www.prothomalo.com Open in urlscan Pro
104.17.160.183 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://prothom-alo.com/
Effective URL:
https://www.prothomalo.com/
Submission: On October 03 via manual (October 3rd 2023, 11:31:39 pm UTC) from SG — Scanned from SG

Summary HTTP 177 Redirects Links 20 Behaviour Indicators

Summary

This website contacted 34 IPs in 6 countries across 34 domains to perform 177 HTTP transactions. The main IP is 104.17.160.183, located in and belongs to CLOUDFLARENET, US. The main domain is www.prothomalo.com. The Cisco Umbrella rank of the primary domain is 117168.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on December 4th 2022. Valid for: a year.

This is the only time www.prothomalo.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	104.18.31.188 104.18.31.188	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	104.18.30.188 104.18.30.188	13335 (CLOUDFLAR...) (CLOUDFLARENET)
19	104.17.160.183 104.17.160.183	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	104.17.159.183 104.17.159.183	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	13.33.88.19 13.33.88.19	16509 (AMAZON-02) (AMAZON-02)
2	172.217.194.97 172.217.194.97	15169 (GOOGLE) (GOOGLE)
4	74.125.130.155 74.125.130.155	15169 (GOOGLE) (GOOGLE)
2	13.33.97.213 13.33.97.213	16509 (AMAZON-02) (AMAZON-02)
27	172.217.194.148 172.217.194.148	15169 (GOOGLE) (GOOGLE)
11	13.227.254.67 13.227.254.67	16509 (AMAZON-02) (AMAZON-02)
1	138.199.46.68 138.199.46.68	60068 (CDN77 ^_^) (CDN77 ^_^)
1	64.233.170.95 64.233.170.95	15169 (GOOGLE) (GOOGLE)
6	172.217.194.156 172.217.194.156	15169 (GOOGLE) (GOOGLE)
8	74.125.68.157 74.125.68.157	15169 (GOOGLE) (GOOGLE)
1	151.101.194.202 151.101.194.202	54113 (FASTLY) (FASTLY)
1	23.21.139.150 23.21.139.150	14618 (AMAZON-AES) (AMAZON-AES)
1	3.83.71.62 3.83.71.62	14618 (AMAZON-AES) (AMAZON-AES)
1	216.239.32.181 216.239.32.181	15169 (GOOGLE) (GOOGLE)
1	142.251.12.156 142.251.12.156	15169 (GOOGLE) (GOOGLE)
3	172.253.118.94 172.253.118.94	15169 (GOOGLE) (GOOGLE)
4	74.125.24.106 74.125.24.106	15169 (GOOGLE) (GOOGLE)
3	172.253.118.132 172.253.118.132	15169 (GOOGLE) (GOOGLE)
2	23.50.93.199 23.50.93.199	16625 (AKAMAI-AS) (AKAMAI-AS)
30	64.233.170.157 64.233.170.157	15169 (GOOGLE) (GOOGLE)
12	64.233.170.132 64.233.170.132	15169 (GOOGLE) (GOOGLE)
1	69.173.158.65 69.173.158.65	26667 (RUBICONPR...) (RUBICONPROJECT)
6 21	142.251.10.156 142.251.10.156	15169 (GOOGLE) (GOOGLE)
6 10	104.18.27.193 104.18.27.193	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5 7	103.43.90.53 103.43.90.53	29990 (ASN-APPNEX) (ASN-APPNEX)
1 1	18.213.189.173 18.213.189.173	14618 (AMAZON-AES) (AMAZON-AES)
3 3	74.118.186.107 74.118.186.107	6336 (TURN-US-ASN) (TURN-US-ASN)
1 1	18.141.68.202 18.141.68.202	16509 (AMAZON-02) (AMAZON-02)
1 2	220.150.223.50 220.150.223.50	4686 (BEKKOAME ...) (BEKKOAME BEKKOAME INTERNET INC.)
1 1	82.145.213.8 82.145.213.8	39832 (NO-OPERA) (NO-OPERA)
2 2	20.127.253.7 20.127.253.7	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2 2	162.19.138.118 162.19.138.118	16276 (OVH) (OVH)
1	103.229.10.192 103.229.10.192	16509 (AMAZON-02) (AMAZON-02)
1 2	104.18.25.173 104.18.25.173	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 2	52.223.40.198 52.223.40.198	16509 (AMAZON-02) (AMAZON-02)
1 1	20.85.134.6 20.85.134.6	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 1	13.115.74.94 13.115.74.94	16509 (AMAZON-02) (AMAZON-02)
1 1	35.208.249.213 35.208.249.213	15169 (GOOGLE) (GOOGLE)
1 1	23.59.80.153 23.59.80.153	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
4	142.251.175.154 142.251.175.154	15169 (GOOGLE) (GOOGLE)
2	157.240.235.1 157.240.235.1	32934 (FACEBOOK) (FACEBOOK)
1	157.240.235.35 157.240.235.35	32934 (FACEBOOK) (FACEBOOK)
177	34

1 104.18.31.188 (None, ) 1 redirects

ASN13335 (CLOUDFLARENET, US)

prothom-alo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.18.30.188 (None, ) 1 redirects

ASN13335 (CLOUDFLARENET, US)

www.prothom-alo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 104.17.160.183 (None, )

ASN13335 (CLOUDFLARENET, US)

www.prothomalo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
assets.prothomalo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
services.prothomalo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 104.17.159.183 (None, )

ASN13335 (CLOUDFLARENET, US)

assets.prothomalo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
services.prothomalo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.33.88.19 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-33-88-19.sin2.r.cloudfront.net

cdn.gumlet.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.217.194.97 (United States)

ASN15169 (GOOGLE, US)
PTR: si-in-f97.1e100.net

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 74.125.130.155 (United States)

ASN15169 (GOOGLE, US)
PTR: sb-in-f155.1e100.net

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.33.97.213 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-33-97-213.sin2.r.cloudfront.net

static.chartbeat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

27 172.217.194.148 (United States)

ASN15169 (GOOGLE, US)
PTR: si-in-f148.1e100.net

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 13.227.254.67 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-227-254-67.sin52.r.cloudfront.net

images.prothomalo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 138.199.46.68 (Singapore)

ASN60068 (CDN77 ^_^, GB)
PTR: 138-199-46-68.bunnyinfra.net

clientcdn.pushengage.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 64.233.170.95 (United States)

ASN15169 (GOOGLE, US)
PTR: sg-in-f95.1e100.net

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 172.217.194.156 (United States)

ASN15169 (GOOGLE, US)
PTR: si-in-f156.1e100.net

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 74.125.68.157 (United States)

ASN15169 (GOOGLE, US)
PTR: sc-in-f157.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.194.202 (United States)

ASN54113 (FASTLY, US)

mab.chartbeat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.21.139.150 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-23-21-139-150.compute-1.amazonaws.com

ping.chartbeat.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.83.71.62 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-83-71-62.compute-1.amazonaws.com

prod-analytics.qlitics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.239.32.181 (United States)

ASN15169 (GOOGLE, US)

analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.251.12.156 (United States)

ASN15169 (GOOGLE, US)
PTR: se-in-f156.1e100.net

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 172.253.118.94 (United States)

ASN15169 (GOOGLE, US)
PTR: sl-in-f94.1e100.net

www.google.com.sg	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 74.125.24.106 (United States)

ASN15169 (GOOGLE, US)
PTR: sf-in-f106.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 172.253.118.132 (United States)

ASN15169 (GOOGLE, US)
PTR: sl-in-f132.1e100.net

5b3aaee6d5df5eceffb4592408cbc1b2.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.50.93.199 (Singapore)

ASN16625 (AKAMAI-AS, US)
PTR: a23-50-93-199.deploy.static.akamaitechnologies.com

ads.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
secure-assets.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

30 64.233.170.157 (United States)

ASN15169 (GOOGLE, US)
PTR: sg-in-f157.1e100.net

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 64.233.170.132 (United States)

ASN15169 (GOOGLE, US)
PTR: sg-in-f132.1e100.net

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.158.65 (Ashburn, United States)

ASN26667 (RUBICONPROJECT, US)

smarttag.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

21 142.251.10.156 (United States) 6 redirects

ASN15169 (GOOGLE, US)
PTR: sd-in-f156.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 104.18.27.193 (None, ) 6 redirects

ASN13335 (CLOUDFLARENET, US)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ssum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 103.43.90.53 (Singapore) 5 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 594.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.213.189.173 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-213-189-173.compute-1.amazonaws.com

fksnk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 74.118.186.107 (Singapore) 3 redirects

ASN6336 (TURN-US-ASN, US)

sync.1rx.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync.targeting.unrulymedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.141.68.202 (Singapore) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-141-68-202.ap-southeast-1.compute.amazonaws.com

match.sharethrough.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 220.150.223.50 (Japan) 1 redirects

ASN4686 (BEKKOAME BEKKOAME INTERNET INC., JP)
PTR: 50.223.150.220.in-addr.arpa

sync-dsp.ad-m.asia	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 82.145.213.8 (Norway) 1 redirects

ASN39832 (NO-OPERA, NO)
PTR: n-sysadmin-jumpbox-03.feednews.opera.technology

t.adx.opera.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 20.127.253.7 (Tappahannock, United States) 2 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

sync.inmobi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 162.19.138.118 (Frankfurt am Main, Germany) 2 redirects

ASN16276 (OVH, FR)
PTR: ns31533569.ip-162-19-138.eu

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 103.229.10.192 (Singapore)

ASN16509 (AMAZON-02, US)

cms.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.18.25.173 (None, ) 1 redirects

ASN13335 (CLOUDFLARENET, US)

a.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.223.40.198 (United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 20.85.134.6 (Tappahannock, United States) 1 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

mweb.ck.inmobi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.115.74.94 (Tokyo, Japan) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-13-115-74-94.ap-northeast-1.compute.amazonaws.com

cc.adingo.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.208.249.213 (Council Bluffs, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 213.249.208.35.bc.googleusercontent.com

trace.mediago.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.59.80.153 (Singapore) 1 redirects

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-59-80-153.deploy.static.akamaitechnologies.com

analytics.pangle-ads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.251.175.154 (United States)

ASN15169 (GOOGLE, US)
PTR: sh-in-f154.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 157.240.235.1 (Singapore)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-04-sin6.fbcdn.net

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 157.240.235.35 (Singapore)

ASN32934 (FACEBOOK, US)
PTR: edge-star-mini-shv-04-sin6.facebook.com

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
45	googlesyndication.com 5b3aaee6d5df5eceffb4592408cbc1b2.safeframe.googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 122 tpc.googlesyndication.com — Cisco Umbrella Rank: 169	261 KB
40	doubleclick.net 6 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 66 securepubads.g.doubleclick.net — Cisco Umbrella Rank: 235 stats.g.doubleclick.net — Cisco Umbrella Rank: 175 cm.g.doubleclick.net — Cisco Umbrella Rank: 329 googleads4.g.doubleclick.net — Cisco Umbrella Rank: 433	253 KB
34	prothomalo.com www.prothomalo.com — Cisco Umbrella Rank: 117168 assets.prothomalo.com — Cisco Umbrella Rank: 159026 images.prothomalo.com — Cisco Umbrella Rank: 139645 services.prothomalo.com — Cisco Umbrella Rank: 141336	1 MB
27	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 408	552 KB
10	casalemedia.com 6 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 1026 ssum-sec.casalemedia.com — Cisco Umbrella Rank: 781	5 KB
7	adnxs.com 5 redirects ib.adnxs.com — Cisco Umbrella Rank: 360	5 KB
5	google.com analytics.google.com — Cisco Umbrella Rank: 270 www.google.com — Cisco Umbrella Rank: 11	2 KB
4	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 254	206 KB
3	inmobi.com 3 redirects sync.inmobi.com — Cisco Umbrella Rank: 2496 mweb.ck.inmobi.com — Cisco Umbrella Rank: 8866	2 KB
3	rubiconproject.com ads.rubiconproject.com — Cisco Umbrella Rank: 2681 smarttag.rubiconproject.com — Cisco Umbrella Rank: 15873 secure-assets.rubiconproject.com — Cisco Umbrella Rank: 1537	10 KB
3	google.com.sg www.google.com.sg — Cisco Umbrella Rank: 11581	670 B
3	chartbeat.com static.chartbeat.com — Cisco Umbrella Rank: 2129 mab.chartbeat.com — Cisco Umbrella Rank: 3751	25 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 229	88 KB
2	adsrvr.org 2 redirects match.adsrvr.org — Cisco Umbrella Rank: 637	914 B
2	tribalfusion.com 1 redirects a.tribalfusion.com — Cisco Umbrella Rank: 1469 s.tribalfusion.com — Cisco Umbrella Rank: 3247	1 KB
2	id5-sync.com 2 redirects id5-sync.com — Cisco Umbrella Rank: 687	3 KB
2	ad-m.asia 1 redirects sync-dsp.ad-m.asia — Cisco Umbrella Rank: 12125	865 B
2	1rx.io 2 redirects sync.1rx.io — Cisco Umbrella Rank: 933	2 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 111	179 KB
2	prothom-alo.com 2 redirects prothom-alo.com — Cisco Umbrella Rank: 956424 www.prothom-alo.com	446 B
1	facebook.com www.facebook.com — Cisco Umbrella Rank: 109	185 B
1	pangle-ads.com 1 redirects analytics.pangle-ads.com — Cisco Umbrella Rank: 2902	1 KB
1	mediago.io 1 redirects trace.mediago.io — Cisco Umbrella Rank: 1569	485 B
1	adingo.jp 1 redirects cc.adingo.jp — Cisco Umbrella Rank: 11013	452 B
1	quantserve.com cms.quantserve.com — Cisco Umbrella Rank: 1260	464 B
1	opera.com 1 redirects t.adx.opera.com — Cisco Umbrella Rank: 2169	715 B
1	sharethrough.com 1 redirects match.sharethrough.com — Cisco Umbrella Rank: 876	396 B
1	unrulymedia.com 1 redirects sync.targeting.unrulymedia.com — Cisco Umbrella Rank: 2128	629 B
1	fksnk.com 1 redirects fksnk.com — Cisco Umbrella Rank: 8734	614 B
1	qlitics.com prod-analytics.qlitics.com — Cisco Umbrella Rank: 107194	558 B
1	chartbeat.net ping.chartbeat.net — Cisco Umbrella Rank: 1669	201 B
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 113	876 B
1	pushengage.com clientcdn.pushengage.com — Cisco Umbrella Rank: 23730	28 KB
1	gumlet.com cdn.gumlet.com — Cisco Umbrella Rank: 95131	7 KB
177	34

	Domain	Requested by
30	pagead2.googlesyndication.com	5b3aaee6d5df5eceffb4592408cbc1b2.safeframe.googlesyndication.com pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com www.googletagservices.com securepubads.g.doubleclick.net s0.2mdn.net
27	s0.2mdn.net	www.prothomalo.com s0.2mdn.net
21	cm.g.doubleclick.net	6 redirects googleads.g.doubleclick.net 5b3aaee6d5df5eceffb4592408cbc1b2.safeframe.googlesyndication.com
12	tpc.googlesyndication.com	5b3aaee6d5df5eceffb4592408cbc1b2.safeframe.googlesyndication.com www.prothomalo.com tpc.googlesyndication.com s0.2mdn.net securepubads.g.doubleclick.net
12	assets.prothomalo.com	www.prothomalo.com assets.prothomalo.com
11	images.prothomalo.com	www.prothomalo.com
9	dsum-sec.casalemedia.com	5 redirects googleads.g.doubleclick.net
9	www.prothomalo.com	www.prothomalo.com assets.prothomalo.com
8	securepubads.g.doubleclick.net	www.googletagservices.com securepubads.g.doubleclick.net www.prothomalo.com
7	ib.adnxs.com	5 redirects googleads.g.doubleclick.net
6	googleads.g.doubleclick.net	www.googletagmanager.com 5b3aaee6d5df5eceffb4592408cbc1b2.safeframe.googlesyndication.com pagead2.googlesyndication.com
4	googleads4.g.doubleclick.net	www.prothomalo.com
4	www.google.com	www.prothomalo.com 5b3aaee6d5df5eceffb4592408cbc1b2.safeframe.googlesyndication.com tpc.googlesyndication.com
4	www.googletagservices.com	www.prothomalo.com securepubads.g.doubleclick.net 5b3aaee6d5df5eceffb4592408cbc1b2.safeframe.googlesyndication.com
3	5b3aaee6d5df5eceffb4592408cbc1b2.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
3	www.google.com.sg	www.prothomalo.com
2	connect.facebook.net	www.prothomalo.com connect.facebook.net
2	match.adsrvr.org	2 redirects
2	id5-sync.com	2 redirects
2	sync.inmobi.com	2 redirects
2	sync-dsp.ad-m.asia	1 redirects 5b3aaee6d5df5eceffb4592408cbc1b2.safeframe.googlesyndication.com
2	sync.1rx.io	2 redirects
2	services.prothomalo.com	assets.prothomalo.com www.prothomalo.com
2	static.chartbeat.com	www.prothomalo.com
2	www.googletagmanager.com	www.prothomalo.com www.googletagmanager.com
1	www.facebook.com
1	secure-assets.rubiconproject.com	www.prothomalo.com
1	analytics.pangle-ads.com	1 redirects
1	trace.mediago.io	1 redirects
1	cc.adingo.jp	1 redirects
1	mweb.ck.inmobi.com	1 redirects
1	s.tribalfusion.com	5b3aaee6d5df5eceffb4592408cbc1b2.safeframe.googlesyndication.com
1	a.tribalfusion.com	1 redirects
1	cms.quantserve.com	5b3aaee6d5df5eceffb4592408cbc1b2.safeframe.googlesyndication.com
1	t.adx.opera.com	1 redirects
1	match.sharethrough.com	1 redirects
1	sync.targeting.unrulymedia.com	1 redirects
1	ssum-sec.casalemedia.com	1 redirects
1	fksnk.com	1 redirects
1	smarttag.rubiconproject.com	ads.rubiconproject.com
1	ads.rubiconproject.com	securepubads.g.doubleclick.net
1	stats.g.doubleclick.net	www.googletagmanager.com
1	analytics.google.com	www.googletagmanager.com
1	prod-analytics.qlitics.com	www.prothomalo.com
1	ping.chartbeat.net	www.prothomalo.com
1	mab.chartbeat.com	static.chartbeat.com
1	fonts.googleapis.com	s0.2mdn.net
1	clientcdn.pushengage.com	www.prothomalo.com
1	cdn.gumlet.com	www.prothomalo.com
1	www.prothom-alo.com	1 redirects
1	prothom-alo.com	1 redirects
177	51

This site contains links to these domains. Also see Links.

Domain
en.prothomalo.com
www.kishoralo.com
1971.prothomalo.com
www.bigganchinta.com
www.protichinta.com
www.prothoma.com
www.bondhushava.com
trust.prothomalo.com
nagorik.prothomalo.com
epaper.prothomalo.com
www.facebook.com
twitter.com
www.instagram.com
www.youtube.com
play.google.com
apps.apple.com
prothomalo.com

Subject Issuer	Validity	Valid
prothomalo.com Cloudflare Inc ECC CA-3	`2022-12-04` - `2023-12-04`	a year	crt.sh
*.gumlet.com Amazon ECDSA 256 M02	`2023-02-16` - `2024-03-16`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-09-04` - `2023-11-27`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-09-04` - `2023-11-27`	3 months	crt.sh
*.chartbeat.com Thawte TLS RSA CA G1	`2023-05-16` - `2024-06-06`	a year	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-09-04` - `2023-11-27`	3 months	crt.sh
images.prothomalo.com Amazon RSA 2048 M03	`2023-08-31` - `2024-09-27`	a year	crt.sh
*.pushengage.com AlphaSSL CA - SHA256 - G4	`2023-02-07` - `2024-03-10`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2023-09-04` - `2023-11-27`	3 months	crt.sh
*.chartbeat.net Thawte RSA CA 2018	`2022-12-19` - `2023-12-30`	a year	crt.sh
*.qlitics.com Amazon RSA 2048 M02	`2023-02-20` - `2024-03-20`	a year	crt.sh
*.google.com GTS CA 1C3	`2023-09-04` - `2023-11-27`	3 months	crt.sh
*.google.com.sg GTS CA 1C3	`2023-09-04` - `2023-11-27`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-09-04` - `2023-11-27`	3 months	crt.sh
*.rubiconproject.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-03-07` - `2024-04-03`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-09-04` - `2023-11-27`	3 months	crt.sh
quantserve.com R3	`2023-08-29` - `2023-11-27`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-07-13` - `2023-10-11`	3 months	crt.sh

This page contains 19 frames:

Primary Page: https://www.prothomalo.com/
Frame ID: 9F2C4A33AEFA925A1D98FB06EC407C8D
Requests: 59 HTTP requests in this frame

Frame: https://www.prothomalo.com/icc-worldcup-2023-countdown?v=2.0
Frame ID: 51053147E045011E246370CAF8E4CA51
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/dfp/366178/71454658/1696158704200/Konka.html
Frame ID: C6E992FC808CA1507D0FC96A37B34F7A
Requests: 10 HTTP requests in this frame

Frame: https://www.prothomalo.com/widgets/muktijuddho-50/palo-home.html?v=1.0
Frame ID: 3B2AD03B68A7FF5030257E9441BB3899
Requests: 5 HTTP requests in this frame

Frame: https://5b3aaee6d5df5eceffb4592408cbc1b2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: B758787E87B92B426DF8EAB69959318E
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssk5KdTKfq6bL-mqmK3XYS5X6t7eheWjWxgBCyoMAW9PUosr1_oN-Io8kHyEeY4Gm-MqeIX8Pw0ttqWkhuPRNTQ67MgTg4yfkAF2V-p_KyrRtA-5MLOfysFic_jaKb6EpIh3YOSnyV4aMZqnr5I2SatDc-TUdYwtN0_8K9v47MhTtoeO38y1QX_ezjMrKsd9BYliwS3mfauZ8wVUyyimc8YqF9xc2Mh01yLbzrwFHVQx-Q7kVfBTRrzUYWRhR43cSrymE_adEbVurNkUqkgGZKAMVx3ZjPf8EzdBMY_4nxfMfZkqFmKNuEn6z1nrB9UtFKi90oflUgM698&sai=AMfl-YQd7aU7DtBu60YArftpc7a9GTquSn91UFti_99xcHFn1jczr4ty6CtnRhCetMvgNGssNLsS3zS8qfVOB5nkidUDlun8BzjrQgFYX3iyvqZ3APE2d5S9x7OfMvhN88U&sig=Cg0ArKJSzBTww9HgAUNnEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: 17215AFCF50AC6D09E465BDBBA766602
Requests: 8 HTTP requests in this frame

Frame: https://5b3aaee6d5df5eceffb4592408cbc1b2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 2370AC5F3A3F91D4665A58F5CBCD4295
Requests: 19 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNqbIxDWjsvPAxiQhc_4ATAB&v=APEucNUxrprpPxuRFamWjL1_Ax-sPqi7KlWbMveN1F-LD2x_fwU4g-xyFskbkpvyEzd7-fELAymCc0YjziweSFvfcFMCbSDxBQ
Frame ID: BAC86D0142E3CBBA94305901BD1438CB
Requests: 5 HTTP requests in this frame

Frame: https://5b3aaee6d5df5eceffb4592408cbc1b2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: BF4F6FC06A41948C2D08C6CDB6056718
Requests: 19 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNXBERDQ8LPDAhjWmqnyATAB&v=APEucNX3SBUACm1bxnPa_l6DLBTeOc507a3ERPZAa0ZPpdnwV27k00hAx9DreRC0GLe5ETrUJordhAqkZyUE1_UeMEbLMiyR8g
Frame ID: 4CCE86075FD301B5B2CC7A24817EDC06
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: A569DC155194D5E64DB8B510B145EC7E
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: C03D9827CB7E4ACD0186DE88694CFB26
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 575D91BE114AC6EF2D4FDAB1AC3C99B0
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 1809D7942EF44B7CAC85633BA8727A63
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/647347765926785345/index.html?ev=01_250
Frame ID: D698610B07C2E55FB497B39B3B8400D7
Requests: 2 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/9943023757918470144/300x250-Segmentation/index.html?e=69&leftOffset=0&topOffset=0&c=JPq9QgDrb8&t=1&renderingType=2&ev=01_250
Frame ID: 5297B32DF821F09015E09824B2877FFE
Requests: 17 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/BAadeGEE1qHjsQ6c_rqFtjeXulPdvwUFIKdhRpM9mgY.js
Frame ID: 41332434D23A7B70A0AE2CD27A79D897
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 5C90A64961320154A74AFB9E25B1CDEC
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 0ECBA4F6AF93C478A555CF9B119F44A4
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

প্রথম আলো | বাংলা নিউজ পেপার

Page URL History Show full URLs

http://prothom-alo.com/ HTTP 301
https://www.prothom-alo.com/ HTTP 301
https://www.prothomalo.com/ Page URL

Detected technologies

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Chartbeat (Analytics) Expand

Overall confidence: 100%
Detected patterns

chartbeat\.js

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

DoubleClick for Publishers (DFP) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googletagservices\.com/tag/js/gpt(?:_mobile)?\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

PushEngage (Marketing automation) Expand

Overall confidence: 100%
Detected patterns

clientcdn\.pushengage\.\w+/core

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

177
Requests

88 %
HTTPS

0 %
IPv6

34
Domains

51
Subdomains

34
IPs

6
Countries

2895 kB
Transfer

9354 kB
Size

41
Cookies

20 Outgoing links

These are links going to different origins than the main page.

URL: https://en.prothomalo.com/
Title: English

Search URL Search Domain Scan URL

URL: https://www.kishoralo.com/
Title: কিশোর আলো

Search URL Search Domain Scan URL

URL: https://1971.prothomalo.com/
Title: চিরন্তন ১৯৭১

Search URL Search Domain Scan URL

URL: https://www.bigganchinta.com/
Title: বিজ্ঞানচিন্তা

Search URL Search Domain Scan URL

URL: https://www.protichinta.com/
Title: প্রতিচিন্তা

Search URL Search Domain Scan URL

URL: https://www.prothoma.com/
Title: প্রথমা

Search URL Search Domain Scan URL

URL: https://www.bondhushava.com/
Title: বন্ধুসভা

Search URL Search Domain Scan URL

URL: https://trust.prothomalo.com/
Title: প্রথম আলো ট্রাস্ট

Search URL Search Domain Scan URL

URL: https://nagorik.prothomalo.com/
Title: নাগরিক সংবাদ

Search URL Search Domain Scan URL

URL: https://epaper.prothomalo.com/
Title: ইপেপার

Search URL Search Domain Scan URL

URL: https://www.facebook.com/DailyProthomAlo

Search URL Search Domain Scan URL

URL: https://twitter.com/ProthomAlo

Search URL Search Domain Scan URL

URL: https://www.instagram.com/prothomalo/

Search URL Search Domain Scan URL

URL: https://www.youtube.com/c/ProthomAlo

Search URL Search Domain Scan URL

URL: https://play.google.com/store/apps/details?id=com.mcc.prothomalo&hl=en_IN
Title: Android app onGoogle Play

Search URL Search Domain Scan URL

URL: https://apps.apple.com/us/app/bangla-newspaper-prothom-alo/id548596669
Title: Available on theApp Store

Search URL Search Domain Scan URL

URL: https://prothomalo.com/about
Title: প্রথম আলো

Search URL Search Domain Scan URL

URL: https://prothomalo.com/advertise
Title: বিজ্ঞাপন

Search URL Search Domain Scan URL

URL: https://prothomalo.com/terms
Title: শর্তাবলি ও নীতিমালা

Search URL Search Domain Scan URL

URL: https://prothomalo.com/contact
Title: যোগাযোগ

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://prothom-alo.com/ HTTP 301
https://www.prothom-alo.com/ HTTP 301
https://www.prothomalo.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 84

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMuiABgFvRlPWtd372EiPzg&google_cver=1 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMuiABgFvRlPWtd372EiPzg&google_cver=1&C=1

Request Chain 85

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZRykVeIoAnDz4tYFfo.QDQAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESED-PDZqzTS4oZpT58mketRo&google_cver=1&google_hm=2

Request Chain 86

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEN_QLmkug-T6PDidcA854j8&google_cver=1 HTTP 307
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEN_QLmkug-T6PDidcA854j8%26google_cver%3D1

Request Chain 87

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=OTEzNDk0MjgxNTkyNDM4MTg5Ng%3D%3D

Request Chain 96

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESED-PDZqzTS4oZpT58mketRo&google_cver=1

Request Chain 97

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZRykVbSRjd.eYEi0E.8whwAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESED-PDZqzTS4oZpT58mketRo&google_cver=1&google_hm=2

Request Chain 98

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEBEljH-yfONUJSsJzAmKTGc&google_cver=1

Request Chain 99

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Mzg3Mzk0NzA3NDg3OTkwMzQwMg%3D%3D

Request Chain 118

https://fksnk.com/cs/google?google_gid=CAESENvU-Gc_JgYmHQkfegH_B6w&google_cver=1&google_push=AXcoOmSZrX5Z2UXYPUDXWOlCtqN6V7A6NRSwNmA22xw6F6ac36rOijnW6BFhxKoCq7spC2lczWcZ08vdP1_qys6VkYwfIr61HKraGZJxdxtvxQxGX7eOmtLwAsYkeY1N9g0-nbQUG5LPwvoUM9q3VoRvpA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=fiksu&google_hm=QTY5MTBBMkQ1NjQ1ODZENg==

Request Chain 119

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESELgE5MX8jne7xP7E_QGVqqo&google_cver=1&google_push=AXcoOmQHt_EacjjtLYXfqG5_XxmWI2QYbWxrE2GsbfTv6jD4k3gt6TAX54MvEEI4XO-8NlsnIv-YjKRnvDzlpq5iaUKj-CsjSJhNPB3ENddZ1znONjId8YYkbgKlJgKHt5R9NeQ_TMf7-8NnvhwVJ_tW4w HTTP 302
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESELgE5MX8jne7xP7E_QGVqqo&google_hm=ZRykVeIoAnDz4tYFfo-QDQAAEwoAAAIB&google_nid=index&google_push=AXcoOmQHt_EacjjtLYXfqG5_XxmWI2QYbWxrE2GsbfTv6jD4k3gt6TAX54MvEEI4XO-8NlsnIv-YjKRnvDzlpq5iaUKj-CsjSJhNPB3ENddZ1znONjId8YYkbgKlJgKHt5R9NeQ_TMf7-8NnvhwVJ_tW4w

Request Chain 120

https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESEGwjfZ85coUjIILiyEAoFNM&google_cver=1&google_push=AXcoOmS8BwWXs7VZxqvKUHQZ_qjFthxQIqUPCGt4S_5aQ95PQgyJFlU3oUOHeWTstc0CTAYIpOyy7idnmQ8N3-F-Sm2ZX_hCIverClZA7XFAgdrft8uyVPu8poB2nZsdjteZyWTB97rnfYli1xJ_Z4zujEQ HTTP 302
https://sync.1rx.io/usersync2/rmpssp?sub=google&zcc=1&google_push=AXcoOmS8BwWXs7VZxqvKUHQZ_qjFthxQIqUPCGt4S_5aQ95PQgyJFlU3oUOHeWTstc0CTAYIpOyy7idnmQ8N3-F-Sm2ZX_hCIverClZA7XFAgdrft8uyVPu8poB2nZsdjteZyWTB97rnfYli1xJ_Z4zujEQ&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&cb=1696375894252 HTTP 302
https://sync.targeting.unrulymedia.com/csync/RX-9b4fe846-0b4f-4309-a48b-f68846cde876-004?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DAXcoOmS8BwWXs7VZxqvKUHQZ_qjFthxQIqUPCGt4S_5aQ95PQgyJFlU3oUOHeWTstc0CTAYIpOyy7idnmQ8N3-F-Sm2ZX_hCIverClZA7XFAgdrft8uyVPu8poB2nZsdjteZyWTB97rnfYli1xJ_Z4zujEQ%26google_hm%3DBJtP6EYLT0MJpIv2iEbN6HY HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AXcoOmS8BwWXs7VZxqvKUHQZ_qjFthxQIqUPCGt4S_5aQ95PQgyJFlU3oUOHeWTstc0CTAYIpOyy7idnmQ8N3-F-Sm2ZX_hCIverClZA7XFAgdrft8uyVPu8poB2nZsdjteZyWTB97rnfYli1xJ_Z4zujEQ&google_hm=BJtP6EYLT0MJpIv2iEbN6HY

Request Chain 121

https://match.sharethrough.com/E4rooAtA/v1?google_gid=CAESEAyCYtyY3KcbgCqyUnHAqDg&google_cver=1&google_push=AXcoOmRrwwAaPxhGUlQWx2_DjTaHJnrcHi2IdueptcUFSYCvXzTC_6xgCItAWAXJdrd89KPi9-jhUOJ9fJWyqS5l0Al9K8kttS2eDOrSJa4D5KpG2Colmsgkl7AmfYitQtTImqTp4jlvXsps33iZ0L8X8kk HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=sharethrough_ob&google_hm=N2YxY2VjYzEtMzUzNy00OTI2LWIwNDgtN2IwNmQ4OTlkMTAw&google_push=AXcoOmRrwwAaPxhGUlQWx2_DjTaHJnrcHi2IdueptcUFSYCvXzTC_6xgCItAWAXJdrd89KPi9-jhUOJ9fJWyqS5l0Al9K8kttS2eDOrSJa4D5KpG2Colmsgkl7AmfYitQtTImqTp4jlvXsps33iZ0L8X8kk

Request Chain 122

https://sync-dsp.ad-m.asia/dsp/api/sync/send?s=google&pixel_match=y&google_gid=CAESEKaE2BkQWAPlRiI1oZbvvgs&google_cver=1&google_push=AXcoOmSZ5ZFvmi2OwHdgrK8kwgDthGIQsXBG4rqrNalVkfzFeDj5r5TW1l1E-icSkbfaklj6L43gluRGMKvbWhaOO48WA6SQOs_n9oEvXWzwoppwV4i5Dakk4udK9ltZIN7pMZdxc9_E7PApU4HXg8VMlKHH HTTP 302
https://sync-dsp.ad-m.asia/dsp/api/sync/send?s=google&pixel_match=y&google_gid=CAESEKaE2BkQWAPlRiI1oZbvvgs&google_cver=1&google_push=AXcoOmSZ5ZFvmi2OwHdgrK8kwgDthGIQsXBG4rqrNalVkfzFeDj5r5TW1l1E-icSkbfaklj6L43gluRGMKvbWhaOO48WA6SQOs_n9oEvXWzwoppwV4i5Dakk4udK9ltZIN7pMZdxc9_E7PApU4HXg8VMlKHH&uid-set=1

Request Chain 123

https://t.adx.opera.com/pub/sync?pubid=pub6871767557696&google_push=AXcoOmT3YGL_aiK93-nYDC5lCpueSuD6hr_fvFFb15mG6oSAMtOkuM-E8sHA2r0wDak3C2E5TjswcCjVDSzQXrBAa5gMtpJVWNOV8gJ40nGnEQw58qEjupGu8T-BjVPY_lcbdZhR-tmOAV_QEA63g75XSfE&google_gid=CAESEIlpfnP0eG4TqW783EWzEAY&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEIlpfnP0eG4TqW783EWzEAY&google_hm=T1BVM2JjMTQ5MGIxMTk4NDYwYmFkZDY4YWE4MTNmZGMyNTE&google_nid=opera_norway_as&google_push=AXcoOmT3YGL_aiK93-nYDC5lCpueSuD6hr_fvFFb15mG6oSAMtOkuM-E8sHA2r0wDak3C2E5TjswcCjVDSzQXrBAa5gMtpJVWNOV8gJ40nGnEQw58qEjupGu8T-BjVPY_lcbdZhR-tmOAV_QEA63g75XSfE

Request Chain 124

https://sync.inmobi.com/gob?google_gid=CAESEFEy0cHg-FTLotySe8FU5Jk&google_cver=1&google_push=AXcoOmRM5YByOo9SCyexkgdES7wGqF5epxDnUom5Zj7FayMwgD12kE6ILTtntXS56glUHtdWs8NqIhTO72o3EJyELBViZt8Su7RTuGy-PIWIyF-N9gKJD806hbALp_k-kLzQkfM2uWG2dG6TAg6k9BJDSs93 HTTP 302
https://id5-sync.com/i/495/0.gif?gdpr_consent=&gdpr=&callback=https%3A%2F%2Fsync.inmobi.com%2FgobRedirectFromId5%3Fid%3D%7BID5UID%7D%26google_push%3DAXcoOmRM5YByOo9SCyexkgdES7wGqF5epxDnUom5Zj7FayMwgD12kE6ILTtntXS56glUHtdWs8NqIhTO72o3EJyELBViZt8Su7RTuGy-PIWIyF-N9gKJD806hbALp_k-kLzQkfM2uWG2dG6TAg6k9BJDSs93 HTTP 302
https://id5-sync.com/c/495/0/0/1.gif?gdpr=0&gdpr_consent=&us_privacy= HTTP 302
https://sync.inmobi.com/gobRedirectFromId5?id=ID5-afaeRbYNBqZ5vYxI_BR9GKU2TF8CMZE8Q98yF1wJkQ&google_push=AXcoOmRM5YByOo9SCyexkgdES7wGqF5epxDnUom5Zj7FayMwgD12kE6ILTtntXS56glUHtdWs8NqIhTO72o3EJyELBViZt8Su7RTuGy-PIWIyF-N9gKJD806hbALp_k-kLzQkfM2uWG2dG6TAg6k9BJDSs93 HTTP 302
https://cm.g.doubleclick.net/pixel?google_hm=yHlGVA9FBd42tda-j0Zs&google_push=AXcoOmRM5YByOo9SCyexkgdES7wGqF5epxDnUom5Zj7FayMwgD12kE6ILTtntXS56glUHtdWs8NqIhTO72o3EJyELBViZt8Su7RTuGy-PIWIyF-N9gKJD806hbALp_k-kLzQkfM2uWG2dG6TAg6k9BJDSs93&google_nid=inmobi_new_eb

Request Chain 129

https://a.tribalfusion.com/i.match?p=b6&u=CAESED62XnlZFbNaVJl6R78DeMg&google_cver=1&google_push=AXcoOmTlUVjNwI8eXQB98lZVLTjV79-aHovIywukfra1zmpjjKCnoQelYyz82_VUrLxtO5RHuAlyVpcC08vPKNpUyvEbudZKFJsg6yjg4YCVz368Ld6R9nn6btTfSRG4H1fQbRLWa3LkwqxM&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmTlUVjNwI8eXQB98lZVLTjV79-aHovIywukfra1zmpjjKCnoQelYyz82_VUrLxtO5RHuAlyVpcC08vPKNpUyvEbudZKFJsg6yjg4YCVz368Ld6R9nn6btTfSRG4H1fQbRLWa3LkwqxM%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 HTTP 302
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESED62XnlZFbNaVJl6R78DeMg&google_cver=1&google_push=AXcoOmTlUVjNwI8eXQB98lZVLTjV79-aHovIywukfra1zmpjjKCnoQelYyz82_VUrLxtO5RHuAlyVpcC08vPKNpUyvEbudZKFJsg6yjg4YCVz368Ld6R9nn6btTfSRG4H1fQbRLWa3LkwqxM&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmTlUVjNwI8eXQB98lZVLTjV79-aHovIywukfra1zmpjjKCnoQelYyz82_VUrLxtO5RHuAlyVpcC08vPKNpUyvEbudZKFJsg6yjg4YCVz368Ld6R9nn6btTfSRG4H1fQbRLWa3LkwqxM%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24

