteVqqnJIJh5EriMR00fz0Cexxf2lQpsFfBisijUxttE-tNX9yfHTn7fBQWbcOnOkY3_eCosMOOPpTIuaIKsiuCzrvP7v03c&playerSize=700x393&supportsFlash=false&supportsJavascript=true
Requested by: Host: cdn.stickyadstv.com
URL: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-233.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 291437ea71e62b1c35d4ec5d3c5ad02cfa930343b41b1472fba70243089c8bbe

Request headers

Accept: application/xml, text/xml
Referer: https://www.thesundaily.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 26 Apr 2021 11:19:34 GMT
Server: nginx
Content-Type: application/xml;charset=UTF-8
Access-Control-Allow-Origin: https://www.thesundaily.my
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 67
x-sticky-vk: 1619435974406068-338
Expires: Mon, 26 Apr 2021 11:19:34 GMT

GET user-matching
ads.stickyadstv.com/ Frame D855 0
0

GET
H3-29

200

pixel
cm.g.doubleclick.net/
Redirect Chain

https://ads.stickyadstv.com/user-matching?id=11&_fw_gdpr=0&_fw_gdpr_consent=
https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_hm=NzEyZWYzN2Y0NjQ5OTQ2M2Q0NDc2YzIyNjllN2FhZg==&gdpr=0&gdpr_consent=
https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_hm=NzEyZWYzN2Y0NjQ5OTQ2M2Q0NDc2YzIyNjllN2FhZg==&gdpr=0&gdpr_consent=&google_tc=

170 B
188 B

16ms
16ms

Image
image/png

142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_hm=NzEyZWYzN2Y0NjQ5OTQ2M2Q0NDc2YzIyNjllN2FhZg==&gdpr=0&gdpr_consent=&google_tc=

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.thesundaily.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 26 Apr 2021 11:19:34 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 26 Apr 2021 11:19:34 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_hm=NzEyZWYzN2Y0NjQ5OTQ2M2Q0NDc2YzIyNjllN2FhZg==&gdpr=0&gdpr_consent=&google_tc=
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 363
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET user-matching
ads.stickyadstv.com/ Frame D855 0
0

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/
Redirect Chain

https://ads.stickyadstv.com/user-matching?id=2545&_fw_gdpr=0&_fw_gdpr_consent=
https://s.amazon-adsystem.com/ecm3?id=712ef37f46499463d4476c2269e7aaf&ex=freewheel.tv&gdpr=0&gdpr_consent=

43 B
344 B

105ms
104ms

Image
image/gif

52.94.232.32
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.amazon-adsystem.com/ecm3?id=712ef37f46499463d4476c2269e7aaf&ex=freewheel.tv&gdpr=0&gdpr_consent=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.94.232.32 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Server /
Resource Hash: c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Request headers

Referer: https://www.thesundaily.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 26 Apr 2021 11:19:34 GMT
Server: Server
Vary: User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 26 Apr 2021 11:19:34 GMT
Server: nginx
Access-Control-Allow-Origin: *
Location: https://s.amazon-adsystem.com/ecm3?id=712ef37f46499463d4476c2269e7aaf&ex=freewheel.tv&gdpr=0&gdpr_consent=
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0
x-sticky-vk: 1619435974479058-398
Expires: Mon, 26 Apr 2021 11:19:34 GMT

POST
H2 200 OpportunityServlet Show response
am-vid-events.taboola.com/ 1 B
123 B 22ms
21ms XHR
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://am-vid-events.taboola.com/OpportunityServlet
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/vPlayer/player/v12.2.0/OvaMediaPlayer.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: 5feceb66ffc86f38d952786c6d696c79c2dbc239dd4e91b46729d73a27fb57e9

Request headers

Referer: https://www.thesundaily.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type: text/plain

Response headers

access-control-allow-origin: https://www.thesundaily.my
date: Mon, 26 Apr 2021 11:19:37 GMT
access-control-allow-credentials: true
server: nginx
content-length: 1

POST
H2 200 VideoBidRequestHandlerServlet Show response
am-wf.taboola.com/ 2 KB
1 KB 110ms
109ms XHR
application/json 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://am-wf.taboola.com/VideoBidRequestHandlerServlet?oid=15&width=700&height=393&pubid=169497&tagid=953497&crid=5029295&noaop=3&sortOrderType=0&cb=1619435979248&mimes=5,10,11,12&isvideo=0&plmd=2&mindur=1&maxdur=210&minbr=1&maxbr=10000&st=0&seq=6&pv=1056001&pt=-70368120&tz=120&viewable=true&ddast=V75g8CFgOOnMIAPEMHZgSOnMIAPEMHZgUAAAAGBvQHGbOgjCjDEY3CYc6Wo9FysVksZqvRcDeEjVlQRpThiEbhMGfL0Wg5mCwmo91uMBtMpvBhLJfJoBZIWGa_76CgnJ4es8sgKrreFrvDafa8QQxNp8Pnutfrfr-76OjyvO4mh9PsvKudf6Hf7fIrPKfLw_qyuzwOt9Lz1jxsLrfo75a43Dqn7WV3i_5uzcvu9FveGqfpaX3ZPW-Fyehwu5Vl3m65GaxGcwAAAAB4AGDqfYX4AQQAiAAAAACQAAAAAKAIqPi3ELgAAAAAwAAgcGvVAIDiMBCX5ey0-wMA4KEABABAAIMEQCCypQTgYiv0BAAAAAAAAACA5f___z8GIC-_WAZgw-etB-DBB-CBqOCwiBEAAABAVj7Q8tGkTqgsqgAACNKtAK4AAALyGs55GcIAAAAExhboYfH7zQ67xu92GQAAAAAAAACA2f_ZP5qQlAduWpAVxZ7aLyAAwNovIAAAm7oBALwFwAUdQSsGg9UpxG44W-xGk81ydgAAAAB3_____3ogMlrZRg6PZeWwTGy7iW04s-xWM99wZJs5d4PFwntAcSWW4lUNdH0hwjL7fQcF5fT0mF0GUdH1ttgdTrPnID5oGJaTQTC_CVuMVpPJZjmcLReTwXA0HI32J4DLAU7EYLmcTBaT3Wq0Gm2Gu9FssECBGExwQoajzWQ12q12k-VwMhrNNpMNUrRqNRttBsPVbDLb7VbDwXA5GiFFaxazyWQxGy13m8FyMhoMJ8MhwthosnLZfBu3ZjDzrEWzlWmtsPlWbt1mMJotjLvhYGNxi14f0284mOw2wy0KBkjtRXCRTkRHl-d1NzmcZudFLNGcLNKJ7LKvjFa2kcNjWTksE9tuYhvOLLvVzDcc2WbO3WCx8NdGk5XL5tu4NYOZZy2arUxrhc23cus2g9FsYdwNBxuLW_T6mH7DwWS3Ge4bs8VytFktZ4N9Y7ZYjjar5Wyw79AZvqvP2ehMiw8emXa9u96KMvNB4TJYvD-JaTHtzg5-aevo9Pk8yoLOKLx-j16DwnPwmMbLW-1Y3j6b6eMwoYglgtNFOhG9jKeLWCJ5WqQT0ciy8i0mHsdqt3DZDIvBZrma7WYuj8Xk8sxmE4tYojRdpBO90O92-RWe0-VhfdldHodb6XlrHjaXW_R3S1xundP2srtFf7fmZXf6LW-N0_S0vuyet8JkdLjdyrNvt9wMVqOJ-o8NuJxLRsu5bDSXDDarBAAAAAAAAACwhDnzJgAAAACnQcyGk81uuQAQDl26QAI-TLYRHou79mNeBUaCCjXFjR8v0NHled1NDqfZeebNnglirVbLGgAAQAAbAAAggFs3bwFhkRw!&proto=2,3,5,6&encoded=1&pstn=1&callback=&wfv=1&amp=0&qsz=6&ft=0&pb=0&pagg=1&sd=undefined&dtagid=1530785&dpubid=168237&abtst=adh5c-1_vA!insc_vA!nrlc_vA!ntvc_vB!rft_vC!secure_protocol_vA!secure_protocol_vB!secure_vB!spa2_vA!ufm_vG&mPre=0.033&cirf=https%3A%2F%2Fwww.thesundaily.my&en=1&subu=3
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/vPlayer/player/v12.2.0/OvaMediaPlayer.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: 4408aa9ddeda720483559ac77e99e6e5ac8545865c03ace5003e1d3c11de28ef

Request headers

Referer: https://www.thesundaily.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type: text/plain