Request Chain 130

https://match.adsrvr.org/track/cmf/google?google_gid=CAESEPp7QNok6mZCDEleX32DDbs&google_cver=1&google_push=AXcoOmTWNSNUc1vXakxUmSxJP5s3TUS68a2qmzfNCWuADN_RvF_Esp6Lu5VQ3oDwAH4rGu-SS6giwxf2_Zdv2SFkTgq6waFm6qT-MsQWZ7bAMzX1fL4fRbn8mVy1VhmZ7PtOALfSOG6e9L1Q HTTP 302
https://match.adsrvr.org/track/cmb/google?google_gid=CAESEPp7QNok6mZCDEleX32DDbs&google_cver=1&google_push=AXcoOmTWNSNUc1vXakxUmSxJP5s3TUS68a2qmzfNCWuADN_RvF_Esp6Lu5VQ3oDwAH4rGu-SS6giwxf2_Zdv2SFkTgq6waFm6qT-MsQWZ7bAMzX1fL4fRbn8mVy1VhmZ7PtOALfSOG6e9L1Q HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_hm=ZDQ1ZDc5ZWMtNjI5Zi00MTdmLWJhNmYtNzQ5ZmVjNDVkNWZk&google_push&gdpr=0&gdpr_consent=&ttd_tdid=d45d79ec-629f-417f-ba6f-749fec45d5fd

Request Chain 131

https://mweb.ck.inmobi.com/sync/3?redirect=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dinmobi_pte_limited%26google_hm%3D%24DSP_CKID&google_gid=CAESEAw7ATJgXvjLQkEJm2OpBv4&google_cver=1&google_push=AXcoOmQL94VDr2ZZ2up5K9ApioqPocfwfjsQiGhGcrhfJFIJoolvgppJOREhU22uFdHY5gAv9QLr3FSV8B8fH4XO0_5TV3ayMMPeIFVCqncn34AbgH1fIn3FG2F3DBMf0rAXuHwXDNA3ENKA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=inmobi_pte_limited&google_hm=MzliNzBkNzItZmMzMC00MzQyLWFjNzMtNTVlNmIyNDViMjM0&google_gid=CAESEAw7ATJgXvjLQkEJm2OpBv4&google_cver=1&google_push=AXcoOmQL94VDr2ZZ2up5K9ApioqPocfwfjsQiGhGcrhfJFIJoolvgppJOREhU22uFdHY5gAv9QLr3FSV8B8fH4XO0_5TV3ayMMPeIFVCqncn34AbgH1fIn3FG2F3DBMf0rAXuHwXDNA3ENKA

Request Chain 132

https://cc.adingo.jp/adx/push/?google_gid=CAESEOCJ65TLdSXuykaBGFPOtp4&google_cver=1&google_push=AXcoOmT5z8Vzkbn9b6KaF4ELxQ74_5R95g116I-j--_XR-uPc_KrSe0kV25qXnZj5E4r3YYTcWJ0vxZQt6-ZGk_zlsSBiQnyC1EkVjpAf5Vz1wgqyi3W3TwulsG41DTW8RV6qy4ZOeeyB1Y_ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AXcoOmT5z8Vzkbn9b6KaF4ELxQ74_5R95g116I-j--_XR-uPc_KrSe0kV25qXnZj5E4r3YYTcWJ0vxZQt6-ZGk_zlsSBiQnyC1EkVjpAf5Vz1wgqyi3W3TwulsG41DTW8RV6qy4ZOeeyB1Y_&google_hm=20403c0c83ad7a6a53f69c1154108e79

Request Chain 133

https://trace.mediago.io/cs/google?google_gid=CAESEN8i09ojzRu9kEVGoJy-B8E&google_cver=1&google_push=AXcoOmQLWDEzM5GJYjK9UItxnFvN2h_9Z8Z9JTu1_v9iWv4M28ByrMFmU7AshO4gRfv76uWAcIRoF5mOjlBbAxH_bGqbZ9GtL4yUNJdSMsLoPCvBGwzvqE2huiYYH6bpHQltY0aqLw1XaydD2w HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=baidu_mediago&google_push=AXcoOmQLWDEzM5GJYjK9UItxnFvN2h_9Z8Z9JTu1_v9iWv4M28ByrMFmU7AshO4gRfv76uWAcIRoF5mOjlBbAxH_bGqbZ9GtL4yUNJdSMsLoPCvBGwzvqE2huiYYH6bpHQltY0aqLw1XaydD2w&google_hm=5bead3a000ad17bb11fp0400lnayeplf

Request Chain 134

https://analytics.pangle-ads.com/api/ad/union/gg_cookie_matching?google_gid=CAESEJoryS3SJBC4Q5pZG3p40UQ&google_cver=1&google_push=AXcoOmRBXA4AemFlZu_J13xCnGGNH04FoIa7k7pRLu_J9osESdizJ8Z2RI3Le6AdXLSkJ-cdTqwVSjbQluLaPyfQ_0e3vJWCuApmC6iG9a9QIN4puYBCIWNX8yvv-ih-7wyKb3b-Yf_vBkKWJQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=toutiao_usd&google_push=AXcoOmRBXA4AemFlZu_J13xCnGGNH04FoIa7k7pRLu_J9osESdizJ8Z2RI3Le6AdXLSkJ-cdTqwVSjbQluLaPyfQ_0e3vJWCuApmC6iG9a9QIN4puYBCIWNX8yvv-ih-7wyKb3b-Yf_vBkKWJQ

177 HTTP transactions
6 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.prothomalo.com/
Redirect Chain

http://prothom-alo.com/
https://www.prothom-alo.com/
https://www.prothomalo.com/

3 MB
328 KB

689ms
121ms

Document
text/html

104.17.160.183
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.prothomalo.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.160.183 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

632ef78b9df9b5be32fa45006e7ad73957a8b9e1ce5c626c70bc13f2c6aba63f

Security Headers

Name

Value

Content-Security-Policy

default-src data: 'unsafe-inline' 'unsafe-eval' https: http:;script-src data: 'unsafe-inline' 'unsafe-eval' https: http: blob:;style-src data: 'unsafe-inline' https: http: blob:;img-src data: https: http: blob:;font-src data: https: http:;connect-src https: wss: ws: http: blob:;media-src https: blob: http:;object-src https: http:;child-src https: data: blob: http:;form-action https: http:;block-all-mixed-content; report-to gumlet-nel

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

0: C
1: o
2: n
3: t
4: e
5: n
6: t
7: -
8: S
9: e
10: c
11: u
12: r
13: i
14: t
15: y
16: -
17: P
18: o
19: l
20: i
21: c
22: y
age: 552
cache-control: public,max-age=15
cf-cache-status: HIT
cf-ray: 8108fa9cbdca405a-SIN
content-encoding: br
content-security-policy: default-src data: 'unsafe-inline' 'unsafe-eval' https: http:;script-src data: 'unsafe-inline' 'unsafe-eval' https: http: blob:;style-src data: 'unsafe-inline' https: http: blob:;img-src data: https: http: blob:;font-src data: https: http:;connect-src https: wss: ws: http: blob:;media-src https: blob: http:;object-src https: http:;child-src https: data: blob: http:;form-action https: http:;block-all-mixed-content; report-to gumlet-nel
content-type: text/html; charset=utf-8
date: Tue, 03 Oct 2023 23:31:29 GMT
link: <https://assets.prothomalo.com/prothomalo/assets/app-244c18bb62877830af03.js>; rel=preload; as=script;
server: cloudflare
vary: Accept-Encoding
x-powered-by: Express

Redirect headers

cache-control: max-age=3600
cf-ray: 8108fa98892e6bc9-SIN
date: Tue, 03 Oct 2023 23:31:28 GMT
expires: Wed, 04 Oct 2023 00:31:28 GMT
location: https://www.prothomalo.com
server: cloudflare
vary: Accept-Encoding

GET
H2 200 app-244c18bb62877830af03.js Show response
assets.prothomalo.com/prothomalo/assets/ 563 KB
167 KB 153ms
141ms Script
application/javascript 104.17.160.183
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.prothomalo.com/prothomalo/assets/app-244c18bb62877830af03.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.17.160.183 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 425017b011ca7d63859143777387272791596b9afc138fe6c2ae1cc2f11bedc8

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.prothomalo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 23:31:29 GMT
via: 1.1 16074517396ff3ce754e4ac422c346c8.cloudfront.net (CloudFront)
content-encoding: br
cf-cache-status: HIT
x-amz-version-id: Wt_WzA_OLXiptzQZzxRfMmXd8AsjtJKb
age: 102687
x-amz-cf-pop: SIN52-P1
cf-polished: origSize=576733
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Mon, 02 Oct 2023 18:57:55 GMT
cf-bgj: minify
server: cloudflare
etag: W/"057471811c5bd519c463e6e4faf4a7e3"
vary: Accept-Encoding
access-control-allow-methods: HEAD, PUT, POST, GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000,public
cf-ray: 8108fa9d9e65405a-SIN
x-amz-cf-id: JVVwvqs9q2f4loUZ8-11yCezWjWJuggXfdhe7kxhwMbP4S3xpZ1tMw==

GET
H2 200 ShurjoWeb_400_v2.woff2
assets.prothomalo.com/prothomalo/assets/ 114 KB
114 KB 802ms
231ms Font
binary/octet-stream 104.17.159.183
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.prothomalo.com/prothomalo/assets/ShurjoWeb_400_v2.woff2
Requested by: Host: www.prothomalo.com
URL: https://www.prothomalo.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.17.159.183 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ed884d02924f422c259626ff918f17e139fe1b9ce2013a1c2d20232c087b2927

Request headers

Referer: https://www.prothomalo.com/
Origin: https://www.prothomalo.com
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 23:31:30 GMT
via: 1.1 17c8f858c16251c56b35a54bfcf8a2a4.cloudfront.net (CloudFront)
cf-cache-status: HIT
x-amz-version-id: H7ykbDi7MQPD9VXkTI3KXGqyISNTU0dr
age: 9133520
x-amz-cf-pop: MCT50-P1
x-cache: Hit from cloudfront
content-length: 116540
last-modified: Mon, 23 Jan 2023 11:19:06 GMT
server: cloudflare
etag: "6a682f6f610beeda14f0a7a868c37945"
vary: Accept-Encoding
access-control-allow-methods: HEAD, PUT, POST, GET
content-type: binary/octet-stream
access-control-allow-origin: *
cache-control: max-age=31536000,public
accept-ranges: bytes
cf-ray: 8108faa119f149c6-SIN
x-amz-cf-id: MMBT7hH5ve5vRlWRvd8_b6hVzXrCB43nlEMM0HdqwC7ASDs514PGag==

GET
H2 200 ShurjoWeb_700_v2.woff2
assets.prothomalo.com/prothomalo/assets/ 130 KB
131 KB 681ms
111ms Font
binary/octet-stream 104.17.159.183
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.prothomalo.com/prothomalo/assets/ShurjoWeb_700_v2.woff2
Requested by: Host: www.prothomalo.com
URL: https://www.prothomalo.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.17.159.183 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: be1165180e87ead6952513703b6318f6ff4155d6c02ddf759c77896e5738d6cf

Request headers

Referer: https://www.prothomalo.com/
Origin: https://www.prothomalo.com
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 23:31:30 GMT
via: 1.1 12bc5fc07aceea9ef9cf1402e02624de.cloudfront.net (CloudFront)
cf-cache-status: HIT
x-amz-version-id: waG7EP8E4.FhSQZRYgcLUcbsozoDkyKM
age: 9133521
x-amz-cf-pop: MCT50-P1
x-cache: Hit from cloudfront
content-length: 133092
last-modified: Thu, 01 Dec 2022 08:13:40 GMT
server: cloudflare
etag: "ef9e058ccc3a98d8503057eea0586630"
vary: Accept-Encoding
access-control-allow-methods: HEAD, PUT, POST, GET
content-type: binary/octet-stream
access-control-allow-origin: *
cache-control: max-age=31536000,public
accept-ranges: bytes
cf-ray: 8108faa119f249c6-SIN
x-amz-cf-id: jkpwy3P7YX-cwMbgTT0ZCF3ho6lc9L5OtKs3Yz7qZ8AZDUAgcxOPaw==

GET
H2 200 gumlet.min.js Show response
cdn.gumlet.com/gumlet.js/2.0/ 19 KB
7 KB 727ms
99ms Script
application/javascript 13.33.88.19
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.gumlet.com/gumlet.js/2.0/gumlet.min.js
Requested by: Host: www.prothomalo.com
URL: https://www.prothomalo.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.33.88.19 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-33-88-19.sin2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 13df2bb7aaa7526f48a0135ce43c27dcedd42b1c10bd4f8da2d7965b62b50102

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.prothomalo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Fri, 15 Sep 2023 12:01:31 GMT
content-encoding: gzip
via: 1.1 e25f1b4aa5076f3a6a2551c87259c664.cloudfront.net (CloudFront)
last-modified: Mon, 21 Nov 2022 09:03:51 GMT
server: AmazonS3
x-amz-cf-pop: SIN2-P2
age: 1596600
etag: W/"083a141b447aa53bbb9073a45592d18d"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: public, s-maxage=31536000, max-age=172800
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: 2HNDhswukJI0fSZtk70tDmr37VdkaMuZnPAe9DCcbDy9K3FuJCgLiQ==

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 263 KB
92 KB 653ms
94ms Script
application/javascript 172.217.194.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-TDCC7GQ

Requested by

Host: www.prothomalo.com
URL: https://www.prothomalo.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.194.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

si-in-f97.1e100.net

Software

Google Tag Manager /

Resource Hash

e382d461762647474c1077962be9a22e01f837871e43317fdcb0bcf72b969ca7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.prothomalo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 23:31:30 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 93743
x-xss-protection: 0
last-modified: Tue, 03 Oct 2023 23:12:30 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 03 Oct 2023 23:31:30 GMT

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ 98 KB
29 KB 658ms
99ms Script
text/javascript 74.125.130.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: www.prothomalo.com
URL: https://www.prothomalo.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.130.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sb-in-f155.1e100.net

Software

cafe /

Resource Hash

42e82cf90b5a9ee0cc3e31c5a048b9523cb64ddbb6046ac1f93c365a58948f61

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.prothomalo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 23:31:30 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29422
x-xss-protection: 0
server: cafe
etag: 193 / 19633 / 31078458 / config-hash: 18346230598739657090
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Tue, 03 Oct 2023 23:31:30 GMT

GET
H2 200 chartbeat.js Show response
static.chartbeat.com/js/ 37 KB
15 KB 766ms
125ms Script
application/x-javascript 13.33.97.213
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.chartbeat.com/js/chartbeat.js
Requested by: Host: www.prothomalo.com
URL: https://www.prothomalo.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.33.97.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-33-97-213.sin2.r.cloudfront.net
Software: nginx /
Resource Hash: 2241d391f10f461a915b6ef47bc0c8103bf0e7289aff47e1bcfed5ff2a84d119

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.prothomalo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 17:02:31 GMT
content-encoding: gzip
via: 1.1 26d217ae6e701acdff710e730b58288a.cloudfront.net (CloudFront)
last-modified: Wed, 09 Aug 2023 00:45:38 GMT
server: nginx
x-amz-cf-pop: SIN2-P2
age: 23340
etag: W/"64d2e1b2-94a1"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/x-javascript
cache-control: max-age=86400
cross-origin-resource-policy: cross-origin
x-amz-cf-id: e6HT5kmdgB-KBX3xGeqjPAqnHhARW2k9S4dkSZi4WTRAk7iYRcMf5A==
expires: Wed, 04 Oct 2023 17:02:31 GMT

GET
H2 200 chartbeat_mab.js Show response
static.chartbeat.com/js/ 23 KB
10 KB 767ms
126ms Script
application/x-javascript 13.33.97.213
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.chartbeat.com/js/chartbeat_mab.js
Requested by: Host: www.prothomalo.com
URL: https://www.prothomalo.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.33.97.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-33-97-213.sin2.r.cloudfront.net
Software: nginx /
Resource Hash: cb83af0eec1fb71fb35196225c4a4a8964b7e47b52f9a85679c808907abd2b09

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.prothomalo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 16:57:43 GMT
content-encoding: gzip
via: 1.1 26d217ae6e701acdff710e730b58288a.cloudfront.net (CloudFront)
last-modified: Wed, 28 Jun 2023 00:37:14 GMT
server: nginx
x-amz-cf-pop: SIN2-P2
age: 23627
etag: W/"649b80ba-5df1"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/x-javascript
cache-control: max-age=86400
cross-origin-resource-policy: cross-origin
x-amz-cf-id: bp4_12_vOqMejht2MbweclECFpJHutH_o_zHM0_qXG8WWel2Hu2Tmg==
expires: Wed, 04 Oct 2023 16:57:43 GMT

GET
H2 200 sprite-[fullhash].svg
www.prothomalo.com/prothomalo/assets/ 451 KB
154 KB 112ms
111ms Other
image/svg+xml 104.17.160.183
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.prothomalo.com/prothomalo/assets/sprite-[fullhash].svg
Requested by: Host: www.prothomalo.com
URL: https://www.prothomalo.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.17.160.183 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 9728dabf68e4955252ce4782725e59edccde8367f601e9df4aa6d71aca936f75

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.prothomalo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 23:31:30 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 02 Oct 2023 13:13:17 GMT
server: cloudflare
age: 122454
etag: W/"70a13-18af08585c8"
x-powered-by: Express
vary: Accept-Encoding, Accept-Encoding
content-type: image/svg+xml
cache-control: public,max-age=31104000
cf-ray: 8108faa2fa38405a-SIN

GET
H2 200 icc-worldcup-2023-countdown Show response
www.prothomalo.com/ Frame 5105 6 KB
2 KB 110ms
109ms Document
text/html 104.17.160.183
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.prothomalo.com/icc-worldcup-2023-countdown?v=2.0

Requested by

Host: www.prothomalo.com
URL: https://www.prothomalo.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.160.183 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

52d4949b49c03282d1c1646ded989351384907e12c09de11dd0f46a203fdee87

Security Headers

Name

Value

Content-Security-Policy

Request headers

Referer: https://www.prothomalo.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

age: 1114
cache-control: public,max-age=15
cf-cache-status: HIT
cf-ray: 8108fa9e0ea4405a-SIN
content-encoding: br
content-security-policy: default-src data: 'unsafe-inline' 'unsafe-eval' https: http:;script-src data: 'unsafe-inline' 'unsafe-eval' https: http: blob:;style-src data: 'unsafe-inline' https: http: blob:;img-src data: https: http: blob:;font-src data: https: http:;connect-src https: wss: ws: http: blob:;media-src https: blob: http:;object-src https: http:;child-src https: data: blob: http:;form-action https: http:;block-all-mixed-content; report-to gumlet-nel
content-type: text/html; charset=utf-8
date: Tue, 03 Oct 2023 23:31:29 GMT
server: cloudflare
vary: Accept-Encoding
x-powered-by: Express

GET
H2 200 Konka.html Show response
s0.2mdn.net/dfp/366178/71454658/1696158704200/ Frame C6E9 4 KB
2 KB 650ms
89ms Document
text/html 172.217.194.148
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/dfp/366178/71454658/1696158704200/Konka.html

Requested by

Host: www.prothomalo.com
URL: https://www.prothomalo.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.194.148 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

si-in-f148.1e100.net

Software

sffe /

Resource Hash

0bc2177b4033931983971e4d5c2e669935f61e6d2d9fbda833e9d755d35ffb41

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.prothomalo.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 41043
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: gzip
content-length: 1381
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Tue, 03 Oct 2023 12:07:27 GMT
expires: Wed, 04 Oct 2023 12:07:27 GMT
last-modified: Sun, 01 Oct 2023 11:11:44 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ 26 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

accept-language: zh-SG,zh;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Content-Type: image/gif

GET
H2 200 media-placeholder.svg
www.prothomalo.com/ 407 B
426 B 115ms
115ms Image
image/svg+xml 104.17.160.183
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.prothomalo.com/media-placeholder.svg
Requested by: Host: www.prothomalo.com
URL: https://www.prothomalo.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.17.160.183 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 6341ebb09b6a324905528948cc0801166ef161f27e6bc19d78dedfb4cd5d8f53

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.prothomalo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 23:31:29 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 02 Oct 2023 18:46:00 GMT
server: cloudflare
age: 1770
etag: W/"197-18af1b62240"
x-powered-by: Express
vary: Accept-Encoding, Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=3600
cf-ray: 8108fa9e6ed3405a-SIN

GET
H2 200 countdown_logo_80x80.svg
images.prothomalo.com/prothomalo-bangla/2023-09/7ec4f7a9-8300-4a5e-833a-f39dade06396/ Frame 5105 11 KB
5 KB 698ms
90ms Image
image/svg+xml 13.227.254.67
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.prothomalo.com/prothomalo-bangla/2023-09/7ec4f7a9-8300-4a5e-833a-f39dade06396/countdown_logo_80x80.svg

Requested by

Host: www.prothomalo.com
URL: https://www.prothomalo.com/icc-worldcup-2023-countdown?v=2.0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.227.254.67 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-227-254-67.sin52.r.cloudfront.net

Software

Resource Hash

af8c8e3f145a8b140f7286b67ee712ff542d600f224892f9ef1241a97efc4378

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.prothomalo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

x-gumlet-pc: HIT
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Sat, 30 Sep 2023 11:39:12 GMT
content-encoding: br
nel: {"report_to": "gumlet-nel", "max_age": 604800, "success_fraction": 0.005, "include_subdomains":true, "failure_fraction":1.0 }
x-gumlet-reqid: 651808df82759f9d4f886744
via: 1.1 e7cd1f6615dc010d7043e73d81dddfca.cloudfront.net (CloudFront)
x-amz-cf-pop: SIN52-C3
age: 301938
x-cache: Hit from cloudfront
x-gumlet-runtime: 1.367
alt-svc: h3=":443"; ma=86400
reporting-endpoints: gumlet-nel="https://nel.gumlytics.com/report", default="https://nel.gumlytics.com/report"
surrogate-key: images.prothomalo.com 2023-09-30
etag: W/"1j58tm4diu3by"
access-control-max-age: 3600
report-to: {"group": "gumlet-nel", "max_age": 604800, "endpoints": [{"url": "https://nel.gumlytics.com/report"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=8640000, s-maxage=31536000, stale-while-revalidate=86400, stale-if-error=86400
vary: Accept-Encoding,accept
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
x-amz-cf-id: VXMAMr_wtcxpYXI7dc1Zqj4z_W_awN2u9tsb9mDfMK3Isp83BgcySQ==

GET
H2 200 61a71ead19398fba5514eb0ef83d600c.js Show response
clientcdn.pushengage.com/core/ 117 KB
28 KB 696ms
125ms Script
application/javascript 138.199.46.68
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://clientcdn.pushengage.com/core/61a71ead19398fba5514eb0ef83d600c.js
Requested by: Host: www.prothomalo.com
URL: https://www.prothomalo.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 138.199.46.68 , Singapore, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: 138-199-46-68.bunnyinfra.net
Software: BunnyCDN-SG1-868 /
Resource Hash: 8568c364b37218ae81f7a9e3e6ed5508dd43ac428cc317bfcb4a937e7dd19d2e

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.prothomalo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 23:31:30 GMT
content-encoding: br
cdn-edgestorageid: 868
cdn-cachedat: 10/03/2023 23:28:50
cdn-pullzone: 1148540
server: BunnyCDN-SG1-868
cdn-proxyver: 1.04
cdn-requestpullcode: 200
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: efcab737-66db-4b75-ab55-ed485d5a01dd
cache-control: public, max-age=180
cdn-requestid: 9cccddc5df53dbf4af2cf094cfc6cfde
cdn-requestcountrycode: SG
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 push-engage-notifications Show response
www.prothomalo.com/feapi/ 4 KB
1 KB 106ms
104ms Fetch
application/json 104.17.160.183
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.prothomalo.com/feapi/push-engage-notifications?limit=4&offset=0
Requested by: Host: assets.prothomalo.com
URL: https://assets.prothomalo.com/prothomalo/assets/app-244c18bb62877830af03.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.17.160.183 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: fa37b886ccd6d0bf44d6673f2cfabab3632bda7533df18e697d0be287cd19edb

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.prothomalo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 23:31:29 GMT
content-encoding: br
cf-cache-status: HIT
server: cloudflare
age: 1068
etag: W/"1162-/54ci4JfvJitkgORuvfoVBP2BNY"
x-powered-by: Express
vary: Accept-Encoding
content-type: application/json; charset=utf-8
cache-control: public,max-age=300
cf-ray: 8108faa00f9a405a-SIN

GET
H2 401 me Show response
www.prothomalo.com/api/auth/v1/users/ 88 B
283 B 135ms
135ms Fetch
application/json 104.17.160.183
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.prothomalo.com/api/auth/v1/users/me
Requested by: Host: assets.prothomalo.com
URL: https://assets.prothomalo.com/prothomalo/assets/app-244c18bb62877830af03.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.17.160.183 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 5a53bd809148848fde30b8db880140871617d0578315c248809aeba7f9fc4394

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.prothomalo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 23:31:29 GMT
cf-cache-status: HIT
server: cloudflare
age: 125
etag: W/"58-uS15+uOzP/S5U2pZlddWF93o+RE"
x-powered-by: Express
vary: Accept-Encoding
content-type: application/json; charset=utf-8
cache-control: public,max-age=0
cf-ray: 8108faa02fac405a-SIN
qt-trace-id: c1ab2929-487e-49a5-a7f0-3427f7f22823
content-length: 88

GET
H2 200 breaking-news.php Show response
services.prothomalo.com/breaking-news/ 328 B
538 B 458ms
206ms XHR
application/json 104.17.159.183
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://services.prothomalo.com/breaking-news/breaking-news.php
Requested by: Host: assets.prothomalo.com
URL: https://assets.prothomalo.com/prothomalo/assets/app-244c18bb62877830af03.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.17.159.183 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/8.1.8
Resource Hash: 5e125fc69969ce23624fbd93a1afd9f991eefe988bcc61f6713a8c7e4e14d2b5

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.prothomalo.com/
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 03 Oct 2023 23:31:30 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Tue, 03 Oct 2023 23:31:30 GMT
server: cloudflare
x-powered-by: PHP/8.1.8
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://www.prothomalo.com
cache-control: max-age=0, no-cache, no-store, public
cf-ray: 8108faa1ea7149c6-SIN
expires: Wed, 11 Jan 1984 05:00:00 GMT

GET
H2 200 7334-244c18bb62877830af03.js Show response
assets.prothomalo.com/prothomalo/assets/ 30 KB
9 KB 113ms
112ms Script
application/javascript 104.17.160.183
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.prothomalo.com/prothomalo/assets/7334-244c18bb62877830af03.js
Requested by: Host: assets.prothomalo.com
URL: https://assets.prothomalo.com/prothomalo/assets/app-244c18bb62877830af03.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.17.160.183 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4b877185693df2040a5780ea733af43bfc78913549f4307010d27842ccc33e18

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.prothomalo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 23:31:30 GMT
via: 1.1 fe1f71a38555d37376d318601a210ec4.cloudfront.net (CloudFront)
content-encoding: br
cf-cache-status: HIT
x-amz-version-id: P1Emg45ZUoVhPmSYUT64RBSixHxu0cl3
age: 102686
x-amz-cf-pop: SIN52-P1
cf-polished: origSize=30810
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Mon, 02 Oct 2023 18:57:48 GMT
cf-bgj: minify
server: cloudflare
etag: W/"15acdcb3dd73a4cd2b64961f85cced53"
vary: Accept-Encoding
access-control-allow-methods: HEAD, PUT, POST, GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000,public
cf-ray: 8108faa2fa3a405a-SIN
x-amz-cf-id: 6KbQ6EDlDAzK6dErtNTrUEARrXPLFPJBHT93srJJbEfeB66gu1w1UA==

GET
H2 200 qtc-react-youtube-244c18bb62877830af03.js Show response
assets.prothomalo.com/prothomalo/assets/ 18 KB
7 KB 112ms
108ms Script
application/javascript 104.17.160.183
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.prothomalo.com/prothomalo/assets/qtc-react-youtube-244c18bb62877830af03.js
Requested by: Host: assets.prothomalo.com
URL: https://assets.prothomalo.com/prothomalo/assets/app-244c18bb62877830af03.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.17.160.183 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 936d79103502368d2d4429ae22130eb9266ee88fae65db5e2990e00c025a65e1

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.prothomalo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 23:31:30 GMT
via: 1.1 574ab88ff85f4ad30dd2d3a36c2bab20.cloudfront.net (CloudFront)
content-encoding: br
cf-cache-status: HIT
x-amz-version-id: Xw52v7jxdoT0yG7FTC9RL0sRTUCPqoDF
age: 102686
x-amz-cf-pop: SIN52-P1
cf-polished: origSize=18626
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Mon, 02 Oct 2023 18:58:04 GMT
cf-bgj: minify
server: cloudflare
etag: W/"c824276678018f476d3e3f7475cf885d"
vary: Accept-Encoding
access-control-allow-methods: HEAD, PUT, POST, GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000,public
cf-ray: 8108faa3aaf0405a-SIN
x-amz-cf-id: 35F-195eJi_YUV2BNxNxnPU_3Z04-aeJJRYwL4fBw1CWXiJGfqSf_A==

GET
H2 200 6336-244c18bb62877830af03.js Show response
assets.prothomalo.com/prothomalo/assets/ 13 KB
5 KB 111ms
111ms Script
application/javascript 104.17.160.183
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.prothomalo.com/prothomalo/assets/6336-244c18bb62877830af03.js
Requested by: Host: assets.prothomalo.com
URL: https://assets.prothomalo.com/prothomalo/assets/app-244c18bb62877830af03.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.17.160.183 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8cc7dc2808c266f0e89546d6fd550889015f0cb4133a292b30bfaaf256e3c02c

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.prothomalo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 23:31:30 GMT
via: 1.1 38f7a6091a95b3808d7a0f553df4fd56.cloudfront.net (CloudFront)
content-encoding: br
cf-cache-status: HIT
x-amz-version-id: wsrgiAaGw9sagxW2ay727S0CfbCNUCTl
age: 12308
x-amz-cf-pop: SIN52-P1
cf-polished: origSize=13702
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Mon, 02 Oct 2023 18:57:48 GMT
cf-bgj: minify
server: cloudflare
etag: W/"587af05ed591a95aa244e506ab6104f3"
vary: Accept-Encoding
access-control-allow-methods: HEAD, PUT, POST, GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000,public
cf-ray: 8108faa45b42405a-SIN
x-amz-cf-id: nsCCE3is65TPAM2xy3oUHsXY9qvYFkZBcH7X5bo1MQBbfhEeLezTfQ==

GET
H2 200 347-244c18bb62877830af03.js Show response
assets.prothomalo.com/prothomalo/assets/ 29 KB
10 KB 102ms
102ms Script
application/javascript 104.17.160.183
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.prothomalo.com/prothomalo/assets/347-244c18bb62877830af03.js
Requested by: Host: assets.prothomalo.com
URL: https://assets.prothomalo.com/prothomalo/assets/app-244c18bb62877830af03.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.17.160.183 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b71a015cd7c07d07363f84e507c64fb8da80673e4314f2adba5b26c7f458c2de

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.prothomalo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 23:31:30 GMT
via: 1.1 d4555cc532101371fed7b03db24c29be.cloudfront.net (CloudFront)
content-encoding: br
cf-cache-status: HIT
x-amz-version-id: h5kMUOhCgcbHy1npUXrinxwiZHbu2xBU
age: 1207
x-amz-cf-pop: SIN52-P1
cf-polished: origSize=29403
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Mon, 02 Oct 2023 18:57:48 GMT
cf-bgj: minify
server: cloudflare
etag: W/"409203ef6627eddad7787d0d1a6c65d9"
vary: Accept-Encoding
access-control-allow-methods: HEAD, PUT, POST, GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000,public
cf-ray: 8108faa50b9b405a-SIN
x-amz-cf-id: VD7Wert0XpRlkcDddPxPAiYMOxLN-7thHYsSVvUpGGs-zaefGCNndA==

GET
H2 200 3994-bad88cb07a5212014891.css
assets.prothomalo.com/prothomalo/assets/ 100 KB
20 KB 133ms
130ms Stylesheet
text/css 104.17.160.183
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.prothomalo.com/prothomalo/assets/3994-bad88cb07a5212014891.css
Requested by: Host: assets.prothomalo.com
URL: https://assets.prothomalo.com/prothomalo/assets/app-244c18bb62877830af03.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.17.160.183 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9ef4227b11c0c2caef3e2e3e16e3462de0c6847c26d06ac351d86e6e434c08c6

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.prothomalo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 23:31:29 GMT
via: 1.1 d9afbb25777f4a3d5e4f6ee69980e69e.cloudfront.net (CloudFront)
content-encoding: br
cf-cache-status: HIT
x-amz-version-id: bAXR0oazl6CtDcYjlwNFKYLb6lzHpp7a
age: 121569
x-amz-cf-pop: HKG62-C2
cf-polished: origSize=102240
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
last-modified: Mon, 02 Oct 2023 13:43:29 GMT
cf-bgj: minify
server: cloudflare
etag: W/"566d7e2be06b2ffe8a76d5eaaca87717"
vary: Accept-Encoding
access-control-allow-methods: HEAD, PUT, POST, GET
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31536000,public
cf-ray: 8108faa04fe1405a-SIN
x-amz-cf-id: 7n_hgl0v4cAP4b6SwQd6mLE1RMtPkIIMsGcRwgRgiW4guFpToGVu9w==

GET
H2 200 3994-244c18bb62877830af03.js Show response
assets.prothomalo.com/prothomalo/assets/ 88 KB
26 KB 109ms
109ms Script
application/javascript 104.17.160.183
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.prothomalo.com/prothomalo/assets/3994-244c18bb62877830af03.js
Requested by: Host: assets.prothomalo.com
URL: https://assets.prothomalo.com/prothomalo/assets/app-244c18bb62877830af03.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.17.160.183 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2a9c24236b6649e9aa9b3d315b0971ed0506ae1c23e476ea93e3c11483395396

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.prothomalo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 23:31:30 GMT
via: 1.1 33e34fa0e388cd08b1ada7f8b2f1654c.cloudfront.net (CloudFront)
content-encoding: br
cf-cache-status: HIT
x-amz-version-id: pld8cFhmwMCDxJSms0yMQQQ2MOANXvb.
age: 102706
x-amz-cf-pop: SIN52-P1
cf-polished: origSize=90294
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
last-modified: Mon, 02 Oct 2023 18:57:48 GMT
cf-bgj: minify
server: cloudflare
etag: W/"84bd0fcd012660ec2693b1c03f895d9c"
vary: Accept-Encoding
access-control-allow-methods: HEAD, PUT, POST, GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000,public
cf-ray: 8108faa5bbe6405a-SIN
x-amz-cf-id: 9xOAa1zXTXufeqmg8Sghy-hV3QjcNOJO-Kk_bzFriqwi1ktIOq-55A==

GET
H2 200 home-b66ebc11cf42442a7381.css
assets.prothomalo.com/prothomalo/assets/ 2 KB
961 B 133ms
130ms Stylesheet
text/css 104.17.160.183
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.prothomalo.com/prothomalo/assets/home-b66ebc11cf42442a7381.css
Requested by: Host: assets.prothomalo.com
URL: https://assets.prothomalo.com/prothomalo/assets/app-244c18bb62877830af03.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.17.160.183 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c49e6e2c2039d3ca00665d52f8fd7f4b87bb16ec3d3ab8ebeb6a8d48ee197138

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.prothomalo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 23:31:29 GMT
via: 1.1 d9b92c8e025d0ae3b9e15cd61fa52236.cloudfront.net (CloudFront)
content-encoding: br
cf-cache-status: HIT
x-amz-version-id: _VgSmonHHaAmFVnPdWSw49aSRbfZ77.7
age: 848
x-amz-cf-pop: SIN52-P1
cf-polished: origSize=2107
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Wed, 27 Sep 2023 13:27:41 GMT
cf-bgj: minify
server: cloudflare
etag: W/"e09fbc5d675e2584e9ee4357be8ead43"
vary: Accept-Encoding
access-control-allow-methods: HEAD, PUT, POST, GET
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31536000,public
cf-ray: 8108faa04fe3405a-SIN
x-amz-cf-id: ufoXjZatUoLZh_xQ_tKDqSnnCQuHZgOX0DdQpWi9oXsljFPBbQcTFQ==

GET
H2 200 home-244c18bb62877830af03.js Show response
assets.prothomalo.com/prothomalo/assets/ 2 KB
1 KB 106ms
106ms Script
application/javascript 104.17.160.183
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.prothomalo.com/prothomalo/assets/home-244c18bb62877830af03.js
Requested by: Host: assets.prothomalo.com
URL: https://assets.prothomalo.com/prothomalo/assets/app-244c18bb62877830af03.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.17.160.183 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9b6a4a311672bca5e545ddb6f67847e8e79af72d5d5ecc57ac657072148b9f7c

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.prothomalo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 23:31:30 GMT
via: 1.1 1b42f8a12f90ea0a7f04e17b988d6830.cloudfront.net (CloudFront)
content-encoding: br
cf-cache-status: HIT
x-amz-version-id: hY0OgEu.AYF0qBRsOgYT9gdItRzQgdZ4
age: 12489
x-amz-cf-pop: SIN52-P1
cf-polished: origSize=2261
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Mon, 02 Oct 2023 18:57:59 GMT
cf-bgj: minify
server: cloudflare
etag: W/"ae9b8f2e69ca791c3d9fa58becf84a77"
vary: Accept-Encoding
access-control-allow-methods: HEAD, PUT, POST, GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000,public
cf-ray: 8108faa66c2f405a-SIN
x-amz-cf-id: cbKF9OlVLZuJoHXH9G1yr9ZDDWH4vFdkl99mBRaVH-R3d49gSMtEvw==

GET
H2 200 ShurjoWeb_700_v2-72cba63e779d86520525.woff
assets.prothomalo.com/prothomalo/assets/ Frame 5105 188 KB
186 KB 368ms
230ms Font
application/font-woff 104.17.159.183
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.prothomalo.com/prothomalo/assets/ShurjoWeb_700_v2-72cba63e779d86520525.woff
Requested by: Host: www.prothomalo.com
URL: https://www.prothomalo.com/icc-worldcup-2023-countdown?v=2.0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.17.159.183 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ccc182dae1a916e8cba6bebc599219af44c4133c7687308735e326875d7330b0

Request headers

Referer: https://www.prothomalo.com/
Origin: https://www.prothomalo.com
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 23:31:30 GMT
via: 1.1 5e28bc713b3439ab2d031400bb99f2a0.cloudfront.net (CloudFront)
content-encoding: br
cf-cache-status: HIT
x-amz-version-id: ZmXt8w6e_Lmb7LMjtoQLPodg.lIJGp4B
age: 301939
x-amz-cf-pop: SIN52-P1
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Wed, 26 Oct 2022 13:37:00 GMT
server: cloudflare
etag: W/"72cba63e779d86520525b191a4c67f06"
vary: Accept-Encoding
access-control-allow-methods: HEAD, PUT, POST, GET
content-type: application/font-woff
access-control-allow-origin: *
cache-control: max-age=31536000,public
cf-ray: 8108faa119f049c6-SIN
x-amz-cf-id: uptktqtY1dQi7-XidsqRQYPwMFm7JEwa5Cp0AY8HfbV39nCHxbr5fQ==

GET
H2 200 qlitics.js Show response
www.prothomalo.com/ 12 KB
5 KB 106ms
106ms Script
application/javascript 104.17.160.183
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.prothomalo.com/qlitics.js
Requested by: Host: assets.prothomalo.com
URL: https://assets.prothomalo.com/prothomalo/assets/app-244c18bb62877830af03.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.17.160.183 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 5f697851ced78ae87d2653ef23f5319021ba5ef0ba950de17934dcc83be6eaa5

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.prothomalo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 23:31:31 GMT
via: 1.1 varnish (Varnish/6.3)
content-encoding: br
cf-cache-status: HIT
age: 282
cf-polished: origSize=12786
x-powered-by: Express
x-cache: HIT
qt-trace-id: dcc4ee8d-fb5c-4bc8-a285-3ee95724b764
last-modified: Tue, 03 Oct 2023 23:26:49 GMT
cf-bgj: minify
server: cloudflare
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
x-varnish: 136196924 136287147
cache-control: public,max-age=60
cf-ray: 8108faa70c80405a-SIN
x-hitcount: 52

GET
H2 200 style.css
s0.2mdn.net/dfp/366178/71454658/1696158704200/scripts/ Frame C6E9 12 KB
3 KB 94ms
92ms Stylesheet
text/css 172.217.194.148
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/dfp/366178/71454658/1696158704200/scripts/style.css

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/dfp/366178/71454658/1696158704200/Konka.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.194.148 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

si-in-f148.1e100.net

Software

sffe /

Resource Hash

c292e27b65e4f67ac53702c14e5f08403b16f94efb2709425a93503621bef6f8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://s0.2mdn.net/dfp/366178/71454658/1696158704200/Konka.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 12:07:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 41043
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3068
x-xss-protection: 0
last-modified: Sun, 01 Oct 2023 11:11:44 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 04 Oct 2023 12:07:27 GMT

GET
H2 200 jquery.js Show response
s0.2mdn.net/dfp/366178/71454658/1696158704200/scripts/ Frame C6E9 94 KB
33 KB 95ms
94ms Script
text/javascript 172.217.194.148
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/dfp/366178/71454658/1696158704200/scripts/jquery.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/dfp/366178/71454658/1696158704200/Konka.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.194.148 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

si-in-f148.1e100.net

Software

sffe /

Resource Hash

2ecd295d295bec062cedebe177e54b9d6b19fc0a841dc5c178c654c9ccff09c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://s0.2mdn.net/dfp/366178/71454658/1696158704200/Konka.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 12:07:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 41043
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 33282
x-xss-protection: 0
last-modified: Sun, 01 Oct 2023 11:11:44 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 04 Oct 2023 12:07:27 GMT

GET
H2 200 ac.jpg
s0.2mdn.net/dfp/366178/71454658/1696158704200/images/ Frame C6E9 43 KB
43 KB 91ms
90ms Image
image/jpeg 172.217.194.148
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dfp/366178/71454658/1696158704200/images/ac.jpg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/dfp/366178/71454658/1696158704200/Konka.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.194.148 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

si-in-f148.1e100.net

Software

sffe /

Resource Hash

e40f8efc0a85fbc3d75b87bea79389b13563d7137b4a2c66c946d55e6e7c77e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://s0.2mdn.net/dfp/366178/71454658/1696158704200/Konka.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 12:07:27 GMT
x-content-type-options: nosniff
age: 41043
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 44169
x-xss-protection: 0
last-modified: Sun, 01 Oct 2023 11:11:44 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 04 Oct 2023 12:07:27 GMT

GET
H2 200 ref.jpg
s0.2mdn.net/dfp/366178/71454658/1696158704200/images/ Frame C6E9 61 KB
61 KB 97ms
97ms Image
image/jpeg 172.217.194.148
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dfp/366178/71454658/1696158704200/images/ref.jpg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/dfp/366178/71454658/1696158704200/Konka.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.194.148 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

si-in-f148.1e100.net

Software

sffe /

Resource Hash

bc474cbf59524f45c4dc7ee090356a97f70c9e9f6da606c3975291fdf2d631f0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://s0.2mdn.net/dfp/366178/71454658/1696158704200/Konka.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 12:07:27 GMT
x-content-type-options: nosniff
age: 41043
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 62097
x-xss-protection: 0
last-modified: Sun, 01 Oct 2023 11:11:44 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 04 Oct 2023 12:07:27 GMT

GET
H2 200 tv.jpg
s0.2mdn.net/dfp/366178/71454658/1696158704200/images/ Frame C6E9 53 KB
53 KB 97ms
97ms Image
image/jpeg 172.217.194.148
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dfp/366178/71454658/1696158704200/images/tv.jpg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/dfp/366178/71454658/1696158704200/Konka.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.194.148 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

si-in-f148.1e100.net

Software

sffe /

Resource Hash

ff332c36f300b90caa7263cfffde76d53ff8fdc2fb7a1814dd86d851ab15412c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://s0.2mdn.net/dfp/366178/71454658/1696158704200/Konka.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 12:07:27 GMT
x-content-type-options: nosniff
age: 41043
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 54481
x-xss-protection: 0
last-modified: Sun, 01 Oct 2023 11:11:44 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 04 Oct 2023 12:07:27 GMT

GET
H2 200 script2.js Show response
s0.2mdn.net/dfp/366178/71454658/1696158704200/scripts/ Frame C6E9 25 KB
9 KB 97ms
94ms Script
text/javascript 172.217.194.148
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/dfp/366178/71454658/1696158704200/scripts/script2.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/dfp/366178/71454658/1696158704200/Konka.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.194.148 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

si-in-f148.1e100.net

Software

sffe /

Resource Hash

15bea519c8a27c004c6314a13b63d8c289331198a31912c12f494d47ab02d211

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://s0.2mdn.net/dfp/366178/71454658/1696158704200/Konka.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 12:07:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 41043
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9275
x-xss-protection: 0
last-modified: Sun, 01 Oct 2023 11:11:44 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 04 Oct 2023 12:07:27 GMT

GET
H2 200 script.js Show response
s0.2mdn.net/dfp/366178/71454658/1696158704200/scripts/ Frame C6E9 4 KB
2 KB 94ms
93ms Script
text/javascript 172.217.194.148
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/dfp/366178/71454658/1696158704200/scripts/script.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/dfp/366178/71454658/1696158704200/Konka.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.194.148 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

si-in-f148.1e100.net

Software

sffe /

Resource Hash

c0cf54b9ee37d8daba9e49cf911dd15b9c8792c464ab98b99a9c375c52713c58

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://s0.2mdn.net/dfp/366178/71454658/1696158704200/Konka.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 12:07:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 41043
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1748
x-xss-protection: 0
last-modified: Sun, 01 Oct 2023 11:11:44 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 04 Oct 2023 12:07:27 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame C6E9 1 KB
876 B 651ms
91ms Stylesheet
text/css 64.233.170.95
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=PT+Sans&subset=latin,latin-ext

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/dfp/366178/71454658/1696158704200/scripts/style.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

64.233.170.95 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sg-in-f95.1e100.net

Software

ESF /

Resource Hash

3f738b79bf2aa1b06deee833b82d393f874dcf376116f0bd4ac23a8e55c0b473

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 03 Oct 2023 23:31:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 03 Oct 2023 23:23:01 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 03 Oct 2023 23:31:30 GMT

GET
DATA 200
OK truncated
/ 58 B
0 Image
image/webp

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: fef5a41be1b827a1729f19bcd123a57ee3f2cb8dc9074fffa4ab5b807f503514

Request headers

accept-language: zh-SG,zh;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Content-Type: image/webp

GET
H2 200 prothomalo-bangla%2F2023-10%2F2f3790a8-ee66-4dee-a752-00f5a5091920%2FUntitled_2.jpg
images.prothomalo.com/ 12 KB
13 KB 1076ms
1073ms Image
image/webp 13.227.254.67
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.prothomalo.com/prothomalo-bangla%2F2023-10%2F2f3790a8-ee66-4dee-a752-00f5a5091920%2FUntitled_2.jpg?rect=53%2C0%2C540%2C360&w=320&dpr=1.0

Requested by

Host: www.prothomalo.com
URL: https://www.prothomalo.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.227.254.67 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-227-254-67.sin52.r.cloudfront.net

Software

Resource Hash

2a595e907f0fdf1cef3c33761c4f0e48f5b464f00a3cbeb7a81ce7aeebe3a9d3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.prothomalo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

x-gumlet-pc: HIT
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 03 Oct 2023 23:31:31 GMT
via: 1.1 e7cd1f6615dc010d7043e73d81dddfca.cloudfront.net (CloudFront)
nel: {"report_to": "gumlet-nel", "max_age": 604800, "success_fraction": 0.005, "include_subdomains":true, "failure_fraction":1.0 }
x-gumlet-reqid: 651ca453f746eba30a77eabd
x-amz-cf-pop: SIN52-C3
x-cache: Miss from cloudfront
x-gumlet-runtime: 0.008
alt-svc: h3=":443"; ma=86400
content-length: 12258
reporting-endpoints: gumlet-nel="https://nel.gumlytics.com/report", default="https://nel.gumlytics.com/report"
surrogate-key: images.prothomalo.com 2023-10-03
etag: "2ffn7g3g932l6"
access-control-max-age: 3600
report-to: {"group": "gumlet-nel", "max_age": 604800, "endpoints": [{"url": "https://nel.gumlytics.com/report"}]}
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=8640000, s-maxage=31536000, stale-while-revalidate=86400, stale-if-error=86400
vary: accept
accept-ranges: bytes
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
x-amz-cf-id: 381I2gYdGvP7hgaib6bfNSBwIkfENoeg4ynwmdX0l3gxvVuebh0erQ==

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/10906162232/ 3 KB
1 KB 670ms
102ms Script
text/javascript 172.217.194.156
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/10906162232/?random=1696375890508&cv=11&fst=1696375890508&bg=ffffff&guid=ON&async=1&gtm=45He3a20&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.prothomalo.com%2F&hn=www.googleadservices.com&frm=0&tiba=%E0%A6%AA%E0%A7%8D%E0%A6%B0%E0%A6%A5%E0%A6%AE%20%E0%A6%86%E0%A6%B2%E0%A7%8B%20%7C%20%E0%A6%AC%E0%A6%BE%E0%A6%82%E0%A6%B2%E0%A6%BE%20%E0%A6%A8%E0%A6%BF%E0%A6%89%E0%A6%9C%20%E0%A6%AA%E0%A7%87%E0%A6%AA%E0%A6%BE%E0%A6%B0&auid=2089260866.1696375891&uamb=0&uaw=0&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TDCC7GQ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.194.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

si-in-f156.1e100.net

Software

cafe /

Resource Hash

387f9121bf29068d0183fab6596ef834dfb3aaa9d8dda29c53930fa32a09c9d7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.prothomalo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 03 Oct 2023 23:31:31 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1352
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/10906162232/ 3 KB
2 KB 632ms
100ms Script
text/javascript 172.217.194.156
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/10906162232/?random=1696375890513&cv=11&fst=1696375890513&bg=ffffff&guid=ON&async=1&gtm=45He3a20&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.prothomalo.com%2F&label=rcK5CO2BquYDELiou9Ao&hn=www.googleadservices.com&frm=0&tiba=%E0%A6%AA%E0%A7%8D%E0%A6%B0%E0%A6%A5%E0%A6%AE%20%E0%A6%86%E0%A6%B2%E0%A7%8B%20%7C%20%E0%A6%AC%E0%A6%BE%E0%A6%82%E0%A6%B2%E0%A6%BE%20%E0%A6%A8%E0%A6%BF%E0%A6%89%E0%A6%9C%20%E0%A6%AA%E0%A7%87%E0%A6%AA%E0%A6%BE%E0%A6%B0&auid=2089260866.1696375891&uamb=0&uaw=0&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TDCC7GQ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.194.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

si-in-f156.1e100.net

Software

cafe /

Resource Hash

e5045224ef7497644ef5872877e59a258bd04ea44d79d30f4f2c158e327b2a18

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.prothomalo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 03 Oct 2023 23:31:31 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1403
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 254 KB
87 KB 97ms
96ms Script
application/javascript 172.217.194.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-C4T51Z1NR8&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TDCC7GQ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.194.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

si-in-f97.1e100.net

Software

Google Tag Manager /

Resource Hash

ef21f8c3d0261e99bd9ecf51f91848eea7b7479c4c63631b1e3d1991a771517a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.prothomalo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 23:31:31 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 88675
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 03 Oct 2023 23:31:31 GMT

GET
DATA 200
OK truncated
/ Frame C6E9 341 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 369bcbb217060d47352b6c4b05408b139a2ba65a84d45db476a2ba80c83d2c12

Request headers

accept-language: zh-SG,zh;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309280101/ 413 KB
131 KB 653ms
87ms Script
text/javascript 74.125.68.157
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309280101/pubads_impl.js?cb=31078458

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.68.157 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sc-in-f157.1e100.net

Software

cafe /

Resource Hash

51b5ae1f0ff10c4595493fa2d4edb2c308f97976be783ed5d7d962a8d81606d1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.prothomalo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 10:47:46 GMT
content-encoding: br
x-content-type-options: nosniff
age: 45825
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 133452
x-xss-protection: 0
server: cafe
etag: 5291400228273913750
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Wed, 02 Oct 2024 10:47:46 GMT

GET
H2 200 palo-home.html Show response
www.prothomalo.com/widgets/muktijuddho-50/ Frame 3B2A 1 KB
865 B 397ms
396ms Document
text/html 104.17.160.183
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.prothomalo.com/widgets/muktijuddho-50/palo-home.html?v=1.0
Requested by: Host: assets.prothomalo.com
URL: https://assets.prothomalo.com/prothomalo/assets/app-244c18bb62877830af03.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.17.160.183 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 4953dd73af5cbd3486f9463b9cc1339cc6df7bab136fb248b0e6c9f37b806103

Request headers

Referer: https://www.prothomalo.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

cache-control: public,max-age=30
cf-cache-status: REVALIDATED
cf-ray: 8108faa77ca7405a-SIN
content-encoding: br
content-type: text/html
date: Tue, 03 Oct 2023 23:31:31 GMT
last-modified: Wed, 07 Jun 2023 06:39:58 GMT
server: cloudflare
vary: Accept-Encoding
x-amz-id-2: e3wJUYK7hVlsFvc94VZ7SKaYGR51hiNrs/Sk8cEUKz5/htKd+mFHlaDpytGztpGaCqvJIwG85BU=
x-amz-meta-ctime: 1686119997
x-amz-meta-gid: 0
x-amz-meta-mode: 33188
x-amz-meta-mtime: 1686119997
x-amz-meta-uid: 0
x-amz-request-id: C06XZYW1BYVSDGXX
x-amz-server-side-encryption: AES256
x-powered-by: Express

GET
H2 200 / Show response
mab.chartbeat.com/mab_strategy/headline_testing/get_strategy/ 159 B
478 B 702ms
85ms XHR
application/json 151.101.194.202
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://mab.chartbeat.com/mab_strategy/headline_testing/get_strategy/?host=prothomalo.com&domain=prothomalo.com&path=%2F
Requested by: Host: static.chartbeat.com
URL: https://static.chartbeat.com/js/chartbeat_mab.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.194.202 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 54a63e18455eefaed95984099075772eb6a3830500e62b97d2ce6ae19aae5c1c

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.prothomalo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

x-cache-hits: 64
date: Tue, 03 Oct 2023 23:31:31 GMT
content-encoding: gzip
via: 1.1 varnish (Varnish/6.0), 1.1 varnish
age: 2811
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 124
x-served-by: cache-qpg1226-QPG
x-timer: S1696375892.762022,VS0,VE0
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
content-type: application/json
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, max-age=0, s-maxage=0
accept-ranges: bytes
expires: Sun, 01 Oct 2023 22:44:41 GMT

GET
H2 200 ping
ping.chartbeat.net/ 43 B
201 B 1246ms
539ms Image
image/gif 23.21.139.150
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ping.chartbeat.net/ping?h=prothomalo.com&p=%2F&u=D737ROCAifGKCw7gxL&d=prothomalo.com&g=3446&g0=Home&g1=Not%20Applicable&n=1&f=00001&c=0&x=0&m=0&y=3614&o=1776&w=1200&j=45&R=1&W=0&I=0&E=0&e=0&r=&PA=https%3A%2F%2Fwww.prothomalo.com%2F&b=3589&t=D6UUR3BURu90D7KldDHJJ35W1Qex&V=141&i=%E0%A6%AA%E0%A7%8D%E0%A6%B0%E0%A6%A5%E0%A6%AE%20%E0%A6%86%E0%A6%B2%E0%A7%8B%20%7C%20%E0%A6%AC%E0%A6%BE%E0%A6%82%E0%A6%B2%E0%A6%BE%20%E0%A6%A8%E0%A6%BF%E0%A6%89%E0%A6%9C%20%E0%A6%AA%E0%A7%87%E0%A6%AA%E0%A6%BE%E0%A6%B0&tz=-480&_acct=anon&sn=1&sv=CaZPC6pG9g0Cm-89uCxzYQqD0gcJa&sd=1&im=067b2fff&_
Requested by: Host: www.prothomalo.com
URL: https://www.prothomalo.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 23.21.139.150 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-23-21-139-150.compute-1.amazonaws.com
Software: /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.prothomalo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Tue, 03 Oct 2023 23:31:32 GMT
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-length: 43
expires: 0

GET
H2 200 device-tracker-id Show response
prod-analytics.qlitics.com/api/ 60 B
558 B 1315ms
538ms XHR
application/json 3.83.71.62
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://prod-analytics.qlitics.com/api/device-tracker-id
Requested by: Host: www.prothomalo.com
URL: https://www.prothomalo.com/qlitics.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.83.71.62 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-83-71-62.compute-1.amazonaws.com
Software: /
Resource Hash: 7f6471f46bb9661c53298c398c2ad1578324224de18b663431c4caf43a4316ec

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.prothomalo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 23:31:32 GMT
access-control-allow-option: POST, PUT, GET
access-control-max-age: 30
content-type: application/json
access-control-allow-origin: https://www.prothomalo.com
cache-control: private, no-cache
access-control-allow-credentials: true
access-control-allow-headers: x-requested-with, content-type, origin, accept

GET
H2 200 prothomalo-bangla%2F2023-10%2F9b381984-b0b7-4f3d-adac-0aced8a19947%2F9.png
images.prothomalo.com/ 4 KB
5 KB 90ms
89ms Image
image/webp 13.227.254.67
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.prothomalo.com/prothomalo-bangla%2F2023-10%2F9b381984-b0b7-4f3d-adac-0aced8a19947%2F9.png?rect=0%2C0%2C825%2C550&auto=format%2Ccompress&fmt=webp&format=webp&w=128&dpr=1.0

Requested by

Host: www.prothomalo.com
URL: https://www.prothomalo.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.227.254.67 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-227-254-67.sin52.r.cloudfront.net

Software

Resource Hash

ab371dd11559d396bae5a09afe86c55664c14de909c4f5e362247116ae5091e5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.prothomalo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

x-gumlet-pc: HIT
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 03 Oct 2023 03:45:19 GMT
via: 1.1 e7cd1f6615dc010d7043e73d81dddfca.cloudfront.net (CloudFront)
nel: {"report_to": "gumlet-nel", "max_age": 604800, "success_fraction": 0.005, "include_subdomains":true, "failure_fraction":1.0 }
x-gumlet-reqid: 651b8e4d6a09055e83d267d9
x-amz-cf-pop: SIN52-C3
age: 71172
x-cache: Hit from cloudfront
x-gumlet-runtime: 1.442
alt-svc: h3=":443"; ma=86400
content-length: 4102
reporting-endpoints: gumlet-nel="https://nel.gumlytics.com/report", default="https://nel.gumlytics.com/report"
surrogate-key: images.prothomalo.com 2023-10-03
etag: "36brltdqrahm8"
access-control-max-age: 3600
report-to: {"group": "gumlet-nel", "max_age": 604800, "endpoints": [{"url": "https://nel.gumlytics.com/report"}]}
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=8640000, s-maxage=31536000, stale-while-revalidate=86400, stale-if-error=86400
vary: accept
accept-ranges: bytes
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
x-amz-cf-id: FfrG19kY8Zio8Zkpgbk_UMg4qvWO8NuQu_iRy6kIGdJj4ZirOKQgQA==

GET
H2 200 prothomalo-bangla%2F2023-10%2F9ec370fe-063e-4827-bde4-6a7fda7b3b35%2Fprothomalo_english_import_media_2018_09_06_d7934ac9853aeaf2d8a88e43acd4b0d3_Unilever_Bangladesh_Limi.jpg
images.prothomalo.com/ 3 KB
4 KB 92ms
91ms Image
image/webp 13.227.254.67
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.prothomalo.com/prothomalo-bangla%2F2023-10%2F9ec370fe-063e-4827-bde4-6a7fda7b3b35%2Fprothomalo_english_import_media_2018_09_06_d7934ac9853aeaf2d8a88e43acd4b0d3_Unilever_Bangladesh_Limi.jpg?rect=40%2C0%2C450%2C300&auto=format%2Ccompress&fmt=webp&format=webp&w=128&dpr=1.0

Requested by

Host: www.prothomalo.com
URL: https://www.prothomalo.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.227.254.67 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-227-254-67.sin52.r.cloudfront.net

Software

Resource Hash

126deb1f3b54d68a6449b118882d540fdcc98378630e1aaab78d92f48c51c56f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.prothomalo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

x-gumlet-pc: HIT
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 03 Oct 2023 08:30:39 GMT
via: 1.1 e7cd1f6615dc010d7043e73d81dddfca.cloudfront.net (CloudFront)
nel: {"report_to": "gumlet-nel", "max_age": 604800, "success_fraction": 0.005, "include_subdomains":true, "failure_fraction":1.0 }
x-gumlet-reqid: 651bd12ea0d577ccdd0592ee
x-amz-cf-pop: SIN52-C3
age: 54052
x-cache: Hit from cloudfront
x-gumlet-runtime: 0.791
alt-svc: h3=":443"; ma=86400
content-length: 3478
reporting-endpoints: gumlet-nel="https://nel.gumlytics.com/report", default="https://nel.gumlytics.com/report"
surrogate-key: images.prothomalo.com 2023-10-03
etag: "3q56pkxz8zn93"
access-control-max-age: 3600
report-to: {"group": "gumlet-nel", "max_age": 604800, "endpoints": [{"url": "https://nel.gumlytics.com/report"}]}
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=8640000, s-maxage=31536000, stale-while-revalidate=86400, stale-if-error=86400
vary: accept
accept-ranges: bytes
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
x-amz-cf-id: JtdAHl6XFGdbA6AEpf_b2wtHU6Osv5v2YtSITbdnjnmyu6fGak_qOg==

GET
H2 200 prothomalo-bangla%2F2023-10%2F78571e3b-3150-4202-ae1d-87f8ae6be158%2Fdsads.jpg
images.prothomalo.com/ 2 KB
3 KB 91ms
90ms Image
image/webp 13.227.254.67
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.prothomalo.com/prothomalo-bangla%2F2023-10%2F78571e3b-3150-4202-ae1d-87f8ae6be158%2Fdsads.jpg?rect=0%2C0%2C1644%2C1096&auto=format%2Ccompress&fmt=webp&format=webp&w=128&dpr=1.0

Requested by

Host: www.prothomalo.com
URL: https://www.prothomalo.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.227.254.67 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-227-254-67.sin52.r.cloudfront.net

Software

Resource Hash

fedabec8ffe5bcc632592f818ddac684ac3f9f2880e8d7222674db8674a2a959

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.prothomalo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

x-gumlet-pc: HIT
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 03 Oct 2023 19:18:10 GMT
via: 1.1 e7cd1f6615dc010d7043e73d81dddfca.cloudfront.net (CloudFront)
nel: {"report_to": "gumlet-nel", "max_age": 604800, "success_fraction": 0.005, "include_subdomains":true, "failure_fraction":1.0 }
x-gumlet-reqid: 651c68f29fa7e98f0dec1d34
x-amz-cf-pop: SIN52-C3
age: 15201
x-cache: Hit from cloudfront
x-gumlet-runtime: 0.008
alt-svc: h3=":443"; ma=86400
content-length: 1756
reporting-endpoints: gumlet-nel="https://nel.gumlytics.com/report", default="https://nel.gumlytics.com/report"
surrogate-key: images.prothomalo.com 2023-10-03
etag: "2rqsk21pd6t18"
access-control-max-age: 3600
report-to: {"group": "gumlet-nel", "max_age": 604800, "endpoints": [{"url": "https://nel.gumlytics.com/report"}]}
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=8640000, s-maxage=31536000, stale-while-revalidate=86400, stale-if-error=86400
vary: accept
accept-ranges: bytes
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
x-amz-cf-id: vRdSEKpDkasZnrlCDLJ5OsZjmCtQIbwbboLWqg937zSvjNCf6c4Z2w==

GET
H2 200 prothomalo-bangla%2F2023-10%2F8b1a8615-8d1b-4510-bd4a-90d6221e4fc1%2FShabnoor_01.jpg
images.prothomalo.com/ 18 KB
19 KB 90ms
89ms Image
image/webp 13.227.254.67
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.prothomalo.com/prothomalo-bangla%2F2023-10%2F8b1a8615-8d1b-4510-bd4a-90d6221e4fc1%2FShabnoor_01.jpg?rect=0%2C189%2C512%2C341&auto=format%2Ccompress&fmt=webp&format=webp&w=300&dpr=1.0

Requested by

Host: www.prothomalo.com
URL: https://www.prothomalo.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.227.254.67 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-227-254-67.sin52.r.cloudfront.net

Software

Resource Hash

460ad5a910a388bf092a800082318ee8f059eedc82022bbb5df13863cadac62d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.prothomalo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

x-gumlet-pc: HIT
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 03 Oct 2023 17:34:32 GMT
via: 1.1 e7cd1f6615dc010d7043e73d81dddfca.cloudfront.net (CloudFront)
nel: {"report_to": "gumlet-nel", "max_age": 604800, "success_fraction": 0.005, "include_subdomains":true, "failure_fraction":1.0 }
x-gumlet-reqid: 651c50a7de31ec1833e97370
x-amz-cf-pop: SIN52-C3
age: 21419
x-cache: Hit from cloudfront
x-gumlet-runtime: 0.477
alt-svc: h3=":443"; ma=86400
content-length: 18430
reporting-endpoints: gumlet-nel="https://nel.gumlytics.com/report", default="https://nel.gumlytics.com/report"
surrogate-key: images.prothomalo.com 2023-10-03
etag: "3t5883js62hem"
access-control-max-age: 3600
report-to: {"group": "gumlet-nel", "max_age": 604800, "endpoints": [{"url": "https://nel.gumlytics.com/report"}]}
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=8640000, s-maxage=31536000, stale-while-revalidate=86400, stale-if-error=86400
vary: accept
accept-ranges: bytes
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
x-amz-cf-id: l3dAo6kWImv6UKkBAfJUYMvdY9DtnIz8HjDwID1Pv0si6zqqir4Xog==

GET
H2 200 prothomalo-bangla%2F2023-10%2Fc6f65a4d-9757-4310-9e7c-71a790e09ea3%2F666081_01_02.jpg
images.prothomalo.com/ 5 KB
6 KB 91ms
89ms Image
image/webp 13.227.254.67
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.prothomalo.com/prothomalo-bangla%2F2023-10%2Fc6f65a4d-9757-4310-9e7c-71a790e09ea3%2F666081_01_02.jpg?rect=0%2C0%2C3533%2C2355&auto=format%2Ccompress&fmt=webp&format=webp&w=128&dpr=1.0

Requested by

Host: www.prothomalo.com
URL: https://www.prothomalo.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.227.254.67 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-227-254-67.sin52.r.cloudfront.net

Software

Resource Hash

764dbf90f4de531f0a0ccbb80786dab9c5e7d00d0dd4de7870cc6574df064faa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.prothomalo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

x-gumlet-pc: MISS
date: Tue, 03 Oct 2023 17:32:15 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 e7cd1f6615dc010d7043e73d81dddfca.cloudfront.net (CloudFront)
nel: {"report_to": "gumlet-nel", "max_age": 604800, "success_fraction": 0.005, "include_subdomains":true, "failure_fraction":1.0 }
x-gumlet-oc: HIT
x-gumlet-reqid: ZRxQH4r2elPvLNBg
x-amz-cf-pop: SIN52-C3
age: 21556
x-cache: Hit from cloudfront
x-gumlet-runtime: 0.058
alt-svc: h3=":443"; ma=86400
content-length: 5398
reporting-endpoints: gumlet-nel="https://nel.gumlytics.com/report", default="https://nel.gumlytics.com/report"
surrogate-key: images.prothomalo.com 2023-10-03
etag: "2pl9yreqbvpcv"
access-control-max-age: 3600
report-to: {"group": "gumlet-nel", "max_age": 604800, "endpoints": [{"url": "https://nel.gumlytics.com/report"}]}
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=8640000, s-maxage=31536000, stale-while-revalidate=86400, stale-if-error=86400
vary: accept
accept-ranges: bytes
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
x-amz-cf-id: muLSL5XFMlH3dwUsHquclmK_8pJuCKZPU5nAtkKZBmEJGULzlsoZUQ==

GET
H2 200 prothomalo-bangla%2F2023-10%2F36f3c2b1-6dbf-4112-98b4-c3c6fbc160d5%2FWhatsApp_Image_2023_10_03_at_19_56_58.jpeg
images.prothomalo.com/ 5 KB
6 KB 91ms
90ms Image
image/webp 13.227.254.67
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.prothomalo.com/prothomalo-bangla%2F2023-10%2F36f3c2b1-6dbf-4112-98b4-c3c6fbc160d5%2FWhatsApp_Image_2023_10_03_at_19_56_58.jpeg?rect=0%2C7%2C1080%2C720&auto=format%2Ccompress&fmt=webp&format=webp&w=128&dpr=1.0

Requested by

Host: www.prothomalo.com
URL: https://www.prothomalo.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.227.254.67 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-227-254-67.sin52.r.cloudfront.net

Software

Resource Hash

0228f1f61f4c7e51840d14fb9f8a17bae2b610dcb48ff05ba483b729d1f59003

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.prothomalo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

x-gumlet-pc: MISS
date: Tue, 03 Oct 2023 14:19:51 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 e7cd1f6615dc010d7043e73d81dddfca.cloudfront.net (CloudFront)
nel: {"report_to": "gumlet-nel", "max_age": 604800, "success_fraction": 0.005, "include_subdomains":true, "failure_fraction":1.0 }
x-gumlet-oc: HIT
x-gumlet-reqid: ZRwjB0cNXD0ovUhL
x-amz-cf-pop: SIN52-C3
age: 33100
x-cache: Hit from cloudfront
x-gumlet-runtime: 0.047
alt-svc: h3=":443"; ma=86400
content-length: 4922
reporting-endpoints: gumlet-nel="https://nel.gumlytics.com/report", default="https://nel.gumlytics.com/report"
surrogate-key: images.prothomalo.com 2023-10-03
etag: "getb4nspvvjv"
access-control-max-age: 3600
report-to: {"group": "gumlet-nel", "max_age": 604800, "endpoints": [{"url": "https://nel.gumlytics.com/report"}]}
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=8640000, s-maxage=31536000, stale-while-revalidate=86400, stale-if-error=86400
vary: accept
accept-ranges: bytes
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
x-amz-cf-id: PsXEkX_mn6rUN_fCEEmeLrF4Kgdzvc7nkCpVCZ5HNUThbbE-EBaAmA==

GET
H2 200 prothomalo-bangla%2F2023-10%2F62e65e77-2be1-4c4c-bb4c-c82adcef0600%2FWhatsApp_Image_2023_10_03_at_19_55_44__1_.jpeg
images.prothomalo.com/ 5 KB
6 KB 92ms
91ms Image
image/webp 13.227.254.67
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.prothomalo.com/prothomalo-bangla%2F2023-10%2F62e65e77-2be1-4c4c-bb4c-c82adcef0600%2FWhatsApp_Image_2023_10_03_at_19_55_44__1_.jpeg?rect=1%2C0%2C1599%2C1066&auto=format%2Ccompress&fmt=webp&format=webp&w=128&dpr=1.0

Requested by

Host: www.prothomalo.com
URL: https://www.prothomalo.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.227.254.67 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-227-254-67.sin52.r.cloudfront.net

Software

Resource Hash

c541ac32699f54584521d606edfc9a40c38f0eb3be2908bfa45502c0bcbd5fb6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.prothomalo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

x-gumlet-pc: HIT
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 03 Oct 2023 14:10:29 GMT
via: 1.1 e7cd1f6615dc010d7043e73d81dddfca.cloudfront.net (CloudFront)
nel: {"report_to": "gumlet-nel", "max_age": 604800, "success_fraction": 0.005, "include_subdomains":true, "failure_fraction":1.0 }
x-gumlet-reqid: 651c20d4de31ec1833df1c36
x-amz-cf-pop: SIN52-C3
age: 33662
x-cache: Hit from cloudfront
x-gumlet-runtime: 0.132
alt-svc: h3=":443"; ma=86400
content-length: 4892
reporting-endpoints: gumlet-nel="https://nel.gumlytics.com/report", default="https://nel.gumlytics.com/report"
surrogate-key: images.prothomalo.com 2023-10-03
etag: "13d0q51uf2bs1"
access-control-max-age: 3600
report-to: {"group": "gumlet-nel", "max_age": 604800, "endpoints": [{"url": "https://nel.gumlytics.com/report"}]}
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=8640000, s-maxage=31536000, stale-while-revalidate=86400, stale-if-error=86400
vary: accept
accept-ranges: bytes
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
x-amz-cf-id: 9Mk2OXItIcHtPM41tI4fd1VcZIUQ08mZqyI-3x6cRXb87kKFq0KmdQ==

GET
H2 200 style.css
www.prothomalo.com/widgets/muktijuddho-50/css/ Frame 3B2A 267 B
413 B 389ms
389ms Stylesheet
text/css 104.17.160.183
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.prothomalo.com/widgets/muktijuddho-50/css/style.css?v=1.0
Requested by: Host: www.prothomalo.com
URL: https://www.prothomalo.com/widgets/muktijuddho-50/palo-home.html?v=1.0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.17.160.183 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: c09462d97ad8155d34e101f8f592cf0e6d28d9635aef38dfdb7b77b53b084e0b

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.prothomalo.com/widgets/muktijuddho-50/palo-home.html?v=1.0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 23:31:31 GMT
content-encoding: br
cf-cache-status: REVALIDATED
x-amz-request-id: QNZCKNBJ5GVWXNSG
cf-polished: origSize=333
x-powered-by: Express
x-amz-meta-ctime: 1614592788
x-amz-meta-mode: 33261
x-amz-id-2: 0zieNPtb4dzaz4moQKYdPqpY/1SbbGSTKETYIFJTe7UP8xBuvZvKFLCih4TgwR2IQ00J7VTw08M=
last-modified: Sun, 27 Jun 2021 12:52:30 GMT
cf-bgj: minify
server: cloudflare
etag: W/"8aaa3c7e82f628c7008631fe0ee68099"
x-amz-meta-uid: 0
vary: Accept-Encoding, Accept-Encoding
content-type: text/css
x-amz-meta-gid: 0
cache-control: public,max-age=30
cf-ray: 8108faa9fe61405a-SIN
x-amz-meta-mtime: 1614592788

GET
H2 200 Muktijuddho_71_Desktop.png
images.prothomalo.com/prothomalo-bangla/2023-04/fc54c671-32f5-4648-ab6c-2dfbeb82d5f0/ Frame 3B2A 22 KB
23 KB 113ms
112ms Image
image/webp 13.227.254.67
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.prothomalo.com/prothomalo-bangla/2023-04/fc54c671-32f5-4648-ab6c-2dfbeb82d5f0/Muktijuddho_71_Desktop.png?auto=format%2Ccompress&format=webp&w=1248&dpr=1.2

Requested by

Host: www.prothomalo.com
URL: https://www.prothomalo.com/widgets/muktijuddho-50/palo-home.html?v=1.0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.227.254.67 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-227-254-67.sin52.r.cloudfront.net

Software

Resource Hash

0055f122d72ee79021a609c4b0a4e221ea5c41bac0debdb7ecb1abccd9e79b38

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.prothomalo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

x-gumlet-pc: HIT
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Thu, 24 Aug 2023 19:13:04 GMT
via: 1.1 e7cd1f6615dc010d7043e73d81dddfca.cloudfront.net (CloudFront)
nel: {'report_to': 'gumlet-nel', 'max_age': 604800, 'success_fraction': 0.005, 'response_headers':['content-length'] }
x-gumlet-reqid: 64e7abc09662cd7f745b8600
x-amz-cf-pop: SIN52-C3
age: 3471507
x-cache: Hit from cloudfront
x-gumlet-runtime: 0.011
alt-svc: h3=":443"; ma=86400
content-length: 22642
surrogate-key: images.prothomalo.com 2023-07-02
etag: "bliont5jfqhy"
access-control-max-age: 3600
report-to: {'group': 'gumlet-nel', 'max_age': 604800, 'endpoints': [{'url': 'https://nel.gumlytics.com/report'}]}
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=8640000, s-maxage=31536000, stale-while-revalidate=86400, stale-if-error=86400
vary: accept
accept-ranges: bytes
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
x-amz-cf-id: 4OkBeRZdD5PTDcGLw54Tm2jrsUZkameuHI9VQzsBlS5Zv0Q-slzHeA==

GET
H2 200 Muktijuddho_71_Mobile.png
images.prothomalo.com/prothomalo-bangla/2023-04/e2f0571e-4c44-4e5f-9d8e-860f3302e167/ Frame 3B2A 15 KB
16 KB 148ms
148ms Image
image/webp 13.227.254.67
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.prothomalo.com/prothomalo-bangla/2023-04/e2f0571e-4c44-4e5f-9d8e-860f3302e167/Muktijuddho_71_Mobile.png?auto=format%2Ccompress&format=webp&w=540&dpr=1.2

Requested by

Host: www.prothomalo.com
URL: https://www.prothomalo.com/widgets/muktijuddho-50/palo-home.html?v=1.0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.227.254.67 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-227-254-67.sin52.r.cloudfront.net

Software

Resource Hash

ec458099da3eac28e580be3a161f624094d1f92092d32a48c33d030b449370a3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.prothomalo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

x-gumlet-pc: HIT
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Thu, 24 Aug 2023 23:10:28 GMT
via: 1.1 e7cd1f6615dc010d7043e73d81dddfca.cloudfront.net (CloudFront)
nel: {'report_to': 'gumlet-nel', 'max_age': 604800, 'success_fraction': 0.005, 'response_headers':['content-length'] }
x-gumlet-reqid: 64e7e36430f070ae2ac47157
x-amz-cf-pop: SIN52-C3
age: 3457263
x-cache: Hit from cloudfront
x-gumlet-runtime: 0.01
alt-svc: h3=":443"; ma=86400
content-length: 15212
surrogate-key: images.prothomalo.com 2023-07-02
etag: "nqpexlo7wofy"
access-control-max-age: 3600
report-to: {'group': 'gumlet-nel', 'max_age': 604800, 'endpoints': [{'url': 'https://nel.gumlytics.com/report'}]}
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=8640000, s-maxage=31536000, stale-while-revalidate=86400, stale-if-error=86400
vary: accept
accept-ranges: bytes
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
x-amz-cf-id: 6HWkyge7vCduArWcgMbGZP-Q1tm3Fp7T3Pe5IzYyPHvxtXMKp3Oa6Q==

GET
H2 200 iframeResizer.contentWindow.min.js Show response
services.prothomalo.com/ Frame 3B2A 13 KB
5 KB 116ms
115ms Script
application/javascript 104.17.160.183
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://services.prothomalo.com/iframeResizer.contentWindow.min.js
Requested by: Host: www.prothomalo.com
URL: https://www.prothomalo.com/widgets/muktijuddho-50/palo-home.html?v=1.0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.17.160.183 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7bf7f9d264374e6a8d3a1f0ed2243000039313ea42cae7a027d0ebc88bf7f121