Response headers

pragma: no-cache
date: Mon, 26 Apr 2021 11:19:39 GMT
content-encoding: gzip
server: nginx
machineid: 1474
vary: Accept-Encoding
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.thesundaily.my
cache-control: no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
access-control-allow-credentials: true
expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H2 200 sync Show response
am-match.taboola.com/ Frame D808 973 B
1 KB 20ms
20ms Document
text/html 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://am-match.taboola.com/sync?dast=V75g8CFgOOnMIAPEMHZgSOnMIAPEMHZgUAAAAGBvQHGbOgjCjDEY3CYc6Wo9FysVksZqvRcDeEjVlQRpThiEbhMGfL0Wg5mCwmo91uMBtMpvBhLJfJoBZIWGa_76CgnJ4es8sgKrreFrvDafa8QQxNp8Pnutfrfr-76OjyvO4mh9PsvKudf6Hf7fIrPKfLw_qyuzwOt9Lz1jxsLrfo75a43Dqn7WV3i_5uzcvu9FveGqfpaX3ZPW-Fyehwu5Vl3m65GaxGcwAAAAB4AGDqfYX4AQQAiAAAAACQAAAAAKAIqPi3ELgAAAAAwAAgcGvVAIDiMBCX5ey0-wMA4KEABABAAIMEQCCypQTgYiv0BAAAAAAAAACA5f___z8GIC-_WAZgw-etB-DBB-CBqOCwiBEAAABAVj7Q8tGkTqgsqgAACNKtAK4AAALyGs55GcIAAAAExhboYfH7zQ67xu92GQAAAAAAAACA2f_ZP5qQlAduWpAVxZ7aLyAAwNovIAAAm7oBALwFwAUdQSsGg9UpxG44W-xGk81ydgAAAAB3_____3ogMlrZRg6PZeWwTGy7iW04s-xWM99wZJs5d4PFwntAcSWW4lUNdH0hwjL7fQcF5fT0mF0GUdH1ttgdTrPnID5oGJaTQTC_CVuMVpPJZjmcLReTwXA0HI32J4DLAU7EYLmcTBaT3Wq0Gm2Gu9FssECBGExwQoajzWQ12q12k-VwMhrNNpMNUrRqNRttBsPVbDLb7VbDwXA5GiFFaxazyWQxGy13m8FyMhoMJ8MhwthosnLZfBu3ZjDzrEWzlWmtsPlWbt1mMJotjLvhYGNxi14f0284mOw2wy0KBkjtRXCRTkRHl-d1NzmcZudFLNGcLNKJ7LKvjFa2kcNjWTksE9tuYhvOLLvVzDcc2WbO3WCx8NdGk5XL5tu4NYOZZy2arUxrhc23cus2g9FsYdwNBxuLW_T6mH7DwWS3Ge4bs8VytFktZ4N9Y7ZYjjar5Wyw79AZvqvP2ehMiw8emXa9u96KMvNB4TJYvD-JaTHtzg5-aevo9Pk8yoLOKLx-j16DwnPwmMbLW-1Y3j6b6eMwoYglgtNFOhG9jKeLWCJ5WqQT0ciy8i0mHsdqt3DZDIvBZrma7WYuj8Xk8sxmE4tYojRdpBO90O92-RWe0-VhfdldHodb6XlrHjaXW_R3S1xundP2srtFf7fmZXf6LW-N0_S0vuyet8JkdLjdyrNvt9wMVqOJ-o8NuJxLRsu5bDSXDDarBAAAAAAAAACwhDnzJgAAAACnQcyGk81uuQAQDl26QAI-TLYRHou79mNeBUaCCjXFjR8v0NHled1NDqfZeebNnglirVbLGgAAQAAbAAAggFs3bwFhkRw!&excid=22&docw=0&cijs=1&nlb=true
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/units/29_5_8/infra/cmTagFEED_MANAGER.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: 0574e172e3545369b75a00ab474444ad0b84bc2c6dd4f93c302d19d5c555fecc

Request headers

:method: GET
:authority: am-match.taboola.com
:scheme: https
:path: /sync?dast=V75g8CFgOOnMIAPEMHZgSOnMIAPEMHZgUAAAAGBvQHGbOgjCjDEY3CYc6Wo9FysVksZqvRcDeEjVlQRpThiEbhMGfL0Wg5mCwmo91uMBtMpvBhLJfJoBZIWGa_76CgnJ4es8sgKrreFrvDafa8QQxNp8Pnutfrfr-76OjyvO4mh9PsvKudf6Hf7fIrPKfLw_qyuzwOt9Lz1jxsLrfo75a43Dqn7WV3i_5uzcvu9FveGqfpaX3ZPW-Fyehwu5Vl3m65GaxGcwAAAAB4AGDqfYX4AQQAiAAAAACQAAAAAKAIqPi3ELgAAAAAwAAgcGvVAIDiMBCX5ey0-wMA4KEABABAAIMEQCCypQTgYiv0BAAAAAAAAACA5f___z8GIC-_WAZgw-etB-DBB-CBqOCwiBEAAABAVj7Q8tGkTqgsqgAACNKtAK4AAALyGs55GcIAAAAExhboYfH7zQ67xu92GQAAAAAAAACA2f_ZP5qQlAduWpAVxZ7aLyAAwNovIAAAm7oBALwFwAUdQSsGg9UpxG44W-xGk81ydgAAAAB3_____3ogMlrZRg6PZeWwTGy7iW04s-xWM99wZJs5d4PFwntAcSWW4lUNdH0hwjL7fQcF5fT0mF0GUdH1ttgdTrPnID5oGJaTQTC_CVuMVpPJZjmcLReTwXA0HI32J4DLAU7EYLmcTBaT3Wq0Gm2Gu9FssECBGExwQoajzWQ12q12k-VwMhrNNpMNUrRqNRttBsPVbDLb7VbDwXA5GiFFaxazyWQxGy13m8FyMhoMJ8MhwthosnLZfBu3ZjDzrEWzlWmtsPlWbt1mMJotjLvhYGNxi14f0284mOw2wy0KBkjtRXCRTkRHl-d1NzmcZudFLNGcLNKJ7LKvjFa2kcNjWTksE9tuYhvOLLvVzDcc2WbO3WCx8NdGk5XL5tu4NYOZZy2arUxrhc23cus2g9FsYdwNBxuLW_T6mH7DwWS3Ge4bs8VytFktZ4N9Y7ZYjjar5Wyw79AZvqvP2ehMiw8emXa9u96KMvNB4TJYvD-JaTHtzg5-aevo9Pk8yoLOKLx-j16DwnPwmMbLW-1Y3j6b6eMwoYglgtNFOhG9jKeLWCJ5WqQT0ciy8i0mHsdqt3DZDIvBZrma7WYuj8Xk8sxmE4tYojRdpBO90O92-RWe0-VhfdldHodb6XlrHjaXW_R3S1xundP2srtFf7fmZXf6LW-N0_S0vuyet8JkdLjdyrNvt9wMVqOJ-o8NuJxLRsu5bDSXDDarBAAAAAAAAACwhDnzJgAAAACnQcyGk81uuQAQDl26QAI-TLYRHou79mNeBUaCCjXFjR8v0NHled1NDqfZeebNnglirVbLGgAAQAAbAAAggFs3bwFhkRw!&excid=22&docw=0&cijs=1&nlb=true
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.thesundaily.my/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.thesundaily.my/

Response headers

server: nginx
date: Mon, 26 Apr 2021 11:19:42 GMT
content-type: text/html;charset=ISO-8859-1
machineid: 3402

GET
H2 200 sync
taboola-supply-partners.tremorhub.com/ Frame D808 43 B
182 B 89ms
89ms Image
image/gif 2600:1f18:612b:4232:3a2c:3c86:af1b:2715
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://taboola-supply-partners.tremorhub.com/sync?UISTB=%3CtaboolaUserId%3E&gdpr=1&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Ftelaria-rtb-network%2F1%2Frtb-h%2F%3Fgdpr%3D1%26us_privacy%3D1---%26taboola_hm%3D%5BTVUSER_ID%5D%26orig%3Dvideo
Requested by: Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V75g8CFgOOnMIAPEMHZgSOnMIAPEMHZgUAAAAGBvQHGbOgjCjDEY3CYc6Wo9FysVksZqvRcDeEjVlQRpThiEbhMGfL0Wg5mCwmo91uMBtMpvBhLJfJoBZIWGa_76CgnJ4es8sgKrreFrvDafa8QQxNp8Pnutfrfr-76OjyvO4mh9PsvKudf6Hf7fIrPKfLw_qyuzwOt9Lz1jxsLrfo75a43Dqn7WV3i_5uzcvu9FveGqfpaX3ZPW-Fyehwu5Vl3m65GaxGcwAAAAB4AGDqfYX4AQQAiAAAAACQAAAAAKAIqPi3ELgAAAAAwAAgcGvVAIDiMBCX5ey0-wMA4KEABABAAIMEQCCypQTgYiv0BAAAAAAAAACA5f___z8GIC-_WAZgw-etB-DBB-CBqOCwiBEAAABAVj7Q8tGkTqgsqgAACNKtAK4AAALyGs55GcIAAAAExhboYfH7zQ67xu92GQAAAAAAAACA2f_ZP5qQlAduWpAVxZ7aLyAAwNovIAAAm7oBALwFwAUdQSsGg9UpxG44W-xGk81ydgAAAAB3_____3ogMlrZRg6PZeWwTGy7iW04s-xWM99wZJs5d4PFwntAcSWW4lUNdH0hwjL7fQcF5fT0mF0GUdH1ttgdTrPnID5oGJaTQTC_CVuMVpPJZjmcLReTwXA0HI32J4DLAU7EYLmcTBaT3Wq0Gm2Gu9FssECBGExwQoajzWQ12q12k-VwMhrNNpMNUrRqNRttBsPVbDLb7VbDwXA5GiFFaxazyWQxGy13m8FyMhoMJ8MhwthosnLZfBu3ZjDzrEWzlWmtsPlWbt1mMJotjLvhYGNxi14f0284mOw2wy0KBkjtRXCRTkRHl-d1NzmcZudFLNGcLNKJ7LKvjFa2kcNjWTksE9tuYhvOLLvVzDcc2WbO3WCx8NdGk5XL5tu4NYOZZy2arUxrhc23cus2g9FsYdwNBxuLW_T6mH7DwWS3Ge4bs8VytFktZ4N9Y7ZYjjar5Wyw79AZvqvP2ehMiw8emXa9u96KMvNB4TJYvD-JaTHtzg5-aevo9Pk8yoLOKLx-j16DwnPwmMbLW-1Y3j6b6eMwoYglgtNFOhG9jKeLWCJ5WqQT0ciy8i0mHsdqt3DZDIvBZrma7WYuj8Xk8sxmE4tYojRdpBO90O92-RWe0-VhfdldHodb6XlrHjaXW_R3S1xundP2srtFf7fmZXf6LW-N0_S0vuyet8JkdLjdyrNvt9wMVqOJ-o8NuJxLRsu5bDSXDDarBAAAAAAAAACwhDnzJgAAAACnQcyGk81uuQAQDl26QAI-TLYRHou79mNeBUaCCjXFjR8v0NHled1NDqfZeebNnglirVbLGgAAQAAbAAAggFs3bwFhkRw!&excid=22&docw=0&cijs=1&nlb=true
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:612b:4232:3a2c:3c86:af1b:2715 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: Apache-Coyote/1.1 /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer: https://am-match.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Apr 2021 11:19:42 GMT
server: Apache-Coyote/1.1
p3p: CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
content-type: image/gif