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.prothomalo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 23:31:31 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 10 May 2023 06:31:09 GMT
server: cloudflare
age: 4308
etag: W/"3476-5fb51047d6ae4"
vary: Accept-Encoding
content-type: application/javascript
cf-ray: 8108faa9fe67405a-SIN

POST
H2 204 collect
analytics.google.com/g/ 0
256 B 654ms
92ms Ping
text/plain 216.239.32.181
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-C4T51Z1NR8&gtm=45je3a20&_p=1768446948&_gaz=1&cid=1161739928.1696375892&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&dt=%E0%A6%AA%E0%A7%8D%E0%A6%B0%E0%A6%A5%E0%A6%AE%20%E0%A6%86%E0%A6%B2%E0%A7%8B%20%7C%20%E0%A6%AC%E0%A6%BE%E0%A6%82%E0%A6%B2%E0%A6%BE%20%E0%A6%A8%E0%A6%BF%E0%A6%89%E0%A6%9C%20%E0%A6%AA%E0%A7%87%E0%A6%AA%E0%A6%BE%E0%A6%B0&sid=1696375891&sct=1&seg=0&dl=https%3A%2F%2Fwww.prothomalo.com%2F&en=page_view&_fv=1&_nsi=1&_ss=2&ep.uuid=a450100646453736117059381325373631200160024242023947&ep.page_url=https%3A%2F%2Fwww.prothomalo.com%2F&ep.page_section=&ep.page_author=&ep.page_topics=
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-C4T51Z1NR8&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 216.239.32.181 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.prothomalo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 03 Oct 2023 23:31:33 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.prothomalo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
256 B 648ms
88ms Ping
text/plain 142.251.12.156
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-C4T51Z1NR8&cid=1161739928.1696375892&gtm=45je3a20&aip=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-C4T51Z1NR8&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.251.12.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: se-in-f156.1e100.net
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.prothomalo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 03 Oct 2023 23:31:33 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.prothomalo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com.sg/ads/ 42 B
408 B 659ms
98ms Image
image/gif 172.253.118.94
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com.sg/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-C4T51Z1NR8&cid=1161739928.1696375892&gtm=45je3a20&aip=1&z=2028442025

Requested by

Host: www.prothomalo.com
URL: https://www.prothomalo.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.118.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sl-in-f94.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.prothomalo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 03 Oct 2023 23:31:33 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/10906162232/ 42 B
108 B 677ms
102ms Image
image/gif 74.125.24.106
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/10906162232/?random=1696375890513&cv=11&fst=1696374000000&bg=ffffff&guid=ON&async=1&gtm=45He3a20&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.prothomalo.com%2F&label=rcK5CO2BquYDELiou9Ao&frm=0&tiba=%E0%A6%AA%E0%A7%8D%E0%A6%B0%E0%A6%A5%E0%A6%AE%20%E0%A6%86%E0%A6%B2%E0%A7%8B%20%7C%20%E0%A6%AC%E0%A6%BE%E0%A6%82%E0%A6%B2%E0%A6%BE%20%E0%A6%A8%E0%A6%BF%E0%A6%89%E0%A6%9C%20%E0%A6%AA%E0%A7%87%E0%A6%AA%E0%A6%BE%E0%A6%B0&fmt=3&is_vtc=1&random=2244353720&rmt_tld=0&ipr=y

Requested by

Host: www.prothomalo.com
URL: https://www.prothomalo.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.24.106 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sf-in-f106.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.prothomalo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 03 Oct 2023 23:31:33 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com.sg/pagead/1p-user-list/10906162232/ 42 B
154 B 292ms
99ms Image
image/gif 172.253.118.94
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com.sg/pagead/1p-user-list/10906162232/?random=1696375890513&cv=11&fst=1696374000000&bg=ffffff&guid=ON&async=1&gtm=45He3a20&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.prothomalo.com%2F&label=rcK5CO2BquYDELiou9Ao&frm=0&tiba=%E0%A6%AA%E0%A7%8D%E0%A6%B0%E0%A6%A5%E0%A6%AE%20%E0%A6%86%E0%A6%B2%E0%A7%8B%20%7C%20%E0%A6%AC%E0%A6%BE%E0%A6%82%E0%A6%B2%E0%A6%BE%20%E0%A6%A8%E0%A6%BF%E0%A6%89%E0%A6%9C%20%E0%A6%AA%E0%A7%87%E0%A6%AA%E0%A6%BE%E0%A6%B0&fmt=3&is_vtc=1&random=2244353720&rmt_tld=1&ipr=y

Requested by

Host: www.prothomalo.com
URL: https://www.prothomalo.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.118.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sl-in-f94.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.prothomalo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 03 Oct 2023 23:31:33 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/10906162232/ 42 B
455 B 676ms
101ms Image
image/gif 74.125.24.106
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/10906162232/?random=1696375890508&cv=11&fst=1696374000000&bg=ffffff&guid=ON&async=1&gtm=45He3a20&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.prothomalo.com%2F&frm=0&tiba=%E0%A6%AA%E0%A7%8D%E0%A6%B0%E0%A6%A5%E0%A6%AE%20%E0%A6%86%E0%A6%B2%E0%A7%8B%20%7C%20%E0%A6%AC%E0%A6%BE%E0%A6%82%E0%A6%B2%E0%A6%BE%20%E0%A6%A8%E0%A6%BF%E0%A6%89%E0%A6%9C%20%E0%A6%AA%E0%A7%87%E0%A6%AA%E0%A6%BE%E0%A6%B0&fmt=3&is_vtc=1&random=1440608964&rmt_tld=0&ipr=y

Requested by

Host: www.prothomalo.com
URL: https://www.prothomalo.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.24.106 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sf-in-f106.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.prothomalo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 03 Oct 2023 23:31:33 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com.sg/pagead/1p-user-list/10906162232/ 42 B
108 B 167ms
100ms Image
image/gif 172.253.118.94
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com.sg/pagead/1p-user-list/10906162232/?random=1696375890508&cv=11&fst=1696374000000&bg=ffffff&guid=ON&async=1&gtm=45He3a20&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.prothomalo.com%2F&frm=0&tiba=%E0%A6%AA%E0%A7%8D%E0%A6%B0%E0%A6%A5%E0%A6%AE%20%E0%A6%86%E0%A6%B2%E0%A7%8B%20%7C%20%E0%A6%AC%E0%A6%BE%E0%A6%82%E0%A6%B2%E0%A6%BE%20%E0%A6%A8%E0%A6%BF%E0%A6%89%E0%A6%9C%20%E0%A6%AA%E0%A7%87%E0%A6%AA%E0%A6%BE%E0%A6%B0&fmt=3&is_vtc=1&random=1440608964&rmt_tld=1&ipr=y

Requested by

Host: www.prothomalo.com
URL: https://www.prothomalo.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.118.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sl-in-f94.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.prothomalo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 03 Oct 2023 23:31:33 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 28 KB
12 KB 482ms
481ms Fetch
text/plain 74.125.68.157
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3637752249881711&correlator=186120847353904&eid=31077099%2C31078458&output=ldjh&gdfp_req=1&vrg=202309280101&ptt=17&impl=fif&iu_parts=85406138%2CHome_728x90_T1&enc_prev_ius=0%2F1&prev_iu_szs=970x90%7C728x90&ifi=1&didk=4110358077&sfv=1-0-40&sc=1&cookie_enabled=1&abxe=1&dt=1696375891916&lmt=1696347091&adxs=315&adys=220&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=480&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fwww.prothomalo.com%2F&vis=1&psz=970x0&msz=970x0&fws=4&ohw=1600&ga_vid=1161739928.1696375892&ga_sid=1696375892&ga_hid=1768446948&ga_fc=true&dlt=1696375889477&idt=2395&prev_scp=publisherName%3Dprothomalo%26pageType%3Dhome-page%26environment%3Dprod%26storyType%3DNA%26section%3DNA%26storyId%3DNA%26collectionSlug%3DDefaultCollection%26layoutName%3DDefaultLayout&adks=526797482&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309280101/pubads_impl.js?cb=31078458

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.68.157 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sc-in-f157.1e100.net

Software

cafe /

Resource Hash

d6b38a41e0214048b70811deb7283a1013aba014be7b1501137d8c0f1bc738f1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.prothomalo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 23:31:32 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12340
x-xss-protection: 0
google-lineitem-id: 157929418
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 58021359538
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.prothomalo.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 619 B
796 B 208ms
207ms Fetch
text/plain 74.125.68.157
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3637752249881711&correlator=186120847353904&eid=31077099%2C31078458&output=ldjh&gdfp_req=1&vrg=202309280101&ptt=17&impl=fif&iu_parts=85406138%2Chome_Int_660x440&enc_prev_ius=0%2F1&prev_iu_szs=1x1&ifi=2&didk=1602979112&sfv=1-0-40&ists=1&sc=1&cookie_enabled=1&abxe=1&dt=1696375891926&lmt=1696347091&adxs=176&adys=304&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=480&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fwww.prothomalo.com%2F&vis=1&psz=1248x0&msz=1248x0&fws=4&ohw=1600&ga_vid=1161739928.1696375892&ga_sid=1696375892&ga_hid=1768446948&ga_fc=true&dlt=1696375889477&idt=2395&prev_scp=publisherName%3Dprothomalo%26pageType%3Dhome-page%26environment%3Dprod%26storyType%3DNA%26section%3DNA%26storyId%3DNA%26collectionSlug%3DDefaultCollection%26layoutName%3DDefaultLayout&adks=1696943585&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309280101/pubads_impl.js?cb=31078458

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.68.157 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sc-in-f157.1e100.net

Software

cafe /

Resource Hash

8a485721b502dc720f84302eb038c88197a1063b0119db786f36012308fd4257

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.prothomalo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 23:31:32 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 275
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.prothomalo.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 552 B
575 B 211ms
210ms Fetch
text/plain 74.125.68.157
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3637752249881711&correlator=186120847353904&eid=31077099%2C31078458&output=ldjh&gdfp_req=1&vrg=202309280101&ptt=17&impl=fif&iu_parts=85406138%2CHP_Takeover_1x1&enc_prev_ius=0%2F1&prev_iu_szs=1x1&ifi=3&didk=3037032152&sfv=1-0-40&sc=1&cookie_enabled=1&abxe=1&dt=1696375891930&lmt=1696347091&adxs=176&adys=304&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=480&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fwww.prothomalo.com%2F&vis=1&psz=1248x0&msz=1248x0&fws=4&ohw=1600&ga_vid=1161739928.1696375892&ga_sid=1696375892&ga_hid=1768446948&ga_fc=true&dlt=1696375889477&idt=2395&prev_scp=publisherName%3Dprothomalo%26pageType%3Dhome-page%26environment%3Dprod%26storyType%3DNA%26section%3DNA%26storyId%3DNA%26collectionSlug%3DDefaultCollection%26layoutName%3DDefaultLayout&adks=2045427674&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309280101/pubads_impl.js?cb=31078458

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.68.157 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sc-in-f157.1e100.net

Software

cafe /

Resource Hash

c780d0a9d29c2240bc82a9fc17ee371007e6f3633bdb181243f952b9e9660f7e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.prothomalo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 23:31:32 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 275
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.prothomalo.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 25 KB
12 KB 983ms
982ms Fetch
text/plain 74.125.68.157
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3637752249881711&correlator=186120847353904&eid=31077099%2C31078458&output=ldjh&gdfp_req=1&vrg=202309280101&ptt=17&impl=fif&iu_parts=85406138%2CHome_336x280_R1&enc_prev_ius=0%2F1&prev_iu_szs=300x250&ifi=4&didk=1045380990&sfv=1-0-40&sc=1&cookie_enabled=1&abxe=1&dt=1696375891933&lmt=1696347091&adxs=1124&adys=304&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=4&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=480&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fwww.prothomalo.com%2F&vis=1&psz=300x0&msz=300x0&fws=4&ohw=1600&ga_vid=1161739928.1696375892&ga_sid=1696375892&ga_hid=1768446948&ga_fc=true&dlt=1696375889477&idt=2395&prev_scp=publisherName%3Dprothomalo%26pageType%3Dhome-page%26environment%3Dprod%26storyType%3DNA%26section%3DNA%26storyId%3DNA%26collectionSlug%3Dfeatured%26layoutName%3DFourteenStories3Ad1Widget&adks=591070982&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309280101/pubads_impl.js?cb=31078458

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.68.157 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sc-in-f157.1e100.net

Software

cafe /

Resource Hash

82b2b2a13588e178c95367933910ff2cd876a6bfd8d1d872cfe19e3ef0519173

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.prothomalo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 23:31:32 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11805
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.prothomalo.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 25 KB
12 KB 692ms
691ms Fetch
text/plain 74.125.68.157
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3637752249881711&correlator=186120847353904&eid=31077099%2C31078458&output=ldjh&gdfp_req=1&vrg=202309280101&ptt=17&impl=fif&iu_parts=85406138%2CHome_468x60_B1&enc_prev_ius=0%2F1&prev_iu_szs=970x250%7C970x90%7C728x90&ifi=5&didk=505438903&sfv=1-0-40&sc=1&cookie_enabled=1&abxe=1&dt=1696375891936&lmt=1696347091&adxs=315&adys=1341&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=1&ucis=5&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=480&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fwww.prothomalo.com%2F&vis=1&psz=970x0&msz=970x0&fws=4&ohw=1600&ga_vid=1161739928.1696375892&ga_sid=1696375892&ga_hid=1768446948&ga_fc=true&dlt=1696375889477&idt=2395&prev_scp=publisherName%3Dprothomalo%26pageType%3Dhome-page%26environment%3Dprod%26storyType%3DNA%26section%3DNA%26storyId%3DNA%26collectionSlug%3Dfeatured%26layoutName%3DFourteenStories3Ad1Widget&adks=2593733266&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309280101/pubads_impl.js?cb=31078458

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.68.157 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sc-in-f157.1e100.net

Software

cafe /

Resource Hash

a60bf87e47d5a76b31b1c57a7ffc2856a8e624f69304edcdf2de20f7dad40a10

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.prothomalo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 23:31:32 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11751
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.prothomalo.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
5b3aaee6d5df5eceffb4592408cbc1b2.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame B758 6 KB
3 KB 661ms
92ms Document
text/html 172.253.118.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://5b3aaee6d5df5eceffb4592408cbc1b2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309280101/pubads_impl.js?cb=31078458

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.118.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sl-in-f132.1e100.net

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.prothomalo.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 03 Oct 2023 23:31:32 GMT
expires: Wed, 02 Oct 2024 23:31:32 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 view
securepubads.g.doubleclick.net/pcs/ Frame 1721 0
0 91ms
90ms Fetch
image/gif 74.125.68.157
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssk5KdTKfq6bL-mqmK3XYS5X6t7eheWjWxgBCyoMAW9PUosr1_oN-Io8kHyEeY4Gm-MqeIX8Pw0ttqWkhuPRNTQ67MgTg4yfkAF2V-p_KyrRtA-5MLOfysFic_jaKb6EpIh3YOSnyV4aMZqnr5I2SatDc-TUdYwtN0_8K9v47MhTtoeO38y1QX_ezjMrKsd9BYliwS3mfauZ8wVUyyimc8YqF9xc2Mh01yLbzrwFHVQx-Q7kVfBTRrzUYWRhR43cSrymE_adEbVurNkUqkgGZKAMVx3ZjPf8EzdBMY_4nxfMfZkqFmKNuEn6z1nrB9UtFKi90oflUgM698&sai=AMfl-YQd7aU7DtBu60YArftpc7a9GTquSn91UFti_99xcHFn1jczr4ty6CtnRhCetMvgNGssNLsS3zS8qfVOB5nkidUDlun8BzjrQgFYX3iyvqZ3APE2d5S9x7OfMvhN88U&sig=Cg0ArKJSzBTww9HgAUNnEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: www.prothomalo.com
URL: https://www.prothomalo.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.68.157 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sc-in-f157.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.prothomalo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 23:31:32 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 12084.js Show response
ads.rubiconproject.com/ad/ Frame 1721 30 KB
9 KB 355ms
88ms Script
text/javascript 23.50.93.199
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.rubiconproject.com/ad/12084.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309280101/pubads_impl.js?cb=31078458
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.50.93.199 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-50-93-199.deploy.static.akamaitechnologies.com
Software: Apache/2.4.37 (rocky) OpenSSL/1.1.1k / PHP/7.2.24
Resource Hash: 1e7adc9a24a57746863ef54f2de5f8905c242ebc6d416713133ff989fb050222

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.prothomalo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 23:31:32 GMT
content-encoding: gzip
server: Apache/2.4.37 (rocky) OpenSSL/1.1.1k
x-powered-by: PHP/7.2.24
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=12944
access-control-allow-credentials: true
content-length: 8916
expires: Wed, 04 Oct 2023 03:07:16 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 1721 187 KB
59 KB 89ms
89ms Script
text/javascript 74.125.130.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309280101/pubads_impl.js?cb=31078458

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.130.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sb-in-f155.1e100.net

Software

sffe /

Resource Hash

3b1ab917c7da8e45e24d8eea1c130fa25ce01e422fb747eea8163a06e07e84bb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.prothomalo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 23:31:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 60018
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1696246517909956"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 03 Oct 2023 23:31:32 GMT

GET
H2 200 container.html Show response
5b3aaee6d5df5eceffb4592408cbc1b2.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 2370 6 KB
3 KB 88ms
87ms Document
text/html 172.253.118.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://5b3aaee6d5df5eceffb4592408cbc1b2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309280101/pubads_impl.js?cb=31078458

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.118.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sl-in-f132.1e100.net

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.prothomalo.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 03 Oct 2023 23:31:32 GMT
expires: Wed, 02 Oct 2024 23:31:32 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame BAC8 624 B
307 B 98ms
95ms Document
text/html 172.217.194.156
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CNqbIxDWjsvPAxiQhc_4ATAB&v=APEucNUxrprpPxuRFamWjL1_Ax-sPqi7KlWbMveN1F-LD2x_fwU4g-xyFskbkpvyEzd7-fELAymCc0YjziweSFvfcFMCbSDxBQ

Requested by

Host: 5b3aaee6d5df5eceffb4592408cbc1b2.safeframe.googlesyndication.com
URL: https://5b3aaee6d5df5eceffb4592408cbc1b2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.194.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

si-in-f156.1e100.net

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://5b3aaee6d5df5eceffb4592408cbc1b2.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 03 Oct 2023 23:31:32 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 2370 89 KB
31 KB 660ms
96ms Script
text/javascript 64.233.170.157
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Host: 5b3aaee6d5df5eceffb4592408cbc1b2.safeframe.googlesyndication.com
URL: https://5b3aaee6d5df5eceffb4592408cbc1b2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

64.233.170.157 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sg-in-f157.1e100.net

Software

cafe /

Resource Hash

6c0bd41a591f67aa54215c9f9c1f0e86935d86b6546a0ba0bf9cebbed53a9ebc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://5b3aaee6d5df5eceffb4592408cbc1b2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 23:31:33 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31491
x-xss-protection: 0
server: cafe
etag: 6167930392490353973
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Tue, 03 Oct 2023 23:31:33 GMT

GET
H2 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 2370 42 B
401 B 653ms
90ms Image
image/gif 64.233.170.157
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-BbIDvMDkM30bDjQ7ao4GMSHOFJgrT0V4KuzjS_k3q3Du_0j9CTbv-zG2g5BGwpwXuX2U-OfzvP_ivJpL8m96o4HazVYtfkAfdJ-Nrjp40Sm5B1Fpc

Requested by

Host: 5b3aaee6d5df5eceffb4592408cbc1b2.safeframe.googlesyndication.com
URL: https://5b3aaee6d5df5eceffb4592408cbc1b2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

64.233.170.157 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sg-in-f157.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://5b3aaee6d5df5eceffb4592408cbc1b2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 03 Oct 2023 23:31:33 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 2370 0
58 B 654ms
91ms Image
image/gif 64.233.170.157
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=11025155485231481909&x=1&ct=76

Requested by

Host: 5b3aaee6d5df5eceffb4592408cbc1b2.safeframe.googlesyndication.com
URL: https://5b3aaee6d5df5eceffb4592408cbc1b2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

64.233.170.157 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sg-in-f157.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://5b3aaee6d5df5eceffb4592408cbc1b2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 03 Oct 2023 23:31:33 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231002/r20110914/client/ Frame 2370 3 KB
1 KB 690ms
128ms Script
text/javascript 64.233.170.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231002/r20110914/client/window_focus_fy2021.js

Requested by

Host: 5b3aaee6d5df5eceffb4592408cbc1b2.safeframe.googlesyndication.com
URL: https://5b3aaee6d5df5eceffb4592408cbc1b2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

64.233.170.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sg-in-f132.1e100.net

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://5b3aaee6d5df5eceffb4592408cbc1b2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Mon, 02 Oct 2023 23:57:51 GMT
content-encoding: br
x-content-type-options: nosniff
age: 84822
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 16 Oct 2023 23:57:51 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231002/r20110914/client/ Frame 2370 20 KB
9 KB 650ms
88ms Script
text/javascript 64.233.170.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231002/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 5b3aaee6d5df5eceffb4592408cbc1b2.safeframe.googlesyndication.com
URL: https://5b3aaee6d5df5eceffb4592408cbc1b2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

64.233.170.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sg-in-f132.1e100.net

Software

cafe /

Resource Hash

50a61db1134643f3360d0e1ff16c4e48fdf700090052d0fcf9301e95884ae9d9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://5b3aaee6d5df5eceffb4592408cbc1b2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Mon, 02 Oct 2023 23:57:51 GMT
content-encoding: br
x-content-type-options: nosniff
age: 84822
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8339
x-xss-protection: 0
server: cafe
etag: 16954770952846736976
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 16 Oct 2023 23:57:51 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 2370 0
0 136ms
132ms Image
text/html 74.125.24.106
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaT1EEud3k45hILitbzM0ClVsKhwdoLEQSC4gLX5OyfSorfbWSrC0e42v09MyJZz9f3PUkIlbBp1BKqp6uF9UhSG-brwlg
Requested by: Host: 5b3aaee6d5df5eceffb4592408cbc1b2.safeframe.googlesyndication.com
URL: https://5b3aaee6d5df5eceffb4592408cbc1b2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 74.125.24.106 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: sf-in-f106.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://5b3aaee6d5df5eceffb4592408cbc1b2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 2370 187 KB
59 KB 91ms
89ms Script
text/javascript 74.125.130.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 5b3aaee6d5df5eceffb4592408cbc1b2.safeframe.googlesyndication.com
URL: https://5b3aaee6d5df5eceffb4592408cbc1b2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.130.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sb-in-f155.1e100.net

Software

sffe /

Resource Hash

3b1ab917c7da8e45e24d8eea1c130fa25ce01e422fb747eea8163a06e07e84bb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://5b3aaee6d5df5eceffb4592408cbc1b2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 23:31:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 60018
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1696246517909956"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 03 Oct 2023 23:31:32 GMT

GET
H2 200 187270-2.js Show response
smarttag.rubiconproject.com/a/12084/43418/ Frame 1721 146 B
609 B 1176ms
88ms Script
text/javascript 69.173.158.65
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://smarttag.rubiconproject.com/a/12084/43418/187270-2.js?&cb=0.47405963843146104&tk_st=1&rf=https%3A//www.prothomalo.com/&rp_s=c&p_pos=atf&p_screen_res=1600x1200&ad_slot=43418_2&rp_secure=1
Requested by: Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/ad/12084.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 69.173.158.65 Ashburn, United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: f6914cddfb8fcc3e7d99864e104ebdb47934a357ef08d90f9e0acdf48433d6c9

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.prothomalo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 03 Oct 2023 23:31:33 GMT
server: nginx/1.21.4
vary: Accept-Encoding
content-type: text/javascript
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 146
expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H2

200

rum
dsum-sec.casalemedia.com/ Frame BAC8
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMuiABgFvRlPWtd372EiPzg&google_cver=1
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMuiABgFvRlPWtd372EiPzg&google_cver=1&C=1

43 B
327 B

146ms
144ms

Image
image/gif

104.18.27.193
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMuiABgFvRlPWtd372EiPzg&google_cver=1&C=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNqbIxDWjsvPAxiQhc_4ATAB&v=APEucNUxrprpPxuRFamWjL1_Ax-sPqi7KlWbMveN1F-LD2x_fwU4g-xyFskbkpvyEzd7-fELAymCc0YjziweSFvfcFMCbSDxBQ
Protocol: H2
Server: 104.18.27.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 03 Oct 2023 23:31:33 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ECXOEeV9NansguNpC5N%2FnhOGcoJDKtTVxT%2BQUNsRl0fL28ih2NdFYxhgyRZjKCC3JmjJnjEOlAYd6K2iTSPATvUhnSdNGmjnfKVKQP47hUgsXr8AHn%2F8GPLm5zEH1khkFy59lUxbhaCzSg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 8108fab5edc087ea-SIN
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Tue, 03 Oct 2023 23:31:33 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=amiFA6UrqIQNzC0YpYayh2MvaBV5pwSKECUVJtlMZaG%2FkyqV4YHQxB%2FyFEbanwu5Kl1aooviyINHPqrcoNCROAo%2B%2BYppf4V3TWAVGFo%2FPHcEV81UNTaR6gSIOKFt%2BYh1arySGGS%2BnrvXcQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location: /rum?cm_dsp_id=45&external_user_id=CAESEMuiABgFvRlPWtd372EiPzg&google_cver=1&C=1
cache-control: no-cache
cf-ray: 8108fab50d7b87ea-SIN
alt-svc: h3=":443"; ma=86400
content-length: 0
expires: 0

GET
H2

200

rum
dsum-sec.casalemedia.com/ Frame BAC8
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZRykVeIoAnDz4tYFfo.QDQAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESED-PDZqzTS4oZpT58mketRo&google_cver=1&google_hm=2

43 B
324 B

100ms
100ms

Image
image/gif

104.18.27.193
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESED-PDZqzTS4oZpT58mketRo&google_cver=1&google_hm=2
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNqbIxDWjsvPAxiQhc_4ATAB&v=APEucNUxrprpPxuRFamWjL1_Ax-sPqi7KlWbMveN1F-LD2x_fwU4g-xyFskbkpvyEzd7-fELAymCc0YjziweSFvfcFMCbSDxBQ
Protocol: H2
Server: 104.18.27.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 03 Oct 2023 23:31:33 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ujKjW2meafs%2BEqzmc2LzkP6zBQxWw3tvj1rcJxQEV%2BOXZrjSl%2ByhVIof2dTiOVdcU8UY4liwsSd4lMTaVP2fZg5JIx2IpsLRqh9js6afu5lU5ARNvHyHezZmKeb2aBI15my11ByeWrHWaA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 8108fab64de087ea-SIN
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Tue, 03 Oct 2023 23:31:33 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESED-PDZqzTS4oZpT58mketRo&google_cver=1&google_hm=2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

bounce
ib.adnxs.com/ Frame BAC8
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEN_QLmkug-T6PDidcA854j8&google_cver=1
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEN_QLmkug-T6PDidcA854j8%26google_cver%3D1

43 B
891 B

104ms
103ms

Image
image/gif

103.43.90.53
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEN_QLmkug-T6PDidcA854j8%26google_cver%3D1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNqbIxDWjsvPAxiQhc_4ATAB&v=APEucNUxrprpPxuRFamWjL1_Ax-sPqi7KlWbMveN1F-LD2x_fwU4g-xyFskbkpvyEzd7-fELAymCc0YjziweSFvfcFMCbSDxBQ

Protocol

Server

103.43.90.53 , Singapore, ASN29990 (ASN-APPNEX, US),

Reverse DNS

594.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 03 Oct 2023 23:31:33 GMT
an-x-request-uuid: 5eb06a52-5abc-4378-a6a8-6f89c9fc609f
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 49.245.90.16; 49.245.90.16; 594.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 03 Oct 2023 23:31:33 GMT
an-x-request-uuid: 7497478a-be04-4ab1-9685-a4cd18080e2d
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
location: https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEN_QLmkug-T6PDidcA854j8%26google_cver%3D1
cache-control: no-store, no-cache, private
x-proxy-origin: 49.245.90.16; 49.245.90.16; 594.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame BAC8
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=OTEzNDk0MjgxNTkyNDM4MTg5Ng%3D%3D

170 B
243 B

102ms
102ms

Image
image/png

142.251.10.156
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=OTEzNDk0MjgxNTkyNDM4MTg5Ng%3D%3D

Requested by

Protocol

Server

142.251.10.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sd-in-f156.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 03 Oct 2023 23:31:33 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 03 Oct 2023 23:31:33 GMT
an-x-request-uuid: a1b8d68d-1148-49b0-b6b8-6044d6257280
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=OTEzNDk0MjgxNTkyNDM4MTg5Ng%3D%3D
x-proxy-origin: 49.245.90.16; 49.245.90.16; 594.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 container.html Show response
5b3aaee6d5df5eceffb4592408cbc1b2.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame BF4F 6 KB
3 KB 88ms
87ms Document
text/html 172.253.118.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://5b3aaee6d5df5eceffb4592408cbc1b2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309280101/pubads_impl.js?cb=31078458

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.118.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sl-in-f132.1e100.net

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.prothomalo.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 03 Oct 2023 23:31:32 GMT
expires: Wed, 02 Oct 2024 23:31:32 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 4CCE 624 B
285 B 94ms
92ms Document
text/html 172.217.194.156
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CNXBERDQ8LPDAhjWmqnyATAB&v=APEucNX3SBUACm1bxnPa_l6DLBTeOc507a3ERPZAa0ZPpdnwV27k00hAx9DreRC0GLe5ETrUJordhAqkZyUE1_UeMEbLMiyR8g

Requested by

Host: 5b3aaee6d5df5eceffb4592408cbc1b2.safeframe.googlesyndication.com
URL: https://5b3aaee6d5df5eceffb4592408cbc1b2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.194.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

si-in-f156.1e100.net

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://5b3aaee6d5df5eceffb4592408cbc1b2.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 03 Oct 2023 23:31:33 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame BF4F 89 KB
31 KB 439ms
163ms Script
text/javascript 64.233.170.157
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Host: 5b3aaee6d5df5eceffb4592408cbc1b2.safeframe.googlesyndication.com
URL: https://5b3aaee6d5df5eceffb4592408cbc1b2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

64.233.170.157 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sg-in-f157.1e100.net

Software

cafe /

Resource Hash

6c0bd41a591f67aa54215c9f9c1f0e86935d86b6546a0ba0bf9cebbed53a9ebc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://5b3aaee6d5df5eceffb4592408cbc1b2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 23:31:33 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31491
x-xss-protection: 0
server: cafe
etag: 6167930392490353973
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Tue, 03 Oct 2023 23:31:33 GMT

GET
H2 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame BF4F 42 B
107 B 367ms
91ms Image
image/gif 64.233.170.157
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-BhR-rfPI64HTjzWWNGuhW4QlqY9-pBhaJUwvQGgly7Fo5i2-2K-Fy_u8b7zMZLHiwYl13XXDxZIlOR8nrdvJm6Yq5_G-LZNpjDtAN9ORIDTRjdEtQ

Requested by

Host: 5b3aaee6d5df5eceffb4592408cbc1b2.safeframe.googlesyndication.com
URL: https://5b3aaee6d5df5eceffb4592408cbc1b2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

64.233.170.157 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sg-in-f157.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://5b3aaee6d5df5eceffb4592408cbc1b2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 03 Oct 2023 23:31:33 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame BF4F 0
56 B 367ms
92ms Image
image/gif 64.233.170.157
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=7809063312213975675&x=1&ct=76

Requested by

Host: 5b3aaee6d5df5eceffb4592408cbc1b2.safeframe.googlesyndication.com
URL: https://5b3aaee6d5df5eceffb4592408cbc1b2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

64.233.170.157 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sg-in-f157.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://5b3aaee6d5df5eceffb4592408cbc1b2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 03 Oct 2023 23:31:33 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231002/r20110914/client/ Frame BF4F 3 KB
1 KB 401ms
127ms Script
text/javascript 64.233.170.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231002/r20110914/client/window_focus_fy2021.js

Requested by

Host: 5b3aaee6d5df5eceffb4592408cbc1b2.safeframe.googlesyndication.com
URL: https://5b3aaee6d5df5eceffb4592408cbc1b2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

64.233.170.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sg-in-f132.1e100.net

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://5b3aaee6d5df5eceffb4592408cbc1b2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Mon, 02 Oct 2023 23:57:51 GMT
content-encoding: br
x-content-type-options: nosniff
age: 84822
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 16 Oct 2023 23:57:51 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231002/r20110914/client/ Frame BF4F 20 KB
8 KB 364ms
89ms Script
text/javascript 64.233.170.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231002/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 5b3aaee6d5df5eceffb4592408cbc1b2.safeframe.googlesyndication.com
URL: https://5b3aaee6d5df5eceffb4592408cbc1b2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

64.233.170.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sg-in-f132.1e100.net

Software

cafe /

Resource Hash

50a61db1134643f3360d0e1ff16c4e48fdf700090052d0fcf9301e95884ae9d9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://5b3aaee6d5df5eceffb4592408cbc1b2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Mon, 02 Oct 2023 23:57:51 GMT
content-encoding: br
x-content-type-options: nosniff
age: 84822
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8339
x-xss-protection: 0
server: cafe
etag: 16954770952846736976
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 16 Oct 2023 23:57:51 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame BF4F 187 KB
59 KB 88ms
87ms Script
text/javascript 74.125.130.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 5b3aaee6d5df5eceffb4592408cbc1b2.safeframe.googlesyndication.com
URL: https://5b3aaee6d5df5eceffb4592408cbc1b2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.130.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sb-in-f155.1e100.net

Software

sffe /

Resource Hash

3b1ab917c7da8e45e24d8eea1c130fa25ce01e422fb747eea8163a06e07e84bb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://5b3aaee6d5df5eceffb4592408cbc1b2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 23:31:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 60018
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1696246517909956"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 03 Oct 2023 23:31:33 GMT

GET
H2

200

rum
dsum-sec.casalemedia.com/ Frame 4CCE
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESED-PDZqzTS4oZpT58mketRo&google_cver=1

43 B
711 B

129ms
129ms

Image
image/gif

104.18.27.193
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESED-PDZqzTS4oZpT58mketRo&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNXBERDQ8LPDAhjWmqnyATAB&v=APEucNX3SBUACm1bxnPa_l6DLBTeOc507a3ERPZAa0ZPpdnwV27k00hAx9DreRC0GLe5ETrUJordhAqkZyUE1_UeMEbLMiyR8g
Protocol: H2
Server: 104.18.27.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 03 Oct 2023 23:31:33 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=v5%2FLs4SMunw15hHMgmRy%2FEsbzoyDvaQGvRA0vwYNfnPXnsh%2FiIOkBCQ3WTVgA0gY4FcE7YKoZNBJ%2FKt3E7sxi2ZqyuOl95bJCsRfoxPJ7PKbpg%2FWUUT%2B5XgIZpLgPuU%2BkwtMDI32KFQ2Iw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 8108fab50d7e87ea-SIN
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Tue, 03 Oct 2023 23:31:33 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESED-PDZqzTS4oZpT58mketRo&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

rum
dsum-sec.casalemedia.com/ Frame 4CCE
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZRykVbSRjd.eYEi0E.8whwAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESED-PDZqzTS4oZpT58mketRo&google_cver=1&google_hm=2

43 B
325 B

113ms
112ms

Image
image/gif

104.18.27.193
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESED-PDZqzTS4oZpT58mketRo&google_cver=1&google_hm=2
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNXBERDQ8LPDAhjWmqnyATAB&v=APEucNX3SBUACm1bxnPa_l6DLBTeOc507a3ERPZAa0ZPpdnwV27k00hAx9DreRC0GLe5ETrUJordhAqkZyUE1_UeMEbLMiyR8g
Protocol: H2
Server: 104.18.27.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 03 Oct 2023 23:31:33 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ur5cSkVpOQuLFwnxDqD1hAWRpm2fXaGLb2%2F0l55IruOtzSsrSKWSUzPD99r9MZPHLaLjPM2wqOoJrd5GWWWPKeX0sQJoEDB50wKoDUGhIN243jbSZOrrsx4dF%2BbGNRn1ZO94O5fTTqlZWQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 8108fab66df287ea-SIN
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Tue, 03 Oct 2023 23:31:33 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESED-PDZqzTS4oZpT58mketRo&google_cver=1&google_hm=2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

setuid
ib.adnxs.com/ Frame 4CCE
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEBEljH-yfONUJSsJzAmKTGc&google_cver=1

43 B
840 B

102ms
101ms

Image
image/gif

103.43.90.53
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEBEljH-yfONUJSsJzAmKTGc&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNXBERDQ8LPDAhjWmqnyATAB&v=APEucNX3SBUACm1bxnPa_l6DLBTeOc507a3ERPZAa0ZPpdnwV27k00hAx9DreRC0GLe5ETrUJordhAqkZyUE1_UeMEbLMiyR8g

Protocol

Server

103.43.90.53 , Singapore, ASN29990 (ASN-APPNEX, US),

Reverse DNS

594.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 03 Oct 2023 23:31:33 GMT
an-x-request-uuid: d3f2749e-a4a2-464c-9d52-85ee6992f055
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
cache-control: no-store, no-cache, private
x-proxy-origin: 49.245.90.16; 49.245.90.16; 594.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 03 Oct 2023 23:31:33 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEBEljH-yfONUJSsJzAmKTGc&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 4CCE
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Mzg3Mzk0NzA3NDg3OTkwMzQwMg%3D%3D

170 B
232 B

91ms
90ms

Image
image/png

142.251.10.156
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Mzg3Mzk0NzA3NDg3OTkwMzQwMg%3D%3D

Requested by

Protocol

Server

142.251.10.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sd-in-f156.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 03 Oct 2023 23:31:33 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 03 Oct 2023 23:31:33 GMT
an-x-request-uuid: 8e22cdc4-801e-4b48-acbb-a669e95f3486
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Mzg3Mzk0NzA3NDg3OTkwMzQwMg%3D%3D
x-proxy-origin: 49.245.90.16; 49.245.90.16; 594.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 2370 0
56 B 89ms
88ms Ping
image/gif 64.233.170.157
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=3065156168483&version=m202309260101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

64.233.170.157 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sg-in-f157.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://5b3aaee6d5df5eceffb4592408cbc1b2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 03 Oct 2023 23:31:33 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 2370 0
56 B 88ms
88ms Ping
image/gif 64.233.170.157
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=3065156168483&version=m202309260101&ct=76&x=1&cor=11025155485231483000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