GET
H2 200 generic
match.adsrvr.org/track/cmf/ Frame D808 70 B
264 B 29ms
29ms Image
image/gif 63.33.11.43
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?gdpr=1&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1
Requested by: Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V75g8CFgOOnMIAPEMHZgSOnMIAPEMHZgUAAAAGBvQHGbOgjCjDEY3CYc6Wo9FysVksZqvRcDeEjVlQRpThiEbhMGfL0Wg5mCwmo91uMBtMpvBhLJfJoBZIWGa_76CgnJ4es8sgKrreFrvDafa8QQxNp8Pnutfrfr-76OjyvO4mh9PsvKudf6Hf7fIrPKfLw_qyuzwOt9Lz1jxsLrfo75a43Dqn7WV3i_5uzcvu9FveGqfpaX3ZPW-Fyehwu5Vl3m65GaxGcwAAAAB4AGDqfYX4AQQAiAAAAACQAAAAAKAIqPi3ELgAAAAAwAAgcGvVAIDiMBCX5ey0-wMA4KEABABAAIMEQCCypQTgYiv0BAAAAAAAAACA5f___z8GIC-_WAZgw-etB-DBB-CBqOCwiBEAAABAVj7Q8tGkTqgsqgAACNKtAK4AAALyGs55GcIAAAAExhboYfH7zQ67xu92GQAAAAAAAACA2f_ZP5qQlAduWpAVxZ7aLyAAwNovIAAAm7oBALwFwAUdQSsGg9UpxG44W-xGk81ydgAAAAB3_____3ogMlrZRg6PZeWwTGy7iW04s-xWM99wZJs5d4PFwntAcSWW4lUNdH0hwjL7fQcF5fT0mF0GUdH1ttgdTrPnID5oGJaTQTC_CVuMVpPJZjmcLReTwXA0HI32J4DLAU7EYLmcTBaT3Wq0Gm2Gu9FssECBGExwQoajzWQ12q12k-VwMhrNNpMNUrRqNRttBsPVbDLb7VbDwXA5GiFFaxazyWQxGy13m8FyMhoMJ8MhwthosnLZfBu3ZjDzrEWzlWmtsPlWbt1mMJotjLvhYGNxi14f0284mOw2wy0KBkjtRXCRTkRHl-d1NzmcZudFLNGcLNKJ7LKvjFa2kcNjWTksE9tuYhvOLLvVzDcc2WbO3WCx8NdGk5XL5tu4NYOZZy2arUxrhc23cus2g9FsYdwNBxuLW_T6mH7DwWS3Ge4bs8VytFktZ4N9Y7ZYjjar5Wyw79AZvqvP2ehMiw8emXa9u96KMvNB4TJYvD-JaTHtzg5-aevo9Pk8yoLOKLx-j16DwnPwmMbLW-1Y3j6b6eMwoYglgtNFOhG9jKeLWCJ5WqQT0ciy8i0mHsdqt3DZDIvBZrma7WYuj8Xk8sxmE4tYojRdpBO90O92-RWe0-VhfdldHodb6XlrHjaXW_R3S1xundP2srtFf7fmZXf6LW-N0_S0vuyet8JkdLjdyrNvt9wMVqOJ-o8NuJxLRsu5bDSXDDarBAAAAAAAAACwhDnzJgAAAACnQcyGk81uuQAQDl26QAI-TLYRHou79mNeBUaCCjXFjR8v0NHled1NDqfZeebNnglirVbLGgAAQAAbAAAggFs3bwFhkRw!&excid=22&docw=0&cijs=1&nlb=true
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 63.33.11.43 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-63-33-11-43.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer: https://am-match.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 26 Apr 2021 11:19:42 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H2 204 sync Show response
pixel.advertising.com/ups/58166/ Frame D808 0
124 B 16ms
15ms Script
text/plain 52.28.254.214
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://pixel.advertising.com/ups/58166/sync?gdpr=1&uid=&_origin=1&us_privacy=1---&redir=true

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.28.254.214 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://am-match.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Apr 2021 11:19:42 GMT
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2

200

rtb-h Show response
sync-t1.taboola.com/sg/spotx-rtb-network/1/ Frame D808
Redirect Chain

https://sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3D...
https://sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3D...
https://sync-t1.taboola.com/sg/spotx-rtb-network/1/rtb-h?taboola_hm=4c4b1875-a681-11eb-8c37-1a7ccaea0206&orig=video&us_privacy=1---

0
228 B

20ms
20ms

Script
text/plain

141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://sync-t1.taboola.com/sg/spotx-rtb-network/1/rtb-h?taboola_hm=4c4b1875-a681-11eb-8c37-1a7ccaea0206&orig=video&us_privacy=1---
Requested by: Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V75g8CFgOOnMIAPEMHZgSOnMIAPEMHZgUAAAAGBvQHGbOgjCjDEY3CYc6Wo9FysVksZqvRcDeEjVlQRpThiEbhMGfL0Wg5mCwmo91uMBtMpvBhLJfJoBZIWGa_76CgnJ4es8sgKrreFrvDafa8QQxNp8Pnutfrfr-76OjyvO4mh9PsvKudf6Hf7fIrPKfLw_qyuzwOt9Lz1jxsLrfo75a43Dqn7WV3i_5uzcvu9FveGqfpaX3ZPW-Fyehwu5Vl3m65GaxGcwAAAAB4AGDqfYX4AQQAiAAAAACQAAAAAKAIqPi3ELgAAAAAwAAgcGvVAIDiMBCX5ey0-wMA4KEABABAAIMEQCCypQTgYiv0BAAAAAAAAACA5f___z8GIC-_WAZgw-etB-DBB-CBqOCwiBEAAABAVj7Q8tGkTqgsqgAACNKtAK4AAALyGs55GcIAAAAExhboYfH7zQ67xu92GQAAAAAAAACA2f_ZP5qQlAduWpAVxZ7aLyAAwNovIAAAm7oBALwFwAUdQSsGg9UpxG44W-xGk81ydgAAAAB3_____3ogMlrZRg6PZeWwTGy7iW04s-xWM99wZJs5d4PFwntAcSWW4lUNdH0hwjL7fQcF5fT0mF0GUdH1ttgdTrPnID5oGJaTQTC_CVuMVpPJZjmcLReTwXA0HI32J4DLAU7EYLmcTBaT3Wq0Gm2Gu9FssECBGExwQoajzWQ12q12k-VwMhrNNpMNUrRqNRttBsPVbDLb7VbDwXA5GiFFaxazyWQxGy13m8FyMhoMJ8MhwthosnLZfBu3ZjDzrEWzlWmtsPlWbt1mMJotjLvhYGNxi14f0284mOw2wy0KBkjtRXCRTkRHl-d1NzmcZudFLNGcLNKJ7LKvjFa2kcNjWTksE9tuYhvOLLvVzDcc2WbO3WCx8NdGk5XL5tu4NYOZZy2arUxrhc23cus2g9FsYdwNBxuLW_T6mH7DwWS3Ge4bs8VytFktZ4N9Y7ZYjjar5Wyw79AZvqvP2ehMiw8emXa9u96KMvNB4TJYvD-JaTHtzg5-aevo9Pk8yoLOKLx-j16DwnPwmMbLW-1Y3j6b6eMwoYglgtNFOhG9jKeLWCJ5WqQT0ciy8i0mHsdqt3DZDIvBZrma7WYuj8Xk8sxmE4tYojRdpBO90O92-RWe0-VhfdldHodb6XlrHjaXW_R3S1xundP2srtFf7fmZXf6LW-N0_S0vuyet8JkdLjdyrNvt9wMVqOJ-o8NuJxLRsu5bDSXDDarBAAAAAAAAACwhDnzJgAAAACnQcyGk81uuQAQDl26QAI-TLYRHou79mNeBUaCCjXFjR8v0NHled1NDqfZeebNnglirVbLGgAAQAAbAAAggFs3bwFhkRw!&excid=22&docw=0&cijs=1&nlb=true
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://am-match.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

tbl-x-upstream: 10.41.12.133:10213
date: Mon, 26 Apr 2021 11:19:42 GMT
server: nginx
x-fastly-to-nlb-rtt: 14902

Redirect headers

Date: Mon, 26 Apr 2021 11:19:42 GMT
Server: nginx
Location: https://sync-t1.taboola.com/sg/spotx-rtb-network/1/rtb-h?taboola_hm=4c4b1875-a681-11eb-8c37-1a7ccaea0206&orig=video&us_privacy=1---
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/plain
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials: false
X-fe: 46
Connection: keep-alive
Content-Length: 0

GET
H2 200 sync
x.bidswitch.net/ Frame D808 43 B
145 B 14ms
14ms Image
image/gif 52.59.128.17
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/sync?gdpr=1&us_privacy=1---&ssp=taboola
Requested by: Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V75g8CFgOOnMIAPEMHZgSOnMIAPEMHZgUAAAAGBvQHGbOgjCjDEY3CYc6Wo9FysVksZqvRcDeEjVlQRpThiEbhMGfL0Wg5mCwmo91uMBtMpvBhLJfJoBZIWGa_76CgnJ4es8sgKrreFrvDafa8QQxNp8Pnutfrfr-76OjyvO4mh9PsvKudf6Hf7fIrPKfLw_qyuzwOt9Lz1jxsLrfo75a43Dqn7WV3i_5uzcvu9FveGqfpaX3ZPW-Fyehwu5Vl3m65GaxGcwAAAAB4AGDqfYX4AQQAiAAAAACQAAAAAKAIqPi3ELgAAAAAwAAgcGvVAIDiMBCX5ey0-wMA4KEABABAAIMEQCCypQTgYiv0BAAAAAAAAACA5f___z8GIC-_WAZgw-etB-DBB-CBqOCwiBEAAABAVj7Q8tGkTqgsqgAACNKtAK4AAALyGs55GcIAAAAExhboYfH7zQ67xu92GQAAAAAAAACA2f_ZP5qQlAduWpAVxZ7aLyAAwNovIAAAm7oBALwFwAUdQSsGg9UpxG44W-xGk81ydgAAAAB3_____3ogMlrZRg6PZeWwTGy7iW04s-xWM99wZJs5d4PFwntAcSWW4lUNdH0hwjL7fQcF5fT0mF0GUdH1ttgdTrPnID5oGJaTQTC_CVuMVpPJZjmcLReTwXA0HI32J4DLAU7EYLmcTBaT3Wq0Gm2Gu9FssECBGExwQoajzWQ12q12k-VwMhrNNpMNUrRqNRttBsPVbDLb7VbDwXA5GiFFaxazyWQxGy13m8FyMhoMJ8MhwthosnLZfBu3ZjDzrEWzlWmtsPlWbt1mMJotjLvhYGNxi14f0284mOw2wy0KBkjtRXCRTkRHl-d1NzmcZudFLNGcLNKJ7LKvjFa2kcNjWTksE9tuYhvOLLvVzDcc2WbO3WCx8NdGk5XL5tu4NYOZZy2arUxrhc23cus2g9FsYdwNBxuLW_T6mH7DwWS3Ge4bs8VytFktZ4N9Y7ZYjjar5Wyw79AZvqvP2ehMiw8emXa9u96KMvNB4TJYvD-JaTHtzg5-aevo9Pk8yoLOKLx-j16DwnPwmMbLW-1Y3j6b6eMwoYglgtNFOhG9jKeLWCJ5WqQT0ciy8i0mHsdqt3DZDIvBZrma7WYuj8Xk8sxmE4tYojRdpBO90O92-RWe0-VhfdldHodb6XlrHjaXW_R3S1xundP2srtFf7fmZXf6LW-N0_S0vuyet8JkdLjdyrNvt9wMVqOJ-o8NuJxLRsu5bDSXDDarBAAAAAAAAACwhDnzJgAAAACnQcyGk81uuQAQDl26QAI-TLYRHou79mNeBUaCCjXFjR8v0NHled1NDqfZeebNnglirVbLGgAAQAAbAAAggFs3bwFhkRw!&excid=22&docw=0&cijs=1&nlb=true
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.59.128.17 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-59-128-17.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Referer: https://am-match.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Apr 2021 11:19:42 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 43
content-type: image/gif

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: csi.gstatic.com
URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=3~knyicxrk&c=467284438145&slotId=233642219072.5&qqid=CPnHmInlm_ACFRTMuwgdyqUBuQ&uet=2

Domain: csi.gstatic.com
URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=4~knyicy9w&c=467284438145&slotId=233642219072.5&qqid=CPnHmInlm_ACFRTMuwgdyqUBuQ&event_name=unmeasurable_asset&resource_name=https%253A%252F%252Fwww.gstatic.com%252Fmysidia%252F3bdf4bc5a105080d989d03306174de96.js%253Ftag%253Dclient_fast_engine_2019&encoded_body_size=0&transfer_size=0

Domain: csi.gstatic.com
URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=5~knyicy9x&c=467284438145&slotId=233642219072.5&qqid=CPnHmInlm_ACFRTMuwgdyqUBuQ&event_name=unmeasurable_asset&resource_name=https%253A%252F%252Fwww.gstatic.com%252Fmysidia%252F51f95e8801b2f454bb1ec0b0d582ea90.js%253Ftag%253Dvideo_mra%252Fweb_raspberry&encoded_body_size=0&transfer_size=0

Domain: csi.gstatic.com
URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=6~knyicy9x&c=467284438145&slotId=233642219072.5&qqid=CPnHmInlm_ACFRTMuwgdyqUBuQ&event_name=unmeasurable_asset&resource_name=https%253A%252F%252Fwww.gstatic.com%252Fmysidia%252Fb42b11247d0ebeb7b44892ca7e629453.js%253Ftag%253Dmysidia_one_click_handler_one_afma_2019&encoded_body_size=0&transfer_size=0

Domain: csi.gstatic.com
URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=7~knyicy9y&c=467284438145&slotId=233642219072.5&qqid=CPnHmInlm_ACFRTMuwgdyqUBuQ&event_name=unmeasurable_asset&resource_name=https%253A%252F%252Fr2---sn-4g5e6nsk.googlevideo.com%252Fvideoplayback%253Fexpire%253D1619464760%2526ei%253DuKGGYPqvKt-B6dsP1rWDuAI%2526ip%253D89.249.64.203%2526id%253D16de1625ddc475dc%2526itag%253D18%2526source%253Dyoutube%2526requiressl%253Dyes%2526mh%253Dbp%2526mm%253D31%2526mn%253Dsn-4g5e6nsk%2526ms%253Dau%2526mv%253Dm%2526mvi%253D2%2526pl%253D25%2526susc%253Dgvp%2526acao%253Dyes%2526ctier%253DL%2526mime%253Dvideo%252Fmp4%2526vprv%253D1%2526dur%253D22.616%2526lmt%253D1611934249563212%2526mt%253D1619435805%2526txp%253D6210222%2526sparams%253Dexpire%252Cei%252Cip%252Cid%252Citag%252Csource%252Crequiressl%252Csusc%252Cacao%252Cctier%252Cmime%252Cvprv%252Cdur%252Clmt%2526sig%253DAOq0QJ8wRQIhAOaVpjNZixE5cx6BU_oumwsUgCiP68XmRc8SWQZWI9tzAiA7t4nm3d5Jj3DaqZFKZFBjvgtzM3l-bkoTK8T9_-6TWw%253D%253D%2526lsparams%253Dmh%252Cmm%252Cmn%252Cms%252Cmv%252Cmvi%252Cpl%2526lsig%253DAG3C_xAwRAIgevbBXSr8o5Fa-XEDtIfCspf-589HsultIycRUH3880kCIDh-bujKapMZkB9qQnF1BVoyYPQv72gMDz-D0rOVyInG&encoded_body_size=0&transfer_size=0

Domain: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstmd789arf2ACWip1INd5mB0dVVtSHqs5nyF45aYbK9bYx0bOFFrVFFqDdZ6xZ9LrqN3UspPKA6UqcvsXpHMb5jcLCwFd3Uyx6iljiXYcHVX3I_RO-xhJ40xpAs9A&sai=AMfl-YQSvaS3R4LZbKezm71vQLkMW1767JbwGi7AP9MP1sG00qvZH92wVS0YCM_kDLYMhmYBlj9yi3BgfwTAr-C9HpDza7HhpOK82sHuqM3dMrSIrsSBAM0rSwULBQl9-B0r&sig=Cg0ArKJSzCBG8HxH4uN2EAE&cid=CAASPeRoDJEJ-ybitY4_-4uraTXSDKyfbzu0GH2sKi2yuIfy3M_rXs5HG3e-LyovU0Uud-B1MLEIXegMsLZdnew&id=lidartos&mcvt=0&p=1907,1040,2157,1340&mtos=0,0,0,0,0&tos=0,0,0,0,0&v=20210421&bin=7&avms=nio&bs=0,0&mc=0&if=1&app=0&itpl=22&adk=3514525992&rs=4&met=mue&la=0&cr=0&osd=1&vs=3&rst=1619435960828&dlt=10&rpt=272&isd=0&msd=0&r=u&fum=1

Domain: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjss3gH0UUkLB1dinWPdcrlNsD4n4-Ipiq89bDjKkz4Quqsz36Y2z2KEuFqv8DRIq1jgcGEsfGrUKFvCTqaODNJQXNraev6hkT1S-4ILm0ss&sig=Cg0ArKJSzHNUdzhPJT_yEAE&id=lidartos&mcvt=2128&p=198,221,438,1391&mtos=2128,2128,2128,2128,2128&tos=2128,0,0,0,0&v=20210421&bin=7&avms=nio&bs=1600,1200&mc=1&app=0&itpl=3&adk=3154283803&rs=4&met=mue&la=1&cr=0&osd=1&vs=4&rst=1619435960832&dlt=0&rpt=152&isd=0&msd=0&r=u&fum=1

Domain: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvleSEF4xvBforMXZ7yJ_0aMeCVwJPH9idQI05CFkAXRUpnO-G4dOUNvBXSNIruouwui9gFjW3QSBCkPLmth9TbOc1fpFQLmKwG2KG9-swQ6o7l&sai=AMfl-YQ1tO-rCn23Rd2fTUkX9nMNRwuDVVtvqEjLDqZ4cIkGX_6ub9zoGT3CrLfWgntH0FAuO8heYVO97J-p_M1MDBH1Gt2gYiNJxGJvysa6zxOzmElM_xzYgnN5fQRDuxvn&sig=Cg0ArKJSzBtGwPoO4GLiEAE&cid=CAASPeRoY1OtUsWcxFyvYdKn-JN2vTKS0UOxx9kJDW36Ty_wzUfB5os68RJABmPK_zabef4jns5BClC6KmXHCEY&id=lidartos&mcvt=0&p=2181,455,2435,755&mtos=0,0,0,0,0&tos=0,0,0,0,0&v=20210423&bin=7&avms=nio&bs=0,0&mc=0&if=1&app=0&itpl=20&adk=2916017631&rs=4&met=mue&la=0&cr=0&osd=1&vs=3&rst=1619435960832&dlt=9&rpt=755&isd=0&msd=0&r=u&fum=1

Domain: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvlAS9IyewUGSWetDTtyJxjMFbdNGKocRv2DnY45urZ4JRYBUcX7slZExrV2apUGmVjQGt2p1CsFmpGrqXICFXjgYlU_xVAGZSI10EEN3Y&sig=Cg0ArKJSzNwDSLtOb9L7EAE&id=lidartos&mcvt=0&p=1162,1040,1412,1340&mtos=0,0,0,0,2251&tos=0,0,0,0,2251&v=20210421&bin=7&avms=nio&bs=1600,1200&mc=0.15&app=0&itpl=3&adk=2916017630&rs=4&met=mue&la=0&cr=0&osd=1&vs=3&rst=1619435960832&dlt=0&rpt=224&isd=0&msd=0&r=u&fum=1

Domain: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvaH0308D4KZNgf7juGtYmUwim5v9iyQsL6hkPXzVkzcoJyRJ36KVSDp-eLLFGA6bu9U9vxdgC4VKiOKAuBWNya7MbUVtj6UNa3rJOvLPA&sig=Cg0ArKJSzHY3aTl0Z4WXEAE&id=lidartos&mcvt=0&p=1637,1040,1887,1340&mtos=0,0,0,0,0&tos=0,0,0,0,0&v=20210421&bin=7&avms=nio&bs=1600,1200&mc=0&app=0&itpl=3&adk=846607975&rs=4&met=mue&la=0&cr=0&osd=1&vs=3&rst=1619435960832&dlt=0&rpt=155&isd=0&msd=0&r=u&fum=1

Domain: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuWFy-03nGEmlLkDsGQSQhBMJOJsbAmi4M5SQD29O6qNClIcFU8xOIXQbbcMul95psp32PfezYbETVURA7ZTIuMz6takxkTjEbe2sjgRvU&sig=Cg0ArKJSzIzzSLzkKrZPEAE&id=lidartos&mcvt=2222&p=892,1040,1142,1340&mtos=2222,2222,2222,2222,2222&tos=2222,0,0,0,0&v=20210421&bin=7&avms=nio&bs=1600,1200&mc=1&app=0&itpl=3&adk=3079932573&rs=4&met=mue&la=0&cr=0&osd=1&vs=4&rst=1619435960833&dlt=0&rpt=160&isd=0&msd=0&r=u&fum=1

Domain: ads.stickyadstv.com
URL: https://ads.stickyadstv.com/user-registering?dataProviderId=593&userId=gyFyDF9F1LAZgW5