64.233.170.157 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sg-in-f157.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://5b3aaee6d5df5eceffb4592408cbc1b2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 03 Oct 2023 23:31:33 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 2370 90 KB
37 KB 130ms
130ms Script
text/javascript 172.217.194.156
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-B_3c1e6JYv7ZsTdos5gN9QUNva4vjy4jnIZ8BORWVyLQctVjW3QLFXhcXrQ0fVH_B7Ur7pyUTRkAJC8f68v7R97enPgQ&cry=1&dbm_d=AKAmf-Bu2VW0K4cGxZVv3UOLKX4w6VBC0Vmo5LfFOhvwRIGhuQRVckuytuknCKJ8N0U19Qv9juBJnCzL530lYrFAxmF64hZT5wqWXKkj85VDfgBhhlx1OfxBkS3mMpnrlC2t4lu4yXcZSIz-c42ce0Rk9wACfbytR5h_DVr3qBtYntFjntOA05iIt7WoPlfkJs1Z_Z3RbbT-jF3iYvl5Vrjabd8e9Ky_FaN3HRoguCIEiHLdKlGv_VwlzFdE19dOLiQpyfsPo8TMfVTViQ0XzjyxD1ZXj7S2Zz69gXDswKLa0BK8CLY5jxALsQJvuCffHxdDCqW1GblR16DXscVa2sPFjMsQvgZw40lWS6Lh5_9KdCQEU_0ZPFSc0u9Fhi0WWF0NKMH6S8WEMr-rZxo8mnena9tv145BGOz2tlndBFlEz25vogWZw0gmiWZNs5Ra7g_fhpYnDtuqbB5apkYxCoybOYoJIwd1C-y6a0YUS-OtuWVrjSzmEJ2D2_-0L37Tm7NIcVOWbahx8q-N0BakZs2Xxlm2e9gVWGhyoKQaQUhJ08CgFEHVpXtfykGgjRE-NNIF-7bv0bVaXnnxv-fnbcX12_pA5BNWuATFs0ikvfIJhw0j5vRugy8jEQWB63YhUcbLewpwCd0u5JEhOFsAYqXNeiHVCEi4GL-Grf_Cd0oJOvuIVhjRuoBrXBrhx9epIcXyR14gANFXIygwGToofEkJqd-JSlIgbiqsacHmltMI8IJh8nJ5pyDk5_DQaACzEzqfJJ9Bv_nZz0CHekg89IXOb1X8tbu-w7ANk6o38SHiouyS63nR5Jmcv0L1zbaKoZJx-1_jUIwmyEicTDLG6p4TTjxdxOTtBrzy9h97Ry8ai91p7_HH3LtFsEb6S0iRPCa1mYZX5F7XYgKnVItehF8fnzjlt3IkuwHwVyKA-ONN2SVYuU_n5JzyHfq1E0jin-MISON9qDvTz-7Psv5xh1wlYDuKOXsNT36XXWPRoiYxykV10AJEmJ1UuEeLXhKYfEqUGCylkld7cUt_rQ2zlLvSq5hNA8VgBwsyzSUQ03uF1_u6y_6DScCycyB8ysAjFyhPhmQ_yaPDuA4vhBddQue0THYBFAPEJst8NVo8dREvKcFytNdLh3RAtttZZUwEtKOYbmzk4ituA6xsMrSK_aHQBomZVsxkkqCNc1Xf0trSHNi8UAjnicMCG_Nky_Ndo9CMCmF-6NKZaQl_pM6mn5Tg_ifIP2tp1-R3pPZDzwJ9CHAYqr-TTbawlv-FfolUmTMkMDbkSIs2F-M3J4XWxxvkRsjoAjtpxM8JO5cL3X5g6UWYFRLrf3jvoReH92BLJrBxaUE1ZSSrP_RM3DF_rx_3fIVERGScxqTtYkmPZxw7lTqLmG-ruoDzlSg6bY4Jg79wSaPWhDCbe-0L30FXmspvvzdZ2neDWmxB9UE1zmXWRnuAqw4JeOwCuGdn_8b8ftN7NeUMArSQKVMs64R1CwE-lBPZPVONfEbSx7qAuUx0nsT45EXIax_IbgEDHGXPslpHaMXI-VkK25S5WWm8GOeqnET1CvJ7ASIykaeeGqpR9S9rQmBCu2vA59lPJLa9EM96P1rcaXTNe0vUl9YXcfK2l0fKL4DOp4nsjitHQJJH_Fu7rWfkBgRKC9ngme82Abs-J1D2gGJ1pOoCeScnsiTRvLI2E1EGdq4wh8vla68lFn49kZS--PsHXqsenL6F12SA87EqMvQnKoX84rpRNzSmWQ6NnTAYZ7kTT34uXXnQfqe9a9OecenZ1CgX8Utdd670xfrVf2MpVlPicC109kdeNYiMetOuE-laAGzPhnFX1OsoDybuHj6XLaBZdjsG9-cY612IIWJSh1TGQQCWnLLpU6LR_9g9s9FiWKsitOuKoSSQ0kuAkdprdAsXZQIg6VSQwIC_C4z8_moXqhiEpofCrlVddpLxIsWIeYt-_rlIPBt86APSMxJYfv0OkSE8JTM9ruFi8xXIOLrOhBliV2_voIdwuoZBjwhhDTG3n0JUaXxd4bD0WTjQNKPOPbroARjSs-su7YXqbMeVl65fyV1RNyQ4pWjBIGakSbT-IM4HEQ_QxLeYHEGswKQsNBI7-bjtax1_0GP-fQ-FMEjZqbdlivRK4Px8U_2p_EY8AMxFN9bnWxslRMHrklhnlUwmYJKjel6L120LJKtFF5jNlmncFtDWMYTduONbz2u1Z9_gr9qN1xbD6tVuYTGUFrEwtQF0gmbhtL1oViDC630xEhAi3RnekBwAfxOhQppR8To2nMi8wTxXB1SavCie9mYVIG0XQY0_2XIpc2l55xksqmuHMPPo0qkA4kQbhf-O6QxS724zDH41SO79h_x4oZ2h17-kFl8TpxZE__Uk5xTdH-bDURFHwMukj1dwr7qhz88BPCH_n3wXQSk39SQjkF10jlG5X5E9LYat2uhEpN51JCOitpn4F7Q4mZzpM3BftK5sfS3w_u8HYjsoL4TMQ816pCgjX_9D09rff3vljU5p1d9Tvzk-G_9xUgC1Y6gCLieEUMupGjP29npH-MY1NPxilP1fpsw8uKawq0-me426fHbPoel7clW2r2uzNxZLB0IalRYaDpHR3PTDgB5Gf3ycYu4J2jtgEZKkLkt3oW8yaJRC2MhTNDKME7KCU0JURFNWJgDITwedao7nwY6bp_ACaiLXJ5m8UnMXJtmgSsvtMk57IXXhrkQdh1gBwEKOou_L5Rtgnc6vHB-NbePfDayuAqzVo-idjgcxNJG8uOougVCTZuCD48mqglglxlJ4kE35aEFSpQBrmvIIH4s62AXGjtWExIe_6gmScefQUuc8e23JsqTD4LTiKWdusQkGejBEMlTY9P0dpaMVlGibKp3HQ18Mv3ytCok-kiYZlyZ4ne0yucH6o3WUXLdnDhBHDk67yFTmGLfZ-s3s0RAI32Rj1QSWvG46-G3J79zyrzaEqAY5HqQ9fwhS0hQB1TJwmgxHzllf9YebluIGPLP3H_uJBE-eW1xO5leBHfQ5uS2fS5j71dldUcUaYlKWEMptgX9OFnSFA1H4BWupce3-KNAncJtf6Ga4yWTUp6eBuL8LdKWpmBKp2bu366THjtaT8O07PmV_rH4xJ7lQvUYNHkijW2Wa126HaicNjVQ8u_wrxF2uJgt7MAgbAuj3GYgBlNNeergVGU4RIaNRG3A1_pFgHlk7wTmZvLUksv6TXv7Z3g9snW0AZt3aNFHv-0KK9MMzSNmhihhdToQNnqD5xWIw09B3mNDXQ2rr_H8qqcyuAzqMrmqQho2ti1CYDENPt3CjDZIVL61vCyqgNIgVLf4zZ9HIq1ADq-f_NASRZhl7woe6KbJngisNZvi5aL7YNiRKwYzv8ICZWuxR4kYiux_I9BXWMldG7saVvoJFnFrFOjEexD6LJzcdCbU1WxkvMYzFE9ZfW9rqxbpq_1q7mLph-GuFp7Lz5WjEjqE53cOs_0iSKjMDleThxnUCYQRw_69A-7TmSBfR8YzSAN34hooCG6KZTYLz-sOhnwFKVfe6ZZIeMsYvGTNqWDFVeAKJLD2Ez29Oh5PdmuCnYhNOfFX6oz8lgHDhSS3hV6eZKeXJyy569-4k9COxoMhFQJ0louQ4ag1wWjNopg4sic7-e_wylEpRYJ7szsMW_f3BhjxSSWd0qHl4Kl6NETLLS3XGAlh_vicp1Mz5oFJaCmomqiKQB3hmdVSX9Jny2Lq0LX1CwvvbfYOrdd8mU4Ki20K5aZkzs9GTlyqaD8w2HpCQ8OBgFULo-2E-uZtcQHQLQ5mANdwcITLj1PKQN2jHkxGW_iTmVbAiczpsdQomg5vIPmmj39jUeVBamcdNR9HfAitzoNYu2uhyc0p_CSre4QU2OImTTPX9PYchstm91h_7OgZ8BH2sLTG8H9nBzh2MN_fm-QUGUeIf-cFs_g&cid=CAQSPADICaaNXjIvlZkdkM-khBjRFdXc6bkUOhz_4zZlwnKsGmXxjD0JulioTXa5C3F04v3A2SsR3lOtNuvbQxgB&dv3_ver=m202309260101&rfl=https%3A%2F%2Fwww.prothomalo.com%2F&ds=l&xdt=1&iif=1&cor=11025155485231483000&adk=3047537735&idt=727&cac=0&dtd=19

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.194.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

si-in-f156.1e100.net

Software

cafe /

Resource Hash

06d3aed082b970cae2c991bcee2ec11eed01a98c668803ee5969231e89fd5b1a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://5b3aaee6d5df5eceffb4592408cbc1b2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 03 Oct 2023 23:31:33 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 38144
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame BF4F 0
56 B 97ms
96ms Ping
image/gif 64.233.170.157
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=7465931771013&version=m202309260101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

64.233.170.157 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sg-in-f157.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://5b3aaee6d5df5eceffb4592408cbc1b2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 03 Oct 2023 23:31:33 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame BF4F 0
47 B 96ms
96ms Ping
image/gif 64.233.170.157
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=7465931771013&version=m202309260101&ct=76&x=1&cor=7809063312213976000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

64.233.170.157 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sg-in-f157.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://5b3aaee6d5df5eceffb4592408cbc1b2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 03 Oct 2023 23:31:33 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame BF4F 98 KB
39 KB 198ms
197ms Script
text/javascript 172.217.194.156
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CBtJVWdSzPE-jDUni19pAj-SCjfn0pvniqkhUm_8qQ-vPlyvTbNrG2mpRgO1Kz_wflO4FWZxEzMuUt9lqfgm6DT49swSvxdSkdWE_dWWgHiGX4gdFwrAW_8DsxjEes5SVyt1fTPT5r9QVgwN6uLnfsJRrUwCyVIiEHM91wD4gy4iX4ngY&dbm_d=AKAmf-Cjfjm1Jv148EHTs5_xrKrJt183bgn5m73wJtvM9Svmq5kzxJYH9Q7AovzKDZBjNgN6CFvFPGVMFQxeElaTVWxHlN1Vim7VJJ87f9aYWTEvYJI8nGU7gZwWVNZ2QK9UANvzQJ1o-eIXcOn3HB8urfPrqvJY_hvlUCLcxOsyLW03cCI52IkUqiVcPwidQt7tZJfV7tymyiiS6HKsGBRBiRbISgroHHAxtetiZk-m_hymf_flqxLcbupcrcnd4Q0MypC_Ir3GuFV-psBc90SXDcgNBxgamaLVBtu1yxTTvHfIjg-jtZ6Zv1kuuvdA33DxofmaQsC3ao0LVw_AB9yHQq9pCgBbYURA3gY1Un1YgJfl7mz26VJzFYPcEuiyGK_OwKSvr8yAeqZ0uiBctEL5SN54gsJaSb0IdIo-22OHwqv2OPKchhhrOAMOxt6P59JnmiIa5XO2ZQuQdZftC4MtXnOf1L6gvViU3xvrQL8L5bn6jzTS0AoDHbM31YsVtvWMxnvADzyMFR44D7afD6kCeFbDGIicss3RMHZw0aaiJ-6HKVIjpCwuazhaz-d3QCpiTEfIxiKfE8jdmfMn00SlhYC2swbbAD611SJXCZsTBFqGDWJtS5-5Ay5enFvNrlJc5K3S3darc4l4FKMd7rMY38HoERwXmuMaL4ArACbaYcHQ4vnJqkjvOnu-53cMzXBAsGFTGcrCoytf4FHTW60bJgt79w-DlPOcqWwE1b17fWAq1q7Euzq8kYfEAvg8LFGlc4veVQAMhvg8q6MVwxyqSmwOkH8TBdXq0KPxM-P4WdRtFUNhWQBOK_0NKswg7jAClywLlweeEw5gLZotHTIMMfiHknCMgzXEFOBK5rNRqKNiU5HDPj2-oorskxPSsgvVAqEQp8Wqq9mHmoTepLy1KSuwas-iAFR5htjUk3CA2BQ16NoNrSmxiF0OOcpOdSr4_kQw6aJ4JZEQvuVgwdP7DxymijwMdTO0VFg3Cw7n7kZBSOFY9nswIsYzPVWgMEMVdRuQC7F6JNhLHnG-EolxkKAnRZUMO_rMaS3i0ruOMekQ-0KCSgB7Fn6qFHSpa-Dbfo10Esr0hNFSSNmqHEj9po75bHQubFkFv9uP1iAX7YE3i_v9YOp0KQ7zTO6_bKNQ8I8BVE9GimE9y4eaP5CA6Vt0Ha2qp18v9qxZsGqWy8-HYnBpEqazPSIocyjmRmzEp_ddiJFcXNyluLynHPrPdhlFVokaK2Ql6VElyT6hfOkp3LzywxF_PmoEedZCsLtVMwVpWkY1Tbx7LRs1qhW_9IHEnS-XinDCAc7iITrDKDm2Y64SmKPCgRG5L-Vlkjnf-E-SA1TbtWOXTP5oRp4Ph359V0Hd1UYxsmLSlBTtPpb_-Wdwpu30xbKXYSVBDWsp6xL380SbITtp1Fq-kEsmzXD8EfLPzzYRQ6dCKlBsx6jpm-JkmZtMCb1TOw3iSKH-NLDjbKdJm3MEJNp5vDIr9R8n2uWjGpK33QCmZxybSYlnrxmyVsbublXUCCADp9mBwt9idzcB5SkGP-au9VgCpnWMkciPKY-jwDU_iPs9gUzOBI2oU9PqVevfD4bSS-74yUe6XI1jhp_RdP7VoOMYUmBI3LETuwc2L65BwyWzu9K-NtBMVTegiBbVETiDPysJxNcJlSB7r1UXv012aNWHrNn421c0x0lst0-UgUNo8LiZKN3Vd9mCIgoOsY3_7pM_kbI4PNV15czO2rf173gjm38kwFLrRHpvTqCyRdjsDlBcjPv6PPMl0E8m05G38aJaMjDD-e2zrm-Pzj_k5L1I_Ri7ErRnRjnmzgzu3u2vxHs6FBOD-MYJcGJ67tUlcy30n6J6K-HW8IFAlHN0yJ4270uAUYl4AnP6iYPMCeVygDP9HjzXlj9h5V3I717jT2w77A5HZEoK2f1Xmu6aDPmeuD4jxPW7RuwJS-n0hPrIMgi4GtezfaP8rBUovdPC4AJkEJFkzofM9P9RFXEz3GQrcrkI5j8k95jZwWyBRswlLnbILuGlRVi5OOl3GQ-oGRNRglZgpihbrkGbh0IZpMi3Yhar941r2cg4mHCJ86-8e23qE3RcZ6aYi3rCsIP4KuvRdX9RiDld_1lFjOwDM5allD_H2xBRk0XgQjU36DDo45nsDpkwU4_Aa5YMkiwyTFE-JrhKFjy-quq8szzcajS3GLdwOMXndPMEpZuXP2SbXK0dBU6B5zhchah3YVrrzRlItdoPEyM9iazpZjmwHCcwaTfl8u9VXO5eWkGgFJKccNOdRuyxjmur-9iM-agfLSMUAAir9igWWYBbbiIS9jw5liu0JUuLkcwzHCtREKuBVKmHkmp984LAI1AYxLHutI4QEpYkVZGO8GDfTgkqfGvX6_uwA0o732ZycBTcNcdZXfLu7DpUrYs6IWkERfp_YCABvA1KPvQvuXaSHCZyAjRutb_AMj3VQvWW3FJR4sjW3vXvJFBeJEF1VI75xDZ3wt1UYIYaSFkACQsnGh9qNMyPVxcJYBfLB7sT3lEos6oNhUCkNgfSOZKk8oKVqf9oEDjXxNnbREjQM0pWmGHbhP4PGwqvzvHptYhF5jHjrDX0hTMxaHiG6aOXYzq3P_NPK9BBZk9IopUexFKIOQPCbYTS5Iv9fhVqmR381S0AWxvV5h4cJre-8o9kUO34q08s8E6YCwbLLS0cLoJ_3jCyYvzH5lYhyCVumabmEAYT-xXG29Pgkkf2ua8y0Eh_OBwKBIeWxLXxeJuomItEOOGXJOAtEOTAtu6MOrcFfrWpe_yDpBr66gtVUKAUBBeeHPaUB1Oemt4AzwpXT6UHNDkcqfSJ1-pfJTbm8hhUjp-269Bgb3LmknUyF2HCHHb6sz-XfZgnh2vodI4Cbs8O21BcA-vqFM-i-6Q34XnN633rOFyfrVW0c4QotaiZwPDCWlkIk2e1IyQ1Db5tjHbOxc1x2uE8WWGWqQWLpyKcc1BaJsZGcBzj1e9TKIA4YhhiXszSNfmDgAy9mXa0bn3ofIy1tiZzHpxBwgAzq_4Z2bKT04AsAlX2fcwXFY0SABQedkwBCq5Ge5jL63vq4Sk2Ru-f9oIs7Pc7N7a8xODNOMbCwKbVJ6WYeQMxm1mGMyrCl0ymM9jBZx4WtmDpd-f5ZU5wXHx5T2Kiaa-AB1ts5Gk3QTLydF3thwpjv79SPb_2TmQLsCZq6edsz7JxzNOJj8hJ1woRQGOYjGn3uz-UU7mmd46vw0AFnkvoERDDB9BeyBFQhl8Bux825OTxdKc-4nCm7skcuN9A1zEBAhQyvExJvLi7FBoK7MhHwAM3UlPFF4UdTNhTUmE3b5DXDX9-etWLnfUPLMCXkw60JDavtZavjy2lgFtYpvIZt7U4Wo0C1SDSFraPD12PwqPqedkqJEvnhDEAqbr-LHc2YlQZV8EtRSUVLWZ4OpGOf5R3QAfAzC16y6ewrrc5Tsup75ppQgEgiOQl5NNV5xQ04vedYpHCmEMSpgsHthpJeyT51Ywo-ZYAmZs3q0IlMprVUsSbIajrQX2H2l4HC3rRSx5bU88TmKmCeFb72i6dceIU_kcavPY8Oj0OnsjAgb_WR9IOisgoFn0GcJGw9Sp6OBFmDvZD6C6OcQ63bQoCOq5Cbx3BU-VM6Fb9zrfdDIQfreNzKnNVtmwCs-nqUFNfTqnbU4_BMDB8OBJ2oLTsTn6CS_deC0nt3o7HWtdQ5zwiBIDrHpiH7eFpHW7YQi7pRBdXD4yEEMUDqLG04NCtmhCgz2GDvnyMW62qijEM9lLew-gzYOfJ0xr_LEqRQnFGZzCOVifrp74I2vLSgDkkzqtCBBEwacHnRrYQ4SY40ICx&cid=CAQSPADICaaNeSM1e7-0HqYdFTyZaSmexn7-qgAoQfWxNiki6XLgXi5T_cx59IMWMFa0vD-USFWYMBtuaktmKhgB&dv3_ver=m202309260101&rfl=https%3A%2F%2Fwww.prothomalo.com%2F&ds=l&xdt=1&iif=1&cor=7809063312213976000&adk=2857193498&idt=444&cac=0&dtd=3

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.194.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

si-in-f156.1e100.net

Software

cafe /

Resource Hash

7192f70cc87dedb63896e0112c5648ff6e6c81c9c64d245e8b404699ca2f907f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://5b3aaee6d5df5eceffb4592408cbc1b2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 03 Oct 2023 23:31:33 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 39992
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 express_html_inpage_rendering_lib_200_278.js Show response
s0.2mdn.net/879366/ Frame 2370 111 KB
39 KB 950ms
90ms Script
text/javascript 172.217.194.148
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js

Requested by

Host: www.prothomalo.com
URL: https://www.prothomalo.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.194.148 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

si-in-f148.1e100.net

Software

sffe /

Resource Hash

1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://5b3aaee6d5df5eceffb4592408cbc1b2.safeframe.googlesyndication.com/
Origin: https://5b3aaee6d5df5eceffb4592408cbc1b2.safeframe.googlesyndication.com
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 06:36:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 60933
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 39806
x-xss-protection: 0
last-modified: Tue, 14 Mar 2023 18:44:05 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 04 Oct 2023 06:36:01 GMT

GET
H2 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20231002/r20110914/elements/html/ Frame 2370 11 KB
4 KB 89ms
88ms Script
text/javascript 64.233.170.157
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20231002/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-B_3c1e6JYv7ZsTdos5gN9QUNva4vjy4jnIZ8BORWVyLQctVjW3QLFXhcXrQ0fVH_B7Ur7pyUTRkAJC8f68v7R97enPgQ&cry=1&dbm_d=AKAmf-Bu2VW0K4cGxZVv3UOLKX4w6VBC0Vmo5LfFOhvwRIGhuQRVckuytuknCKJ8N0U19Qv9juBJnCzL530lYrFAxmF64hZT5wqWXKkj85VDfgBhhlx1OfxBkS3mMpnrlC2t4lu4yXcZSIz-c42ce0Rk9wACfbytR5h_DVr3qBtYntFjntOA05iIt7WoPlfkJs1Z_Z3RbbT-jF3iYvl5Vrjabd8e9Ky_FaN3HRoguCIEiHLdKlGv_VwlzFdE19dOLiQpyfsPo8TMfVTViQ0XzjyxD1ZXj7S2Zz69gXDswKLa0BK8CLY5jxALsQJvuCffHxdDCqW1GblR16DXscVa2sPFjMsQvgZw40lWS6Lh5_9KdCQEU_0ZPFSc0u9Fhi0WWF0NKMH6S8WEMr-rZxo8mnena9tv145BGOz2tlndBFlEz25vogWZw0gmiWZNs5Ra7g_fhpYnDtuqbB5apkYxCoybOYoJIwd1C-y6a0YUS-OtuWVrjSzmEJ2D2_-0L37Tm7NIcVOWbahx8q-N0BakZs2Xxlm2e9gVWGhyoKQaQUhJ08CgFEHVpXtfykGgjRE-NNIF-7bv0bVaXnnxv-fnbcX12_pA5BNWuATFs0ikvfIJhw0j5vRugy8jEQWB63YhUcbLewpwCd0u5JEhOFsAYqXNeiHVCEi4GL-Grf_Cd0oJOvuIVhjRuoBrXBrhx9epIcXyR14gANFXIygwGToofEkJqd-JSlIgbiqsacHmltMI8IJh8nJ5pyDk5_DQaACzEzqfJJ9Bv_nZz0CHekg89IXOb1X8tbu-w7ANk6o38SHiouyS63nR5Jmcv0L1zbaKoZJx-1_jUIwmyEicTDLG6p4TTjxdxOTtBrzy9h97Ry8ai91p7_HH3LtFsEb6S0iRPCa1mYZX5F7XYgKnVItehF8fnzjlt3IkuwHwVyKA-ONN2SVYuU_n5JzyHfq1E0jin-MISON9qDvTz-7Psv5xh1wlYDuKOXsNT36XXWPRoiYxykV10AJEmJ1UuEeLXhKYfEqUGCylkld7cUt_rQ2zlLvSq5hNA8VgBwsyzSUQ03uF1_u6y_6DScCycyB8ysAjFyhPhmQ_yaPDuA4vhBddQue0THYBFAPEJst8NVo8dREvKcFytNdLh3RAtttZZUwEtKOYbmzk4ituA6xsMrSK_aHQBomZVsxkkqCNc1Xf0trSHNi8UAjnicMCG_Nky_Ndo9CMCmF-6NKZaQl_pM6mn5Tg_ifIP2tp1-R3pPZDzwJ9CHAYqr-TTbawlv-FfolUmTMkMDbkSIs2F-M3J4XWxxvkRsjoAjtpxM8JO5cL3X5g6UWYFRLrf3jvoReH92BLJrBxaUE1ZSSrP_RM3DF_rx_3fIVERGScxqTtYkmPZxw7lTqLmG-ruoDzlSg6bY4Jg79wSaPWhDCbe-0L30FXmspvvzdZ2neDWmxB9UE1zmXWRnuAqw4JeOwCuGdn_8b8ftN7NeUMArSQKVMs64R1CwE-lBPZPVONfEbSx7qAuUx0nsT45EXIax_IbgEDHGXPslpHaMXI-VkK25S5WWm8GOeqnET1CvJ7ASIykaeeGqpR9S9rQmBCu2vA59lPJLa9EM96P1rcaXTNe0vUl9YXcfK2l0fKL4DOp4nsjitHQJJH_Fu7rWfkBgRKC9ngme82Abs-J1D2gGJ1pOoCeScnsiTRvLI2E1EGdq4wh8vla68lFn49kZS--PsHXqsenL6F12SA87EqMvQnKoX84rpRNzSmWQ6NnTAYZ7kTT34uXXnQfqe9a9OecenZ1CgX8Utdd670xfrVf2MpVlPicC109kdeNYiMetOuE-laAGzPhnFX1OsoDybuHj6XLaBZdjsG9-cY612IIWJSh1TGQQCWnLLpU6LR_9g9s9FiWKsitOuKoSSQ0kuAkdprdAsXZQIg6VSQwIC_C4z8_moXqhiEpofCrlVddpLxIsWIeYt-_rlIPBt86APSMxJYfv0OkSE8JTM9ruFi8xXIOLrOhBliV2_voIdwuoZBjwhhDTG3n0JUaXxd4bD0WTjQNKPOPbroARjSs-su7YXqbMeVl65fyV1RNyQ4pWjBIGakSbT-IM4HEQ_QxLeYHEGswKQsNBI7-bjtax1_0GP-fQ-FMEjZqbdlivRK4Px8U_2p_EY8AMxFN9bnWxslRMHrklhnlUwmYJKjel6L120LJKtFF5jNlmncFtDWMYTduONbz2u1Z9_gr9qN1xbD6tVuYTGUFrEwtQF0gmbhtL1oViDC630xEhAi3RnekBwAfxOhQppR8To2nMi8wTxXB1SavCie9mYVIG0XQY0_2XIpc2l55xksqmuHMPPo0qkA4kQbhf-O6QxS724zDH41SO79h_x4oZ2h17-kFl8TpxZE__Uk5xTdH-bDURFHwMukj1dwr7qhz88BPCH_n3wXQSk39SQjkF10jlG5X5E9LYat2uhEpN51JCOitpn4F7Q4mZzpM3BftK5sfS3w_u8HYjsoL4TMQ816pCgjX_9D09rff3vljU5p1d9Tvzk-G_9xUgC1Y6gCLieEUMupGjP29npH-MY1NPxilP1fpsw8uKawq0-me426fHbPoel7clW2r2uzNxZLB0IalRYaDpHR3PTDgB5Gf3ycYu4J2jtgEZKkLkt3oW8yaJRC2MhTNDKME7KCU0JURFNWJgDITwedao7nwY6bp_ACaiLXJ5m8UnMXJtmgSsvtMk57IXXhrkQdh1gBwEKOou_L5Rtgnc6vHB-NbePfDayuAqzVo-idjgcxNJG8uOougVCTZuCD48mqglglxlJ4kE35aEFSpQBrmvIIH4s62AXGjtWExIe_6gmScefQUuc8e23JsqTD4LTiKWdusQkGejBEMlTY9P0dpaMVlGibKp3HQ18Mv3ytCok-kiYZlyZ4ne0yucH6o3WUXLdnDhBHDk67yFTmGLfZ-s3s0RAI32Rj1QSWvG46-G3J79zyrzaEqAY5HqQ9fwhS0hQB1TJwmgxHzllf9YebluIGPLP3H_uJBE-eW1xO5leBHfQ5uS2fS5j71dldUcUaYlKWEMptgX9OFnSFA1H4BWupce3-KNAncJtf6Ga4yWTUp6eBuL8LdKWpmBKp2bu366THjtaT8O07PmV_rH4xJ7lQvUYNHkijW2Wa126HaicNjVQ8u_wrxF2uJgt7MAgbAuj3GYgBlNNeergVGU4RIaNRG3A1_pFgHlk7wTmZvLUksv6TXv7Z3g9snW0AZt3aNFHv-0KK9MMzSNmhihhdToQNnqD5xWIw09B3mNDXQ2rr_H8qqcyuAzqMrmqQho2ti1CYDENPt3CjDZIVL61vCyqgNIgVLf4zZ9HIq1ADq-f_NASRZhl7woe6KbJngisNZvi5aL7YNiRKwYzv8ICZWuxR4kYiux_I9BXWMldG7saVvoJFnFrFOjEexD6LJzcdCbU1WxkvMYzFE9ZfW9rqxbpq_1q7mLph-GuFp7Lz5WjEjqE53cOs_0iSKjMDleThxnUCYQRw_69A-7TmSBfR8YzSAN34hooCG6KZTYLz-sOhnwFKVfe6ZZIeMsYvGTNqWDFVeAKJLD2Ez29Oh5PdmuCnYhNOfFX6oz8lgHDhSS3hV6eZKeXJyy569-4k9COxoMhFQJ0louQ4ag1wWjNopg4sic7-e_wylEpRYJ7szsMW_f3BhjxSSWd0qHl4Kl6NETLLS3XGAlh_vicp1Mz5oFJaCmomqiKQB3hmdVSX9Jny2Lq0LX1CwvvbfYOrdd8mU4Ki20K5aZkzs9GTlyqaD8w2HpCQ8OBgFULo-2E-uZtcQHQLQ5mANdwcITLj1PKQN2jHkxGW_iTmVbAiczpsdQomg5vIPmmj39jUeVBamcdNR9HfAitzoNYu2uhyc0p_CSre4QU2OImTTPX9PYchstm91h_7OgZ8BH2sLTG8H9nBzh2MN_fm-QUGUeIf-cFs_g&cid=CAQSPADICaaNXjIvlZkdkM-khBjRFdXc6bkUOhz_4zZlwnKsGmXxjD0JulioTXa5C3F04v3A2SsR3lOtNuvbQxgB&dv3_ver=m202309260101&rfl=https%3A%2F%2Fwww.prothomalo.com%2F&ds=l&xdt=1&iif=1&cor=11025155485231483000&adk=3047537735&idt=727&cac=0&dtd=19

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

64.233.170.157 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sg-in-f157.1e100.net

Software

cafe /

Resource Hash

47a0342d90a877ec7125c3a38706b2faefa9b867661ebcef4a98ec6cf3e60b40

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://5b3aaee6d5df5eceffb4592408cbc1b2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 12:21:58 GMT
content-encoding: br
x-content-type-options: nosniff
age: 40175
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4206
x-xss-protection: 0
server: cafe
etag: 17947678125179771625
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 17 Oct 2023 12:21:58 GMT

GET
H2 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20231002/r20110914/ Frame 2370 30 KB
11 KB 88ms
88ms Script
text/javascript 64.233.170.157
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20231002/r20110914/abg_lite.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

64.233.170.157 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sg-in-f157.1e100.net

Software

cafe /

Resource Hash

4fcc2c45e5c8be67198b1d2c38bef90e3373e59b91be75e915711bfa7c10d22a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://5b3aaee6d5df5eceffb4592408cbc1b2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 19:59:23 GMT
content-encoding: br
x-content-type-options: nosniff
age: 12730
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11602
x-xss-protection: 0
server: cafe
etag: 2362517075893974484
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 17 Oct 2023 19:59:23 GMT

GET
H2 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 2370 41 KB
14 KB 88ms
88ms Script
text/javascript 64.233.170.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: www.prothomalo.com
URL: https://www.prothomalo.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

64.233.170.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sg-in-f132.1e100.net

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://5b3aaee6d5df5eceffb4592408cbc1b2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Fri, 29 Sep 2023 15:19:47 GMT
content-encoding: br
x-content-type-options: nosniff
age: 375106
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13692
x-xss-protection: 0
last-modified: Sun, 25 Jun 2023 02:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 28 Sep 2024 15:19:47 GMT

GET
H2 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame A569 1 KB
758 B 89ms
88ms Document
text/html 64.233.170.157
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: 5b3aaee6d5df5eceffb4592408cbc1b2.safeframe.googlesyndication.com
URL: https://5b3aaee6d5df5eceffb4592408cbc1b2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

64.233.170.157 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sg-in-f157.1e100.net

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://5b3aaee6d5df5eceffb4592408cbc1b2.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

age: 81484
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 03 Oct 2023 00:53:29 GMT
etag: 48472445140208031
expires: Wed, 04 Oct 2023 00:53:29 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 2370 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0464da0341b0b18617f9b0812364dbc76e5e4b429eb3c294b8a146f443d025d2

Request headers

accept-language: zh-SG,zh;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 html_inpage_rendering_lib_200_278.js Show response
s0.2mdn.net/879366/ Frame BF4F 172 KB
60 KB 961ms
164ms Script
text/javascript 172.217.194.148
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_278.js

Requested by

Host: www.prothomalo.com
URL: https://www.prothomalo.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.194.148 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

si-in-f148.1e100.net

Software

sffe /

Resource Hash

a6d36aa3d742ccd6f1ca3c76dcf885af72f7bebe2fcc001ea011a7aea2f55678

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://5b3aaee6d5df5eceffb4592408cbc1b2.safeframe.googlesyndication.com/
Origin: https://5b3aaee6d5df5eceffb4592408cbc1b2.safeframe.googlesyndication.com
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 13:37:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 35617
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 61485
x-xss-protection: 0
last-modified: Tue, 14 Mar 2023 18:43:57 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 04 Oct 2023 13:37:57 GMT

GET
H2 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20231002/r20110914/elements/html/ Frame BF4F 11 KB
4 KB 87ms
87ms Script
text/javascript 64.233.170.157
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20231002/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CBtJVWdSzPE-jDUni19pAj-SCjfn0pvniqkhUm_8qQ-vPlyvTbNrG2mpRgO1Kz_wflO4FWZxEzMuUt9lqfgm6DT49swSvxdSkdWE_dWWgHiGX4gdFwrAW_8DsxjEes5SVyt1fTPT5r9QVgwN6uLnfsJRrUwCyVIiEHM91wD4gy4iX4ngY&dbm_d=AKAmf-Cjfjm1Jv148EHTs5_xrKrJt183bgn5m73wJtvM9Svmq5kzxJYH9Q7AovzKDZBjNgN6CFvFPGVMFQxeElaTVWxHlN1Vim7VJJ87f9aYWTEvYJI8nGU7gZwWVNZ2QK9UANvzQJ1o-eIXcOn3HB8urfPrqvJY_hvlUCLcxOsyLW03cCI52IkUqiVcPwidQt7tZJfV7tymyiiS6HKsGBRBiRbISgroHHAxtetiZk-m_hymf_flqxLcbupcrcnd4Q0MypC_Ir3GuFV-psBc90SXDcgNBxgamaLVBtu1yxTTvHfIjg-jtZ6Zv1kuuvdA33DxofmaQsC3ao0LVw_AB9yHQq9pCgBbYURA3gY1Un1YgJfl7mz26VJzFYPcEuiyGK_OwKSvr8yAeqZ0uiBctEL5SN54gsJaSb0IdIo-22OHwqv2OPKchhhrOAMOxt6P59JnmiIa5XO2ZQuQdZftC4MtXnOf1L6gvViU3xvrQL8L5bn6jzTS0AoDHbM31YsVtvWMxnvADzyMFR44D7afD6kCeFbDGIicss3RMHZw0aaiJ-6HKVIjpCwuazhaz-d3QCpiTEfIxiKfE8jdmfMn00SlhYC2swbbAD611SJXCZsTBFqGDWJtS5-5Ay5enFvNrlJc5K3S3darc4l4FKMd7rMY38HoERwXmuMaL4ArACbaYcHQ4vnJqkjvOnu-53cMzXBAsGFTGcrCoytf4FHTW60bJgt79w-DlPOcqWwE1b17fWAq1q7Euzq8kYfEAvg8LFGlc4veVQAMhvg8q6MVwxyqSmwOkH8TBdXq0KPxM-P4WdRtFUNhWQBOK_0NKswg7jAClywLlweeEw5gLZotHTIMMfiHknCMgzXEFOBK5rNRqKNiU5HDPj2-oorskxPSsgvVAqEQp8Wqq9mHmoTepLy1KSuwas-iAFR5htjUk3CA2BQ16NoNrSmxiF0OOcpOdSr4_kQw6aJ4JZEQvuVgwdP7DxymijwMdTO0VFg3Cw7n7kZBSOFY9nswIsYzPVWgMEMVdRuQC7F6JNhLHnG-EolxkKAnRZUMO_rMaS3i0ruOMekQ-0KCSgB7Fn6qFHSpa-Dbfo10Esr0hNFSSNmqHEj9po75bHQubFkFv9uP1iAX7YE3i_v9YOp0KQ7zTO6_bKNQ8I8BVE9GimE9y4eaP5CA6Vt0Ha2qp18v9qxZsGqWy8-HYnBpEqazPSIocyjmRmzEp_ddiJFcXNyluLynHPrPdhlFVokaK2Ql6VElyT6hfOkp3LzywxF_PmoEedZCsLtVMwVpWkY1Tbx7LRs1qhW_9IHEnS-XinDCAc7iITrDKDm2Y64SmKPCgRG5L-Vlkjnf-E-SA1TbtWOXTP5oRp4Ph359V0Hd1UYxsmLSlBTtPpb_-Wdwpu30xbKXYSVBDWsp6xL380SbITtp1Fq-kEsmzXD8EfLPzzYRQ6dCKlBsx6jpm-JkmZtMCb1TOw3iSKH-NLDjbKdJm3MEJNp5vDIr9R8n2uWjGpK33QCmZxybSYlnrxmyVsbublXUCCADp9mBwt9idzcB5SkGP-au9VgCpnWMkciPKY-jwDU_iPs9gUzOBI2oU9PqVevfD4bSS-74yUe6XI1jhp_RdP7VoOMYUmBI3LETuwc2L65BwyWzu9K-NtBMVTegiBbVETiDPysJxNcJlSB7r1UXv012aNWHrNn421c0x0lst0-UgUNo8LiZKN3Vd9mCIgoOsY3_7pM_kbI4PNV15czO2rf173gjm38kwFLrRHpvTqCyRdjsDlBcjPv6PPMl0E8m05G38aJaMjDD-e2zrm-Pzj_k5L1I_Ri7ErRnRjnmzgzu3u2vxHs6FBOD-MYJcGJ67tUlcy30n6J6K-HW8IFAlHN0yJ4270uAUYl4AnP6iYPMCeVygDP9HjzXlj9h5V3I717jT2w77A5HZEoK2f1Xmu6aDPmeuD4jxPW7RuwJS-n0hPrIMgi4GtezfaP8rBUovdPC4AJkEJFkzofM9P9RFXEz3GQrcrkI5j8k95jZwWyBRswlLnbILuGlRVi5OOl3GQ-oGRNRglZgpihbrkGbh0IZpMi3Yhar941r2cg4mHCJ86-8e23qE3RcZ6aYi3rCsIP4KuvRdX9RiDld_1lFjOwDM5allD_H2xBRk0XgQjU36DDo45nsDpkwU4_Aa5YMkiwyTFE-JrhKFjy-quq8szzcajS3GLdwOMXndPMEpZuXP2SbXK0dBU6B5zhchah3YVrrzRlItdoPEyM9iazpZjmwHCcwaTfl8u9VXO5eWkGgFJKccNOdRuyxjmur-9iM-agfLSMUAAir9igWWYBbbiIS9jw5liu0JUuLkcwzHCtREKuBVKmHkmp984LAI1AYxLHutI4QEpYkVZGO8GDfTgkqfGvX6_uwA0o732ZycBTcNcdZXfLu7DpUrYs6IWkERfp_YCABvA1KPvQvuXaSHCZyAjRutb_AMj3VQvWW3FJR4sjW3vXvJFBeJEF1VI75xDZ3wt1UYIYaSFkACQsnGh9qNMyPVxcJYBfLB7sT3lEos6oNhUCkNgfSOZKk8oKVqf9oEDjXxNnbREjQM0pWmGHbhP4PGwqvzvHptYhF5jHjrDX0hTMxaHiG6aOXYzq3P_NPK9BBZk9IopUexFKIOQPCbYTS5Iv9fhVqmR381S0AWxvV5h4cJre-8o9kUO34q08s8E6YCwbLLS0cLoJ_3jCyYvzH5lYhyCVumabmEAYT-xXG29Pgkkf2ua8y0Eh_OBwKBIeWxLXxeJuomItEOOGXJOAtEOTAtu6MOrcFfrWpe_yDpBr66gtVUKAUBBeeHPaUB1Oemt4AzwpXT6UHNDkcqfSJ1-pfJTbm8hhUjp-269Bgb3LmknUyF2HCHHb6sz-XfZgnh2vodI4Cbs8O21BcA-vqFM-i-6Q34XnN633rOFyfrVW0c4QotaiZwPDCWlkIk2e1IyQ1Db5tjHbOxc1x2uE8WWGWqQWLpyKcc1BaJsZGcBzj1e9TKIA4YhhiXszSNfmDgAy9mXa0bn3ofIy1tiZzHpxBwgAzq_4Z2bKT04AsAlX2fcwXFY0SABQedkwBCq5Ge5jL63vq4Sk2Ru-f9oIs7Pc7N7a8xODNOMbCwKbVJ6WYeQMxm1mGMyrCl0ymM9jBZx4WtmDpd-f5ZU5wXHx5T2Kiaa-AB1ts5Gk3QTLydF3thwpjv79SPb_2TmQLsCZq6edsz7JxzNOJj8hJ1woRQGOYjGn3uz-UU7mmd46vw0AFnkvoERDDB9BeyBFQhl8Bux825OTxdKc-4nCm7skcuN9A1zEBAhQyvExJvLi7FBoK7MhHwAM3UlPFF4UdTNhTUmE3b5DXDX9-etWLnfUPLMCXkw60JDavtZavjy2lgFtYpvIZt7U4Wo0C1SDSFraPD12PwqPqedkqJEvnhDEAqbr-LHc2YlQZV8EtRSUVLWZ4OpGOf5R3QAfAzC16y6ewrrc5Tsup75ppQgEgiOQl5NNV5xQ04vedYpHCmEMSpgsHthpJeyT51Ywo-ZYAmZs3q0IlMprVUsSbIajrQX2H2l4HC3rRSx5bU88TmKmCeFb72i6dceIU_kcavPY8Oj0OnsjAgb_WR9IOisgoFn0GcJGw9Sp6OBFmDvZD6C6OcQ63bQoCOq5Cbx3BU-VM6Fb9zrfdDIQfreNzKnNVtmwCs-nqUFNfTqnbU4_BMDB8OBJ2oLTsTn6CS_deC0nt3o7HWtdQ5zwiBIDrHpiH7eFpHW7YQi7pRBdXD4yEEMUDqLG04NCtmhCgz2GDvnyMW62qijEM9lLew-gzYOfJ0xr_LEqRQnFGZzCOVifrp74I2vLSgDkkzqtCBBEwacHnRrYQ4SY40ICx&cid=CAQSPADICaaNeSM1e7-0HqYdFTyZaSmexn7-qgAoQfWxNiki6XLgXi5T_cx59IMWMFa0vD-USFWYMBtuaktmKhgB&dv3_ver=m202309260101&rfl=https%3A%2F%2Fwww.prothomalo.com%2F&ds=l&xdt=1&iif=1&cor=7809063312213976000&adk=2857193498&idt=444&cac=0&dtd=3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