Domain: loadus.exelator.com
URL: https://loadus.exelator.com/load/?p=1082&g=204&j=r&gdpr=1&gdpr_consent=&ru=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F103%2F1%2F7.gif%3Fpuid%3D%25%25UID%25%25%26gdpr%3D1%26gdpr_consent%3D

Domain: loadus.exelator.com
URL: https://loadus.exelator.com/load/?p=1082&g=204&j=r&gdpr=1&gdpr_consent=&ru=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F103%2F1%2F7.gif%3Fpuid%3D%25%25UID%25%25%26gdpr%3D1%26gdpr_consent%3D&xl8blockcheck=1

Domain: ads.stickyadstv.com
URL: https://ads.stickyadstv.com/auto-user-sync?gdpr=1&gdpr_consent=null

Domain: ads.stickyadstv.com
URL: https://ads.stickyadstv.com/user-matching?id=11&_fw_gdpr=0&_fw_gdpr_consent=

Domain: ads.stickyadstv.com
URL: https://ads.stickyadstv.com/user-matching?id=2545&_fw_gdpr=0&_fw_gdpr_consent=

Domain: ads.stickyadstv.com
URL: https://ads.stickyadstv.com/user-registering?dataProviderId=187&userId=YIahxwAAeGtLpAA4&gdpr=0&gdpr_consent=&_test=YIahxwAAeGtLpAA4

Domain: ads.stickyadstv.com
URL: https://ads.stickyadstv.com/user-matching?id=11&_fw_gdpr=0&_fw_gdpr_consent=

Domain: ads.stickyadstv.com
URL: https://ads.stickyadstv.com/user-matching?id=2545&_fw_gdpr=0&_fw_gdpr_consent=

Verdicts & Comments Add Verdict or Comment

499 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

3 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.pubmatic.com/	1970-01-19 18:33:47	Name: PugT Value: 1619435970
.pubmatic.com/	1970-01-19 20:00:11	Name: PUBMDCID Value: 3
.pubmatic.com/	1970-01-19 20:00:11	Name: KRTBCOOKIE_466 Value: 16530-12428329-f4e5-4cb6-aee7-6ed04bfce60a

15 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	debug	URL: https://info.silobreaker.com/e2t/tc/VWt22z7YxmcLW3d_lfb36JTN9VZjc4S4qSWfGN50kgPk2-HwrV1-WJV7CgH74W8yj8Gf5DDZvcW3TJBTT7kqbNwMR6s8lJGK_xW9h7hwf27nzMqW5wGLkb4hf5GgW3lN5Td7tRBTkW30lvRX1N-LFjW1tW32m7Trp5GW4xr3Wn7WcQ5vW23hz6z6nGFdkW7VpsPv34ByTlW1KrtR88V7szrW39MzFN7Py845W3wb58d2vpQrZW4tlyqy4716kPW7N7-KV2vQ-5fW7qBTzn7dJ1BKW4VM3fG2FFWxyW3sfPLt74fFR8N6_-qlgnJKNxW60WBkK3dW8pZW2_vCdB2RRvxLW5F45Z61c1l3BVnybQW29v8QnW3Bf6923kQS6jN6fzWv1M0WN93c-z1(Line 13) Message: toS
console-api	log	URL: https://cdn.taboola.com/libtrc/impl.20210426-7-RELEASE.js(Line 3) Message: TRC.extractValidContainer: Could not find any valid container when trying to move feed
console-api	log	URL: https://cdn.taboola.com/libtrc/impl.20210426-7-RELEASE.js(Line 3) Message: Exit TRCRBox.loadScriptCallback(retry=0): no items in response - thumbs-feed-01
console-api	log	URL: https://cdn.taboola.com/libtrc/impl.20210426-7-RELEASE.js(Line 3) Message: Exit TRCRBox.loadScriptCallback(retry=0): no items in response - organic-thumbs-feed-01
console-api	error	URL: https://cdn.iterwebcms.com/_proxy_https_/mas.protecmedia.com/mas-push-min.js(Line 31) Message: The browser does not support Service Workers / Cookies
console-api	log	URL: https://www.thesundaily.my/base-portlet/webrsrc/theme/d87fd46c27fbd23ff232308aa10ab110.js(Line 1) Message: Entro a pintar el 136
console-api	log	URL: https://www.thesundaily.my/base-portlet/webrsrc/theme/d87fd46c27fbd23ff232308aa10ab110.js(Line 1) Message: Entro a pintar el 136
console-api	log	(Line 5) Message: newnode
console-api	log	(Line 12) Message: newnode2
console-api	info	URL: https://cdn.ampproject.org/rtv/012103020108001/amp4ads-v0.mjs(Line 10) Message: Powered by AMP ⚡ HTML – Version 2103020108001 https://www.thesundaily.my/home/astrazeneca-is-safe-to-be-given-to-senior-citizens-adham-YL7793054?_hsmi=88974744&_hsenc=p2ANqtz-_G5s6CORBttERc_beHteVqqnJIJh5EriMR00fz0Cexxf2lQpsFfBisijUxttE-tNX9yfHTn7fBQWbcOnOkY3_eCosMOOPpTIuaIKsiuCzrvP7v03c
console-api	warning	URL: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js(Line 61) Message: 13:19:23,412 com.stickyadstv.utils.Browser GDPR 2.0 - TCFAPI function cannot be found. _fw_gdpr: null, _fw_gdpr_consent: null
console-api	info	URL: https://cdn.ampproject.org/rtv/012103020108001/amp4ads-v0.mjs(Line 10) Message: Powered by AMP ⚡ HTML – Version 2103020108001 https://www.thesundaily.my/home/astrazeneca-is-safe-to-be-given-to-senior-citizens-adham-YL7793054?_hsmi=88974744&_hsenc=p2ANqtz-_G5s6CORBttERc_beHteVqqnJIJh5EriMR00fz0Cexxf2lQpsFfBisijUxttE-tNX9yfHTn7fBQWbcOnOkY3_eCosMOOPpTIuaIKsiuCzrvP7v03c
console-api	info	URL: https://cdn.ampproject.org/rtv/012103020108001/amp4ads-v0.mjs(Line 10) Message: Powered by AMP ⚡ HTML – Version 2103020108001 https://www.thesundaily.my/home/astrazeneca-is-safe-to-be-given-to-senior-citizens-adham-YL7793054?_hsmi=88974744&_hsenc=p2ANqtz-_G5s6CORBttERc_beHteVqqnJIJh5EriMR00fz0Cexxf2lQpsFfBisijUxttE-tNX9yfHTn7fBQWbcOnOkY3_eCosMOOPpTIuaIKsiuCzrvP7v03c
console-api	warning	URL: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js(Line 61) Message: 13:19:25,499 com.stickyadstv.utils.Browser GDPR 2.0 - TCFAPI function cannot be found. _fw_gdpr: null, _fw_gdpr_consent: null
console-api	warning	URL: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js(Line 61) Message: 13:19:34,463 com.stickyadstv.utils.Browser GDPR 2.0 - TCFAPI function cannot be found. _fw_gdpr: null, _fw_gdpr_consent: null

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

15.taboola.com
5f7a3c227877733a11b3d8ac75a2ccaf.safeframe.googlesyndication.com
acdn.adnxs.com
ad.turn.com
adasia-d.openx.net
adnetwork.adasiaholdings.com
ads.pubmatic.com
ads.stickyadstv.com
adservice.google.com
adservice.google.de
ag.innovid.com
ajax.googleapis.com
am-match.taboola.com
am-vid-events.taboola.com
am-wf.taboola.com
anymind360.com
as.innity.com
aud.pubmatic.com
avd.innity.com
avd.innity.net
aw.dw.impact-ad.jp
bh.contextweb.com
bidder.criteo.com
bttrack.com
c1.adform.net
c3.taboola.com
cdn.ampproject.org
cdn.contentspread.net
cdn.innity.net
cdn.iterwebcms.com
cdn.stickyadstv.com
cdn.taboola.com
ce.lijit.com
ced.sascdn.com
cm.adgrx.com
cm.g.doubleclick.net
cms.quantserve.com
connect.facebook.net
csi.gstatic.com
d5p.de17a.com
dis.criteo.com
dsp.adfarm1.adition.com
dsp.nrich.ai
dsum-sec.casalemedia.com
e.dlx.addthis.com
e1.emxdgt.com
eu-u.openx.net
eus.rubiconproject.com
fastlane.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
googlecm.hit.gemius.pl
gum.criteo.com
hal9000.redintelligence.net
hal900013.redintelligence.net
hbopenbid.pubmatic.com
htlb.casalemedia.com
ib.adnxs.com
id.rlcdn.com
image2.pubmatic.com
image4.pubmatic.com
image6.pubmatic.com
images.taboola.com
imprammp.taboola.com
info.silobreaker.com
js-sec.indexww.com
loadus.exelator.com
mas.protecmedia.com
match.adsrvr.org
match.prod.bidr.io
match.taboola.com
media.innity.net
mug.criteo.com
mwzeom.zeotap.com
optimize.innity.com
pagead2.googlesyndication.com
partner.googleadservices.com
pixel.advertising.com
pixel.everesttech.net
pixel.quantserve.com
pixel.rubiconproject.com
pm.w55c.net
pool.admedo.com
pr-bh.ybp.yahoo.com
prg.smartadserver.com
r2---sn-4g5e6nsk.googlevideo.com
r2---sn-4g5edne6.googlevideo.com
rtb-csync.smartadserver.com
rtb.mfadsrvr.com
rtb.openx.net
s.amazon-adsystem.com
s.c.appier.net
s3-ap-southeast-1.amazonaws.com
s7.addthis.com
sb.scorecardresearch.com
script.hotjar.com
securepubads.g.doubleclick.net
simage2.pubmatic.com
ssl-avd.innity.net
ssum-sec.casalemedia.com
static.criteo.net
static.hotjar.com
stats.g.doubleclick.net
sync-t1.taboola.com
sync.extend.tv
sync.mathtag.com
sync.search.spotxchange.com
sync.taboola.com
taboola-supply-partners.tremorhub.com
token.rubiconproject.com
tpc.googlesyndication.com
trc-events.taboola.com
trc.taboola.com
u.openx.net
uipglob.semasio.net
um.simpli.fi
ups.analytics.yahoo.com
us-u.openx.net
v1.addthisedge.com
vars.hotjar.com
vidstat.taboola.com
visitor.fiftyt.com
wf.taboola.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www.thesundaily.my
x.bidswitch.net
z.moatads.com
ads.stickyadstv.com
csi.gstatic.com
loadus.exelator.com
pagead2.googlesyndication.com
104.84.56.112
116.202.48.214
119.81.192.134
119.81.3.35
13.224.111.125
13.224.111.129
13.224.111.43
13.224.111.6
130.61.205.105
138.201.84.253
141.226.228.48
142.250.185.98
142.250.186.66
149.129.240.178
159.253.128.188
172.104.121.22
173.231.181.122
178.250.2.131
178.250.2.146
178.250.2.151
18.156.0.31
18.195.155.181
18.196.131.255
184.25.115.31
184.30.20.185
184.30.20.198
184.30.20.241
184.30.21.162
184.30.212.16
185.29.135.226
185.64.189.110
185.64.189.112
185.64.189.114
185.64.189.115
185.64.189.249
185.86.138.143
185.86.138.32
185.94.180.125
192.132.33.46
193.47.76.44
198.148.27.139
199.232.137.44
199.60.103.254
2.16.186.105
2.18.234.233
2001:4de0:ac19::1:b:2b
2001:678:cb4:bbbb::11
213.155.156.165
213.19.162.41
217.182.200.29
23.38.48.217
2600:1f18:612b:4232:3a2c:3c86:af1b:2715
2606:4700:10::6816:1957
2606:4700:3038::6815:ea1c
2620:116:800d:21:8c6e:cf2c:8d6:9fb5
2a00:1288:110:c305::8000
2a00:1450:4001:51::8
2a00:1450:4001:62::7
2a00:1450:4001:802::2002
2a00:1450:4001:803::2001
2a00:1450:4001:803::2002
2a00:1450:4001:808::2001
2a00:1450:4001:808::2003
2a00:1450:4001:80e::2004
2a00:1450:4001:810::2002
2a00:1450:4001:812::2002
2a00:1450:4001:813::2002
2a00:1450:4001:813::2008
2a00:1450:4001:827::2002
2a00:1450:4001:827::200a
2a00:1450:4001:828::2002
2a00:1450:4001:829::2001
2a00:1450:4001:829::200a
2a00:1450:4001:82a::2003
2a00:1450:4001:82a::200e
2a00:1450:4001:82f::200e
2a00:1450:400c:c0c::9c
2a00:1450:4019:801::2003
2a02:2638::1c
2a02:2638::3
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
2a04:4e42:600::645
2a05:d01c:1d8:8100:1c45:c4d6:f2b8:9306
35.157.48.14
35.186.254.217
35.201.96.126
35.210.53.219
35.227.252.103
35.244.159.8
35.244.174.68
37.157.4.28
37.252.172.45
47.74.174.177
51.68.39.188
52.215.139.246
52.219.124.102
52.28.254.214
52.59.128.17
52.94.232.32
54.149.211.134
54.236.220.178
62.138.14.19
63.33.11.43
69.173.144.138
69.173.144.165
72.251.249.9
77.243.60.138
85.114.159.93
99.80.199.35
01cce5c79876479e2e522c311ba99683dc2df88b576dc1ff98b779276792a695
0414d0221112224b4c926de91a6e316f9d9aba685aa8b05fd0654848d8fcdf55
05090f9390f5bc0cd23fe5f432037cc92d7cbce1ced9bfe8faf3d1c9abae85cd
0544c66a873829a56cf2fd27d899154444f8fbbbe682d4a79d70079dd23aba49
0574e172e3545369b75a00ab474444ad0b84bc2c6dd4f93c302d19d5c555fecc
096ea93670db54d4c83b39a992f2524583d55b1cbb3b283d71c3295283fc480c
0a7319cbaa465cd83d06fbda9ae5d97e09f6390bd1abec331685e343f273769f
0a8c7625349682cdf950b4675499066d1ae2640e2e9099e6a7f68f3bb09e6434
0ae5ed57dc48abbee125d5f915e37110c9f2bb6a95d1aa5ccf3c141f8fe10db3
0b17718f9aed950d85f11511bbdbc12bd3e352979de46c50532b0f0c3d34f390
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0bde3f2b9c2756e302fbfaf8c77921ab61d39e32d40ad8d5e7d6e66dea760c9e
0d46a19c4a0d6048d78c990bbe13bb15647880ca022f2da8d6f293e349b83e70
0da816bd2f79712773ea8cb28fb50e0de27b96e8e0814327192169ddfedc1411
0e8356462c5cc694f3aed2520181479158a7fa2e4ac768842609cdec16393efa
1020603c2211fb0b7f7c2c5809d1c6b97db7a2d86a097816808d679c157b0c8b
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
13e40ba70d70c1785669df5c63cbe6cfb23acaef609a42ccefde3c397130f283
142f26403a748bcfdf10028d60f79a4ccd14a2f512342a6b49ea0f3b9d55034f
15ab303b645b88aaf719253f0600400ca3b2eee2165240a24d085cbb37b6e0fd
16786de455bbbaa9c0a012adb08494d9701d80f2fad599c7282d341f0bbaf8f8
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
187f90f918719b7c1622dc95c566cc78ea626c8399c16e57e7ecbc40bdc43156
19d7405b9856b0dd6b4aed0b4054ff8c855865c62be73e52bf519f894df29ab8
1ae214329b13533df631d744f8f4d462b25b79b501a25b1f3efef6d5631fa484
1c1a6037f2f27ee6b37ff438c5cabf1a23cce7cce2aa5bf1e8a9de014a660bb5
1cf04407e728ea1ebf82dc1c6b45d12632cb3202ff8f4556f380b16e57484f27
1d15dcb4e39cf8635d412a35acf5bbbdaced1d2f400612e86644f9e578fe10b0
1e54c0803f863dc42b5c1fc1d2699d77bddc07031e984e4fc88586defe60c145
20b3cf55287b0c4c9f124b07ea4733deb541f4cc6704ebfa20bbf59ca22863cf
2121976754061ef484584734a419cd953584a21520bcc7ed1ba7371a352baa08
21a126edb70e005d4ca8eb32f1e3acecac0a63488f3a1ceee905a4c1d44ef970
21d45a4ed77653b3b1ee2b47a786a4dbb936a3b19fc56e1b44c16aed35eb80ee
223e376a87383d1ce050c52698780249b562cf577852eea84ebe226c393dcad6
22ae07cf2231ef7b8c676783c322d0eeedd6913e9f0910c2de8d10adf3074578
23ef33989f2db4e8afde93e57b1534aeca826f6c70e794a9d7a418fea9a58614
24371a0e61715c2a756e721997e3c70f5a47b5014d91797c1586ac651352389a
2720194c3499bfaf7f0b0e0b1f86f990a308ff0cacf5b406e08a6cb038508cbf
291437ea71e62b1c35d4ec5d3c5ad02cfa930343b41b1472fba70243089c8bbe
2afd0154f96dec9e032720f95fa9b57bed5bcb05e01a550855297b45bf77c9ef
2c68f37c057dcc5f59213e9898ebf7105d08ad9f48934c2edb3b84ec51230c57
2cb09c7b3e19bfc41743ca3624ef81c3258d56525647feac76aa757e0292627a
2d1f79df2ded370543e7023899865279aeb5f178a1f3efe7d10c55c4cb926e7e
2d34b4e26846fa9a719cf422c1c3d5e27b2328a82cf7ec96cc465f0b6f24b978
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2f16af2b3d040cd6b65671f0b22ffbf57dfdfc0fbaf56edc728edf159bc7cca9
2f52bdc5837cbc605bf38597f5df498ad59fcb64a1fce3314df2a5c4aa93dd09
30dae27f711dfadfdc6f2bfa42ea8b1356ee4b2f1a096dc47faa7ab0172e6a31
312d088790a9ca18e8acf1c2821470549267bd6e04f2386138b6950c41b89faa
3143566bd1a7330ee43570b480ec2491abf76b5914e06b16fc6aa86106ec2eb4
31aaef47af2b3f6c583a31bb9598432e74a9b8d475cfd313b425c132e0e16083
3227f954577feca555b88c25cffb2066f5a61ee87a01f164eca996a9bf685944