64.233.170.157 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sg-in-f157.1e100.net

Software

cafe /

Resource Hash

47a0342d90a877ec7125c3a38706b2faefa9b867661ebcef4a98ec6cf3e60b40

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://5b3aaee6d5df5eceffb4592408cbc1b2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 12:21:58 GMT
content-encoding: br
x-content-type-options: nosniff
age: 40175
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4206
x-xss-protection: 0
server: cafe
etag: 17947678125179771625
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 17 Oct 2023 12:21:58 GMT

GET
H2 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20231002/r20110914/ Frame BF4F 30 KB
11 KB 87ms
87ms Script
text/javascript 64.233.170.157
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20231002/r20110914/abg_lite.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

64.233.170.157 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sg-in-f157.1e100.net

Software

cafe /

Resource Hash

4fcc2c45e5c8be67198b1d2c38bef90e3373e59b91be75e915711bfa7c10d22a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://5b3aaee6d5df5eceffb4592408cbc1b2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 19:59:23 GMT
content-encoding: br
x-content-type-options: nosniff
age: 12730
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11602
x-xss-protection: 0
server: cafe
etag: 2362517075893974484
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 17 Oct 2023 19:59:23 GMT

GET
H2 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame BF4F 41 KB
13 KB 88ms
87ms Script
text/javascript 64.233.170.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: www.prothomalo.com
URL: https://www.prothomalo.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

64.233.170.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sg-in-f132.1e100.net

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://5b3aaee6d5df5eceffb4592408cbc1b2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Fri, 29 Sep 2023 15:19:47 GMT
content-encoding: br
x-content-type-options: nosniff
age: 375106
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13692
x-xss-protection: 0
last-modified: Sun, 25 Jun 2023 02:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 28 Sep 2024 15:19:47 GMT

GET
H2 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame C03D 1 KB
677 B 87ms
87ms Document
text/html 64.233.170.157
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: 5b3aaee6d5df5eceffb4592408cbc1b2.safeframe.googlesyndication.com
URL: https://5b3aaee6d5df5eceffb4592408cbc1b2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

64.233.170.157 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sg-in-f157.1e100.net

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://5b3aaee6d5df5eceffb4592408cbc1b2.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

age: 81484
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 03 Oct 2023 00:53:29 GMT
etag: 48472445140208031
expires: Wed, 04 Oct 2023 00:53:29 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame BF4F 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f699d28e220ca73ec1385a8040ba988d3e8234911ce09f197e8ece7eb1650337

Request headers

accept-language: zh-SG,zh;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Content-Type: image/png

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame A569
Redirect Chain

https://fksnk.com/cs/google?google_gid=CAESENvU-Gc_JgYmHQkfegH_B6w&google_cver=1&google_push=AXcoOmSZrX5Z2UXYPUDXWOlCtqN6V7A6NRSwNmA22xw6F6ac36rOijnW6BFhxKoCq7spC2lczWcZ08vdP1_qys6VkYwfIr61HKraGZJx...
https://cm.g.doubleclick.net/pixel?google_nid=fiksu&google_hm=QTY5MTBBMkQ1NjQ1ODZENg==

170 B
188 B

92ms
92ms

Image
image/png

142.251.10.156
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=fiksu&google_hm=QTY5MTBBMkQ1NjQ1ODZENg==

Protocol

Server

142.251.10.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sd-in-f156.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 03 Oct 2023 23:31:35 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=fiksu&google_hm=QTY5MTBBMkQ1NjQ1ODZENg==
date: Tue, 03 Oct 2023 23:31:34 GMT
content-language: en-US
content-type: text/html;charset=ISO-8859-1

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame A569
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESELgE5MX8jne7xP7E_QGVqqo&google_cver=1&googl...
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESELgE5MX8jne7xP7E_QGVqqo&google_hm=ZRykVeIoAnDz4tYFfo-QDQAAEwoAAAIB&google_nid=index&google_push=AXcoOmQHt_EacjjtLYXfqG5_XxmWI2QYbWxrE...

170 B
188 B

93ms
93ms

Image
image/png

142.251.10.156
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESELgE5MX8jne7xP7E_QGVqqo&google_hm=ZRykVeIoAnDz4tYFfo-QDQAAEwoAAAIB&google_nid=index&google_push=AXcoOmQHt_EacjjtLYXfqG5_XxmWI2QYbWxrE2GsbfTv6jD4k3gt6TAX54MvEEI4XO-8NlsnIv-YjKRnvDzlpq5iaUKj-CsjSJhNPB3ENddZ1znONjId8YYkbgKlJgKHt5R9NeQ_TMf7-8NnvhwVJ_tW4w

Requested by

Host: 5b3aaee6d5df5eceffb4592408cbc1b2.safeframe.googlesyndication.com
URL: https://5b3aaee6d5df5eceffb4592408cbc1b2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.251.10.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sd-in-f156.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 03 Oct 2023 23:31:33 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 03 Oct 2023 23:31:33 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=N82gYvJbyOQhZn%2BDnWVVYku3K8lSDYohhCwvWljo2eYA7mQljhPGR79%2BXGNN%2BKJHftQSKwSy0V%2F2KqYOjQcwmGNeBO9KiU%2FuEsbtLhA8OtSxq5i0g3D0rqJCzXa%2BthWpoAzjRdlLhRxf1Q%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location: https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESELgE5MX8jne7xP7E_QGVqqo&google_hm=ZRykVeIoAnDz4tYFfo-QDQAAEwoAAAIB&google_nid=index&google_push=AXcoOmQHt_EacjjtLYXfqG5_XxmWI2QYbWxrE2GsbfTv6jD4k3gt6TAX54MvEEI4XO-8NlsnIv-YjKRnvDzlpq5iaUKj-CsjSJhNPB3ENddZ1znONjId8YYkbgKlJgKHt5R9NeQ_TMf7-8NnvhwVJ_tW4w
cache-control: no-cache
cf-ray: 8108fab8cefb87ea-SIN
alt-svc: h3=":443"; ma=86400
content-length: 0
expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame A569
Redirect Chain

https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESEG...
https://sync.1rx.io/usersync2/rmpssp?sub=google&zcc=1&google_push=AXcoOmS8BwWXs7VZxqvKUHQZ_qjFthxQIqUPCGt4S_5aQ95PQgyJFlU3oUOHeWTstc0CTAYIpOyy7idnmQ8N3-F-Sm2ZX_hCIverClZA7XFAgdrft8uyVPu8poB2nZsdjte...
https://sync.targeting.unrulymedia.com/csync/RX-9b4fe846-0b4f-4309-a48b-f68846cde876-004?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DAXcoOmS8BwWXs7VZxqvKUHQZ_...
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AXcoOmS8BwWXs7VZxqvKUHQZ_qjFthxQIqUPCGt4S_5aQ95PQgyJFlU3oUOHeWTstc0CTAYIpOyy7idnmQ8N3-F-Sm2ZX_hCIverClZA7XFAgdrft8uyVPu8poB2nZsdjteZyWTB...

170 B
188 B

106ms
105ms

Image
image/png

142.251.10.156
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AXcoOmS8BwWXs7VZxqvKUHQZ_qjFthxQIqUPCGt4S_5aQ95PQgyJFlU3oUOHeWTstc0CTAYIpOyy7idnmQ8N3-F-Sm2ZX_hCIverClZA7XFAgdrft8uyVPu8poB2nZsdjteZyWTB97rnfYli1xJ_Z4zujEQ&google_hm=BJtP6EYLT0MJpIv2iEbN6HY

Requested by

Host: 5b3aaee6d5df5eceffb4592408cbc1b2.safeframe.googlesyndication.com
URL: https://5b3aaee6d5df5eceffb4592408cbc1b2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.251.10.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sd-in-f156.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 03 Oct 2023 23:31:34 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AXcoOmS8BwWXs7VZxqvKUHQZ_qjFthxQIqUPCGt4S_5aQ95PQgyJFlU3oUOHeWTstc0CTAYIpOyy7idnmQ8N3-F-Sm2ZX_hCIverClZA7XFAgdrft8uyVPu8poB2nZsdjteZyWTB97rnfYli1xJ_Z4zujEQ&google_hm=BJtP6EYLT0MJpIv2iEbN6HY
date: Tue, 03 Oct 2023 23:31:34 GMT
p3p: CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag: RX9b4fe8460b4f4309a48bf68846cde876004
content-type: text/html

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame A569
Redirect Chain

https://match.sharethrough.com/E4rooAtA/v1?google_gid=CAESEAyCYtyY3KcbgCqyUnHAqDg&google_cver=1&google_push=AXcoOmRrwwAaPxhGUlQWx2_DjTaHJnrcHi2IdueptcUFSYCvXzTC_6xgCItAWAXJdrd89KPi9-jhUOJ9fJWyqS5l0...
https://cm.g.doubleclick.net/pixel?google_nid=sharethrough_ob&google_hm=N2YxY2VjYzEtMzUzNy00OTI2LWIwNDgtN2IwNmQ4OTlkMTAw&google_push=AXcoOmRrwwAaPxhGUlQWx2_DjTaHJnrcHi2IdueptcUFSYCvXzTC_6xgCItAWAXJ...

170 B
188 B

95ms
94ms

Image
image/png

142.251.10.156
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=sharethrough_ob&google_hm=N2YxY2VjYzEtMzUzNy00OTI2LWIwNDgtN2IwNmQ4OTlkMTAw&google_push=AXcoOmRrwwAaPxhGUlQWx2_DjTaHJnrcHi2IdueptcUFSYCvXzTC_6xgCItAWAXJdrd89KPi9-jhUOJ9fJWyqS5l0Al9K8kttS2eDOrSJa4D5KpG2Colmsgkl7AmfYitQtTImqTp4jlvXsps33iZ0L8X8kk

Requested by

Host: 5b3aaee6d5df5eceffb4592408cbc1b2.safeframe.googlesyndication.com
URL: https://5b3aaee6d5df5eceffb4592408cbc1b2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.251.10.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sd-in-f156.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 03 Oct 2023 23:31:34 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=sharethrough_ob&google_hm=N2YxY2VjYzEtMzUzNy00OTI2LWIwNDgtN2IwNmQ4OTlkMTAw&google_push=AXcoOmRrwwAaPxhGUlQWx2_DjTaHJnrcHi2IdueptcUFSYCvXzTC_6xgCItAWAXJdrd89KPi9-jhUOJ9fJWyqS5l0Al9K8kttS2eDOrSJa4D5KpG2Colmsgkl7AmfYitQtTImqTp4jlvXsps33iZ0L8X8kk
date: Tue, 03 Oct 2023 23:31:34 GMT
content-length: 0

GET
H/1.1

200
OK

send
sync-dsp.ad-m.asia/dsp/api/sync/ Frame A569
Redirect Chain

https://sync-dsp.ad-m.asia/dsp/api/sync/send?s=google&pixel_match=y&google_gid=CAESEKaE2BkQWAPlRiI1oZbvvgs&google_cver=1&google_push=AXcoOmSZ5ZFvmi2OwHdgrK8kwgDthGIQsXBG4rqrNalVkfzFeDj5r5TW1l1E-icS...
https://sync-dsp.ad-m.asia/dsp/api/sync/send?s=google&pixel_match=y&google_gid=CAESEKaE2BkQWAPlRiI1oZbvvgs&google_cver=1&google_push=AXcoOmSZ5ZFvmi2OwHdgrK8kwgDthGIQsXBG4rqrNalVkfzFeDj5r5TW1l1E-icS...

43 B
243 B

817ms
186ms

Image
image/gif

220.150.223.50
BEKKOAME BEKKOAME...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync-dsp.ad-m.asia/dsp/api/sync/send?s=google&pixel_match=y&google_gid=CAESEKaE2BkQWAPlRiI1oZbvvgs&google_cver=1&google_push=AXcoOmSZ5ZFvmi2OwHdgrK8kwgDthGIQsXBG4rqrNalVkfzFeDj5r5TW1l1E-icSkbfaklj6L43gluRGMKvbWhaOO48WA6SQOs_n9oEvXWzwoppwV4i5Dakk4udK9ltZIN7pMZdxc9_E7PApU4HXg8VMlKHH&uid-set=1
Requested by: Host: 5b3aaee6d5df5eceffb4592408cbc1b2.safeframe.googlesyndication.com
URL: https://5b3aaee6d5df5eceffb4592408cbc1b2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: HTTP/1.1
Server: 220.150.223.50 , Japan, ASN4686 (BEKKOAME BEKKOAME INTERNET INC., JP),
Reverse DNS: 50.223.150.220.in-addr.arpa
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 03 Oct 2023 23:31:35 GMT
Server: nginx
Content-Type: image/gif
Cache-Control: no-store,no-cache
Connection: close
Content-Length: 43
expires: -1

Redirect headers

Pragma: no-cache
Date: Tue, 03 Oct 2023 23:31:34 GMT
Server: nginx
P3P: CP='CAO PSA CONi OTR OUR DEM ONL'
Location: http://sync-dsp.ad-m.asia/dsp/api/sync/send?s=google&pixel_match=y&google_gid=CAESEKaE2BkQWAPlRiI1oZbvvgs&google_cver=1&google_push=AXcoOmSZ5ZFvmi2OwHdgrK8kwgDthGIQsXBG4rqrNalVkfzFeDj5r5TW1l1E-icSkbfaklj6L43gluRGMKvbWhaOO48WA6SQOs_n9oEvXWzwoppwV4i5Dakk4udK9ltZIN7pMZdxc9_E7PApU4HXg8VMlKHH&uid-set=1
Cache-Control: no-store,no-cache
Connection: close
Content-Length: 0
expires: -1

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame A569
Redirect Chain

https://t.adx.opera.com/pub/sync?pubid=pub6871767557696&google_push=AXcoOmT3YGL_aiK93-nYDC5lCpueSuD6hr_fvFFb15mG6oSAMtOkuM-E8sHA2r0wDak3C2E5TjswcCjVDSzQXrBAa5gMtpJVWNOV8gJ40nGnEQw58qEjupGu8T-BjVPY_...
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEIlpfnP0eG4TqW783EWzEAY&google_hm=T1BVM2JjMTQ5MGIxMTk4NDYwYmFkZDY4YWE4MTNmZGMyNTE&google_nid=opera_norway_as&google_push=AXcoOmT3YGL_...

170 B
188 B

97ms
97ms

Image
image/png

142.251.10.156
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEIlpfnP0eG4TqW783EWzEAY&google_hm=T1BVM2JjMTQ5MGIxMTk4NDYwYmFkZDY4YWE4MTNmZGMyNTE&google_nid=opera_norway_as&google_push=AXcoOmT3YGL_aiK93-nYDC5lCpueSuD6hr_fvFFb15mG6oSAMtOkuM-E8sHA2r0wDak3C2E5TjswcCjVDSzQXrBAa5gMtpJVWNOV8gJ40nGnEQw58qEjupGu8T-BjVPY_lcbdZhR-tmOAV_QEA63g75XSfE

Requested by

Host: 5b3aaee6d5df5eceffb4592408cbc1b2.safeframe.googlesyndication.com
URL: https://5b3aaee6d5df5eceffb4592408cbc1b2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.251.10.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sd-in-f156.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 03 Oct 2023 23:31:34 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 03 Oct 2023 23:31:34 GMT
server: nginx
access-control-allow-methods: POST, GET
content-type: text/html; charset=utf-8
access-control-allow-origin: *
location: https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEIlpfnP0eG4TqW783EWzEAY&google_hm=T1BVM2JjMTQ5MGIxMTk4NDYwYmFkZDY4YWE4MTNmZGMyNTE&google_nid=opera_norway_as&google_push=AXcoOmT3YGL_aiK93-nYDC5lCpueSuD6hr_fvFFb15mG6oSAMtOkuM-E8sHA2r0wDak3C2E5TjswcCjVDSzQXrBAa5gMtpJVWNOV8gJ40nGnEQw58qEjupGu8T-BjVPY_lcbdZhR-tmOAV_QEA63g75XSfE
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, accept, origin, Cache-Control, X-Requested-With
content-length: 379
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame A569
Redirect Chain

https://sync.inmobi.com/gob?google_gid=CAESEFEy0cHg-FTLotySe8FU5Jk&google_cver=1&google_push=AXcoOmRM5YByOo9SCyexkgdES7wGqF5epxDnUom5Zj7FayMwgD12kE6ILTtntXS56glUHtdWs8NqIhTO72o3EJyELBViZt8Su7RTuGy-...
https://id5-sync.com/i/495/0.gif?gdpr_consent=&gdpr=&callback=https%3A%2F%2Fsync.inmobi.com%2FgobRedirectFromId5%3Fid%3D%7BID5UID%7D%26google_push%3DAXcoOmRM5YByOo9SCyexkgdES7wGqF5epxDnUom5Zj7FayMw...
https://id5-sync.com/c/495/0/0/1.gif?gdpr=0&gdpr_consent=&us_privacy=
https://sync.inmobi.com/gobRedirectFromId5?id=ID5-afaeRbYNBqZ5vYxI_BR9GKU2TF8CMZE8Q98yF1wJkQ&google_push=AXcoOmRM5YByOo9SCyexkgdES7wGqF5epxDnUom5Zj7FayMwgD12kE6ILTtntXS56glUHtdWs8NqIhTO72o3EJyELBVi...
https://cm.g.doubleclick.net/pixel?google_hm=yHlGVA9FBd42tda-j0Zs&google_push=AXcoOmRM5YByOo9SCyexkgdES7wGqF5epxDnUom5Zj7FayMwgD12kE6ILTtntXS56glUHtdWs8NqIhTO72o3EJyELBViZt8Su7RTuGy-PIWIyF-N9gKJD80...

170 B
188 B

93ms
93ms

Image
image/png

142.251.10.156
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_hm=yHlGVA9FBd42tda-j0Zs&google_push=AXcoOmRM5YByOo9SCyexkgdES7wGqF5epxDnUom5Zj7FayMwgD12kE6ILTtntXS56glUHtdWs8NqIhTO72o3EJyELBViZt8Su7RTuGy-PIWIyF-N9gKJD806hbALp_k-kLzQkfM2uWG2dG6TAg6k9BJDSs93&google_nid=inmobi_new_eb

Protocol

Server

142.251.10.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sd-in-f156.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 03 Oct 2023 23:31:37 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Tue, 03 Oct 2023 23:31:37 GMT
content-security-policy: default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
x-content-type-options: nosniff
strict-transport-security: max-age=15552000; includeSubDomains
x-permitted-cross-domain-policies: none
referrer-policy: no-referrer
expect-ct: max-age=0
x-dns-prefetch-control: off
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=utf-8
location: https://cm.g.doubleclick.net/pixel?google_hm=yHlGVA9FBd42tda-j0Zs&google_push=AXcoOmRM5YByOo9SCyexkgdES7wGqF5epxDnUom5Zj7FayMwgD12kE6ILTtntXS56glUHtdWs8NqIhTO72o3EJyELBViZt8Su7RTuGy-PIWIyF-N9gKJD806hbALp_k-kLzQkfM2uWG2dG6TAg6k9BJDSs93&google_nid=inmobi_new_eb
x-download-options: noopen
vary: Accept
content-length: 281
x-xss-protection: 0

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame A569 0
12 B 91ms
90ms Image
text/html 142.251.10.156
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13I2DBEIKuZGSkYUWmg2Y__OftalSJ6LvN4ETNoAdwM14DeMayRAduC6irg6FLghLVjBa4Y0GsK3CQ

Requested by

Host: 5b3aaee6d5df5eceffb4592408cbc1b2.safeframe.googlesyndication.com
URL: https://5b3aaee6d5df5eceffb4592408cbc1b2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.10.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sd-in-f156.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 23:31:33 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 575D 22 KB
8 KB 89ms
88ms Document
text/html 64.233.170.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

64.233.170.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sg-in-f132.1e100.net

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://5b3aaee6d5df5eceffb4592408cbc1b2.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

accept-ranges: bytes
age: 206891
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 01 Oct 2023 14:03:22 GMT
expires: Mon, 30 Sep 2024 14:03:22 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 1809 22 KB
8 KB 89ms
88ms Document
text/html 64.233.170.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

64.233.170.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sg-in-f132.1e100.net

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://5b3aaee6d5df5eceffb4592408cbc1b2.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

accept-ranges: bytes
age: 206891
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 01 Oct 2023 14:03:22 GMT
expires: Mon, 30 Sep 2024 14:03:22 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 dpixel
cms.quantserve.com/ Frame C03D 35 B
464 B 658ms
92ms Image
image/gif 103.229.10.192
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEEzkDNPIJRNxTQcvfULs1Hc&google_cver=1&google_push=AXcoOmS5G27thKVW3yonZGH77ex3bNfYy7W93MX9YVsPb1epQaLyBCvR-vcsTA3S23F_lK8N_r8XS5r4jpZ8bL-4zI3DNGm7T44UYs2M3byN6xKJwmjpQUGw1td1JMPlQwLQ0W65Ms5YqL95

Requested by

Host: 5b3aaee6d5df5eceffb4592408cbc1b2.safeframe.googlesyndication.com
URL: https://5b3aaee6d5df5eceffb4592408cbc1b2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

103.229.10.192 , Singapore, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 03 Oct 2023 23:31:34 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type: image/gif
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2

200

i.match
s.tribalfusion.com/z/ Frame C03D
Redirect Chain

https://a.tribalfusion.com/i.match?p=b6&u=CAESED62XnlZFbNaVJl6R78DeMg&google_cver=1&google_push=AXcoOmTlUVjNwI8eXQB98lZVLTjV79-aHovIywukfra1zmpjjKCnoQelYyz82_VUrLxtO5RHuAlyVpcC08vPKNpUyvEbudZKFJsg6...
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESED62XnlZFbNaVJl6R78DeMg&google_cver=1&google_push=AXcoOmTlUVjNwI8eXQB98lZVLTjV79-aHovIywukfra1zmpjjKCnoQelYyz82_VUrLxtO5RHuAlyVpcC08vPKNpUyvEbudZKFJs...

43 B
424 B

293ms
286ms

Image
image/gif

104.18.25.173
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.tribalfusion.com/z/i.match?p=b6&u=CAESED62XnlZFbNaVJl6R78DeMg&google_cver=1&google_push=AXcoOmTlUVjNwI8eXQB98lZVLTjV79-aHovIywukfra1zmpjjKCnoQelYyz82_VUrLxtO5RHuAlyVpcC08vPKNpUyvEbudZKFJsg6yjg4YCVz368Ld6R9nn6btTfSRG4H1fQbRLWa3LkwqxM&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmTlUVjNwI8eXQB98lZVLTjV79-aHovIywukfra1zmpjjKCnoQelYyz82_VUrLxtO5RHuAlyVpcC08vPKNpUyvEbudZKFJsg6yjg4YCVz368Ld6R9nn6btTfSRG4H1fQbRLWa3LkwqxM%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Requested by: Host: 5b3aaee6d5df5eceffb4592408cbc1b2.safeframe.googlesyndication.com
URL: https://5b3aaee6d5df5eceffb4592408cbc1b2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Server: 104.18.25.173 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 03 Oct 2023 23:31:34 GMT
cf-cache-status: DYNAMIC
x-function: 302
server: cloudflare
content-type: image/gif; charset=utf-8
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
cf-ray: 8108fabe5e993dc3-SIN
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 03 Oct 2023 23:31:34 GMT
cf-cache-status: DYNAMIC
x-function: 206
server: cloudflare
x-reuse-index: 416
content-type: text/html
location: https://s.tribalfusion.com/z/i.match?p=b6&u=CAESED62XnlZFbNaVJl6R78DeMg&google_cver=1&google_push=AXcoOmTlUVjNwI8eXQB98lZVLTjV79-aHovIywukfra1zmpjjKCnoQelYyz82_VUrLxtO5RHuAlyVpcC08vPKNpUyvEbudZKFJsg6yjg4YCVz368Ld6R9nn6btTfSRG4H1fQbRLWa3LkwqxM&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmTlUVjNwI8eXQB98lZVLTjV79-aHovIywukfra1zmpjjKCnoQelYyz82_VUrLxtO5RHuAlyVpcC08vPKNpUyvEbudZKFJsg6yjg4YCVz368Ld6R9nn6btTfSRG4H1fQbRLWa3LkwqxM%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
cf-ray: 8108fabc9d2a3dc3-SIN
alt-svc: h3=":443"; ma=86400
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame C03D
Redirect Chain

https://match.adsrvr.org/track/cmf/google?google_gid=CAESEPp7QNok6mZCDEleX32DDbs&google_cver=1&google_push=AXcoOmTWNSNUc1vXakxUmSxJP5s3TUS68a2qmzfNCWuADN_RvF_Esp6Lu5VQ3oDwAH4rGu-SS6giwxf2_Zdv2SFkTg...
https://match.adsrvr.org/track/cmb/google?google_gid=CAESEPp7QNok6mZCDEleX32DDbs&google_cver=1&google_push=AXcoOmTWNSNUc1vXakxUmSxJP5s3TUS68a2qmzfNCWuADN_RvF_Esp6Lu5VQ3oDwAH4rGu-SS6giwxf2_Zdv2SFkTg...
https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_hm=ZDQ1ZDc5ZWMtNjI5Zi00MTdmLWJhNmYtNzQ5ZmVjNDVkNWZk&google_push&gdpr=0&gdpr_consent=&ttd_tdid=d45d79ec-629f-417f-ba6f-749fec45d5fd

170 B
188 B

100ms
100ms

Image
image/png

142.251.10.156
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_hm=ZDQ1ZDc5ZWMtNjI5Zi00MTdmLWJhNmYtNzQ5ZmVjNDVkNWZk&google_push&gdpr=0&gdpr_consent=&ttd_tdid=d45d79ec-629f-417f-ba6f-749fec45d5fd

Requested by

Host: 5b3aaee6d5df5eceffb4592408cbc1b2.safeframe.googlesyndication.com
URL: https://5b3aaee6d5df5eceffb4592408cbc1b2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.251.10.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sd-in-f156.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 03 Oct 2023 23:31:34 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_hm=ZDQ1ZDc5ZWMtNjI5Zi00MTdmLWJhNmYtNzQ5ZmVjNDVkNWZk&google_push&gdpr=0&gdpr_consent=&ttd_tdid=d45d79ec-629f-417f-ba6f-749fec45d5fd
date: Tue, 03 Oct 2023 23:31:34 GMT
server: Kestrel
content-length: 423

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame C03D
Redirect Chain

https://mweb.ck.inmobi.com/sync/3?redirect=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dinmobi_pte_limited%26google_hm%3D%24DSP_CKID&google_gid=CAESEAw7ATJgXvjLQkEJm2OpBv4&google_cver=...
https://cm.g.doubleclick.net/pixel?google_nid=inmobi_pte_limited&google_hm=MzliNzBkNzItZmMzMC00MzQyLWFjNzMtNTVlNmIyNDViMjM0&google_gid=CAESEAw7ATJgXvjLQkEJm2OpBv4&google_cver=1&google_push=AXcoOmQL...

170 B
188 B

94ms
93ms

Image
image/png

142.251.10.156
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=inmobi_pte_limited&google_hm=MzliNzBkNzItZmMzMC00MzQyLWFjNzMtNTVlNmIyNDViMjM0&google_gid=CAESEAw7ATJgXvjLQkEJm2OpBv4&google_cver=1&google_push=AXcoOmQL94VDr2ZZ2up5K9ApioqPocfwfjsQiGhGcrhfJFIJoolvgppJOREhU22uFdHY5gAv9QLr3FSV8B8fH4XO0_5TV3ayMMPeIFVCqncn34AbgH1fIn3FG2F3DBMf0rAXuHwXDNA3ENKA

Protocol

Server

142.251.10.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sd-in-f156.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 03 Oct 2023 23:31:35 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=inmobi_pte_limited&google_hm=MzliNzBkNzItZmMzMC00MzQyLWFjNzMtNTVlNmIyNDViMjM0&google_gid=CAESEAw7ATJgXvjLQkEJm2OpBv4&google_cver=1&google_push=AXcoOmQL94VDr2ZZ2up5K9ApioqPocfwfjsQiGhGcrhfJFIJoolvgppJOREhU22uFdHY5gAv9QLr3FSV8B8fH4XO0_5TV3ayMMPeIFVCqncn34AbgH1fIn3FG2F3DBMf0rAXuHwXDNA3ENKA
date: Tue, 03 Oct 2023 23:31:35 GMT
strict-transport-security: max-age=15724800; includeSubDomains
content-length: 0
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame C03D
Redirect Chain

https://cc.adingo.jp/adx/push/?google_gid=CAESEOCJ65TLdSXuykaBGFPOtp4&google_cver=1&google_push=AXcoOmT5z8Vzkbn9b6KaF4ELxQ74_5R95g116I-j--_XR-uPc_KrSe0kV25qXnZj5E4r3YYTcWJ0vxZQt6-ZGk_zlsSBiQnyC1EkV...
https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AXcoOmT5z8Vzkbn9b6KaF4ELxQ74_5R95g116I-j--_XR-uPc_KrSe0kV25qXnZj5E4r3YYTcWJ0vxZQt6-ZGk_zlsSBiQnyC1EkVjpAf5Vz1wgqyi3W3TwulsG41DTW8R...

170 B
188 B

92ms
92ms

Image
image/png

142.251.10.156
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AXcoOmT5z8Vzkbn9b6KaF4ELxQ74_5R95g116I-j--_XR-uPc_KrSe0kV25qXnZj5E4r3YYTcWJ0vxZQt6-ZGk_zlsSBiQnyC1EkVjpAf5Vz1wgqyi3W3TwulsG41DTW8RV6qy4ZOeeyB1Y_&google_hm=20403c0c83ad7a6a53f69c1154108e79

Requested by

Host: 5b3aaee6d5df5eceffb4592408cbc1b2.safeframe.googlesyndication.com
URL: https://5b3aaee6d5df5eceffb4592408cbc1b2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.251.10.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sd-in-f156.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 03 Oct 2023 23:31:34 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AXcoOmT5z8Vzkbn9b6KaF4ELxQ74_5R95g116I-j--_XR-uPc_KrSe0kV25qXnZj5E4r3YYTcWJ0vxZQt6-ZGk_zlsSBiQnyC1EkVjpAf5Vz1wgqyi3W3TwulsG41DTW8RV6qy4ZOeeyB1Y_&google_hm=20403c0c83ad7a6a53f69c1154108e79
date: Tue, 03 Oct 2023 23:31:34 GMT
content-type: text/html; charset=UTF-8
server: nginx
p3p: CP=NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa HISa OUR SAMa OTRa STP UNI STA

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame C03D
Redirect Chain

https://trace.mediago.io/cs/google?google_gid=CAESEN8i09ojzRu9kEVGoJy-B8E&google_cver=1&google_push=AXcoOmQLWDEzM5GJYjK9UItxnFvN2h_9Z8Z9JTu1_v9iWv4M28ByrMFmU7AshO4gRfv76uWAcIRoF5mOjlBbAxH_bGqbZ9GtL...
https://cm.g.doubleclick.net/pixel?google_nid=baidu_mediago&google_push=AXcoOmQLWDEzM5GJYjK9UItxnFvN2h_9Z8Z9JTu1_v9iWv4M28ByrMFmU7AshO4gRfv76uWAcIRoF5mOjlBbAxH_bGqbZ9GtL4yUNJdSMsLoPCvBGwzvqE2huiYYH...

170 B
188 B

96ms
95ms

Image
image/png

142.251.10.156
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=baidu_mediago&google_push=AXcoOmQLWDEzM5GJYjK9UItxnFvN2h_9Z8Z9JTu1_v9iWv4M28ByrMFmU7AshO4gRfv76uWAcIRoF5mOjlBbAxH_bGqbZ9GtL4yUNJdSMsLoPCvBGwzvqE2huiYYH6bpHQltY0aqLw1XaydD2w&google_hm=5bead3a000ad17bb11fp0400lnayeplf

Requested by

Host: 5b3aaee6d5df5eceffb4592408cbc1b2.safeframe.googlesyndication.com
URL: https://5b3aaee6d5df5eceffb4592408cbc1b2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.251.10.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sd-in-f156.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 03 Oct 2023 23:31:35 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=baidu_mediago&google_push=AXcoOmQLWDEzM5GJYjK9UItxnFvN2h_9Z8Z9JTu1_v9iWv4M28ByrMFmU7AshO4gRfv76uWAcIRoF5mOjlBbAxH_bGqbZ9GtL4yUNJdSMsLoPCvBGwzvqE2huiYYH6bpHQltY0aqLw1XaydD2w&google_hm=5bead3a000ad17bb11fp0400lnayeplf
date: Tue, 03 Oct 2023 23:31:34 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 292
content-type: text/html; charset=utf-8

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame C03D
Redirect Chain

https://analytics.pangle-ads.com/api/ad/union/gg_cookie_matching?google_gid=CAESEJoryS3SJBC4Q5pZG3p40UQ&google_cver=1&google_push=AXcoOmRBXA4AemFlZu_J13xCnGGNH04FoIa7k7pRLu_J9osESdizJ8Z2RI3Le6AdXLS...
https://cm.g.doubleclick.net/pixel?google_nid=toutiao_usd&google_push=AXcoOmRBXA4AemFlZu_J13xCnGGNH04FoIa7k7pRLu_J9osESdizJ8Z2RI3Le6AdXLSkJ-cdTqwVSjbQluLaPyfQ_0e3vJWCuApmC6iG9a9QIN4puYBCIWNX8yvv-ih...