330800dd3d37a069ca4e9c80c012def97880a0b8a0f9a22b684181fdaae5c738
349fa148f9805b6478042aee691db1401816421fc5deb0ffee7e7a424c8b3803
3548ef7c00a328eef90ee0f7a2389a96262e6324ab8c7a8b2b0fa66f618c5533
35c39db048cd93a3368a6b1a6d567d2a813c6a9f3df304eb8d4ebbb662c5513b
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
370b4b01f3c34e62a8ae70a783a94bfe68c9c7373ef4d0048273067d37e82b31
38675a72201c391ee31f3218c979b4cc13a6d1e4ed27f5bc9c5d7adb955c584b
3893ba895c523df93e7238315c8abd6a28128886894e288fffd3c7f7692ea159
39b076e4bb4fab9b8a142499cf6155f8c128464974691a04de7e764f71b72618
3aef12654aa0bed463410d7c3b1922e12bc1dd911d5f954a04ebd120dee7870d
3b0d9f22f5fb1317e8b9a3a98b10e28dd253c81f807745d964a45b34fac6a600
3bea6e2ca03a2314b28b243264b0b854a9af23b5c22a557e3f971ac19a65e213
3cbc91b08f13856bfdca4216f4827f45654ee8c4daa770f79767d967595194a7
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
405541ce75b906126a780c2b7e206475eab9759c2c89acd86eefcd998f69450c
439ab67fa3c312bb442bed574ea79be834dbd92f3bd7d2288b6f3fce4d0afb0c
4408aa9ddeda720483559ac77e99e6e5ac8545865c03ace5003e1d3c11de28ef
452059aa1ec77f24dfd1e547406588368190b5ff650971e29589f35b85fd9100
4634b94630896f1a23c5ce01f743d720847c5f4dd28fb549ed503cb2df4f8e87
46ee1ab30f3444383ec0a8f8935209c95203acd8c53fb34a3fb3500ce74d9f33
47dd28fb8b57ab237856647805db9c3a6f5724759abc07c57750f56cbd0912ed
486762d56893f9b12fdfad41c3a76f11fc745b5436e97e596a63c22ee13d2e33
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032
4956137c69656045c048a157aaa84859657bbc7744019d26cce6b5bded84cc49
49aea8d1206dbb5e3c8a7d4db9274d2efa2111d8b53acb901efc378b1feca381
4ac28f060464a9c2a7beea74360934edf0fc235d344a76a3037a790a4c822ae8
4c6af60796cc240ad277098308cf363c2700f5296264ec1b43b4e1362763c439
4cb5b0780d4ca7fc705a3cabf3d130f45db307c8cf1c0a9ad67e2ebc33ca2000
4cf8b4da854cac70fb514c2d255e93904353bda1fcc7229de2f59d5971d83028
4d3858fd6875118f687ea5fd972b3e88f1cbec0b84539bfe33585b6ea282af27
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4e7681cdfb27c5d0457c58c9f0fe26a68bbf6a8dc88defd3c43826adb1fe6ca8
4e9f8560c686afcbdc3030e59191231a8ae26da17497f9925595c84f86474410
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
5082af3cd4cdf806a05a45b0e79b7aa6c087b4ae3b93ec6fb1d3242a4f0fbad7
51122bb56cfde240a3ea514dccdef37d62889d97f8489055a16f7fb1c4f714c4
53c0443a37dc70b8721904728e52d31daa6971397adef65e4588a07eee27592c
54790db6f990f9b2876bdc818cdf0be2cc72f59393dce8ae3046268e9efacbb6
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
558f5e477d6379eaa1adc698499f722a3bac712d0488f6ded10f8436e5399dd5
55e3eee43df639a4f89d9103cedcc64729b3ce59bb32330086350c1651a9af3c
59dce65cc00979aed358a2fc5ee6c45e7682cb637b0429beb7d5ab5f65a694e7
5b52d68c9d30d14a23513011c23f3ea687170446a7abc0f9e0c8987fc0ada86a
5d791c4797263270b7749f9dd93b2ccf8419c643d8aee58cd65e9b94527cc753
5dd9ac51379e14d0a0e5b85bf37364e87a319a06f063bbb533186e24f403b57a
5f0207bbbd69497c7a37284c0b6f9bdcc9f83c574a4cda737e00a390d0ed268f
5fc35919a40254d13d084483b211d99464c2139e77374f51b84f3aa8d7373fa1
5feceb66ffc86f38d952786c6d696c79c2dbc239dd4e91b46729d73a27fb57e9
60ddc774c7b5fd0c01d169321a444da403d60c0042f6bee01b0c96f6e1535fda
613603afe8c5203c59d7f9df1cbac87109df7ffdf245fd20becfa6bd95b92155
61801d5580c277cdff50b58bceb3c37762c7d747d44419992b821e1ccaa99c4e
6258018e9f890f2383a09a2be6df7792affd977d856e7247ace8341f5b5487f0
62d8d67fa30964811cfbe1465848a0b0a0436e43d90ff3c330a3ce998d521cc6
635eacbe2a0f9b3e99916718bed0c677833c336aab3db3fd8d6bfbe090be5e6a
64a14c1566ed5e882e60ea9d6e3722949c5767823cd23dc1244503991661dc27
665b69584118d73ab9a780b92de980b1df9d4b1924a0a6c24516f0705ea2bf9d
66697ee2ff0039464856dfde7c59a672165ec2157f62ec1fe8cefb7e389b0529
680c84bd926ff1fbdb5c45b86350864d06ee400e1e0effb974dcb217b99b1219
6836719899bda27cd22c1551cb7fbfc33fb0bbbedaa89e4baa8715fef8202cbc
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b96a22e5ab3ef2bde01e7bd38bf162bca085a9e97b8c3cc09ccdc8dcb730a92
6bcb26b1a89e8aa8d9e180b1c071fc30460882895fdfbd19d6a0e11e1e33d3d9
6bf401c0df87666e66364ef101ecdd943adb1289b023fc496e44e6054fa04bdb
6bf968a564ad4ac3c850cd69c0d02ee08e107fd9ac06719d9a847a774e77c1a9
6d0b74f2a3e089cde650f0972d1a568843c275718277a2c167af9011ebf91ff5
6d7cb1e729787a153d5462d26a1b81c4f5281ff81f4bfcfc9fe63ec91bcf258e
6d82e21331aeb7b154ce45f18bc4a76893c17b1e2db85c4b40397fabfc0b023e
6e553b4e88ac4a1819d608fe9dcb46544ca5fb776d4e0c84d773f37b1df18211
6e97c82245ef57c751e6130150247af9a27f05153ea604dfa47acd9974284c44
6fe77418e833f1ddfcf701ba7b6ebbd24efd2e93bce56065e0f1e711b1d829f8
703f61348ed36938bbbb9f8b87b9a5934df19b2e9e08e8b2783b91a036bd5552
731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233
7522af251cba19eb566f78dd9b9fef0b33dc65be8471f2189d5ac4e44c4883e6
76a83710f0860ebc2510d788dedea076c07e704911aa49bea988ee4326ddfbbb
7771b60965da3b3f0d4708b62c550989f933380acc52672c62ee5a84889ef648
78155814e4a258353efdbce69dc7b574a80119a52885d913a747240e23fa346f
7828c5148962841c26e200e4571340310a92f75ce86f99522e27258f87a06e4d
78a55057447f49aa6d8e4e5eb7905ad8f0f9961ff3b2b3c5250e16eddce86a95
78f26e842e4d933cdab3a944ca644710bfdd14a110d76c3bfcfeed70d3b6e88d
7a9231ced64015c8c91a49518821713c638355d64135fbd30f465384f5a4a6f1
7c1c88e95545e6e4ef97f12c3249c7fdfd1bb058207f35c0b2c0c04d3873a74a
7c304b4202af3e0a82a9cae5f02805cfb31e0655db549c234ef002f311fe9a9c
7eca7977c6ade416c20775a7fd7cfa2291c5752cd1225d5c4342b057c37a000c
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
80625dbfb7eacfdf606452db91bb24a60c4fa2c42686673c1912e6cd2dc45771
80de504019d72a8e8a153bd4f0182510e26245c2f5cd108d6c48357dbfb4bc83
8116a189a195c3a28dc5c7268f3c147f938f7abb26100eae3f93e7def362775e
8197fedeba49d7166f5aa0b8c1fa8712e8e98a15ac4abe84fc96198c3dd2af04
8263f9da1782d4879e1c77cf61a3a8bec0f95e5938c47647aa1cf6b1d62ebf56
82f1fbe95dbd4e1128a973db542bf50ab7ac8fbf35bfefca2e782b0a0572e564
831b0d6cde4541d363bb7a67eb49010fc5fd717dda4b9c3187dd3207b1da56cd
833e9f998cf64a2a44e2bf0c106dfa136b7cc2da359be098b9832a8fc1bb1324
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
879c64be6d51efc9aad7a25c2b5ef509c805b0e24c99faf6a0d6fb77ee1fd2d1
880fd26b23bca1530df025bbde48e48c9636e7f4a0bee177725c0b852e936b1d
88ae211232aa79611a2b2e687cb856cb475ff34e4a4ba6bb6e9018e1553b1315
8917570ec80016263eb0e8e0c84710a059db5869f85e9a7401eb9024c172edd6
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8bae0548dad5194d491030c404133770e76d0907b7187ac34b3f00d7352db429
8c8c7c53a0259bd41a6d96e868fb82fa77ac515e86b6d77d8b391dea590da66d
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8d9b4e8baf2d6296710fb142486efc074d1b4295512aa4125465410dbfd1053a
8f9560479a05fb86854546c40ec030edc2bac692d4142391d69b16e5c033a185
90132c6f6a9d0cf9c2bc7da491cb11e76311653271890a46f6933af8bdc6e0f2
9065f4eddb9bfe01782f4f5a168b97b2474afc32b7d77c42697d1d5c974b3898
91b4d29118d69239440d34498b38aa60450e1fc30edbf33d2b3d2ff7c7454b0b
9291fd7563b1ee6c2d2c4747f480794e1ad909c7a1ebce7d3e482855d7df44c1
92ff3edb324c891dfe71beedf1d4e202952eeac6a9858fba1330258760f83c2b
93376cb62bd17681f9dafacef1b5e4c9cf8fbe57fd0c1563af0cf96852c42824
962f2f3a23a1f9bab30e88e751bc326d4eb37044ad82c651710ce91fc6b41be6
9635d0c2ad301f4b79011b25ef35cc869b3dc344a04beabfd886d7f1fb02ed4a
98329b1413a0161084fbf5608a0c80759978a565ce2adcf114e72761d4531375
995100b0ecb159ae1119bbf5b3883c1efa8cbbb81a352249b196d4d40eee5ada
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
99d2d0533f0ea79ec7f758f1e6d8d99e1efb8135f75d71129505d2b1a34831a4
9a4eb81c24e7206a77f33b3980fbc2438e0c4347beb5859e233289732459b705
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9be5b68f33b03d2124a2d2e6b307e3100430dc4304e9f4d60d63c89165990fae
9bee11a95f612b1d0c1d02920156869d71e0944c4772795db14deaaa780fac13
9c0ae2d489097d76f53e0802e81645b2a7ae0a555247472ade11437edaa9570c
9c9ec2e1c2ecb073ed2e3333c93604a38eb2791aa9e2e9d51521ac9de7728f2b
9ccc325a8953d6d7de4a70da6056c4528d5142604b0d5acb70d2aa908f787508
9d1b6b1c9184afcdd7b9dd634420536eee8a6022c1f370a54da9295ec3f47e86
9d59551c5c34e768063ac8a0bb30975ce77896f7caf776a94f665a6293a7bed7
9eacb8bdf4836baccca546694198346ddc9728702c3933ff18b75b65ad05d059
9f8c4205bb0871068048b49c0a49a49096fc609f6d37fe4e65c94719e79c7b64
9f995b1c42942ededcce16bba381a19d3b30e0e75a36e0ea956f6a54e040dffe
9feb3da6f0a093b114d04d1c928f886a5875c0333df13e269d3d1d9ff5e4546e
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a06c5a7910eed361c70a9cb9b1cd9d46383201166baf8532e05bef33c865b488
a0d34b0d95e73a7ae965ab9eef15d273c1b4ab22aa7d5648e120a2763434ce84
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a14d1a7f7fa4b8ccbabe55b417ddc660997ef1cb5290f94c7f4f39c69bb640fc
a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79
a2a5e6325d40edbab3cecba200c1c5030f0a10f1568727b67dab4f7062ba1890
a2aca9aa200ad3e4dd9afcd27fd2bd5b272a5d297e9f85d708394857ca6a1ffe
a32de0e80741978e7816c3639f2697f435e1c270c04c755c2367e1c2829a9d84
a49a784edfb3b0594b4bd674dce4abfb0990c42e42f232faab8478f5ae01a027
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5bc4000c59fcdf63ceac7b241bc3e3a7ede4aaf09bc393a10f204ca8e305823
a5cb642ef22434a24612329870579fbb272cb9fa7475360035596ea56fb0431a
a6f768cbb894f2690011ee62662d3ac9480d12f5088fa46be57e650fcc4d835c
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a80ae6e05c906143e0f50e66c6a938f9bb1212951017fdb90e264c10f529f397
a838d15ccf7d04e3e6915f964bafa00bb0a759700a73bcf9af7cc1bb69fa8110
a8a2b3462c740c8347f2e5db24143b43e7cfd0adfae2f65f3ae30254985a300e
a9e402d2d19f1057cdea09b2152d8cfd35664182564595e19bb83916c1f00201
aa7c984cd510935c132345bc7d579dfcde68742f7b11b599b905310f7164718c
aab139a775f503ab57338ff3db93962cdc8e19c7cfc5952d14aa4916eac2edf1
ab8bbbaf028510d8b119cce741f0c2cc94816dcc113d83cac81a6aade6a76fa9
abc1bbfb097cfaf4715fe823adb40881f8ed35a943692d5c037945c2fcc56340
ac9f15a4b28501837dd55b92e1434389b004cfa3193599ccd98a246137126ac4
acd2f7ad78edeebad4b6b0fdd17ff57d81c3726c60fd5435ee8c5a0115d29403
add446458eb1c58524218a1f34a78be5f4650d153dbecf1141b9edfd64b9634c
b0a066ba53ad92fbbc661ec89621d553d94b582d059979e631cd365256977178
b136a61bb2b470a35fd8e4ef7c893b6c8419d532e93f0ee6b811f6d0b77ee1e5
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b1af3428fa412d99220d691cd5f803d9c8e03acbbfdc7263d2ec80ca708e820b
b27963d64b79220f6a94fafa3a3c67a2404d363b4ad53dbb83ab2187eacde46f
b2fdbf5f3088f284b48e1a2527069ea5c4da91ef01a2c41c192b88ac88fbb385
b46ab317e5326f3919bd0b20fd72555c7bc38b8407e687fec48899d977d5e36f
b516cbf972a8693d5245147a2effc809e3e153316ea4780f02c2c18aebc57971
b5365b15867c2d17d443fd69880ffd3cac93a2cd851061167e1891d6ea103754
b59344d85568bcf45b54167194da3c049208e4cc0504868cfbfaaf78fb7117ba
b9eb8e209bc5d9b46b585366571c1ab4fc7cc261dc2c98aa7421b9b9d9d669df
ba3fe63eac33e099b1600d123a80bc075696219926d63f6adc4b9401aad71ca9
bb46ed079c3dd3c39af5051b4ada48f29f49151dad4fa218117bad2fdb5e616f
bbe3f0d71fa3d9cbed7b339e485093cf66cb0f77017e5697f49b9209d0cad6f8
bdbf16fe106d25833a5b8e1b037e9aeb75244d176fb6ffbd24e6c81a6a1883a1
be2ef1644b8e69f0c6b51493bea63490492f26dd38a9f4c3f807f1d34f782110
bf9481fb626a2265fa1b095558486dbc0c88698501eb3e9c22d5dd5f78a83e87
c15407f63dcc83d175a7ef6d70a4402507175b44fc4db9d4a52f91a1cb24a833
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c22cd8d7c9c31b9b2e14daf5bc8323d17da1e492555bc85bf8b25dedb610c829
c23d2c9f5b7e41763b497c7692a53ce1e675ae659bdc34465ca28ab0303f0720
c24a517cf3dc453e6046e54ec1f6944bd762da6fc68447fcfa84c374723bbb09
c2670137364fb142d7a0220f3be02eaaf1d0ce208003941c7e1ff651860b1cab
c2bc847f71203f4649b74d0925d0dbe618aa5b8798e654a19b8e7c0351684435
c3239134fce48f892f499aa0988839cf2a122328178df94142469c426748f293
c491669ffeb03b25a72061f0b309f113d9c442aad96d271841dabf757d3080ee
c61a719b48533a1fa932729f4927ba1377a96c441b0d6a427096b867742b4645
c72ca73eb5a5b8f767965f27e756f0d0f04514ffcb7a8847000338fd71856551
c802fe14108c420c25e7dae43ad1f50d94e80047ebdafa39a05c9a97b9ebe054
cb2e39c4f50033b1e7194935df7246f61e4c8ab27af14ba9b5c2ad589d5eb275
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
cea68197ad58b6802f8a1735646931eda8e76702b12d90f7df88d537f62b987a
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d0409a1b73dab4e29dc40f92fb431fa9133baa23b4a1ffae4897f39068110e32
d111ba83ff0f5a0bba37d996fdf163f0fe658e0ab7e67696fdc2d1f0c1fdba80
d16d07a0353405fcec95f7efc50a2621bc7425f9a5e8895078396fb0dc460c4f
d2f12163dfde630479be6d0bfba80b919da9b9d36b84d728657c1a51f6c4709c
d314cc02ddd501a04fa1fe34fa56b58e20f53e5265d9c3ae4c8247c3ed3309b0
d329255136c613ba2716bd2dbee1e83f69161682a59391e5717c0b5ab1111216
d33f57913b0113b92d4ebce1671a70107c9870797a2f95c6ec201c8a21702455
d39e01527947350e160633f8532fbb5971bd468a200d15202369c621490cb25e
d596e004d677171f553042f2ac140af9b84907d2b28057dd38fbeb3104fb5365
d76c09ea49a67623c581149d87ec821d813b9302aea4f871df16156cd1d28a53
d7b6f06d39a54283df6f09f804a3aeecc5dfc2f6b874307cef9961eedc309be0
d86f773cc0628268e605173f2d589ee2ec9ecfd150e454514240eb2bfcb1fb82
d8ca14be2ee8098397d40f512a5ee4fcaa7be369976703d99aac9c61d790d3db
daa795332e5dbcf893adf2d5f3349f02b8c1cb957ff3b5f4c11b742e33c3376f
dc015126841eaa9b1b79ee123e13d7d07ad7fe77f22366b05c480eff59a7a25e
dcb51fdefd2e8b82620111ff01aed9d8939a98ef63c3a772cb4e2ae50552b8fd
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
de4c40d7fc1ec3c53232e73a49237d335e623814352fa3f365b1e0dcab296d2a
de516f330c0084178fc78cd5e6d49cba306d8380428386b088b6805c512a1561
dfd4e99e921a1a541656cd1f5790a84ad08d165a770a7d9e0cb2b8106593c279
e12e5d65843f708d15b2a16d0c658f5df3fd46201f0167d2ccea42e77a43a4ce
e1cae5c7c04cce285bdb803cec068214f600e23908cd9c8579e02d26fb275e3b
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3bb93562f6ccb8c81685e6ecd10c2a80832b13a8aebd77efd3a1f867e2ed3a3
e6bb016e9bf701f2d4df0b406044c96226962644a42ec6d0df121732ef2e12b2
e85f7c6406871d96df2cc9db0d632c4eca3bd411876337cfd48a7cee8487da3a
e937205e2ed62fb4a5b6b54d6cbcc29f173bf59a38491c188163f5673efd2b18
e9f3358441fb5f83ee3575f81df787bbade8b416b009cbdcbd3b71c8b6f560e0
ed2d993c35cd51826ee304739d91e554bd9faa1b120602fc4b3baa15941a9e35
ed59b08efa4065120f4f31960cd0d0a6d1dfc9906e81db3c9380a9c69371c60e
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef701bcdb11abe6ee6b906497f307cf8591be7b46258e201b2da192ba009e308
f1a56be294df13289aa964ea8724fa7f4d9feb12104fe4a60bf1c8f26aa2669d
f3517c5a69a80ca8b695cd91cf0b503c3ea5cca71305a3018b5d953cff331983
f38579c50edb7a9e22a53d52a6272f6180b39cfcf6eae6fcf9009b659b0d58df
f3abf7db25ff57d73d77dc21953e05abe163a769a5b50a585b0011daf3728e9e
f5cf9bd8acae6d7b4041d85858908a0ddf0f339ffdc4e2876d10888cd8dc20e4
f60c4600705d04f5c55db54f646fec728f9458c4fbba35adb4ac114077cb2391
f62ce69231fb555e50e2ae48ffab9e7d7461eb57ab59233efe313379838d7019
f66426a0452e530b6d0376fd67ba1c12aa570ca18bb54841a29f83b07317b19e
f68019eb4b4e5933301d4ee75969e0cb94ed8333bf514630fa749eb9c3e483c9
f82abc2c65c00e9d871d105ef3b92e25e01b41890f5d4273b9dc191f5ba73ad0
f88b523b2f38c276868a9abf3fb6328719f838be957d2adc94268cf898123e78
f9a0bfe8e1c13d3a329723ee6e63768942609d4c97cff7cca41b8d01f0747cb2
fb9b918314be38132029e20ec4868df93c0583f5276b3ef7b112d62ea2068cd5
fcb3bce7602791640be6490ba017ee87c6e864fa9002b60d88578b172e292552
fd50e81d3978ff93922283e1ed988c115802fe75bd5afd2b15ddfed308771458
fd753e8e7cc9dcf441f5822f181728fc19fe5a31e7f367a497d5f33b80360ae6
fe24229d8cfef27f2aaea56ff0d10972b4166bd907b6fec887a39d6bf183ed3b
fe50466edcdac1192aa7a5bebb69e57134216d66dc920c3611ce267751d1643b
ff35395d737f58417c911c0f32b21f1c581565227b042df486e9cdbfad6344a3
ff8b9508fd3b5b979cfe46183a8bff90f0348410d56438b49bdda07c3b65592b

www.thesundaily.my Open in urlscan Pro 130.61.205.105 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

636 Requests

94 %HTTPS

32 %IPv6

77 Domains

134 Subdomains

90 IPs

13 Countries

10775 kBTransfer

20770 kBSize

3 Cookies

27 Outgoing links

Page URL History

Redirected requests

636 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 9 data transactions

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.thesundaily.my Open in urlscan Pro
130.61.205.105 Public Scan

Screenshot
Live screenshot

Full Image

636
Requests

94 %
HTTPS

32 %
IPv6

77
Domains

134
Subdomains

90
IPs

13
Countries

10775 kB
Transfer

20770 kB
Size

3
Cookies

636 HTTP transactions
9 data transactions