170 B
188 B

92ms
91ms

Image
image/png

142.251.10.156
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=toutiao_usd&google_push=AXcoOmRBXA4AemFlZu_J13xCnGGNH04FoIa7k7pRLu_J9osESdizJ8Z2RI3Le6AdXLSkJ-cdTqwVSjbQluLaPyfQ_0e3vJWCuApmC6iG9a9QIN4puYBCIWNX8yvv-ih-7wyKb3b-Yf_vBkKWJQ

Requested by

Host: 5b3aaee6d5df5eceffb4592408cbc1b2.safeframe.googlesyndication.com
URL: https://5b3aaee6d5df5eceffb4592408cbc1b2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.251.10.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sd-in-f156.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 03 Oct 2023 23:31:34 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

x-akamai-request-id: 29f7a32f.afa0bb38
date: Tue, 03 Oct 2023 23:31:34 GMT
x-bytefaas-request-id: 202310032331347A8E38F14B0B45D003CF
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a23-59-80-149.deploy.akamaitechnologies.com (AkamaiGHost/11.2.5.1-51461813) (-)
x-parent-response-time: 233,23.59.80.149
server-timing: cdn-cache; desc=MISS, edge; dur=224, origin; dur=9, inner; dur=5
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 202310032331347A8E38F14B0B45D003CF
x-cache-remote: TCP_MISS from a23-32-17-54.deploy.akamaitechnologies.com (AkamaiGHost/11.2.5.1-51461813) (-)
access-control-max-age: 86400
access-control-allow-methods: *
location: https://cm.g.doubleclick.net/pixel?google_nid=toutiao_usd&google_push=AXcoOmRBXA4AemFlZu_J13xCnGGNH04FoIa7k7pRLu_J9osESdizJ8Z2RI3Le6AdXLSkJ-cdTqwVSjbQluLaPyfQ_0e3vJWCuApmC6iG9a9QIN4puYBCIWNX8yvv-ih-7wyKb3b-Yf_vBkKWJQ
x-bytefaas-execution-duration: 3.60
access-control-allow-origin: *
access-control-allow-credentials: true
x-origin-response-time: 9,23.32.17.54
x-tt-trace-host: 0145bdf7e78923928a237336c7e24883b1175edb1cdee07c7a000e8c9a2415c8c2df77b546dfd68e835452d836a36918a17df4c0c319fdc2428271ca4b0e99642b7f6ebcc55c7b6578d1d98dc13dc3e19688bd5218a6557948e69979b571d5df78c7ad32d2b4e4880fc1f6b5c98a94938b
cache-control: max-age=0, no-cache, no-store
access-control-allow-headers: *
expires: Tue, 03 Oct 2023 23:31:34 GMT

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame C03D 0
12 B 89ms
88ms Image
text/html 142.251.10.156
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JohejjTPTkjLmhUntT0EFxJKRGE1fBUm6qfhOdicQ6jE38MlhYac8aBV2DOTGfSmovl5KS9_s

Requested by

Host: 5b3aaee6d5df5eceffb4592408cbc1b2.safeframe.googlesyndication.com
URL: https://5b3aaee6d5df5eceffb4592408cbc1b2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.10.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sd-in-f156.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 23:31:33 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2 200 fKmd0_GjkmbwxuPCHGJrquWY3DKtsFUpFSxCST8vOts.js Show response
pagead2.googlesyndication.com/bg/ Frame 575D 37 KB
15 KB 87ms
87ms Script
text/javascript 64.233.170.157
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/fKmd0_GjkmbwxuPCHGJrquWY3DKtsFUpFSxCST8vOts.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

64.233.170.157 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sg-in-f157.1e100.net

Software

sffe /

Resource Hash

7ca99dd3f1a39266f0c6e3c21c626baae598dc32adb05529152c42493f2f3adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Sat, 30 Sep 2023 14:21:42 GMT
content-encoding: br
x-content-type-options: nosniff
age: 292191
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14789
x-xss-protection: 0
last-modified: Mon, 25 Sep 2023 09:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 29 Sep 2024 14:21:42 GMT

GET
H2 200 fKmd0_GjkmbwxuPCHGJrquWY3DKtsFUpFSxCST8vOts.js Show response
pagead2.googlesyndication.com/bg/ Frame 1809 37 KB
15 KB 87ms
87ms Script
text/javascript 64.233.170.157
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/fKmd0_GjkmbwxuPCHGJrquWY3DKtsFUpFSxCST8vOts.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

64.233.170.157 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sg-in-f157.1e100.net

Software

sffe /

Resource Hash

7ca99dd3f1a39266f0c6e3c21c626baae598dc32adb05529152c42493f2f3adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Sat, 30 Sep 2023 14:21:42 GMT
content-encoding: br
x-content-type-options: nosniff
age: 292192
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14789
x-xss-protection: 0
last-modified: Mon, 25 Sep 2023 09:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 29 Sep 2024 14:21:42 GMT

GET
H2 200 1x1.png
secure-assets.rubiconproject.com/static/psa/blank/ Frame 1721 156 B
310 B 90ms
87ms Image
image/png 23.50.93.199
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure-assets.rubiconproject.com/static/psa/blank/1x1.png
Requested by: Host: www.prothomalo.com
URL: https://www.prothomalo.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.50.93.199 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-50-93-199.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 58a617d2c88d378bfd267e2817e2228e82ef0c3f28d8ac3458b18af77335c39e

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.prothomalo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 23:31:34 GMT
content-encoding: gzip
last-modified: Tue, 01 Oct 2019 16:53:58 GMT
server: Apache
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
access-control-allow-credentials: true
accept-ranges: bytes
content-length: 155

GET
DATA 200
OK truncated
/ Frame 1721 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1caad1150aaeaf37c4fc85559dca2a6c911d367c47500dd9af03d345fb7d56e8

Request headers

accept-language: zh-SG,zh;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 view
securepubads.g.doubleclick.net/pcs/ Frame 1721 0
0 954ms
99ms Fetch
image/gif 74.125.68.157
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjst6-KaT3MIlyemSVajLEdMLVfL4Dt1MsORfr0qqVqJcNAALWBHtXvSTzjdr5i97L64pMN0ZIds_JL1yCDy_gySA1rAN0PxHUWFumr3EHwq5MAYP2ekVRzvSSn8n8xRqV5hoMSIkfN6NArt0IeNDZY669w14ZkMjdVgVTvTLJiov4IxqQfkzKiBSkcQnNmm-fQFa36jJRL63WZGOOq_73NxdETXE3B-9jfiC04R82mVLqmw9TlSwTafjw1JzkcZEu6-ghozF8QdEWYUzGoP38Rk57EaUU7wloBha6AC6AImS7gLzunYop0Bw0zKNww-SEHE9lt3X536xNa4NaA&sai=AMfl-YTK9LlrncdrLu1EBdq5U_EGwgP1HSIe_ijZtcNqTEWha-C0hiopWr9RscBqFcaqsZPMfoeKzw4sFrnFavCD43q21Kub4RlPsKXg4EX8S3pYzx7CHh6M7xmkqw5c4GM&sig=Cg0ArKJSzLl6ShkekbKBEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.68.157 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sc-in-f157.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.prothomalo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 23:31:35 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Tue, 03 Oct 2023 23:31:35 GMT

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 575D 0
47 B 90ms
89ms Image
image/gif 64.233.170.157
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=B_PvXVaQcZfvzIYaHwgPQq7XoCQAAAAA4AeAEAg&bg=!iYqlisXNAAZN1Q_XbdU7ADQBe5WfOMjq4zK-8Py_WBVDNa8KYo2OhRMH7kq7iPhyKTMh1kf_bwwbwzfERSZgtXOCQSxqAgAAAH5SAAAAC2gBB5kC-ybnGCutqfIOL3oPr4j4KEfjwSaAuBQj4XcohrHmyeWMeAhl2NUItSZeWKjXvXh2j55UuAV7q1HUBpzploNgfWkdsbWE1D4WQ9zqfX7y9wP1eCaFeznQWAOe3favcUaQ55aa5Hx3bsMF4pr6NWgmSH81Gqj5asXQoqk3FRGzVoWNc4i7y-ke6-LDJPtbetdNRuBCO7etj8L8Lr3ETE6TBhT4ClQ1uV8h6p8DGFirll3nGgvm3X0lKnRJBOh3BPwhSc5TOac-YOk523Hexo32kGco7l5rwWDE4nd5VqZAfvNuXqC6oBvuc55YkCztHiSxiQQjiVEkC7xKhVYRCW4h28pja7bXN5wmA1A1u6L-L6bMjnCw2jms9EXazPCkWqbWbEbJvcJxBWDYoRdmZaMA7bGcqGZo_zsl7Cd_iQxQGaUHPHnr_bcvuOcoRyIN_zUCEKRpo3JWtXnFba95dupyBKSc8OV6ocg6Mk-AbbQZNZR1Tz9cT_8n69BZR8n_0yybi-SRkZsxTYuxkwqr20OJecRw679xC3mG2cHwXwGyZuL8Msgo-ieVy1QPnTGQdahqwCCLT-D-NiQhBG-Xz6HPWRFVPO1equc_WhNaKCIdRwK21pQpaQc_a5qT517hxRB5qBhFFpDlzw8CVF0s1UZOCsCvb94VEr9NPXJaC_M_kIvjGsiKM7MydSg7KRDGuJC4Izg_8WuxxZ7c3cRr1dDZoHnLJCsoClSLElQfGoFqKu40NP1DkSNt-4-nqRw90j1tW37_PmJP4AHtfdEEVoh9WmeeRVuOAGyXtK48IVKqFanjnXX8b2CfdCVXHgs75UOHbY__HaOvbf96GlJotYgdl_Qwjrv8sV0B3WeV7Z_lXabE9TuA7YM0OYsJ0nx1sMNBDqrraubZu6oaS2IzDoLm51YST5RQXVCy_dqxHi1QyWoHpJ1lC8ZI7sKDxIaWXM3Kf3fF5Vr-ZZjZdiYtQMwpWVVIFwn03IOQjOkQtct1oXbK1NeGFPM1VmY1224

Requested by

Host: 5b3aaee6d5df5eceffb4592408cbc1b2.safeframe.googlesyndication.com
URL: https://5b3aaee6d5df5eceffb4592408cbc1b2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

64.233.170.157 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sg-in-f157.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 03 Oct 2023 23:31:34 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 1809 0
56 B 91ms
91ms Image
image/gif 64.233.170.157
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=B68naVaQcZau-IoTWogP9tIDIAgAAAAA4AeAEAg&bg=!ZmWlZSrNAAZN1Q_XbdU7ADQBe5WfOL3tX0lVO_BXmoEhDsAOvbk8Zn0JdnnrEcW_rbk0JDEIuFFaNJTSlzySQi99NrJ7AgAAAH5SAAAACGgBB5kDEVdNxzjX7mJJxyC91bkGs1m3nfmXPl6Mnzz_7PmML5vkFg8Ngf6uJIw9W6OgZdJQVjSOp6Uwt7qwXQcaaRSxY3Lo3JGzKhJhHE1SjIlU2EQCLCPa6EIRQnnpGCq-1MPsI5IW276nRMTrrHrAXGnn6rrLfjn4LahPrrJlKKsEhHrJQVdjoOjITNDJyeJR2FHNmYiMyCsCao86D_iT7bE4n5cSv35Z6IuEyBR-Ig-356gik2YnjNNduxEcorCN3l5qjQQATLgMaxtFr6bXDJVJFGfdCpBw-7UmA-8hQgLJV6zUr9J5DkWU0B5aEHrIYuxm8B8yANRMa5krNJL5K0VPsT6JCMfK_b4smntWsWdKLQa1pTTE7rHB_RiP3T54LnmQaI3MJ19HqBCuV0oZZLgijh5qMmcWzSE1vJHCHGlKuDLlaFPYC2FsuimO0xMfRmnEfxa5YRF0W7XUKHjUCIcpotHzMYfXl_-1P0q5NLUcdo42SRWB8GDzurGgMaJvE3zE4OIO7SfewSRZwY1ogioqOuwTFyYKhX0Kld2IDDSnpZjwithvCxaaU9EEOB1WTYNbghdCz1f1PrT1rkvrAzHqHfbf6mA_UhLretTQ0VAbS5f9zRGx-BhIVa4qc5fobwCJguN2lY92OQGOIMrLf7diqoSkw3t3_jqqLrL-b9bohg0a5fuLFSnp0QYF_nQsKDOaeXU9L09QABi6Q7ryfPVE0M5_b1xcBOIKoy5lJBEtsOYG3LFKfQCEW_mCFZzjJpw0q0l9uanB9c0CXKiinjLvKuJXPQ_yuzuwjG5SMUxhFMis3J1vjH6xtd9KdFHy4FDI0fJDocGnexInuJ9dgCXXAt_M8TzyMsJpmG8fXyU3EFvRLzw6nowU1raodHR5GEPnB46gWAVsWXx5HrWrj5yerjlwjsi5-Aou2dBngbB4awsY4iJPqNfK6ShoS5lNq1Zis1eX8gUpjeQ2EG5HfAVu_0s7k4dS4x2lRXj_rfKzLIwdLWdmD1gZa67sIN_R4UU3zKAsukIrZK5r1URBOrFkiBdB

Requested by

Host: 5b3aaee6d5df5eceffb4592408cbc1b2.safeframe.googlesyndication.com
URL: https://5b3aaee6d5df5eceffb4592408cbc1b2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

64.233.170.157 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sg-in-f157.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 03 Oct 2023 23:31:34 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 index.html Show response
s0.2mdn.net/sadbundle/647347765926785345/ Frame D698 280 KB
30 KB 89ms
88ms Document
text/html 172.217.194.148
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/647347765926785345/index.html?ev=01_250

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.194.148 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

si-in-f148.1e100.net

Software

sffe /

Resource Hash

384f32fba6bccfd699df906c0513f1324e99f3b1c93c6be51eb126d8895f76e9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://5b3aaee6d5df5eceffb4592408cbc1b2.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 497967
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 30785
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Thu, 28 Sep 2023 05:12:07 GMT
expires: Fri, 27 Sep 2024 05:12:07 GMT
last-modified: Thu, 28 Sep 2023 01:34:00 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 2370 0
0 369ms
109ms Fetch
image/gif 142.251.175.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvAWpeTyDFsKg2RO26nfczTMdG9RVkTes84_sbWnUO70pBu3p3ufaFFCMc1jySH0TiSOdRK9i8kSxmbI_F2duUEgnUEKOqGUEwIw7tEEBancF5e2ARFL6NCxUHbMPmpirA6pwXSFpcLoUnOa1hgIZNYBVhcWDf4pyFd5qQ6E9xabif6_bnIMmzBfqlARtVcFuq1QqsrHkHjyjLS2MNmRFBO2ejEZCeISaV_LkC26SEazzBPvLeTz_m6OfTqWsNmXse6gP7YnYTo5m6ltblXKlB0hGahoznW-KzWsVlPjmv18cPtbI2vVQrK0GFW6baCYOIAJ9eiRwil54Z1LfTzSt6VeMYeS6loB0NAKZtXvYaH4Cgu2lM8NPedTo8tqsnfoUFOf8FTwXSpKVdftiISekVjwmZNIScRqvJKxvkh4uaHQmrB687Z7bAfKsubSc5qpDnn02cC-448fHinZHqkJIuknBNiZZajwnQ1puJ95HiFTngFZZiH2RsI35jUomLAXTEzLR7QcPArquO8upcpYu84FCbusARibg-Twt7piTDBdXEgxxa_XkvUfTrsA9Bl4a8rMncX-Rxj33zkKsHY20cPg7devAa_Z7hzf0RSumNWtiZcVyA7y4dVbaaG0gXdu245ZvMa8Uv5Zu3HmQfuC3uBgdk1mOSeh8wHQLcKahZnRnOhbg_aMEsweM5PhYt-oj8nyIS9AaNQyrRAvBoHjhSnvNWumECdRtOXV3rlJUS5Y67u0F6D7XPn3KAv-10GSDsXe6emdMwJVeR4JXGVJmj3K6VCwhuXbQ014aIMnV1z_2dSWOjtae89jCsJYWvgaQY0tOB6FfqsGHhVxGKgq4X8cDFTjOAeqd3asPc0SVxIpko7dbiT7vDg_FHnJtkE2le-F9bVE5yHhDSq4B3ot8acLE6hfUsCWMAbMzK8UdkzRrfVR1YofWZSRnDrXYVonpTcP3vAUEZ-ofPa34Ajz_OQTiC83JBo0tuQSJFxwRGRjbjzS7sqVVDQDHB6QG_TbQEiYa5SgSfTXnhDh0glFQ4EPUOqcwe7vnkGk1p2gpEmIMkpuVafUs-pqCT4TGXTn4KOHgqlEH_bervfD5Ylp5Um65ixqgp74xgLcolNFzRHglf25CQIpudRrwMDkm3ey-oN3HjOnIUop7KONgw55bKyxoWicfKCNNfS4R8iMrtn6_QNcxihDcnrWU06G-XrIoXu5NU9zPTfcVOTUFdTPtjImQCkL4WyT-9dJcEP_mQ3plBqKz6fXGdpSNXFoTsWZelMOZJAyTIGDH5xVm-sTfmrEBB3TrYNx9226hWgCKB91-v-BrHNKA0tPY2rlupWKs278lgjHwBMXSp4acaNyMQH1zhCoMHC3KT_cg&sai=AMfl-YRycLqSwcFu5uYJWOC4QZden-3FjPJdUpMlVq88WfdclEnWRFP1yFpXxtZDmpJK8zvlSEwF_I0VyKUqZ9uPODr_1A1WgF43Myf0Caimj--ytMaDucdgOxUTjNYALx74REIgbnkD3tTnt7qVbS5nbVU34olo3dEoKfZYIOneiaKH2LLWOBkE0QNe9cAYRw3s4Kup-Z0tKDZD4dIr5wnYWf1es8kITKzRKh6EPvzSkHSYWa7196125UDHxA5xpIEDd399FtMcp1YzGPxG60rrR0ZeDefBFFN61w&sig=Cg0ArKJSzIafnTHSuWeiEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1035&cbvp=1&cstd=1031&cisv=r20231002.71336&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=

Requested by

Host: www.prothomalo.com
URL: https://www.prothomalo.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.175.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sh-in-f154.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://5b3aaee6d5df5eceffb4592408cbc1b2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Tue, 03 Oct 2023 23:31:35 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
content-type: image/gif
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 index.html Show response
s0.2mdn.net/sadbundle/9943023757918470144/300x250-Segmentation/ Frame 5297 18 KB
4 KB 90ms
90ms Document
text/html 172.217.194.148
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/9943023757918470144/300x250-Segmentation/index.html?e=69&leftOffset=0&topOffset=0&c=JPq9QgDrb8&t=1&renderingType=2&ev=01_250

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_278.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.194.148 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

si-in-f148.1e100.net

Software

sffe /

Resource Hash

23393957d1aba6c38d19f6a5ae4ff446efc41796091bf73d79d590a5b68bf5dd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://5b3aaee6d5df5eceffb4592408cbc1b2.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Tue, 03 Oct 2023 23:31:34 GMT
expires: Wed, 02 Oct 2024 23:31:34 GMT
last-modified: Wed, 02 Aug 2023 01:26:48 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame BF4F 0
0 323ms
111ms Fetch
image/gif 142.251.175.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuudhCKxqfB1eWZVgKJOaCyQrWF39NxIXTiRppr2HHkUJ0Xpoc6-G7fur3KriOPWKMS2BwP1YbPRxsHK9xtZEbIi-LyTi3g0rIFAKjZgkTeeDsnOgQvOIfm_4tGSkzt2iamC11ng0iScBgDUGje587tz5nyzx_qMBilqWzhV7KsqS_RH9gjAvjCiuFE42p9QSYCgvkIYHZkdzpzds0I3i6V9kuZy3xV9c9p0tOJMOivbhKexL-Kc1iI75dX63zsPIhTfzd_Cs0AWAuZgN5PudeOENfR7F3S99j4aX0fTFplBloB2mVXkDI8j7ChTsoKtcL1cu_NNqcVMw7y7CUbWJNZH7bprU3NaR-73_rWNJvG-WslVMPdx3-oWwdbryaHfj5Uki_tiK5IgJbGaObb4vQ80vWNxiVs_xeHs3tyrt8H5ylEgetu90lq3d9dNGJ1P859mek3uxwqSYBxTlcyOCgGp0qyv-mZFlmVenc0Y_uATzpWsXD3J6RIGhKVVeQ3bOq75aGkClyop175eNYlIwjpgk95Ab2EhCdui2OGTvuHF_Relk9Uy8XpcrELnT7_Qq_mfRtoOA9tl1gU-of9hGQYetR1i8UUVYAzfnrI9jDpP5Kob7jnD3SssB3XUbGgcO9FKbVSTe0iefWd94nSdAalty8O4eDFOLmPl-Qkww6pLWCAHB7OrbNmR5UUvw9F4BI-CflEYFdMV09ev2I6a0m1kQgifzy7T0HrHw6adWjLV7ouuGPkWXL0v61gLkZ2pVO4UcVoBTW3DVeVuqKGFld3Z1fPa7y3XtSVloKNKAhsEgwkoqh0YX7P0WOtbID4-ATkq6C0VztQCS1xjysruAgyWM6UxfahyRP6UUCGRP5f2JXWw0B5FO4pX3ZHsapdxhT7lAhIEkX1PJPrUauwrcc4K13beGXNQB4s_EJZSCOapbdcRIZEKWLVEIOc3BRjgCByfjVnRB8jSx-PCye_5BdfM-Gne9usHpq6SJfEJCo8Wk40nu8dEQqJjGlNfCNXcIuQq1pdjoZGsQA3O1a75UNVeykKKlEi4p9lmowa6RCabIP5XFCd4Et7U9Xe-ODrIgaqoOwyPxQpGXs5LJHYFlKdGGYkMm4pTpf6dUoejtiOkVDA3rkuTy8zoVooBywAwo0FsWxDCS0nXEecmJTWitjiC4ViBBKxQLYVRw4AefRFHAqD_amnPEzWZwMqube9Onyh6x84KIZm4gFERC0wFyd-NEWpb3bD0UPYYIFQGtkxEetAZLWCaEaDA3moOZiYMkAgTZji9gurD2Hc7qFf6gncn2e4zq-4WEGMykNt8EA_dC2qrU9VvBsXJpSER3MTYvYvtkbenHm824rxShKujLMdaDvjxVeIZk7iQwGKBoKi2pjDOi0qPAgYRxSFk_ozbDSmjhh6xvgACAplfF729jXfkfc1mXUBswQpLrFWRzQuUOV9bzqytZ_IsMpFHdqJLhbma8dK_I4qhmR-mg1F-WYZVAtwYMayK7Lyy8bk7KTe&sai=AMfl-YTgzuJgf4fJEHxbj1wcMdUHJBLKvQcSimOBm7-Fx7XALWJOEB9-318D27AoIBhQKGTNYKHuJvsD89CNriuQ65t6vQDQxsWjclAuYMCjIWRGLobwsaRY-9riyE8UgytYtZGXrFAqquZHQ8xbLyR7LoDfj8SZU0HBbTo9p3jzcbiPUoipjX9jQrFQS4gwDfcMQntChK9fYSdxOEsYYEFVB2I82ntzpqMVqr_UwDY2Rg3Tlc7y2Hf_SPPoLNnpTpZXc2EbWzKZM11KglgzLvby4K_u2b6xgg1gBw&sig=Cg0ArKJSzIj_l1-EokZnEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1019&cbvp=1&cstd=1008&cisv=r20231002.20873&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=

Requested by

Host: www.prothomalo.com
URL: https://www.prothomalo.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.175.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sh-in-f154.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://5b3aaee6d5df5eceffb4592408cbc1b2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Tue, 03 Oct 2023 23:31:35 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
content-type: image/gif
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame BF4F 42 B
108 B 959ms
99ms Fetch
image/gif 64.233.170.157
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvtuilCGZKEvqdM7OrR0QJYrj0cxUGOfUwHNGfoU9ZAawr0yRNcl4GliFfR2KQnPPhGqQlZt1DzqH4-4eSoICFYOs8gsrl_l2GZLvwkORXzNzY2QtUcg9QgRP8_qD-aD63-fA79B7Eyxg&sai=AMfl-YRg1SBfPWuG3fNFdu121cg0NmgbX5Vq5tBQGwUrKfPXVTUEsCD1c4Zx5EUxHCNvpSV7SmuCcWVTCoJJ6goT7_WNyG3sGLSBrSmuyJ_Q8c8lwNh_-FKBReF2707A&sig=Cg0ArKJSzHttDO99DYvsEAE&cid=CAQSPADICaaNeSM1e7-0HqYdFTyZaSmexn7-qgAoQfWxNiki6XLgXi5T_cx59IMWMFa0vD-USFWYMBtuaktmKhgB&id=lidar2&mcvt=1000&p=303,1124,553,1424&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20231002&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=591070982&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1696375892932&rpt=874&isd=0&lsd=0&met=ce&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

64.233.170.157 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sg-in-f157.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://5b3aaee6d5df5eceffb4592408cbc1b2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 03 Oct 2023 23:31:35 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 DcmEnabler_01_250.js Show response
s0.2mdn.net/879366/ Frame D698 32 KB
11 KB 88ms
88ms Script
text/javascript 172.217.194.148
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/DcmEnabler_01_250.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/647347765926785345/index.html?ev=01_250

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.194.148 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

si-in-f148.1e100.net

Software

sffe /

Resource Hash

fc9fe8ec0612072dc6d3b4acd268e09d28c253807f47846a5f70dd8360d1a0d1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://s0.2mdn.net/sadbundle/647347765926785345/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 07:24:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 58033
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11558
x-xss-protection: 0
last-modified: Tue, 14 Mar 2023 21:28:37 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 04 Oct 2023 07:24:21 GMT

GET
H2 200 adlib.css
s0.2mdn.net/sadbundle/9943023757918470144/300x250-Segmentation/ Frame 5297 6 KB
2 KB 92ms
90ms Stylesheet
text/css 172.217.194.148
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/9943023757918470144/300x250-Segmentation/adlib.css

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/9943023757918470144/300x250-Segmentation/index.html?e=69&leftOffset=0&topOffset=0&c=JPq9QgDrb8&t=1&renderingType=2&ev=01_250

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.194.148 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

si-in-f148.1e100.net

Software

sffe /

Resource Hash

c821ac5b54d6356aa81644902d5fad10603c9a415679c081d7760dde7f7bdbd4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://s0.2mdn.net/sadbundle/9943023757918470144/300x250-Segmentation/index.html?e=69&leftOffset=0&topOffset=0&c=JPq9QgDrb8&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Thu, 28 Sep 2023 23:35:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 431749
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1924
x-xss-protection: 0
last-modified: Wed, 02 Aug 2023 01:26:48 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 27 Sep 2024 23:35:45 GMT

GET
H2 200 adStyle.css
s0.2mdn.net/sadbundle/9943023757918470144/300x250-Segmentation/ Frame 5297 4 KB
951 B 100ms
98ms Stylesheet
text/css 172.217.194.148
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/9943023757918470144/300x250-Segmentation/adStyle.css

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/9943023757918470144/300x250-Segmentation/index.html?e=69&leftOffset=0&topOffset=0&c=JPq9QgDrb8&t=1&renderingType=2&ev=01_250

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.194.148 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

si-in-f148.1e100.net

Software

sffe /

Resource Hash

890f44666a99f782e81d3db497702ea3a78c1ce81150daf5de07625b560ac13c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://s0.2mdn.net/sadbundle/9943023757918470144/300x250-Segmentation/index.html?e=69&leftOffset=0&topOffset=0&c=JPq9QgDrb8&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Thu, 28 Sep 2023 06:20:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 493856
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 855
x-xss-protection: 0
last-modified: Wed, 02 Aug 2023 01:26:48 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 27 Sep 2024 06:20:38 GMT

GET
H2 200 Enabler_01_250.js Show response
s0.2mdn.net/879366/ Frame 5297 120 KB
41 KB 100ms
98ms Script
text/javascript 172.217.194.148
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/Enabler_01_250.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/9943023757918470144/300x250-Segmentation/index.html?e=69&leftOffset=0&topOffset=0&c=JPq9QgDrb8&t=1&renderingType=2&ev=01_250

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.194.148 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

si-in-f148.1e100.net

Software

sffe /

Resource Hash

31d02f43dd0c7fc5c0d95db087a23f1c2d729c93f10450884c8da6b415f7839b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://s0.2mdn.net/sadbundle/9943023757918470144/300x250-Segmentation/index.html?e=69&leftOffset=0&topOffset=0&c=JPq9QgDrb8&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 07:04:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 59199
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42247
x-xss-protection: 0
last-modified: Tue, 14 Mar 2023 21:28:42 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 04 Oct 2023 07:04:55 GMT

GET
H2 200 gsap_3.2.4_min.js Show response
s0.2mdn.net/ads/studio/cached_libs/ Frame 5297 57 KB
23 KB 138ms
136ms Script
text/javascript 172.217.194.148
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/studio/cached_libs/gsap_3.2.4_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/9943023757918470144/300x250-Segmentation/index.html?e=69&leftOffset=0&topOffset=0&c=JPq9QgDrb8&t=1&renderingType=2&ev=01_250

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.194.148 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

si-in-f148.1e100.net

Software

sffe /

Resource Hash

e8403779d45a9590b43c0ecf984ebe11e75fd2982630d658390a6001a6768770

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://s0.2mdn.net/sadbundle/9943023757918470144/300x250-Segmentation/index.html?e=69&leftOffset=0&topOffset=0&c=JPq9QgDrb8&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 23:31:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23276
x-xss-protection: 0
last-modified: Thu, 05 Mar 2020 03:53:22 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=0
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 03 Oct 2023 23:31:34 GMT

GET
H2 200 textFit.js Show response
s0.2mdn.net/sadbundle/9943023757918470144/300x250-Segmentation/ Frame 5297 8 KB
3 KB 130ms
128ms Script
application/x-javascript 172.217.194.148
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/9943023757918470144/300x250-Segmentation/textFit.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/9943023757918470144/300x250-Segmentation/index.html?e=69&leftOffset=0&topOffset=0&c=JPq9QgDrb8&t=1&renderingType=2&ev=01_250

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.194.148 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

si-in-f148.1e100.net

Software

sffe /

Resource Hash

c8e48ea465007a8f3473fecfbcfe2e31e0d807e98f8ab65f8b0e655779ae2b72

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://s0.2mdn.net/sadbundle/9943023757918470144/300x250-Segmentation/index.html?e=69&leftOffset=0&topOffset=0&c=JPq9QgDrb8&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Thu, 28 Sep 2023 20:01:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 444597
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2875
x-xss-protection: 0
last-modified: Wed, 02 Aug 2023 01:26:48 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 27 Sep 2024 20:01:37 GMT

GET
H2 200 adlibUtils-v3.js Show response
s0.2mdn.net/sadbundle/9943023757918470144/300x250-Segmentation/ Frame 5297 27 KB
11 KB 117ms
116ms Script
application/x-javascript 172.217.194.148
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/9943023757918470144/300x250-Segmentation/adlibUtils-v3.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/9943023757918470144/300x250-Segmentation/index.html?e=69&leftOffset=0&topOffset=0&c=JPq9QgDrb8&t=1&renderingType=2&ev=01_250

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.194.148 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

si-in-f148.1e100.net

Software

sffe /

Resource Hash

d97b425c044c0f74127938ce35f477873b7bbbf589951732b515c95ef7c688c7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://s0.2mdn.net/sadbundle/9943023757918470144/300x250-Segmentation/index.html?e=69&leftOffset=0&topOffset=0&c=JPq9QgDrb8&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Thu, 28 Sep 2023 23:15:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 432982
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11214
x-xss-protection: 0
last-modified: Wed, 02 Aug 2023 01:26:48 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 27 Sep 2024 23:15:12 GMT

GET
H2 200 animation.js Show response
s0.2mdn.net/sadbundle/9943023757918470144/300x250-Segmentation/ Frame 5297 7 KB
1 KB 131ms
130ms Script
application/x-javascript 172.217.194.148
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/9943023757918470144/300x250-Segmentation/animation.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/9943023757918470144/300x250-Segmentation/index.html?e=69&leftOffset=0&topOffset=0&c=JPq9QgDrb8&t=1&renderingType=2&ev=01_250

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.194.148 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

si-in-f148.1e100.net

Software

sffe /

Resource Hash

d2f7c8aa89377e3be8191a1bf01ccb54564fade4b1990a80770fb2a3d0d35a89

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://s0.2mdn.net/sadbundle/9943023757918470144/300x250-Segmentation/index.html?e=69&leftOffset=0&topOffset=0&c=JPq9QgDrb8&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Thu, 28 Sep 2023 13:05:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 469564
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1415
x-xss-protection: 0
last-modified: Wed, 02 Aug 2023 01:26:48 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 27 Sep 2024 13:05:30 GMT

GET
H2 200 SplitText.min.js Show response
s0.2mdn.net/sadbundle/9943023757918470144/300x250-Segmentation/ Frame 5297 9 KB
4 KB 130ms
129ms Script
application/x-javascript 172.217.194.148
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/9943023757918470144/300x250-Segmentation/SplitText.min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/9943023757918470144/300x250-Segmentation/index.html?e=69&leftOffset=0&topOffset=0&c=JPq9QgDrb8&t=1&renderingType=2&ev=01_250

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.194.148 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

si-in-f148.1e100.net

Software

sffe /

Resource Hash

4934174cd39db1f62680ac12ae44ad9aa040bd445d831ae65f79779b7f2e6e8f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://s0.2mdn.net/sadbundle/9943023757918470144/300x250-Segmentation/index.html?e=69&leftOffset=0&topOffset=0&c=JPq9QgDrb8&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Thu, 28 Sep 2023 23:29:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 432129
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3818
x-xss-protection: 0
last-modified: Wed, 02 Aug 2023 01:26:48 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 27 Sep 2024 23:29:25 GMT

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 2370 0
0 120ms
102ms Fetch
image/gif 142.251.175.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvAWpeTyDFsKg2RO26nfczTMdG9RVkTes84_sbWnUO70pBu3p3ufaFFCMc1jySH0TiSOdRK9i8kSxmbI_F2duUEgnUEKOqGUEwIw7tEEBancF5e2ARFL6NCxUHbMPmpirA6pwXSFpcLoUnOa1hgIZNYBVhcWDf4pyFd5qQ6E9xabif6_bnIMmzBfqlARtVcFuq1QqsrHkHjyjLS2MNmRFBO2ejEZCeISaV_LkC26SEazzBPvLeTz_m6OfTqWsNmXse6gP7YnYTo5m6ltblXKlB0hGahoznW-KzWsVlPjmv18cPtbI2vVQrK0GFW6baCYOIAJ9eiRwil54Z1LfTzSt6VeMYeS6loB0NAKZtXvYaH4Cgu2lM8NPedTo8tqsnfoUFOf8FTwXSpKVdftiISekVjwmZNIScRqvJKxvkh4uaHQmrB687Z7bAfKsubSc5qpDnn02cC-448fHinZHqkJIuknBNiZZajwnQ1puJ95HiFTngFZZiH2RsI35jUomLAXTEzLR7QcPArquO8upcpYu84FCbusARibg-Twt7piTDBdXEgxxa_XkvUfTrsA9Bl4a8rMncX-Rxj33zkKsHY20cPg7devAa_Z7hzf0RSumNWtiZcVyA7y4dVbaaG0gXdu245ZvMa8Uv5Zu3HmQfuC3uBgdk1mOSeh8wHQLcKahZnRnOhbg_aMEsweM5PhYt-oj8nyIS9AaNQyrRAvBoHjhSnvNWumECdRtOXV3rlJUS5Y67u0F6D7XPn3KAv-10GSDsXe6emdMwJVeR4JXGVJmj3K6VCwhuXbQ014aIMnV1z_2dSWOjtae89jCsJYWvgaQY0tOB6FfqsGHhVxGKgq4X8cDFTjOAeqd3asPc0SVxIpko7dbiT7vDg_FHnJtkE2le-F9bVE5yHhDSq4B3ot8acLE6hfUsCWMAbMzK8UdkzRrfVR1YofWZSRnDrXYVonpTcP3vAUEZ-ofPa34Ajz_OQTiC83JBo0tuQSJFxwRGRjbjzS7sqVVDQDHB6QG_TbQEiYa5SgSfTXnhDh0glFQ4EPUOqcwe7vnkGk1p2gpEmIMkpuVafUs-pqCT4TGXTn4KOHgqlEH_bervfD5Ylp5Um65ixqgp74xgLcolNFzRHglf25CQIpudRrwMDkm3ey-oN3HjOnIUop7KONgw55bKyxoWicfKCNNfS4R8iMrtn6_QNcxihDcnrWU06G-XrIoXu5NU9zPTfcVOTUFdTPtjImQCkL4WyT-9dJcEP_mQ3plBqKz6fXGdpSNXFoTsWZelMOZJAyTIGDH5xVm-sTfmrEBB3TrYNx9226hWgCKB91-v-BrHNKA0tPY2rlupWKs278lgjHwBMXSp4acaNyMQH1zhCoMHC3KT_cg&sai=AMfl-YRycLqSwcFu5uYJWOC4QZden-3FjPJdUpMlVq88WfdclEnWRFP1yFpXxtZDmpJK8zvlSEwF_I0VyKUqZ9uPODr_1A1WgF43Myf0Caimj--ytMaDucdgOxUTjNYALx74REIgbnkD3tTnt7qVbS5nbVU34olo3dEoKfZYIOneiaKH2LLWOBkE0QNe9cAYRw3s4Kup-Z0tKDZD4dIr5wnYWf1es8kITKzRKh6EPvzSkHSYWa7196125UDHxA5xpIEDd399FtMcp1YzGPxG60rrR0ZeDefBFFN61w&sig=Cg0ArKJSzIafnTHSuWeiEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1277&vt=11&dtpt=242&dett=3&cstd=1031&cisv=r20231002.71336&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=

Requested by

Host: www.prothomalo.com
URL: https://www.prothomalo.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.175.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sh-in-f154.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://5b3aaee6d5df5eceffb4592408cbc1b2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 23:31:35 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame BF4F 0
0 93ms
93ms Fetch
image/gif 142.251.175.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuudhCKxqfB1eWZVgKJOaCyQrWF39NxIXTiRppr2HHkUJ0Xpoc6-G7fur3KriOPWKMS2BwP1YbPRxsHK9xtZEbIi-LyTi3g0rIFAKjZgkTeeDsnOgQvOIfm_4tGSkzt2iamC11ng0iScBgDUGje587tz5nyzx_qMBilqWzhV7KsqS_RH9gjAvjCiuFE42p9QSYCgvkIYHZkdzpzds0I3i6V9kuZy3xV9c9p0tOJMOivbhKexL-Kc1iI75dX63zsPIhTfzd_Cs0AWAuZgN5PudeOENfR7F3S99j4aX0fTFplBloB2mVXkDI8j7ChTsoKtcL1cu_NNqcVMw7y7CUbWJNZH7bprU3NaR-73_rWNJvG-WslVMPdx3-oWwdbryaHfj5Uki_tiK5IgJbGaObb4vQ80vWNxiVs_xeHs3tyrt8H5ylEgetu90lq3d9dNGJ1P859mek3uxwqSYBxTlcyOCgGp0qyv-mZFlmVenc0Y_uATzpWsXD3J6RIGhKVVeQ3bOq75aGkClyop175eNYlIwjpgk95Ab2EhCdui2OGTvuHF_Relk9Uy8XpcrELnT7_Qq_mfRtoOA9tl1gU-of9hGQYetR1i8UUVYAzfnrI9jDpP5Kob7jnD3SssB3XUbGgcO9FKbVSTe0iefWd94nSdAalty8O4eDFOLmPl-Qkww6pLWCAHB7OrbNmR5UUvw9F4BI-CflEYFdMV09ev2I6a0m1kQgifzy7T0HrHw6adWjLV7ouuGPkWXL0v61gLkZ2pVO4UcVoBTW3DVeVuqKGFld3Z1fPa7y3XtSVloKNKAhsEgwkoqh0YX7P0WOtbID4-ATkq6C0VztQCS1xjysruAgyWM6UxfahyRP6UUCGRP5f2JXWw0B5FO4pX3ZHsapdxhT7lAhIEkX1PJPrUauwrcc4K13beGXNQB4s_EJZSCOapbdcRIZEKWLVEIOc3BRjgCByfjVnRB8jSx-PCye_5BdfM-Gne9usHpq6SJfEJCo8Wk40nu8dEQqJjGlNfCNXcIuQq1pdjoZGsQA3O1a75UNVeykKKlEi4p9lmowa6RCabIP5XFCd4Et7U9Xe-ODrIgaqoOwyPxQpGXs5LJHYFlKdGGYkMm4pTpf6dUoejtiOkVDA3rkuTy8zoVooBywAwo0FsWxDCS0nXEecmJTWitjiC4ViBBKxQLYVRw4AefRFHAqD_amnPEzWZwMqube9Onyh6x84KIZm4gFERC0wFyd-NEWpb3bD0UPYYIFQGtkxEetAZLWCaEaDA3moOZiYMkAgTZji9gurD2Hc7qFf6gncn2e4zq-4WEGMykNt8EA_dC2qrU9VvBsXJpSER3MTYvYvtkbenHm824rxShKujLMdaDvjxVeIZk7iQwGKBoKi2pjDOi0qPAgYRxSFk_ozbDSmjhh6xvgACAplfF729jXfkfc1mXUBswQpLrFWRzQuUOV9bzqytZ_IsMpFHdqJLhbma8dK_I4qhmR-mg1F-WYZVAtwYMayK7Lyy8bk7KTe&sai=AMfl-YTgzuJgf4fJEHxbj1wcMdUHJBLKvQcSimOBm7-Fx7XALWJOEB9-318D27AoIBhQKGTNYKHuJvsD89CNriuQ65t6vQDQxsWjclAuYMCjIWRGLobwsaRY-9riyE8UgytYtZGXrFAqquZHQ8xbLyR7LoDfj8SZU0HBbTo9p3jzcbiPUoipjX9jQrFQS4gwDfcMQntChK9fYSdxOEsYYEFVB2I82ntzpqMVqr_UwDY2Rg3Tlc7y2Hf_SPPoLNnpTpZXc2EbWzKZM11KglgzLvby4K_u2b6xgg1gBw&sig=Cg0ArKJSzIj_l1-EokZnEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1267&vt=11&dtpt=248&dett=3&cstd=1008&cisv=r20231002.20873&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=

Requested by

Host: www.prothomalo.com
URL: https://www.prothomalo.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.175.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sh-in-f154.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://5b3aaee6d5df5eceffb4592408cbc1b2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 23:31:35 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 16 KB
12 KB 733ms
100ms XHR
application/json 64.233.170.157
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202309280101&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309280101/pubads_impl.js?cb=31078458

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

64.233.170.157 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sg-in-f157.1e100.net

Software

cafe /

Resource Hash

fa764d982e6c8c19e96e96714f643330b88d3a373eb1d4ad71dd21b2fdc167e9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.prothomalo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 23:31:35 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12109
x-xss-protection: 0

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 5297 8 KB
6 KB 664ms
94ms XHR
application/json 64.233.170.157
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=01_250&st=int

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_250.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

64.233.170.157 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sg-in-f157.1e100.net

Software

cafe /

Resource Hash

5becc270e154d302a843c251c405f2a06c1908b9cc481da49534318ae4fe23c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 23:31:35 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5926
x-xss-protection: 0

GET
H2 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 1721 42 B
404 B 651ms
92ms Fetch
image/gif 64.233.170.157
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuItUOqAfzD6IzTVvDlqe1NTUq0r9bG2uieanX-s-ZJUKQF93INCbaiVb9pjdZx8qvsFBmLrRmJdnXI0r3Oqt5hTSXQkBx9LlAh1OcATzmNBLixGw0zaxIc6GUuCHAB&sig=Cg0ArKJSzP24wZhWt4f6EAE&id=lidar2&mcvt=1000&p=174,436,264,1164&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20231002&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=19&adk=526797482&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1696375892439&rpt=1652&isd=0&lsd=0&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

64.233.170.157 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sg-in-f157.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.prothomalo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 03 Oct 2023 23:31:35 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 129x197-(300x250)_P2.jpg_1694761249115_129x197-(300x250)_P2.jpg
s0.2mdn.net/dynamic/2/11104009/cdn.ad-lib.io/v3/partners/5c8fc746b301b0322c3f5247/assets/singleFiles/64f70d001775005dfe49a818/original/ Frame 5297 33 KB
33 KB 89ms
88ms Image
image/jpeg 172.217.194.148
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dynamic/2/11104009/cdn.ad-lib.io/v3/partners/5c8fc746b301b0322c3f5247/assets/singleFiles/64f70d001775005dfe49a818/original/129x197-(300x250)_P2.jpg_1694761249115_129x197-(300x250)_P2.jpg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.194.148 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

si-in-f148.1e100.net

Software

sffe /

Resource Hash

0fba515bb45d4011613dbc707fd43701bf44456ef6f4db38a4e8de3aad712f02

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://s0.2mdn.net/sadbundle/9943023757918470144/300x250-Segmentation/index.html?e=69&leftOffset=0&topOffset=0&c=JPq9QgDrb8&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Sat, 30 Sep 2023 17:34:53 GMT
x-content-type-options: nosniff
age: 280602
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 33329
x-xss-protection: 0
last-modified: Fri, 15 Sep 2023 07:00:52 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-programmable"
report-to: {"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 29 Sep 2024 17:34:53 GMT

GET
H2 200 83x72_(300x250).png_1690891912925_83x72_(300x250).png
s0.2mdn.net/dynamic/2/11104009/cdn.ad-lib.io/v3/partners/5c8fc746b301b0322c3f5247/assets/singleFiles/64c1f0f847dd7e1d3fce9028/original/ Frame 5297 4 KB
4 KB 90ms
89ms Image
image/png 172.217.194.148
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dynamic/2/11104009/cdn.ad-lib.io/v3/partners/5c8fc746b301b0322c3f5247/assets/singleFiles/64c1f0f847dd7e1d3fce9028/original/83x72_(300x250).png_1690891912925_83x72_(300x250).png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.194.148 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

si-in-f148.1e100.net

Software

sffe /

Resource Hash

bed8752acf6a0657688044cf03b3c2dc33749b1d717e50bcaad2f1311b6405ea

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://s0.2mdn.net/sadbundle/9943023757918470144/300x250-Segmentation/index.html?e=69&leftOffset=0&topOffset=0&c=JPq9QgDrb8&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Thu, 28 Sep 2023 23:15:14 GMT
x-content-type-options: nosniff
age: 432981
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4324
x-xss-protection: 0
last-modified: Tue, 01 Aug 2023 12:11:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-programmable"
report-to: {"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 27 Sep 2024 23:15:14 GMT

GET
H2 200 frame1Image2.png_1690891912925_frame1Image2.png
s0.2mdn.net/dynamic/2/11104009/cdn.ad-lib.io/v2/partners/5c8fc746b301b0322c3f5247/assets/concepts/6452127f81d20ed293e25136/templates/6491c0bcbfbb6b3a02498f2b/content/ Frame 5297 1 KB
2 KB 93ms
92ms Image
image/png 172.217.194.148
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dynamic/2/11104009/cdn.ad-lib.io/v2/partners/5c8fc746b301b0322c3f5247/assets/concepts/6452127f81d20ed293e25136/templates/6491c0bcbfbb6b3a02498f2b/content/frame1Image2.png_1690891912925_frame1Image2.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.194.148 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

si-in-f148.1e100.net

Software

sffe /

Resource Hash

949572894940fe25f3582a628275c65d0bf82ead01b3ee7d52196918eabe54e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://s0.2mdn.net/sadbundle/9943023757918470144/300x250-Segmentation/index.html?e=69&leftOffset=0&topOffset=0&c=JPq9QgDrb8&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Thu, 28 Sep 2023 14:48:33 GMT
x-content-type-options: nosniff
age: 463382
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1444
x-xss-protection: 0
last-modified: Tue, 01 Aug 2023 12:11:57 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-programmable"
report-to: {"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 27 Sep 2024 14:48:33 GMT

GET
H2 200 logo2.png_1690891912925_logo2.png
s0.2mdn.net/dynamic/2/11104009/cdn.ad-lib.io/v2/partners/5c8fc746b301b0322c3f5247/assets/concepts/6452127f81d20ed293e25136/templates/6491c0bcbfbb6b3a02498f2b/content/ Frame 5297 2 KB
2 KB 91ms
91ms Image
image/png 172.217.194.148
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.194.148 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

si-in-f148.1e100.net

Software

sffe /

Resource Hash

ecd92eee892455f72e3b2fcc20e8f2bb9d3f93740bd410a617b5db963f4877b6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://s0.2mdn.net/sadbundle/9943023757918470144/300x250-Segmentation/index.html?e=69&leftOffset=0&topOffset=0&c=JPq9QgDrb8&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Thu, 28 Sep 2023 23:33:21 GMT
x-content-type-options: nosniff
age: 431894
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2193
x-xss-protection: 0
last-modified: Tue, 01 Aug 2023 12:11:57 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-programmable"
report-to: {"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 27 Sep 2024 23:33:21 GMT

GET
H2 200 MatterIGTF-Regular.woff
s0.2mdn.net/sadbundle/9943023757918470144/300x250-Segmentation/ Frame 5297 37 KB
37 KB 123ms
122ms Font
font/woff 172.217.194.148
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/9943023757918470144/300x250-Segmentation/MatterIGTF-Regular.woff

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/9943023757918470144/300x250-Segmentation/adStyle.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.194.148 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

si-in-f148.1e100.net

Software

sffe /

Resource Hash

3d3709f0b3c56713e100405243fa3a75a67b9de7421785828af916e5ba9f9b0c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/9943023757918470144/300x250-Segmentation/adStyle.css
Origin: https://s0.2mdn.net
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Thu, 28 Sep 2023 23:15:13 GMT
x-content-type-options: nosniff
age: 432982
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 37648
x-xss-protection: 0
last-modified: Wed, 02 Aug 2023 01:26:48 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: font/woff
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 27 Sep 2024 23:15:13 GMT

GET
H2 200 MatterIGTF-Bold.woff
s0.2mdn.net/sadbundle/9943023757918470144/300x250-Segmentation/ Frame 5297 37 KB
37 KB 89ms
88ms Font
font/woff 172.217.194.148
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/9943023757918470144/300x250-Segmentation/MatterIGTF-Bold.woff

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/9943023757918470144/300x250-Segmentation/adStyle.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.194.148 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

si-in-f148.1e100.net

Software

sffe /

Resource Hash

2b83e82fe2093787ba52a12613cacd40dc62b25d6ed99ee1c8bb1563282af528

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/9943023757918470144/300x250-Segmentation/adStyle.css
Origin: https://s0.2mdn.net
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Thu, 28 Sep 2023 09:32:26 GMT
x-content-type-options: nosniff
age: 482349
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 38208
x-xss-protection: 0
last-modified: Wed, 02 Aug 2023 01:26:48 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: font/woff
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 27 Sep 2024 09:32:26 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 198 KB
53 KB 658ms
87ms Script
application/x-javascript 157.240.235.1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.prothomalo.com
URL: https://www.prothomalo.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

157.240.235.1 , Singapore, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-04-sin6.fbcdn.net

Software

Resource Hash

805270b078cde87b61bb57c8bd44f8b58b0d128f5a8efdd4395470b45b291d65

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.prothomalo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Tue, 03 Oct 2023 23:31:36 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 53356
x-xss-protection: 0
pragma: public
x-fb-debug: DBBNKUh2oM6myQ4ntCyCA+V1SP0R1erJGsq/zNqm53SdKwoZAR5OUZtuNmZDZ++kROhkeMAXVP3RzHCdkG/JqQ==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 5297 17 KB
6 KB 92ms
89ms Script
text/javascript 64.233.170.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_250.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

64.233.170.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sg-in-f132.1e100.net

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 23:31:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 03 Oct 2023 23:31:35 GMT

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 90ms
89ms Script
text/javascript 64.233.170.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309280101/pubads_impl.js?cb=31078458

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

64.233.170.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sg-in-f132.1e100.net

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.prothomalo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 23:31:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 03 Oct 2023 23:31:35 GMT

GET
H2 200 BAadeGEE1qHjsQ6c_rqFtjeXulPdvwUFIKdhRpM9mgY.js Show response
pagead2.googlesyndication.com/bg/ Frame 4133 37 KB
14 KB 90ms
87ms Script
text/javascript 64.233.170.157
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/BAadeGEE1qHjsQ6c_rqFtjeXulPdvwUFIKdhRpM9mgY.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

64.233.170.157 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sg-in-f157.1e100.net

Software

sffe /

Resource Hash

04069d786104d6a1e3b10e9cfeba85b63797ba53ddbf050520a76146933d9a06

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Thu, 28 Sep 2023 21:20:43 GMT
content-encoding: br
x-content-type-options: nosniff
age: 439852
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14550
x-xss-protection: 0
last-modified: Mon, 25 Sep 2023 09:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 27 Sep 2024 21:20:43 GMT

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 5C90 13 KB
5 KB 91ms
88ms Document
text/html 64.233.170.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

64.233.170.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sg-in-f132.1e100.net

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.prothomalo.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

accept-ranges: bytes
age: 440344
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 28 Sep 2023 21:12:31 GMT
expires: Fri, 27 Sep 2024 21:12:31 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 0ECB 829 B
983 B 92ms
91ms Document
text/html 74.125.24.106
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.24.106 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sf-in-f106.1e100.net

Software

GSE /

Resource Hash

d5a13dc5bd2766520b7e2aa2bca9b1edc022be943499ac851828e185ff93073f

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce--Ixin6mGiCZnXFKTDTUrUQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.prothomalo.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce--Ixin6mGiCZnXFKTDTUrUQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Tue, 03 Oct 2023 23:31:35 GMT
expires: Tue, 03 Oct 2023 23:31:35 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

POST
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 2370 0
47 B 90ms
89ms Ping
image/gif 64.233.170.157
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=3065156168483&version=m202309260101&ct=76&x=1&cor=11025155485231483000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

64.233.170.157 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sg-in-f157.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://5b3aaee6d5df5eceffb4592408cbc1b2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 03 Oct 2023 23:31:36 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame BF4F 0
47 B 89ms
89ms Ping
image/gif 64.233.170.157
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=7465931771013&version=m202309260101&ct=76&x=1&cor=7809063312213976000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

64.233.170.157 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sg-in-f157.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://5b3aaee6d5df5eceffb4592408cbc1b2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 03 Oct 2023 23:31:36 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 0ECB 0
0 89ms
89ms Image
text/html 64.233.170.157
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202309280101&jk=3637752249881711&rc=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 64.233.170.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: sg-in-f157.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

GET
H2 200 BAadeGEE1qHjsQ6c_rqFtjeXulPdvwUFIKdhRpM9mgY.js Show response
pagead2.googlesyndication.com/bg/ Frame 5C90 37 KB
14 KB 88ms
88ms Script
text/javascript 64.233.170.157
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/BAadeGEE1qHjsQ6c_rqFtjeXulPdvwUFIKdhRpM9mgY.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

64.233.170.157 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sg-in-f157.1e100.net

Software

sffe /

Resource Hash

04069d786104d6a1e3b10e9cfeba85b63797ba53ddbf050520a76146933d9a06

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Thu, 28 Sep 2023 21:20:43 GMT
content-encoding: br
x-content-type-options: nosniff
age: 439853
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14550
x-xss-protection: 0
last-modified: Mon, 25 Sep 2023 09:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 27 Sep 2024 21:20:43 GMT

GET
H2 200 367104151095918 Show response
connect.facebook.net/signals/config/ 136 KB
35 KB 93ms
91ms Script
application/x-javascript 157.240.235.1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/367104151095918?v=2.9.132&r=stable&domain=www.prothomalo.com

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

157.240.235.1 , Singapore, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-04-sin6.fbcdn.net

Software

Resource Hash

66991d42b301e95bbc5b571b0f04e5ce26629ecb31d260e897e564bc0774a66d

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.prothomalo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Tue, 03 Oct 2023 23:31:36 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 36030
x-xss-protection: 0
pragma: public
x-fb-debug: g9CASRPda546GXHuiofpwjYat0M7KLsd6mEr3QNgXuLI5/LaxNbG9Ppjph/iH3XI79DHYTiP78iBCgmWa5LN0g==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 204 generate_204
tpc.googlesyndication.com/ Frame 5C90 0
40 B 87ms
86ms Image
text/plain 64.233.170.132
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?XPbvkQ
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 64.233.170.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: sg-in-f132.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 23:31:36 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 /
www.facebook.com/tr/ 0
185 B 652ms
87ms Image
text/plain 157.240.235.35
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=367104151095918&ev=PageView&dl=https%3A%2F%2Fwww.prothomalo.com%2F&rl=&if=false&ts=1696375896408&sw=1600&sh=1200&v=2.9.132&r=stable&ec=0&o=30&fbp=fb.1.1696375896405.673641370&cs_est=true&ler=empty&it=1696375896293&coo=false&exp=a1&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

157.240.235.35 , Singapore, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-04-sin6.facebook.com

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.prothomalo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Tue, 03 Oct 2023 23:31:37 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 92ms
92ms Image
text/html 64.233.170.157
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202309280101&jk=3637752249881711&bg=!l5SllNvNAAYEJRtnJCU7ADQBe5WfOIMYWmzivsT35SwwHqui0UfEGqKws90B1qzSi7zCFHyYLkHhExoWhKKw27MDs0saAgAAAINSAAAAB2gBBwoAP-iqxxw_8rSr0-sFTwMtydGr7tn8RKaUkZIV3L9xrbzaJWxXdE8FKQ2-Q2kYdXPMTCLbgal2R6osH4sRKpaNrZkCuNWA0OfG9Idk7BNj3ciQL-DJD1_RspPbVWVD1ZS2IupUq8PSr4AZyt-aG0PQlEryov6Hmzowi_h6bzp0j-e5LD01T7mCJHocPfZ7g788kPBqvQincByixUjTQY1cjhcZcogSrOhyHyTnTAhOxgs080rBNtzk8AGk7M66UIY_of6Vs85cRwXB_ammN7yBD54ayM87meM3gWEKuxuRrvDDw_DIvUrAqH_S2--Cdy7Hi9krFheWYyLCYjDuWXYH9Uy9v9X4L3k5z1XorK5lenDUKhYWcm35cmbyRgC_D7t36lKyVZ7GjbbnOEaOsW59OVFIE1VOyh8fVgdQ2LCrLGXVX3SvCE6gOjzjviogHj1JeldvVL1OGdhU2_tB_WphTtcW_9ci2YkAD8k4y2flt7Q6ok3P7nxFKBgdDJV0Ox_a9XcQamtHOIGnAfHJ3ktx3zwhwVVllfhZ7cnjFZbja1fSemliVURH5x0pugCoDwyrJYX7TuQFNVjfqYwOh1reZuKAAEWFK_BHYTYBcmvW7TH-J4olPLvHavFkX6daxolZi6E2KVz1bHLDuMoIFX3aHnznCxugUeOTcJbZJyeAJlrMxh93eBZT7onXemlXeOTGKPO9OVfzps6s96lVtt23UgnDgVph6yKiXtSo4beM-Q2LjtDc3dglYmqj6ya1zU4MQpqU0bKzrAbTnXvh1DS1tqvchHIu1I9yUpTRDdfixHYadJTKwwFOajrJX0doHTI64HAd74h-ZO2Lg9BqPQa49u6RbtJAMz3RxQmVltFQVx1NqtaIeH7SeFbiLzxutPD3JjOD3xI2IFmNRJY2xLYTPxhp3ihdLqxpcMFb2vWSylFAy2G_LiE4-vjjYsXNMDDKjirracEh3FU4OtBCruxubDWf2PSeX26g-LSB2nWU312zIaqAWPOpv98DSA
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 64.233.170.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: sg-in-f157.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.prothomalo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Verdicts & Comments Add Verdict or Comment

56 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

41 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.prothomalo.com/	1970-01-20 23:58:31	Name: uuid_v2 Value: a450100646453736117059381325373631200160024242023947
.prothomalo.com/	1970-01-20 17:22:31	Name: _gcl_au Value: 1.1.2089260866.1696375891
.prothomalo.com/	1969-12-31 23:59:59	Name: _cfuvid Value: OoWi69UzNsrh56KPkQqoZYmTouLDgOWbBtLiMdJZneI-1696375890529-0-604800000
.prothomalo.com/	1970-01-21 00:41:43	Name: _cb Value: D737ROCAifGKCw7gxL
.prothomalo.com/	1970-01-21 00:41:43	Name: _chartbeat2 Value: .1696375891105.1696375891105.1.CaZPC6pG9g0Cm-89uCxzYQqD0gcJa.1
.prothomalo.com/	1970-01-20 15:12:57	Name: _cb_svref Value: null
www.prothomalo.com/	1970-01-20 15:13:01	Name: qtype-session Value: 8dfb609e-f8a4-43eb-88a2-f911e5a1c208
.prothomalo.com/	1970-01-21 00:48:55	Name: _ga_C4T51Z1NR8 Value: GS1.1.1696375891.1.0.1696375891.60.0.0
.prothomalo.com/	1970-01-21 00:48:55	Name: _ga Value: GA1.1.1161739928.1696375892
.qlitics.com/	1970-01-21 00:48:55	Name: thinmint Value: 5a68a7f2-0775-4b65-be10-ed2f4258cf8b
www.prothomalo.com/	1970-01-21 00:48:55	Name: thinmint Value: 5a68a7f2-0775-4b65-be10-ed2f4258cf8b
.doubleclick.net/	1970-01-21 00:48:55	Name: IDE Value: AHWqTUk-r_Ftap1HgXkGVqEtuRBKkRz1-QNs28IDzzTGszwFUCFxov3rqPqYvzEajiY
.prothomalo.com/	1970-01-21 00:34:31	Name: __gads Value: ID=c4aaa5c75ae8a857:T=1696375891:RT=1696375891:S=ALNI_Ma8RnlzT-Evu2w2ZDMqWviViT0s6g
.prothomalo.com/	1970-01-21 00:34:31	Name: __gpi Value: UID=00000c56fde19f9c:T=1696375891:RT=1696375891:S=ALNI_MaAWop0tqW22ac7mwpkWsoj8a3BwQ
.casalemedia.com/	1970-01-20 17:22:31	Name: CMPS Value: 4701
.adnxs.com/	1970-01-20 17:22:31	Name: anj Value: dTM7k!M41.D>6NRF']wIg2GU#nr[kN!]tbPl1M>e)ZlrFUfJ+tGXxoLM']<UK'sS-Pkt:%EpOE*OwM^3Oyz7TX5w3k3If)y3KL9D3I?+=+ay:4
.adnxs.com/	1970-01-20 17:22:31	Name: uuid2 Value: 1289155412294533625
.casalemedia.com/	1970-01-20 23:58:31	Name: CMID Value: ZRykVeIoAnDz4tYFfo.QDQAA
.casalemedia.com/	1970-01-20 17:22:31	Name: CMPRO Value: 4874
.doubleclick.net/	1970-01-20 19:32:07	Name: APC Value: AfxxVi7HcSnO_svByh-hn7zuqqYkdH5VfcFIsVpKoRRehNnJN8q44w
.rubiconproject.com/	1970-01-20 23:58:31	Name: khaos Value: LNAYEOXJ-1T-FGKG
.rubiconproject.com/	1970-01-20 23:58:31	Name: audit Value: 1\|WD0cx+9RTMK3hclj68SGZI5dvEwX9a8dZNjAqgDgW1yocc3AAQKBOnkFzsWFkqMTmH8vzj1QPdbgcRgjl6EitSWmQDHfF3XLvsVAPbIH/+G+xUA9sgf/4Q==
.adsrvr.org/	1970-01-20 23:59:58	Name: TDID Value: d45d79ec-629f-417f-ba6f-749fec45d5fd
.adsrvr.org/	1970-01-20 23:59:58	Name: TDCPM Value: CAESFQoGZ29vZ2xlEgsI4tX7nd2cojwQBRgFIAEoAjILCNSP3snznKI8EAU4AQ..
.sharethrough.com/	1970-01-20 15:56:07	Name: stx_user_id Value: 7f1cecc1-3537-4926-b048-7b06d899d100
.adingo.jp/	1970-01-20 15:56:07	Name: ID Value: 20403c0c83ad7a6a53f69c1154108e79
.1rx.io/	1970-01-20 23:58:31	Name: _rxuuid Value: %7B%22rx_uuid%22%3A%22RX-9b4fe846-0b4f-4309-a48b-f68846cde876-004%22%7D
.quantserve.com/	1970-01-20 17:22:31	Name: d Value: ED4BCQGMKoEA
.quantserve.com/	1970-01-21 00:43:10	Name: mc Value: 651ca456-7b158-8d83a-714f0
.pangle-ads.com/	1970-01-21 00:34:31	Name: _pangle Value: 2WH3tgmxG1hYerIKyjAHMlCNZWL
.adx.opera.com/	1970-01-20 23:58:31	Name: UID Value: OPU3bc1490b1198460badd68aa813fdc251
.targeting.unrulymedia.com/	1970-01-20 23:58:31	Name: _rxuuid Value: %7B%22rx_uuid%22%3A%22RX-9b4fe846-0b4f-4309-a48b-f68846cde876-004%22%7D
.mediago.io/	1970-01-20 23:58:31	Name: __mguid_ Value: 5bead3a000ad17bb11fp0400lnayeplf
.tribalfusion.com/	1970-01-20 17:22:31	Name: ANON_ID Value: agntuJSkTseAutomidprMdwFpJlZbQCmYnxBfHBQSvZbDFj8W7kZa48QQv8Q0EZdyWdLPxJwwaiVmMPp42oblrZdnBEOI
fksnk.com/	1970-01-20 15:23:00	Name: AWSALBCORS Value: B598Q9poUf57WO7hbHm3fg+DBpUhjajOtK7UcD53z9Senr0YVcTV8qDq5+QxsKIlZqpSCM3keSkAlS/sQlTdIFszHTI/7QKwbjWoy4iokmXXGOy2lLKvfD3dkSPE
.fksnk.com/	1970-01-20 17:22:31	Name: f_001 Value: A6910A2D564586D6
.fksnk.com/	1970-01-20 15:14:22	Name: g_001 Value: 1
.inmobi.com/	1970-01-20 17:22:31	Name: idsp_c Value: 39b70d72-fc30-4342-ac73-55e6b245b234
.prothomalo.com/	1970-01-20 17:22:31	Name: _fbp Value: fb.1.1696375896405.673641370
.id5-sync.com/	1970-01-20 17:22:31	Name: id5 Value: 82516afa-a58f-75de-961a-6c63e1d1548e#1696375896254#2
.id5-sync.com/	1970-01-20 17:22:31	Name: 3pi Value:

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://www.prothomalo.com/(Line 28) Message: <link rel=preload> has an unsupported `type` value
network	error	URL: https://www.prothomalo.com/api/auth/v1/users/me Message: Failed to load resource: the server responded with a status of 401 ()
javascript	warning	URL: https://www.googletagservices.com/tag/js/gpt.js(Line 9) Message: Failed to execute 'write' on 'Document': It isn't possible to write into a document from an asynchronously-loaded external script unless it is explicitly opened.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header

Value

Content-Security-Policy

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

5b3aaee6d5df5eceffb4592408cbc1b2.safeframe.googlesyndication.com
a.tribalfusion.com
ads.rubiconproject.com
analytics.google.com
analytics.pangle-ads.com
assets.prothomalo.com
cc.adingo.jp
cdn.gumlet.com
clientcdn.pushengage.com
cm.g.doubleclick.net
cms.quantserve.com
connect.facebook.net
dsum-sec.casalemedia.com
fksnk.com
fonts.googleapis.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
ib.adnxs.com
id5-sync.com
images.prothomalo.com
mab.chartbeat.com
match.adsrvr.org
match.sharethrough.com
mweb.ck.inmobi.com
pagead2.googlesyndication.com
ping.chartbeat.net
prod-analytics.qlitics.com
prothom-alo.com
s.tribalfusion.com
s0.2mdn.net
secure-assets.rubiconproject.com
securepubads.g.doubleclick.net
services.prothomalo.com
smarttag.rubiconproject.com
ssum-sec.casalemedia.com
static.chartbeat.com
stats.g.doubleclick.net
sync-dsp.ad-m.asia
sync.1rx.io
sync.inmobi.com
sync.targeting.unrulymedia.com
t.adx.opera.com
tpc.googlesyndication.com
trace.mediago.io
www.facebook.com
www.google.com
www.google.com.sg
www.googletagmanager.com
www.googletagservices.com
www.prothom-alo.com
www.prothomalo.com
103.229.10.192
103.43.90.53
104.17.159.183
104.17.160.183
104.18.25.173
104.18.27.193
104.18.30.188
104.18.31.188
13.115.74.94
13.227.254.67
13.33.88.19
13.33.97.213
138.199.46.68
142.251.10.156
142.251.12.156
142.251.175.154
151.101.194.202
157.240.235.1
157.240.235.35
162.19.138.118
172.217.194.148
172.217.194.156
172.217.194.97
172.253.118.132
172.253.118.94
18.141.68.202
18.213.189.173
20.127.253.7
20.85.134.6
216.239.32.181
220.150.223.50
23.21.139.150
23.50.93.199
23.59.80.153
3.83.71.62
35.208.249.213
52.223.40.198
64.233.170.132
64.233.170.157
64.233.170.95
69.173.158.65
74.118.186.107
74.125.130.155
74.125.24.106
74.125.68.157
82.145.213.8
0055f122d72ee79021a609c4b0a4e221ea5c41bac0debdb7ecb1abccd9e79b38
0228f1f61f4c7e51840d14fb9f8a17bae2b610dcb48ff05ba483b729d1f59003
04069d786104d6a1e3b10e9cfeba85b63797ba53ddbf050520a76146933d9a06
0464da0341b0b18617f9b0812364dbc76e5e4b429eb3c294b8a146f443d025d2
06d3aed082b970cae2c991bcee2ec11eed01a98c668803ee5969231e89fd5b1a
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0bc2177b4033931983971e4d5c2e669935f61e6d2d9fbda833e9d755d35ffb41
0fba515bb45d4011613dbc707fd43701bf44456ef6f4db38a4e8de3aad712f02
126deb1f3b54d68a6449b118882d540fdcc98378630e1aaab78d92f48c51c56f
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
13df2bb7aaa7526f48a0135ce43c27dcedd42b1c10bd4f8da2d7965b62b50102
15bea519c8a27c004c6314a13b63d8c289331198a31912c12f494d47ab02d211
1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5
1caad1150aaeaf37c4fc85559dca2a6c911d367c47500dd9af03d345fb7d56e8
1e7adc9a24a57746863ef54f2de5f8905c242ebc6d416713133ff989fb050222
2241d391f10f461a915b6ef47bc0c8103bf0e7289aff47e1bcfed5ff2a84d119
23393957d1aba6c38d19f6a5ae4ff446efc41796091bf73d79d590a5b68bf5dd
2a595e907f0fdf1cef3c33761c4f0e48f5b464f00a3cbeb7a81ce7aeebe3a9d3
2a9c24236b6649e9aa9b3d315b0971ed0506ae1c23e476ea93e3c11483395396
2b83e82fe2093787ba52a12613cacd40dc62b25d6ed99ee1c8bb1563282af528
2ecd295d295bec062cedebe177e54b9d6b19fc0a841dc5c178c654c9ccff09c0
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
31d02f43dd0c7fc5c0d95db087a23f1c2d729c93f10450884c8da6b415f7839b
369bcbb217060d47352b6c4b05408b139a2ba65a84d45db476a2ba80c83d2c12
384f32fba6bccfd699df906c0513f1324e99f3b1c93c6be51eb126d8895f76e9
387f9121bf29068d0183fab6596ef834dfb3aaa9d8dda29c53930fa32a09c9d7
3b1ab917c7da8e45e24d8eea1c130fa25ce01e422fb747eea8163a06e07e84bb
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1
3d3709f0b3c56713e100405243fa3a75a67b9de7421785828af916e5ba9f9b0c
3f738b79bf2aa1b06deee833b82d393f874dcf376116f0bd4ac23a8e55c0b473
425017b011ca7d63859143777387272791596b9afc138fe6c2ae1cc2f11bedc8
42e82cf90b5a9ee0cc3e31c5a048b9523cb64ddbb6046ac1f93c365a58948f61
460ad5a910a388bf092a800082318ee8f059eedc82022bbb5df13863cadac62d
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
47a0342d90a877ec7125c3a38706b2faefa9b867661ebcef4a98ec6cf3e60b40
4934174cd39db1f62680ac12ae44ad9aa040bd445d831ae65f79779b7f2e6e8f
4953dd73af5cbd3486f9463b9cc1339cc6df7bab136fb248b0e6c9f37b806103
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4b877185693df2040a5780ea733af43bfc78913549f4307010d27842ccc33e18
4fcc2c45e5c8be67198b1d2c38bef90e3373e59b91be75e915711bfa7c10d22a
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
50a61db1134643f3360d0e1ff16c4e48fdf700090052d0fcf9301e95884ae9d9
51b5ae1f0ff10c4595493fa2d4edb2c308f97976be783ed5d7d962a8d81606d1
52d4949b49c03282d1c1646ded989351384907e12c09de11dd0f46a203fdee87
54a63e18455eefaed95984099075772eb6a3830500e62b97d2ce6ae19aae5c1c
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
58a617d2c88d378bfd267e2817e2228e82ef0c3f28d8ac3458b18af77335c39e
5a53bd809148848fde30b8db880140871617d0578315c248809aeba7f9fc4394
5becc270e154d302a843c251c405f2a06c1908b9cc481da49534318ae4fe23c3
5e125fc69969ce23624fbd93a1afd9f991eefe988bcc61f6713a8c7e4e14d2b5
5f697851ced78ae87d2653ef23f5319021ba5ef0ba950de17934dcc83be6eaa5
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
632ef78b9df9b5be32fa45006e7ad73957a8b9e1ce5c626c70bc13f2c6aba63f
6341ebb09b6a324905528948cc0801166ef161f27e6bc19d78dedfb4cd5d8f53
66991d42b301e95bbc5b571b0f04e5ce26629ecb31d260e897e564bc0774a66d
6c0bd41a591f67aa54215c9f9c1f0e86935d86b6546a0ba0bf9cebbed53a9ebc
7192f70cc87dedb63896e0112c5648ff6e6c81c9c64d245e8b404699ca2f907f
764dbf90f4de531f0a0ccbb80786dab9c5e7d00d0dd4de7870cc6574df064faa
7bf7f9d264374e6a8d3a1f0ed2243000039313ea42cae7a027d0ebc88bf7f121
7ca99dd3f1a39266f0c6e3c21c626baae598dc32adb05529152c42493f2f3adb
7f6471f46bb9661c53298c398c2ad1578324224de18b663431c4caf43a4316ec
805270b078cde87b61bb57c8bd44f8b58b0d128f5a8efdd4395470b45b291d65
82b2b2a13588e178c95367933910ff2cd876a6bfd8d1d872cfe19e3ef0519173
8568c364b37218ae81f7a9e3e6ed5508dd43ac428cc317bfcb4a937e7dd19d2e
890f44666a99f782e81d3db497702ea3a78c1ce81150daf5de07625b560ac13c
8a485721b502dc720f84302eb038c88197a1063b0119db786f36012308fd4257
8cc7dc2808c266f0e89546d6fd550889015f0cb4133a292b30bfaaf256e3c02c
936d79103502368d2d4429ae22130eb9266ee88fae65db5e2990e00c025a65e1
949572894940fe25f3582a628275c65d0bf82ead01b3ee7d52196918eabe54e5
9728dabf68e4955252ce4782725e59edccde8367f601e9df4aa6d71aca936f75
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9b6a4a311672bca5e545ddb6f67847e8e79af72d5d5ecc57ac657072148b9f7c
9ef4227b11c0c2caef3e2e3e16e3462de0c6847c26d06ac351d86e6e434c08c6
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a60bf87e47d5a76b31b1c57a7ffc2856a8e624f69304edcdf2de20f7dad40a10
a6d36aa3d742ccd6f1ca3c76dcf885af72f7bebe2fcc001ea011a7aea2f55678
ab371dd11559d396bae5a09afe86c55664c14de909c4f5e362247116ae5091e5
af8c8e3f145a8b140f7286b67ee712ff542d600f224892f9ef1241a97efc4378
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b71a015cd7c07d07363f84e507c64fb8da80673e4314f2adba5b26c7f458c2de
bc474cbf59524f45c4dc7ee090356a97f70c9e9f6da606c3975291fdf2d631f0
be1165180e87ead6952513703b6318f6ff4155d6c02ddf759c77896e5738d6cf
bed8752acf6a0657688044cf03b3c2dc33749b1d717e50bcaad2f1311b6405ea
c09462d97ad8155d34e101f8f592cf0e6d28d9635aef38dfdb7b77b53b084e0b
c0cf54b9ee37d8daba9e49cf911dd15b9c8792c464ab98b99a9c375c52713c58
c292e27b65e4f67ac53702c14e5f08403b16f94efb2709425a93503621bef6f8
c49e6e2c2039d3ca00665d52f8fd7f4b87bb16ec3d3ab8ebeb6a8d48ee197138
c541ac32699f54584521d606edfc9a40c38f0eb3be2908bfa45502c0bcbd5fb6
c780d0a9d29c2240bc82a9fc17ee371007e6f3633bdb181243f952b9e9660f7e
c821ac5b54d6356aa81644902d5fad10603c9a415679c081d7760dde7f7bdbd4
c8e48ea465007a8f3473fecfbcfe2e31e0d807e98f8ab65f8b0e655779ae2b72
cb83af0eec1fb71fb35196225c4a4a8964b7e47b52f9a85679c808907abd2b09
ccc182dae1a916e8cba6bebc599219af44c4133c7687308735e326875d7330b0
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d2f7c8aa89377e3be8191a1bf01ccb54564fade4b1990a80770fb2a3d0d35a89
d5a13dc5bd2766520b7e2aa2bca9b1edc022be943499ac851828e185ff93073f
d6b38a41e0214048b70811deb7283a1013aba014be7b1501137d8c0f1bc738f1
d97b425c044c0f74127938ce35f477873b7bbbf589951732b515c95ef7c688c7
e382d461762647474c1077962be9a22e01f837871e43317fdcb0bcf72b969ca7
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e40f8efc0a85fbc3d75b87bea79389b13563d7137b4a2c66c946d55e6e7c77e0
e5045224ef7497644ef5872877e59a258bd04ea44d79d30f4f2c158e327b2a18
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e8403779d45a9590b43c0ecf984ebe11e75fd2982630d658390a6001a6768770
ec458099da3eac28e580be3a161f624094d1f92092d32a48c33d030b449370a3
ecd92eee892455f72e3b2fcc20e8f2bb9d3f93740bd410a617b5db963f4877b6
ed884d02924f422c259626ff918f17e139fe1b9ce2013a1c2d20232c087b2927
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef21f8c3d0261e99bd9ecf51f91848eea7b7479c4c63631b1e3d1991a771517a
f6914cddfb8fcc3e7d99864e104ebdb47934a357ef08d90f9e0acdf48433d6c9
f699d28e220ca73ec1385a8040ba988d3e8234911ce09f197e8ece7eb1650337
fa37b886ccd6d0bf44d6673f2cfabab3632bda7533df18e697d0be287cd19edb
fa764d982e6c8c19e96e96714f643330b88d3a373eb1d4ad71dd21b2fdc167e9
fc9fe8ec0612072dc6d3b4acd268e09d28c253807f47846a5f70dd8360d1a0d1
fedabec8ffe5bcc632592f818ddac684ac3f9f2880e8d7222674db8674a2a959
fef5a41be1b827a1729f19bcd123a57ee3f2cb8dc9074fffa4ab5b807f503514
ff332c36f300b90caa7263cfffde76d53ff8fdc2fb7a1814dd86d851ab15412c

www.prothomalo.com Open in urlscan Pro 104.17.160.183 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

177 Requests

88 %HTTPS

0 %IPv6

34 Domains

51 Subdomains

34 IPs

6 Countries

2895 kBTransfer

9354 kBSize

41 Cookies

20 Outgoing links

Page URL History

Redirected requests

177 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 6 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.prothomalo.com Open in urlscan Pro
104.17.160.183 Public Scan

Screenshot
Live screenshot

Full Image

177
Requests

88 %
HTTPS

0 %
IPv6

34
Domains

51
Subdomains

34
IPs

6
Countries

2895 kB
Transfer

9354 kB
Size

41
Cookies

177 HTTP transactions
6 data transactions